Burpsuite-Parser
view release on metacpan or search on metacpan
t/test1.xml view on Meta::CPAN
<?xml version="1.0"?>
<!DOCTYPE issues [
<!ELEMENT issues (issue*)>
<!ATTLIST issues burpVersion CDATA "">
<!ATTLIST issues exportTime CDATA "">
<!ELEMENT issue (serialNumber, type, name, host, path, location, severity, confidence, issueBackground?, remediationBackground?, issueDetail?, remediationDetail?, requestresponse*)>
<!ELEMENT serialNumber (#PCDATA)>
<!ELEMENT type (#PCDATA)>
<!ELEMENT name (#PCDATA)>
<!ELEMENT host (#PCDATA)>
<!ELEMENT path (#PCDATA)>
<!ELEMENT location (#PCDATA)>
<!ELEMENT severity (#PCDATA)>
<!ELEMENT confidence (#PCDATA)>
<!ELEMENT issueBackground (#PCDATA)>
<!ELEMENT remediationBackground (#PCDATA)>
<!ELEMENT issueDetail (#PCDATA)>
<!ELEMENT remediationDetail (#PCDATA)>
<!ELEMENT requestresponse (request?, response?)>
<!ELEMENT request (#PCDATA)>
<!ELEMENT response (#PCDATA)>
]>
<issues burpVersion="1.2.17" exportTime="Mon Oct 12 07:27:01 PDT 2009">
<issue>
<serialNumber>7417499774799336448</serialNumber>
<type>3145984</type>
<name>Cleartext submission of password</name>
<host>http://192.168.163.128</host>
<path><![CDATA[/beef/]]></path>
<location><![CDATA[/beef/]]></location>
<severity>High</severity>
<confidence>Certain</confidence>
<issueBackground><![CDATA[Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP...
<remediationBackground><![CDATA[The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechan...
<issueDetail><![CDATA[The page contains a form with the following action URL, which is submitted over clear-text HTTP:<ul><li>http://192.168.163.128<wbr>/beef/</li></ul>The form contains the following password field:<ul><li>passwd</li></ul>]]></i...
<requestresponse>
<request><![CDATA[GET /beef/ HTTP/1.1
Host: 192.168.163.128
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
]]></request>
<response><![CDATA[HTTP/1.1 200 OK
Date: Mon, 12 Oct 2009 14:26:53 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
X-Powered-By: PHP/5.2.6-bt0
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 3194
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<link rel="stylesheet" type="text/css" href="css/firefox/menu.css"> <link rel="stylesheet" type="text/css" href="css/firefox/style.css">
<title>Browser Exploit Framework</title>
<link rel="icon" href="favicon.ico" type="image/x-icon">
<script src="js/prototype.js" type="text/javascript"></script>
<script src="js/scriptaculous.js" type="text/javascript"></script>
<script src="js/common.js" type="text/javascript"></script>
<script>
// ---[ BEEF_ERROR
function beef_error(error_string) {
new Effect.Shake('beef_icon');
alert(error_string);
}
// ---[ SUBMIT_CONFIG
function submit_config(config, passwd) {
new Ajax.Updater('config_results', 'submit_config.php?config=' + config + '&passwd=' + passwd, {asynchronous:true});
}
</script>
</head>
<body>
<!-- SIDEBAR -->
<div id="sidebar">
<!-- BEEF HEADER - LINK AND IMAGE-->
<div id="header">
<center><a href=http://www.bindshell.net/tools/beef/>Browser Exploitation Framework</a></center>
<h1><div id="beef_icon"><img src="images/beef.gif" onclick="new Effect.Shake('sidebar');"></div> BeEF</h1>
</div>
<!-- Security -->
<div id="sidebar_autorun">
<div id="header" onclick="new Effect.Pulsate('zombiesdyn');">
<h2>Security</h2>
</div>
<div id="content">
<!-- DYNAMIC ZOMBIE SECTION -->
<div id="autorun_dyn">BeEF has no security by design <br><br></div>
<div id="autorun_dyn">Default password is <b>BeEFConfigPass</b> <br><br></div>
<div id="autorun_dyn">Edit 'pw.php' in BeEF root to alter the password</div>
</div>
t/test1.xml view on Meta::CPAN
<tr><td valign="top"><img src="/icons/image2.gif" alt="[IMG]"></td><td><a href="unknown.png">unknown.png</a></td><td align="right">18-Jan-2009 03:44 </td><td align="right">218 </td></tr>
<tr><td valign="top"><img src="/icons/image2.gif" alt="[IMG]"></td><td><a href="win.png">win.png</a></td><td align="right">18-Jan-2009 03:44 </td><td align="right">334 </td></tr>
<tr><th colspan="5"><hr></th></tr>
</table>
<address>Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0 Server at 192.168.163.128 Port 80</address>
</body></html>
]]></response>
</requestresponse>
</issue>
<issue>
<serialNumber>4542038331232136192</serialNumber>
<type>5245440</type>
<name>TRACE method is enabled</name>
<host>http://192.168.163.128</host>
<path><![CDATA[/]]></path>
<location><![CDATA[/]]></location>
<severity>Information</severity>
<confidence>Certain</confidence>
<issueBackground><![CDATA[The TRACE method is designed for diagnostic purposes. If enabled, the web server will respond to requests which use the TRACE method by echoing in its response the exact request which was recieved.<br><br>Although this b...
<remediationBackground><![CDATA[The TRACE method should be disabled on the web server.]]></remediationBackground>
<requestresponse>
<request><![CDATA[TRACE / HTTP/1.0
Host: 192.168.163.128
Cookie: 5f14521172325ac3
]]></request>
<response><![CDATA[HTTP/1.1 200 OK
Date: Mon, 12 Oct 2009 14:26:36 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
Connection: close
Content-Type: message/http
TRACE / HTTP/1.0
Host: 192.168.163.128
Cookie: 5f14521172325ac3
]]></response>
</requestresponse>
</issue>
<issue>
<serialNumber>7327618555200268288</serialNumber>
<type>6291968</type>
<name>Email addresses disclosed</name>
<host>http://192.168.163.128</host>
<path><![CDATA[/beef/js/common.js]]></path>
<location><![CDATA[/beef/js/common.js]]></location>
<severity>Information</severity>
<confidence>Certain</confidence>
<issueBackground><![CDATA[The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as w...
<remediationBackground><![CDATA[You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.c...
<issueDetail><![CDATA[The following email address was disclosed in the response:<ul><li>wade@bindshell.net</li></ul>]]></issueDetail>
<requestresponse>
<request><![CDATA[GET /beef/js/common.js HTTP/1.1
Host: 192.168.163.128
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Referer: http://192.168.163.128/beef/
]]></request>
<response><![CDATA[HTTP/1.1 200 OK
Date: Mon, 12 Oct 2009 14:27:02 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
Last-Modified: Sat, 04 Jul 2009 10:17:27 GMT
ETag: "40d80-1149-46dde946a3bc0"
Accept-Ranges: bytes
Content-Length: 4425
Content-Type: application/javascript
// Copyright (c) 2006-2009, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
// --[ DIFF
// diff two arrays
function diff(a,b) {
var c = new Array();
a.each( function(element) {
if(0 > b.indexOf(element)) {
c.push(element);
}
})
return c;
}
// --[ B64REPLACE
// replace a string in a base64 string
function b64replace(b64str, srcstr, deststr) {
str = decode64(b64str);
str = str.replace(srcstr, deststr);
result = encode64(str);
return result;
}
// array code from http://4umi.com/web/javascript/array.htm
Array.prototype.indexOf=function(n){for(var i=0;i<this.length;i++){if(this[i]===n){return i;}}return -1;}
Array.prototype.lastIndexOf=function(n){var i=this.length;while(i--){if(this[i]===n){return i;}}return -1;}
Array.prototype.forEach=function(f){var i=this.length,j,l=this.length;for(i=0;i<l;i++){if((j=this[i])){f(j);}}};
Array.prototype.insert=function(i,v){if(i>=0){var a=this.slice(),b=a.splice(i);a[i]=value;return a.concat(b);}}
Array.prototype.shuffle=function(){var i=this.length,j,t;while(i--){j=Math.floor((i+1)*Math.random());t=arr[i];arr[i]=arr[j];arr[j]=t;}}
Array.prototype.unique=function(){var a=[],i;this.sort();for(i=0;i<this.length;i++){if(this[i]!==this[i+1]){a[a.length]=this[i];}}return a;}
if(typeof Array.prototype.concat==='undefined'){Array.prototype.concat=function(a){for(var i=0,b=this.copy();i<a.length;i++){b[b.length]=a[i];}return b;};}
if(typeof Array.prototype.copy==='undefined'){Array.prototype.copy=function(a){var a=[],i=this.length;while(i--){a[i]=(typeof this[i].copy!=='undefined')?this[i].copy():this[i];}return a;};}
if(typeof Array.prototype.pop==='undefined'){Array.prototype.pop=function(){var b=this[this.length-1];this.length--;return b;};}
if(typeof Array.prototype.push==='undefined'){Array.prototype.push=function(){for(var i=0,b=this.length,a=arguments;i<a.length;i++){this[b+i]=a[i];}return this.length;};}
if(typeof Array.prototype.shift==='undefined'){Array.prototype.shift=function(){for(var i=0,b=this[0];i<this.length-1;i++){this[i]=this[i+1];}this.length--;return b;};}
if(typeof Array.prototype.slice==='undefined'){Array.prototype.slice=function(a,c){var i=0,b,d=[];if(!c){c=this.length;}if(c<0){c=this.length+c;}if(a<0){a=this.length-a;}if(c<a){b=a;a=c;c=b;}for(i;i<c-a;i++){d[i]=this[a+i];}return d;};}
if(typeof Array.prototype.splice==='undefined'){Array.prototype.splice=function(a,c){var i=0,e=arguments,d=this.copy(),f=a;if(!c){c=this.length-a;}for(i;i<e.length-2;i++){this[a+i]=e[i+2];}for(a;a<this.length-c;a++){this[a+e.length-2]=d[a-c];}this.le...
if(typeof Array.prototype.unshift==='undefined'){Array.prototype.unshift=function(a){this.reverse();var b=this.push(a);this.reverse();return b;};}
// Base64 code from Tyler Akins -- http://rumkin.com
var keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
t/test1.xml view on Meta::CPAN
<tr>
<td width="25%">
<a href="uu.gif"><img class="blackico" src="uu.gif"
/><img class="whiteico" src="uu.gif" /> uu.gif</a>
<br /><a href="uu.png"><img class="blackico" src="uu.png"
/><img class="whiteico" src="uu.png" /> uu.png</a></td>
<td width="25%">
<a href="uuencoded.gif"><img class="blackico" src="uuencoded.gif"
/><img class="whiteico" src="uuencoded.gif" /> uuencoded.gif</a>
<br /><a href="uuencoded.png"><img class="blackico" src="uuencoded.png"
/><img class="whiteico" src="uuencoded.png" /> uuencoded.png</a></td>
<td width="25%">
<a href="small/uu.gif"><img class="blackico" src="small/uu.gif"
/><img class="whiteico" src="small/uu.gif" /> small/uu.gif</a>
<br /><a href="small/uu.png"><img class="blackico" src="small/uu.png"
/><img class="whiteico" src="small/uu.png" /> small/uu.png</a></td>
</tr>
<tr><td colspan="4">This can stand for uuencoded data.</td>
</tr>
<tr>
<td width="25%">
<a href="world1.gif"><img class="blackico" src="world1.gif"
/><img class="whiteico" src="world1.gif" /> world1.gif</a>
<br /><a href="world1.png"><img class="blackico" src="world1.png"
/><img class="whiteico" src="world1.png" /> world1.png</a></td>
<td width="25%">
<a href="world2.gif"><img class="blackico" src="world2.gif"
/><img class="whiteico" src="world2.gif" /> world2.gif</a>
<br /><a href="world2.png"><img class="blackico" src="world2.png"
/><img class="whiteico" src="world2.png" /> world2.png</a></td>
</tr>
<tr><td colspan="4">These can represent 3D worlds or other 3D formats.</td>
</tr>
</table>
</body>
</html>
]]></response>
</requestresponse>
</issue>
<issue>
<serialNumber>2712758913220520960</serialNumber>
<type>8389120</type>
<name>HTML does not specify charset</name>
<host>http://192.168.163.128</host>
<path><![CDATA[/beef/]]></path>
<location><![CDATA[/beef/]]></location>
<severity>Information</severity>
<confidence>Certain</confidence>
<issueBackground><![CDATA[If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority...
<remediationBackground><![CDATA[For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example <b>charset=ISO-8859-1</b>.]]></remed...
<requestresponse>
<request><![CDATA[GET /beef/ HTTP/1.1
Host: 192.168.163.128
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
]]></request>
<response><![CDATA[HTTP/1.1 200 OK
Date: Mon, 12 Oct 2009 14:26:53 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
X-Powered-By: PHP/5.2.6-bt0
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 3194
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<link rel="stylesheet" type="text/css" href="css/firefox/menu.css"> <link rel="stylesheet" type="text/css" href="css/firefox/style.css">
<title>Browser Exploit Framework</title>
<link rel="icon" href="favicon.ico" type="image/x-icon">
<script src="js/prototype.js" type="text/javascript"></script>
<script src="js/scriptaculous.js" type="text/javascript"></script>
<script src="js/common.js" type="text/javascript"></script>
<script>
// ---[ BEEF_ERROR
function beef_error(error_string) {
new Effect.Shake('beef_icon');
alert(error_string);
}
// ---[ SUBMIT_CONFIG
function submit_config(config, passwd) {
new Ajax.Updater('config_results', 'submit_config.php?config=' + config + '&passwd=' + passwd, {asynchronous:true});
}
</script>
</head>
<body>
<!-- SIDEBAR -->
<div id="sidebar">
<!-- BEEF HEADER - LINK AND IMAGE-->
<div id="header">
<center><a href=http://www.bindshell.net/tools/beef/>Browser Exploitation Framework</a></center>
<h1><div id="beef_icon"><img src="images/beef.gif" onclick="new Effect.Shake('sidebar');"></div> BeEF</h1>
</div>
<!-- Security -->
<div id="sidebar_autorun">
<div id="header" onclick="new Effect.Pulsate('zombiesdyn');">
<h2>Security</h2>
</div>
<div id="content">
<!-- DYNAMIC ZOMBIE SECTION -->
<div id="autorun_dyn">BeEF has no security by design <br><br></div>
<div id="autorun_dyn">Default password is <b>BeEFConfigPass</b> <br><br></div>
<div id="autorun_dyn">Edit 'pw.php' in BeEF root to alter the password</div>
</div>
t/test1.xml view on Meta::CPAN
<div id="sidebar_autorun">
<div id="header" onclick="new Effect.Pulsate('zombiesdyn');">
<!--<h2>Installation</h2>-->
</div>
<div id="content">
<!-- DYNAMIC ZOMBIE SECTION -->
<!-- <div id="autorun_dyn">BeEF has not been installed</div> -->
</div>
</div>
</div>
<!-- MAIN RIGHT SECTION -->
<div id="main">
<div id="page">
<div id="module_header">BeEF Configuration</div>
<br>
<div id="module_subsection">
<form name="configform">
<div id="module_subsection_header">Connection (IP Address or URL)</div>
This is the location that the zombies will connect to (do not include the hook directory). This must match the 'ServerName' value in your http.conf for the modules to work.
<input type="text" name="url" value="http://192.168.163.128/beef/" autocomplete="off"/>
BeEF configuration password
<input type="password" name="passwd" value="BeEFConfigPass" autocomplete="off"/>
<input class="button" type="button" value="Apply Config" onClick="javascript:submit_config(configform.url.value, configform.passwd.value)"/>
<br>Clicking 'Apply Configuration' will remove/replace these configuration files
</form>
</div>
<div id='config_results'></div>
</div>
</div>
</div>
</body>
</html>
]]></response>
</requestresponse>
</issue>
<issue>
<serialNumber>4215954805873869824</serialNumber>
<type>6291968</type>
<name>Email addresses disclosed</name>
<host>http://192.168.163.128</host>
<path><![CDATA[/beef/js/prototype.js]]></path>
<location><![CDATA[/beef/js/prototype.js]]></location>
<severity>Information</severity>
<confidence>Certain</confidence>
<issueBackground><![CDATA[The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as w...
<remediationBackground><![CDATA[You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.c...
<issueDetail><![CDATA[The following email address was disclosed in the response:<ul><li>sam@conio.net</li></ul>]]></issueDetail>
<requestresponse>
<request><![CDATA[GET /beef/js/prototype.js HTTP/1.1
Host: 192.168.163.128
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Referer: http://192.168.163.128/beef/
]]></request>
<response><![CDATA[HTTP/1.1 200 OK
Date: Mon, 12 Oct 2009 14:27:02 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
Last-Modified: Sun, 18 Jan 2009 08:44:54 GMT
ETag: "40d87-d76d-460bdd1ee8d80"
Accept-Ranges: bytes
Content-Length: 55149
Content-Type: application/javascript
/* Prototype JavaScript framework, version 1.5.0_rc0
* (c) 2005 Sam Stephenson <sam@conio.net>
*
* Prototype is freely distributable under the terms of an MIT-style license.
* For details, see the Prototype web site: http://prototype.conio.net/
*
/*--------------------------------------------------------------------------*/
var Prototype = {
Version: '1.5.0_rc0',
ScriptFragment: '(?:<script.*?>)((\n|\r|.)*?)(?:<\/script>)',
emptyFunction: function() {},
K: function(x) {return x}
}
var Class = {
create: function() {
return function() {
this.initialize.apply(this, arguments);
}
}
}
var Abstract = new Object();
Object.extend = function(destination, source) {
for (var property in source) {
destination[property] = source[property];
}
return destination;
}
Object.inspect = function(object) {
try {
if (object == undefined) return 'undefined';
if (object == null) return 'null';
return object.inspect ? object.inspect() : object.toString();
} catch (e) {
if (e instanceof RangeError) return '...';
throw e;
}
}
Function.prototype.bind = function() {
var __method = this, args = $A(arguments), object = args.shift();
return function() {
return __method.apply(object, args.concat($A(arguments)));
t/test1.xml view on Meta::CPAN
These may represent PDF and PostScript files.
screw1.gif, screw2.gif
These may represent CAD or engineering data and formats.
script.gif
This can represent any of various interpreted languages, such as
Perl, python, TCL, and shell scripts, as well as server
configuration files.
sound1.gif, sound2.gif
These can represent sound files.
sphere1.gif, sphere2.gif
These can represent 3D worlds or rendering applications and
formats.
tar.gif
This can represent TAR archive files.
tex.gif
This can represent TeX files.
text.gif
This can represent generic (plain) text files.
transfer.gif
This can represent FTP transfers or uploads/downloads.
unknown.gif
This may represent a file of an unknown type.
uu.gif, uuencoded.gif
This can stand for uuencoded data.
world1.gif, world2.gif
These can represent 3D worlds or other 3D formats.
]]></response>
</requestresponse>
</issue>
<issue>
<serialNumber>1046546002497631232</serialNumber>
<type>8389120</type>
<name>HTML does not specify charset</name>
<host>http://192.168.163.128</host>
<path><![CDATA[/]]></path>
<location><![CDATA[/]]></location>
<severity>Information</severity>
<confidence>Certain</confidence>
<issueBackground><![CDATA[If a web response states that it contains HTML content but does not specify a character set, then the browser may analyse the HTML and attempt to determine which character set it appears to be using. Even if the majority...
<remediationBackground><![CDATA[For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognised character set, for example <b>charset=ISO-8859-1</b>.]]></remed...
<requestresponse>
<request><![CDATA[GET / HTTP/1.1
Host: 192.168.163.128
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
]]></request>
<response><![CDATA[HTTP/1.1 200 OK
Date: Mon, 12 Oct 2009 14:26:17 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
Last-Modified: Thu, 28 May 2009 07:31:00 GMT
ETag: "3eddd-2d-46af3f103d500"-gzip
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 45
<html><body><h1>It works!</h1></body></html>
]]></response>
</requestresponse>
</issue>
<issue>
<serialNumber>7479896865214272512</serialNumber>
<type>6291712</type>
<name>Directory listing</name>
<host>http://192.168.163.128</host>
<path><![CDATA[/beef/css/]]></path>
<location><![CDATA[/beef/css/]]></location>
<severity>Information</severity>
<confidence>Firm</confidence>
<issueBackground><![CDATA[Directory listings do not necessarily constitute a security vulnerability. Any sensitive resources within your web root should be properly access-controlled in any case, and should not be accessible by an unauthorised pa...
<remediationBackground><![CDATA[There is not usually any good reason to provide directory listings, and disabling them may place additional hurdles in the path of an attacker. This can normally be achieved in two ways:<ul><li>Configure your web s...
<requestresponse>
<request><![CDATA[GET /beef/css/ HTTP/1.1
Host: 192.168.163.128
Accept: */*
Accept-Language: en
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Connection: close
]]></request>
<response><![CDATA[HTTP/1.1 200 OK
Date: Mon, 12 Oct 2009 14:27:18 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
Vary: Accept-Encoding
Content-Length: 1300
Connection: close
Content-Type: text/html;charset=UTF-8
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<html>
<head>
<title>Index of /beef/css</title>
</head>
<body>
<h1>Index of /beef/css</h1>
<table><tr><th><img src="/icons/blank.gif" alt="[ICO]"></th><th><a href="?C=N;O=D">Name</a></th><th><a href="?C=M;O=A">Last modified</a></th><th><a href="?C=S;O=A">Size</a></th><th><a href="?C=D;O=A">Description</a></th></tr><tr><th colspan="5"><hr><...
<tr><td valign="top"><img src="/icons/back.gif" alt="[DIR]"></td><td><a href="/beef/">Parent Directory</a></td><td> </td><td align="right"> - </td></tr>
<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="firefox/">firefox/</a></td><td align="right">03-Sep-2009 05:29 </td><td align="right"> - </td></tr>
<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="ie/">ie/</a></td><td align="right">03-Sep-2009 05:29 </td><td align="right"> - </td></tr>
<tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="safari/">safari/</a></td><td align="right">03-Sep-2009 05:29 </td><td align="right"> - </td></tr>
<tr><th colspan="5"><hr></th></tr>
</table>
<address>Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0 Server at 192.168.163.128 Port 80</address>
</body></html>
t/test1.xml view on Meta::CPAN
<a href="uu.gif"><img class="blackico" src="uu.gif"
/><img class="whiteico" src="uu.gif" /> uu.gif</a>
<br /><a href="uu.png"><img class="blackico" src="uu.png"
/><img class="whiteico" src="uu.png" /> uu.png</a></td>
<td width="25%">
<a href="uuencoded.gif"><img class="blackico" src="uuencoded.gif"
/><img class="whiteico" src="uuencoded.gif" /> uuencoded.gif</a>
<br /><a href="uuencoded.png"><img class="blackico" src="uuencoded.png"
/><img class="whiteico" src="uuencoded.png" /> uuencoded.png</a></td>
<td width="25%">
<a href="small/uu.gif"><img class="blackico" src="small/uu.gif"
/><img class="whiteico" src="small/uu.gif" /> small/uu.gif</a>
<br /><a href="small/uu.png"><img class="blackico" src="small/uu.png"
/><img class="whiteico" src="small/uu.png" /> small/uu.png</a></td>
</tr>
<tr><td colspan="4">This can stand for uuencoded data.</td>
</tr>
<tr>
<td width="25%">
<a href="world1.gif"><img class="blackico" src="world1.gif"
/><img class="whiteico" src="world1.gif" /> world1.gif</a>
<br /><a href="world1.png"><img class="blackico" src="world1.png"
/><img class="whiteico" src="world1.png" /> world1.png</a></td>
<td width="25%">
<a href="world2.gif"><img class="blackico" src="world2.gif"
/><img class="whiteico" src="world2.gif" /> world2.gif</a>
<br /><a href="world2.png"><img class="blackico" src="world2.png"
/><img class="whiteico" src="world2.png" /> world2.png</a></td>
</tr>
<tr><td colspan="4">These can represent 3D worlds or other 3D formats.</td>
</tr>
</table>
</body>
</html>
</body></html>
]]></response>
</requestresponse>
</issue>
<issue>
<serialNumber>418511299590712320</serialNumber>
<type>6291968</type>
<name>Email addresses disclosed</name>
<host>http://192.168.163.128</host>
<path><![CDATA[/beef/js/dragdrop.js]]></path>
<location><![CDATA[/beef/js/dragdrop.js]]></location>
<severity>Information</severity>
<confidence>Certain</confidence>
<issueBackground><![CDATA[The presence of email addresses within application responses does not necessarily constitute a security vulnerability. Email addresses may appear intentionally within contact information, and many applications (such as w...
<remediationBackground><![CDATA[You should review the email addresses being disclosed by the application, and consider removing any that are unnecessary, or replacing personal addresses with anonymous mailbox addresses (such as helpdesk@example.c...
<issueDetail><![CDATA[The following email address was disclosed in the response:<ul><li>sammi@oriontransfer.co.nz</li></ul>]]></issueDetail>
<requestresponse>
<request><![CDATA[GET /beef/js/dragdrop.js HTTP/1.1
Host: 192.168.163.128
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
Referer: http://192.168.163.128/beef/
]]></request>
<response><![CDATA[HTTP/1.1 200 OK
Date: Mon, 12 Oct 2009 14:27:11 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
Last-Modified: Sun, 18 Jan 2009 08:44:54 GMT
ETag: "40d82-765b-460bdd1ee8d80"
Accept-Ranges: bytes
Content-Length: 30299
Content-Type: application/javascript
// Copyright (c) 2005 Thomas Fuchs (http://script.aculo.us, http://mir.aculo.us)
// (c) 2005 Sammi Williams (http://www.oriontransfer.co.nz, sammi@oriontransfer.co.nz)
//
// See scriptaculous.js for full license.
/*--------------------------------------------------------------------------*/
if(typeof Effect == 'undefined')
throw("dragdrop.js requires including script.aculo.us' effects.js library");
var Droppables = {
drops: [],
remove: function(element) {
this.drops = this.drops.reject(function(d) { return d.element==$(element) });
},
add: function(element) {
element = $(element);
var options = Object.extend({
greedy: true,
hoverclass: null,
tree: false
}, arguments[1] || {});
// cache containers
if(options.containment) {
options._containers = [];
var containment = options.containment;
if((typeof containment == 'object') &&
(containment.constructor == Array)) {
containment.each( function(c) { options._containers.push($(c)) });
} else {
options._containers.push($(containment));
}
}
if(options.accept) options.accept = [options.accept].flatten();
Element.makePositioned(element); // fix IE
options.element = element;
this.drops.push(options);
},
findDeepestChild: function(drops) {
deepest = drops[0];
t/test1.xml view on Meta::CPAN
Content-Length: 1050
Connection: close
Content-Type: application/javascript
// Copyright (c) 2006-2009, Wade Alcorn
// All Rights Reserved
// wade@bindshell.net - http://www.bindshell.net
// --[ AUTORUN CLASS
var Autorun = Class.create();
Autorun.prototype = {
initialize: function() {
this.version = '0.1',
this.authors = 'Wade Alcorn <wade@bindshell.net>',
this.enabled = false,
this.module = '',
this.code = ''
},
// params: string to be displayed in sidebar, base64 encode code
enable: function(module_name, code) {
this.code = code;
var params = 'data='+code;
new Ajax.Updater('module_status', 'send_cmds.php?action=autorun', {method:'post',parameters:params,asynchronous:false});
this.enabled = true;
this.module = module_name;
$('autorun_dyn').innerHTML = this.module + ' Module Enabled';
},
disable: function() {
var params = 'data=disable';
new Ajax.Updater('module_status', 'send_cmds.php?action=autorun', {method:'post',parameters:params,asynchronous:false});
this.enabled = false;
this.module = '';
this.status = 'Disabled';
$('autorun_dyn').innerHTML = this.status;
}
}]]></response>
</requestresponse>
</issue>
<issue>
<serialNumber>4408084536896053248</serialNumber>
<type>4195072</type>
<name>Password field submitted using GET method</name>
<host>http://192.168.163.128</host>
<path><![CDATA[/beef/]]></path>
<location><![CDATA[/beef/]]></location>
<severity>Low</severity>
<confidence>Certain</confidence>
<issueBackground><![CDATA[The application uses the GET method to submit passwords, which are transmitted within the query string of the requested URL. Sensitive information within URLs may be logged in various locations, including the user's brow...
<remediationBackground><![CDATA[All forms submitting passwords should use the POST method. To achieve this, you should specify the method attribute of the FORM tag as <b>method="POST"</b>. It may also be necessary to modify the corresponding serv...
<issueDetail><![CDATA[The page contains a form with the following action URL, which is submitted using the GET method:<ul><li>http://192.168.163.128<wbr>/beef/</li></ul>The form contains the following password field:<ul><li>passwd</li></ul>]]></i...
<requestresponse>
<request><![CDATA[GET /beef/ HTTP/1.1
Host: 192.168.163.128
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 (.NET CLR 3.5.30729)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive
]]></request>
<response><![CDATA[HTTP/1.1 200 OK
Date: Mon, 12 Oct 2009 14:26:53 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-bt0 with Suhosin-Patch mod_perl/2.0.4 Perl/v5.10.0
X-Powered-By: PHP/5.2.6-bt0
Vary: Accept-Encoding
Content-Type: text/html
Content-Length: 3194
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<link rel="stylesheet" type="text/css" href="css/firefox/menu.css"> <link rel="stylesheet" type="text/css" href="css/firefox/style.css">
<title>Browser Exploit Framework</title>
<link rel="icon" href="favicon.ico" type="image/x-icon">
<script src="js/prototype.js" type="text/javascript"></script>
<script src="js/scriptaculous.js" type="text/javascript"></script>
<script src="js/common.js" type="text/javascript"></script>
<script>
// ---[ BEEF_ERROR
function beef_error(error_string) {
new Effect.Shake('beef_icon');
alert(error_string);
}
// ---[ SUBMIT_CONFIG
function submit_config(config, passwd) {
new Ajax.Updater('config_results', 'submit_config.php?config=' + config + '&passwd=' + passwd, {asynchronous:true});
}
</script>
</head>
<body>
<!-- SIDEBAR -->
<div id="sidebar">
<!-- BEEF HEADER - LINK AND IMAGE-->
<div id="header">
<center><a href=http://www.bindshell.net/tools/beef/>Browser Exploitation Framework</a></center>
<h1><div id="beef_icon"><img src="images/beef.gif" onclick="new Effect.Shake('sidebar');"></div> BeEF</h1>
</div>
<!-- Security -->
<div id="sidebar_autorun">
<div id="header" onclick="new Effect.Pulsate('zombiesdyn');">
<h2>Security</h2>
</div>
<div id="content">
<!-- DYNAMIC ZOMBIE SECTION -->
<div id="autorun_dyn">BeEF has no security by design <br><br></div>
<div id="autorun_dyn">Default password is <b>BeEFConfigPass</b> <br><br></div>
<div id="autorun_dyn">Edit 'pw.php' in BeEF root to alter the password</div>
</div>
( run in 1.592 second using v1.01-cache-2.11-cpan-39bf76dae61 )