dradis-ntospider 3.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.github/issue_template.md +16 -0
- data/.github/pull_request_template.md +36 -0
- data/.gitignore +7 -0
- data/CHANGELOG.md +51 -0
- data/CONTRIBUTING.md +3 -0
- data/Gemfile +23 -0
- data/LICENSE +339 -0
- data/README.md +27 -0
- data/Rakefile +1 -0
- data/dradis-ntospider.gemspec +32 -0
- data/lib/dradis-ntospider.rb +8 -0
- data/lib/dradis/plugins/ntospider.rb +11 -0
- data/lib/dradis/plugins/ntospider/engine.rb +9 -0
- data/lib/dradis/plugins/ntospider/field_processor.rb +22 -0
- data/lib/dradis/plugins/ntospider/gem_version.rb +19 -0
- data/lib/dradis/plugins/ntospider/importer.rb +74 -0
- data/lib/dradis/plugins/ntospider/version.rb +9 -0
- data/lib/ntospider/vuln.rb +118 -0
- data/lib/tasks/thorfile.rb +20 -0
- data/spec/fixtures/files/VulnerabilitiesSummary.xml +382 -0
- data/templates/evidence.fields +4 -0
- data/templates/evidence.sample +200 -0
- data/templates/evidence.template +11 -0
- data/templates/vuln.fields +18 -0
- data/templates/vuln.sample +200 -0
- data/templates/vuln.template +44 -0
- metadata +113 -0
@@ -0,0 +1,200 @@
|
|
1
|
+
<Vuln>
|
2
|
+
<DbId>7B9CAABF300A49688F4D30FA423EDFB8</DbId>
|
3
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
4
|
+
<ScanName>hackthissite</ScanName>
|
5
|
+
<WebSite>http://www.hackthissite.org:80</WebSite>
|
6
|
+
<VulnType>Reflected Cross-site scripting (XSS)</VulnType>
|
7
|
+
<VulnUrl>http://www.hackthissite.org/</VulnUrl>
|
8
|
+
<NormalizedUrl>http://www.hackthissite.org/?</NormalizedUrl>
|
9
|
+
<MatchedString></MatchedString>
|
10
|
+
<NormalizedPostParams></NormalizedPostParams>
|
11
|
+
<VulnParam>Unnamed</VulnParam>
|
12
|
+
<ParameterName>Unnamed</ParameterName>
|
13
|
+
<HtmlEntityAttacked>Query-Parameters</HtmlEntityAttacked>
|
14
|
+
<AttackType>javascript after single quote</AttackType>
|
15
|
+
<AttackScore>3-Medium</AttackScore>
|
16
|
+
<AttackValue>';alert('x9lj3cup');//</AttackValue>
|
17
|
+
<Method>GET</Method>
|
18
|
+
<RootCauseId>9AEE038BB3477FE5A178FBA57C93FC76</RootCauseId>
|
19
|
+
<Description><![CDATA[<p>Reflected Cross-site Scripting (XSS) is another name for non-persistent XSS, where the attack doesn't load with the vulnerable web application but is originated by the victim loading the offending URI. In this article we will see some ways to test a web application for this kind of vulnerability.</p>]]></Description>
|
20
|
+
<Recommendation><![CDATA[
|
21
|
+
|
22
|
+
<p>Reflected XSS attacks are also known as type 1 or non-persistent XSS attacks, and are the most frequent type of XSS attacks found nowadays.</p>
|
23
|
+
|
24
|
+
<p>When a web application is vulnerable to this type of attack, it will pass unvalidated input sent through requests to the client. The common modus operandi of the attack includes a design step, in which the attacker creates and tests an offending URI, a social engineering step, in which she convinces her victims to load this URI on their browsers, and the eventual execution of the offending code - using the victim's credentials.</p>
|
25
|
+
|
26
|
+
<p>Commonly the attacker's code is written in the Javascript language, but other scripting languages are also used, e.g., ActionScript and VBScript.</p>
|
27
|
+
|
28
|
+
<p>Attackers typically leverage these vulnerabilities to install key loggers, steal victim cookies, perform clipboard theft, and change the content of the page (e.g., download links).</p>
|
29
|
+
|
30
|
+
<p>One of the important matters about exploiting XSS vulnerabilities is character encoding. In some cases, the web server or the web application may not be filtering some encodings of characters, so, for example, the web application might filter out "<script>", but might not filter "%3Cscript%3E" which simply includes another encoding of tags. A nice tool for testing character encodings is OWASP's CAL9000. </p>]]></Recommendation>
|
31
|
+
<Page>http://www.hackthissite.org/</Page>
|
32
|
+
<Url>http://www.hackthissite.org/</Url>
|
33
|
+
<VulnParamType>unknown</VulnParamType>
|
34
|
+
<CrawlTrafficTemplate>R0VUIC8/eGh5azJhanEtcHQgSFRUUC8xLjENCkFjY2VwdDogdGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksKi8qO3E9MC44DQpBY2NlcHQtQ2hhcnNldDogKg0KQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoY29tcGF0aWJsZTsgTVNJRSA5LjA7IFdpbmRvd3MgTlQgNi4xOyBXT1c2NDsgVHJpZGVudC81LjApDQpIb3N0OiB3d3cuaGFja3RoaXNzaXRlLm9yZw0KQ29va2llOiBfX3V0bWE9MTk4NDAyODcwLjYwNzMyMTI4MC4xNDEzMjYwOTIzLjE0MTMyNjA5MjMuMTQxMzI2MDkyMy4xOyBfX3V0bXo9MTk4NDAyODcwLjE0MTMyNjA5MjMuMS4xLnV0bWNzcj0oZGlyZWN0KXx1dG1jY249KGRpcmVjdCl8dXRtY21kPShub25lKTsgYWRzX2JtX2xhc3RfbG9hZF9zdGF0dXM9Tk9UX0JMT0NLSU5HOyBwaHBiYjNfMjhwbGFfdT0xOyBwaHBiYjNfMjhwbGFfaz07IHBocGJiM18yOHBsYV9zaWQ9OTFkOTgzOThhY2U2NzUxZjI3YTI5ZmNmYmJhMmMwOTQ7IGJtX2xhc3RfbG9hZF9zdGF0dXM9Tk9UX0JMT0NLSU5HOyBQSFBTRVNTSUQ9OWh2bmxmczUxanNqMmlpZWZtaDc0dXN0YTA7IF9fdXRtYj0xOTg0MDI4NzAuNTAwLjEwLjE0MTMyNjA5MjM7IF9fdXRtYz0xOTg0MDI4NzA7IGJtX21vbnRobHlfdW5pcXVlPXRydWU7IGJtX2RhaWx5X3VuaXF1ZT10cnVlOyBsZXZlbDEwX2F1dGhvcml6ZWQ9bm87DQoNCg==</CrawlTrafficTemplate>
|
35
|
+
<AttackClass>Application Developer</AttackClass>
|
36
|
+
<CweId>79</CweId>
|
37
|
+
<CAPEC>80</CAPEC>
|
38
|
+
<DISSA_ASC>3580</DISSA_ASC>
|
39
|
+
<OWASP2007>1</OWASP2007>
|
40
|
+
<OWASP2010>2</OWASP2010>
|
41
|
+
<OWASP2013>3</OWASP2013>
|
42
|
+
<OVAL>6312</OVAL>
|
43
|
+
<WASC>0</WASC>
|
44
|
+
<ScanDate>2014-10-14 07:26:14</ScanDate>
|
45
|
+
<ScanEnd>2014-10-15 01:59:37</ScanEnd>
|
46
|
+
<DefenseBL>
|
47
|
+
<DbId>E00DA69EEFFE4556A2EA833A05174698</DbId>
|
48
|
+
<ParentDbId>7B9CAABF300A49688F4D30FA423EDFB8</ParentDbId>
|
49
|
+
<PcreRegex></PcreRegex>
|
50
|
+
<ModSecurity></ModSecurity>
|
51
|
+
<Snort></Snort>
|
52
|
+
<Imperva>cross-site-scripting</Imperva>
|
53
|
+
</DefenseBL>
|
54
|
+
<DefenseWL>
|
55
|
+
<DbId>ED59621943E9405B98ED9C3642011DBB</DbId>
|
56
|
+
<ParentDbId>7B9CAABF300A49688F4D30FA423EDFB8</ParentDbId>
|
57
|
+
<PcreRegex></PcreRegex>
|
58
|
+
<ModSecurity></ModSecurity>
|
59
|
+
<Snort></Snort>
|
60
|
+
<Imperva></Imperva>
|
61
|
+
</DefenseWL>
|
62
|
+
<AttackList>
|
63
|
+
<Attack>
|
64
|
+
<DbId>0FBEDA330DDC427CB8EFB550E5170614</DbId>
|
65
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
66
|
+
<AttackValue>'-alert(6759001)-'</AttackValue>
|
67
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
68
|
+
<AttackPostParams></AttackPostParams>
|
69
|
+
<AttackMatchedString>6759001</AttackMatchedString>
|
70
|
+
<AttackRequestList>
|
71
|
+
<AttackRequest>
|
72
|
+
<DbId>E70A833E09944518999100DD31DCDEDF</DbId>
|
73
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
74
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
75
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
76
|
+
<Benign>0</Benign>
|
77
|
+
</AttackRequest>
|
78
|
+
</AttackRequestList>
|
79
|
+
</Attack>
|
80
|
+
<Attack>
|
81
|
+
<DbId>6B29EBB4F4094201B6541769C9D3BCFB</DbId>
|
82
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
83
|
+
<AttackValue>';alert('xhsysg0a');//</AttackValue>
|
84
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
85
|
+
<AttackPostParams></AttackPostParams>
|
86
|
+
<AttackMatchedString>xhsysg0a</AttackMatchedString>
|
87
|
+
<AttackRequestList>
|
88
|
+
<AttackRequest>
|
89
|
+
<DbId>245EEA880FA748298BFDD11D286A2AA8</DbId>
|
90
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
91
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
92
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
93
|
+
<Benign>0</Benign>
|
94
|
+
</AttackRequest>
|
95
|
+
</AttackRequestList>
|
96
|
+
</Attack>
|
97
|
+
<Attack>
|
98
|
+
<DbId>208D71F46FC84F7A97A51A9D204936E8</DbId>
|
99
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
100
|
+
<AttackValue>'+alert(14357991)+'</AttackValue>
|
101
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
102
|
+
<AttackPostParams></AttackPostParams>
|
103
|
+
<AttackMatchedString>14357991</AttackMatchedString>
|
104
|
+
<AttackRequestList>
|
105
|
+
<AttackRequest>
|
106
|
+
<DbId>656C78FC2C5A4E8E88805D70E85C03BB</DbId>
|
107
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
108
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
109
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
110
|
+
<Benign>0</Benign>
|
111
|
+
</AttackRequest>
|
112
|
+
</AttackRequestList>
|
113
|
+
</Attack>
|
114
|
+
<Attack>
|
115
|
+
<DbId>FF2039A5A33D4167B1BD5F10DBD78989</DbId>
|
116
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
117
|
+
<AttackValue><![CDATA[xhyk2ajq-pt"><script>alert(15009454)</script>]]></AttackValue>
|
118
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
119
|
+
<AttackPostParams></AttackPostParams>
|
120
|
+
<AttackMatchedString>15009454</AttackMatchedString>
|
121
|
+
<AttackRequestList>
|
122
|
+
<AttackRequest>
|
123
|
+
<DbId>81362DB814024D8899B83D4A4FF7DE3A</DbId>
|
124
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
125
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
126
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
127
|
+
<Benign>0</Benign>
|
128
|
+
</AttackRequest>
|
129
|
+
</AttackRequestList>
|
130
|
+
</Attack>
|
131
|
+
<Attack>
|
132
|
+
<DbId>96A0331A38FF47AFA13C547518721E08</DbId>
|
133
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
134
|
+
<AttackValue><![CDATA[<img """><script>alert("x9khdxei")</script>">]]></AttackValue>
|
135
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
136
|
+
<AttackPostParams></AttackPostParams>
|
137
|
+
<AttackMatchedString>x9khdxei</AttackMatchedString>
|
138
|
+
<AttackRequestList>
|
139
|
+
<AttackRequest>
|
140
|
+
<DbId>49A7844AA3884CE19078E68B4F12E04B</DbId>
|
141
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
142
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
143
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
144
|
+
<Benign>0</Benign>
|
145
|
+
</AttackRequest>
|
146
|
+
</AttackRequestList>
|
147
|
+
</Attack>
|
148
|
+
<Attack>
|
149
|
+
<DbId>23E5FDE97F5E42628FC74477F8513B8D</DbId>
|
150
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
151
|
+
<AttackValue>');alert('x9krdis7');//</AttackValue>
|
152
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
153
|
+
<AttackPostParams></AttackPostParams>
|
154
|
+
<AttackMatchedString>x9krdis7</AttackMatchedString>
|
155
|
+
<AttackRequestList>
|
156
|
+
<AttackRequest>
|
157
|
+
<DbId>E982E7BCB4F64A56AC6AC1B8C697E284</DbId>
|
158
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
159
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
160
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
161
|
+
<Benign>0</Benign>
|
162
|
+
</AttackRequest>
|
163
|
+
</AttackRequestList>
|
164
|
+
</Attack>
|
165
|
+
<Attack>
|
166
|
+
<DbId>B87C5202F4A74BEBA06936F6BD186076</DbId>
|
167
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
168
|
+
<AttackValue>'-alert(15189768)-'</AttackValue>
|
169
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
170
|
+
<AttackPostParams></AttackPostParams>
|
171
|
+
<AttackMatchedString>15189768</AttackMatchedString>
|
172
|
+
<AttackRequestList>
|
173
|
+
<AttackRequest>
|
174
|
+
<DbId>E3F212EBD7134B958D3EB7D4369FE1A9</DbId>
|
175
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
176
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
177
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
178
|
+
<Benign>0</Benign>
|
179
|
+
</AttackRequest>
|
180
|
+
</AttackRequestList>
|
181
|
+
</Attack>
|
182
|
+
<Attack>
|
183
|
+
<DbId>ED858AB85A2C46C9953BA5E86C412BEE</DbId>
|
184
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
185
|
+
<AttackValue>';alert('x9lj3cup');//</AttackValue>
|
186
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
187
|
+
<AttackPostParams></AttackPostParams>
|
188
|
+
<AttackMatchedString>x9lj3cup</AttackMatchedString>
|
189
|
+
<AttackRequestList>
|
190
|
+
<AttackRequest>
|
191
|
+
<DbId>2F292FE91CD64B86B98B536D9BA66FE7</DbId>
|
192
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
193
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
194
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
195
|
+
<Benign>0</Benign>
|
196
|
+
</AttackRequest>
|
197
|
+
</AttackRequestList>
|
198
|
+
</Attack>
|
199
|
+
</AttackList>
|
200
|
+
</Vuln>
|
@@ -0,0 +1,18 @@
|
|
1
|
+
vuln.attack_class
|
2
|
+
vuln.attack_score
|
3
|
+
vuln.attack_type
|
4
|
+
vuln.attack_value
|
5
|
+
vuln.capec
|
6
|
+
vuln.cwe_id
|
7
|
+
vuln.description
|
8
|
+
vuln.dissa_asc
|
9
|
+
vuln.normalized_url
|
10
|
+
vuln.oval
|
11
|
+
vuln.owasp2007
|
12
|
+
vuln.owasp2010
|
13
|
+
vuln.owasp2013
|
14
|
+
vuln.recommendation
|
15
|
+
vuln.vuln_method
|
16
|
+
vuln.vuln_param
|
17
|
+
vuln.vuln_type
|
18
|
+
vuln.vuln_url
|
@@ -0,0 +1,200 @@
|
|
1
|
+
<Vuln>
|
2
|
+
<DbId>7B9CAABF300A49688F4D30FA423EDFB8</DbId>
|
3
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
4
|
+
<ScanName>hackthissite</ScanName>
|
5
|
+
<WebSite>http://www.hackthissite.org:80</WebSite>
|
6
|
+
<VulnType>Reflected Cross-site scripting (XSS)</VulnType>
|
7
|
+
<VulnUrl>http://www.hackthissite.org/</VulnUrl>
|
8
|
+
<NormalizedUrl>http://www.hackthissite.org/?</NormalizedUrl>
|
9
|
+
<MatchedString></MatchedString>
|
10
|
+
<NormalizedPostParams></NormalizedPostParams>
|
11
|
+
<VulnParam>Unnamed</VulnParam>
|
12
|
+
<ParameterName>Unnamed</ParameterName>
|
13
|
+
<HtmlEntityAttacked>Query-Parameters</HtmlEntityAttacked>
|
14
|
+
<AttackType>javascript after single quote</AttackType>
|
15
|
+
<AttackScore>3-Medium</AttackScore>
|
16
|
+
<AttackValue>';alert('x9lj3cup');//</AttackValue>
|
17
|
+
<Method>GET</Method>
|
18
|
+
<RootCauseId>9AEE038BB3477FE5A178FBA57C93FC76</RootCauseId>
|
19
|
+
<Description><![CDATA[<p>Reflected Cross-site Scripting (XSS) is another name for non-persistent XSS, where the attack doesn't load with the vulnerable web application but is originated by the victim loading the offending URI. In this article we will see some ways to test a web application for this kind of vulnerability.</p>]]></Description>
|
20
|
+
<Recommendation><![CDATA[
|
21
|
+
|
22
|
+
<p>Reflected XSS attacks are also known as type 1 or non-persistent XSS attacks, and are the most frequent type of XSS attacks found nowadays.</p>
|
23
|
+
|
24
|
+
<p>When a web application is vulnerable to this type of attack, it will pass unvalidated input sent through requests to the client. The common modus operandi of the attack includes a design step, in which the attacker creates and tests an offending URI, a social engineering step, in which she convinces her victims to load this URI on their browsers, and the eventual execution of the offending code - using the victim's credentials.</p>
|
25
|
+
|
26
|
+
<p>Commonly the attacker's code is written in the Javascript language, but other scripting languages are also used, e.g., ActionScript and VBScript.</p>
|
27
|
+
|
28
|
+
<p>Attackers typically leverage these vulnerabilities to install key loggers, steal victim cookies, perform clipboard theft, and change the content of the page (e.g., download links).</p>
|
29
|
+
|
30
|
+
<p>One of the important matters about exploiting XSS vulnerabilities is character encoding. In some cases, the web server or the web application may not be filtering some encodings of characters, so, for example, the web application might filter out "<script>", but might not filter "%3Cscript%3E" which simply includes another encoding of tags. A nice tool for testing character encodings is OWASP's CAL9000. </p>]]></Recommendation>
|
31
|
+
<Page>http://www.hackthissite.org/</Page>
|
32
|
+
<Url>http://www.hackthissite.org/</Url>
|
33
|
+
<VulnParamType>unknown</VulnParamType>
|
34
|
+
<CrawlTrafficTemplate>R0VUIC8/eGh5azJhanEtcHQgSFRUUC8xLjENCkFjY2VwdDogdGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksKi8qO3E9MC44DQpBY2NlcHQtQ2hhcnNldDogKg0KQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlDQpVc2VyLUFnZW50OiBNb3ppbGxhLzUuMCAoY29tcGF0aWJsZTsgTVNJRSA5LjA7IFdpbmRvd3MgTlQgNi4xOyBXT1c2NDsgVHJpZGVudC81LjApDQpIb3N0OiB3d3cuaGFja3RoaXNzaXRlLm9yZw0KQ29va2llOiBfX3V0bWE9MTk4NDAyODcwLjYwNzMyMTI4MC4xNDEzMjYwOTIzLjE0MTMyNjA5MjMuMTQxMzI2MDkyMy4xOyBfX3V0bXo9MTk4NDAyODcwLjE0MTMyNjA5MjMuMS4xLnV0bWNzcj0oZGlyZWN0KXx1dG1jY249KGRpcmVjdCl8dXRtY21kPShub25lKTsgYWRzX2JtX2xhc3RfbG9hZF9zdGF0dXM9Tk9UX0JMT0NLSU5HOyBwaHBiYjNfMjhwbGFfdT0xOyBwaHBiYjNfMjhwbGFfaz07IHBocGJiM18yOHBsYV9zaWQ9OTFkOTgzOThhY2U2NzUxZjI3YTI5ZmNmYmJhMmMwOTQ7IGJtX2xhc3RfbG9hZF9zdGF0dXM9Tk9UX0JMT0NLSU5HOyBQSFBTRVNTSUQ9OWh2bmxmczUxanNqMmlpZWZtaDc0dXN0YTA7IF9fdXRtYj0xOTg0MDI4NzAuNTAwLjEwLjE0MTMyNjA5MjM7IF9fdXRtYz0xOTg0MDI4NzA7IGJtX21vbnRobHlfdW5pcXVlPXRydWU7IGJtX2RhaWx5X3VuaXF1ZT10cnVlOyBsZXZlbDEwX2F1dGhvcml6ZWQ9bm87DQoNCg==</CrawlTrafficTemplate>
|
35
|
+
<AttackClass>Application Developer</AttackClass>
|
36
|
+
<CweId>79</CweId>
|
37
|
+
<CAPEC>80</CAPEC>
|
38
|
+
<DISSA_ASC>3580</DISSA_ASC>
|
39
|
+
<OWASP2007>1</OWASP2007>
|
40
|
+
<OWASP2010>2</OWASP2010>
|
41
|
+
<OWASP2013>3</OWASP2013>
|
42
|
+
<OVAL>6312</OVAL>
|
43
|
+
<WASC>0</WASC>
|
44
|
+
<ScanDate>2014-10-14 07:26:14</ScanDate>
|
45
|
+
<ScanEnd>2014-10-15 01:59:37</ScanEnd>
|
46
|
+
<DefenseBL>
|
47
|
+
<DbId>E00DA69EEFFE4556A2EA833A05174698</DbId>
|
48
|
+
<ParentDbId>7B9CAABF300A49688F4D30FA423EDFB8</ParentDbId>
|
49
|
+
<PcreRegex></PcreRegex>
|
50
|
+
<ModSecurity></ModSecurity>
|
51
|
+
<Snort></Snort>
|
52
|
+
<Imperva>cross-site-scripting</Imperva>
|
53
|
+
</DefenseBL>
|
54
|
+
<DefenseWL>
|
55
|
+
<DbId>ED59621943E9405B98ED9C3642011DBB</DbId>
|
56
|
+
<ParentDbId>7B9CAABF300A49688F4D30FA423EDFB8</ParentDbId>
|
57
|
+
<PcreRegex></PcreRegex>
|
58
|
+
<ModSecurity></ModSecurity>
|
59
|
+
<Snort></Snort>
|
60
|
+
<Imperva></Imperva>
|
61
|
+
</DefenseWL>
|
62
|
+
<AttackList>
|
63
|
+
<Attack>
|
64
|
+
<DbId>0FBEDA330DDC427CB8EFB550E5170614</DbId>
|
65
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
66
|
+
<AttackValue>'-alert(6759001)-'</AttackValue>
|
67
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
68
|
+
<AttackPostParams></AttackPostParams>
|
69
|
+
<AttackMatchedString>6759001</AttackMatchedString>
|
70
|
+
<AttackRequestList>
|
71
|
+
<AttackRequest>
|
72
|
+
<DbId>E70A833E09944518999100DD31DCDEDF</DbId>
|
73
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
74
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
75
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
76
|
+
<Benign>0</Benign>
|
77
|
+
</AttackRequest>
|
78
|
+
</AttackRequestList>
|
79
|
+
</Attack>
|
80
|
+
<Attack>
|
81
|
+
<DbId>6B29EBB4F4094201B6541769C9D3BCFB</DbId>
|
82
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
83
|
+
<AttackValue>';alert('xhsysg0a');//</AttackValue>
|
84
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
85
|
+
<AttackPostParams></AttackPostParams>
|
86
|
+
<AttackMatchedString>xhsysg0a</AttackMatchedString>
|
87
|
+
<AttackRequestList>
|
88
|
+
<AttackRequest>
|
89
|
+
<DbId>245EEA880FA748298BFDD11D286A2AA8</DbId>
|
90
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
91
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
92
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
93
|
+
<Benign>0</Benign>
|
94
|
+
</AttackRequest>
|
95
|
+
</AttackRequestList>
|
96
|
+
</Attack>
|
97
|
+
<Attack>
|
98
|
+
<DbId>208D71F46FC84F7A97A51A9D204936E8</DbId>
|
99
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
100
|
+
<AttackValue>'+alert(14357991)+'</AttackValue>
|
101
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
102
|
+
<AttackPostParams></AttackPostParams>
|
103
|
+
<AttackMatchedString>14357991</AttackMatchedString>
|
104
|
+
<AttackRequestList>
|
105
|
+
<AttackRequest>
|
106
|
+
<DbId>656C78FC2C5A4E8E88805D70E85C03BB</DbId>
|
107
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
108
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
109
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
110
|
+
<Benign>0</Benign>
|
111
|
+
</AttackRequest>
|
112
|
+
</AttackRequestList>
|
113
|
+
</Attack>
|
114
|
+
<Attack>
|
115
|
+
<DbId>FF2039A5A33D4167B1BD5F10DBD78989</DbId>
|
116
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
117
|
+
<AttackValue><![CDATA[xhyk2ajq-pt"><script>alert(15009454)</script>]]></AttackValue>
|
118
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
119
|
+
<AttackPostParams></AttackPostParams>
|
120
|
+
<AttackMatchedString>15009454</AttackMatchedString>
|
121
|
+
<AttackRequestList>
|
122
|
+
<AttackRequest>
|
123
|
+
<DbId>81362DB814024D8899B83D4A4FF7DE3A</DbId>
|
124
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
125
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
126
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
127
|
+
<Benign>0</Benign>
|
128
|
+
</AttackRequest>
|
129
|
+
</AttackRequestList>
|
130
|
+
</Attack>
|
131
|
+
<Attack>
|
132
|
+
<DbId>96A0331A38FF47AFA13C547518721E08</DbId>
|
133
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
134
|
+
<AttackValue><![CDATA[<img """><script>alert("x9khdxei")</script>">]]></AttackValue>
|
135
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
136
|
+
<AttackPostParams></AttackPostParams>
|
137
|
+
<AttackMatchedString>x9khdxei</AttackMatchedString>
|
138
|
+
<AttackRequestList>
|
139
|
+
<AttackRequest>
|
140
|
+
<DbId>49A7844AA3884CE19078E68B4F12E04B</DbId>
|
141
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
142
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
143
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
144
|
+
<Benign>0</Benign>
|
145
|
+
</AttackRequest>
|
146
|
+
</AttackRequestList>
|
147
|
+
</Attack>
|
148
|
+
<Attack>
|
149
|
+
<DbId>23E5FDE97F5E42628FC74477F8513B8D</DbId>
|
150
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
151
|
+
<AttackValue>');alert('x9krdis7');//</AttackValue>
|
152
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
153
|
+
<AttackPostParams></AttackPostParams>
|
154
|
+
<AttackMatchedString>x9krdis7</AttackMatchedString>
|
155
|
+
<AttackRequestList>
|
156
|
+
<AttackRequest>
|
157
|
+
<DbId>E982E7BCB4F64A56AC6AC1B8C697E284</DbId>
|
158
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
159
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
160
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
161
|
+
<Benign>0</Benign>
|
162
|
+
</AttackRequest>
|
163
|
+
</AttackRequestList>
|
164
|
+
</Attack>
|
165
|
+
<Attack>
|
166
|
+
<DbId>B87C5202F4A74BEBA06936F6BD186076</DbId>
|
167
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
168
|
+
<AttackValue>'-alert(15189768)-'</AttackValue>
|
169
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
170
|
+
<AttackPostParams></AttackPostParams>
|
171
|
+
<AttackMatchedString>15189768</AttackMatchedString>
|
172
|
+
<AttackRequestList>
|
173
|
+
<AttackRequest>
|
174
|
+
<DbId>E3F212EBD7134B958D3EB7D4369FE1A9</DbId>
|
175
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
176
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
177
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
178
|
+
<Benign>0</Benign>
|
179
|
+
</AttackRequest>
|
180
|
+
</AttackRequestList>
|
181
|
+
</Attack>
|
182
|
+
<Attack>
|
183
|
+
<DbId>ED858AB85A2C46C9953BA5E86C412BEE</DbId>
|
184
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
185
|
+
<AttackValue>';alert('x9lj3cup');//</AttackValue>
|
186
|
+
<AttackVulnUrl>http://www.hackthissite.org/</AttackVulnUrl>
|
187
|
+
<AttackPostParams></AttackPostParams>
|
188
|
+
<AttackMatchedString>x9lj3cup</AttackMatchedString>
|
189
|
+
<AttackRequestList>
|
190
|
+
<AttackRequest>
|
191
|
+
<DbId>2F292FE91CD64B86B98B536D9BA66FE7</DbId>
|
192
|
+
<ParentDbId>00000000000000000000000000000000</ParentDbId>
|
193
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
194
|
+
<Request>R0VUIC8/Jy1hbGVydCg2NzU5MDAxKS0nIEhUVFAvMS4xDQpBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOA0KQWNjZXB0LUNoYXJzZXQ6ICoNCkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQ0KVXNlci1BZ2VudDogTW96aWxsYS81LjAgKGNvbXBhdGlibGU7IE1TSUUgOS4wOyBXaW5kb3dzIE5UIDYuMTsgV09XNjQ7IFRyaWRlbnQvNS4wKQ0KSG9zdDogd3d3LmhhY2t0aGlzc2l0ZS5vcmcNCkNvb2tpZTogUEhQU0VTU0lEPTlodm5sZnM1MWpzajJpaWVmbWg3NHVzdGEwOw0KDQo=</Request>
|
195
|
+
<Benign>0</Benign>
|
196
|
+
</AttackRequest>
|
197
|
+
</AttackRequestList>
|
198
|
+
</Attack>
|
199
|
+
</AttackList>
|
200
|
+
</Vuln>
|
@@ -0,0 +1,44 @@
|
|
1
|
+
#[Title]#
|
2
|
+
%vuln.vuln_type%
|
3
|
+
|
4
|
+
#[Attack Class]#
|
5
|
+
%vuln.attack_class%
|
6
|
+
|
7
|
+
#[Attack Type]#
|
8
|
+
%vuln.attack_type%
|
9
|
+
|
10
|
+
#[Attack Score]#
|
11
|
+
%vuln.attack_score%
|
12
|
+
|
13
|
+
#[Attack Value]#
|
14
|
+
%vuln.attack_value%
|
15
|
+
|
16
|
+
#[Method]#
|
17
|
+
%vuln.vuln_method%
|
18
|
+
|
19
|
+
#[Description]#
|
20
|
+
%vuln.description%
|
21
|
+
|
22
|
+
#[Recommendation]#
|
23
|
+
%vuln.recommendation%
|
24
|
+
|
25
|
+
#[CweId]#
|
26
|
+
%vuln.cwe_id%
|
27
|
+
|
28
|
+
#[CAPEC]#
|
29
|
+
%vuln.capec%
|
30
|
+
|
31
|
+
#[DISSA_ASC]#
|
32
|
+
%vuln.dissa_asc%
|
33
|
+
|
34
|
+
#[OWASP2007]#
|
35
|
+
%vuln.owasp2007%
|
36
|
+
|
37
|
+
#[OWASP2010]#
|
38
|
+
%vuln.owasp2010%
|
39
|
+
|
40
|
+
#[OWASP2013]#
|
41
|
+
%vuln.owasp2013%
|
42
|
+
|
43
|
+
#[OVAL]#
|
44
|
+
%vuln.oval%
|