The Emergence of Abandoned Paddy Fields in Negeri Sembilan, Malaysia
UiTM Negeri Sembilan Web Security Analysis
Transcript of UiTM Negeri Sembilan Web Security Analysis
Acunetix Website Audit
22 December, 2011
Detailed Scan Report
Generated by Acunetix WVS Reporter (v7.0 Build 20100921)
Scan of http://hackerbook.sgv2.com:80/
Scan information
Scan details
Starttime 19/12/2011 9:27:59 PM
Finish time 19/12/2011 11:50:50 PM
Scan time 2 hours, 22 minutes
Profile Default
Server information
Responsive True
Server banner Apache/2.2.14 (Ubuntu)
Server OS Unix
Server technologies PHP
Threat level
Alerts distribution
High
Medium
Low
Informational 28
2
0
0
30Total alerts found
Knowledge base
List of open TCP ports
Alerts summary
2Acunetix Website Audit
Possible sensitive directories
Affects Variations
1/login
Possible sensitive files
Affects Variations
1/.htaccess
Broken links
Affects Variations
1/a
Email address found
Affects Variations
1/legal/terms.html
Password type input with autocomplete enabled
Affects Variations
1/lightbox/auth/login
1/lightbox/auth/login/index
1/lightbox/auth/login/index (177e60186c4ff03ad3b116dc0ecc546b)
1/lightbox/auth/login/index (1b0c6d09097b224971bd8d408c494f42)
1/lightbox/auth/login/index (30ab0b260f70a150bb6d67419fc6cc34)
1/lightbox/auth/login/index (3f0812576408dc837d0ba30fe794ad7c)
1/lightbox/auth/login/index (3f2ea49c4ed467ac2968885d962f4a3a)
1/lightbox/auth/login/index (455d5fb6869a713d5ffa2fb6a6183f3a)
1/lightbox/auth/login/index (45dfe7aa3aeadc85596a1ac2e0ec1c8a)
1/lightbox/auth/login/index (7286d44665ac5abace3aab5586a5a746)
1/lightbox/auth/login/index (8b12e9f4595addd0543beaf6ab8d5c8e)
1/lightbox/auth/login/index (9727730793e7546f62807fc6bb7dc7b9)
1/lightbox/auth/login/index (c2ccbf1e7c8f08004412a923c063950a)
1/lightbox/auth/login/index (da6055aa9c25eac29fc1ae2b1950e480)
1/lightbox/auth/login/index (e2fd744a875a2831ceefe9fa7fbf2507)
1/lightbox/auth/login/index (fc4798b90988e5dde1bb2061020f1336)
1/lightbox/auth/login/index (ff806fad47c288609ff0f0d8a643c757)
1/lightbox/auth/login/index/navname/login
1/lightbox/auth/login/index/navname/login (1b6403c0232d433acd94fcb046575512)
1/lightbox/auth/login/index/navname/login (e7c502e97dbe53a2ff17247ae44351e3)
2/lightbox/auth/signup
2/lightbox/auth/signup/index
2/lightbox/auth/signup/index/navname/signup
3Acunetix Website Audit
Alert details
Possible sensitive directories
LowSeverity
ValidationType
Scripting (Possible_Sensitive_Directories.script)Reported by module
Impact
Description
Recommendation
Affected items
Details
/login
GET /login HTTP/1.1
Accept: acunetix/wvs
Range: bytes=0-99999
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1;
cc_data=i88xvUK5QRtvsV4K7zjz0jWrZ0OHUNCjZV700pRVPGsbJZPy/ecxgBk3B/4QkzI0xyGHfTvbBttPIVU4
a4pTR4nTRA+h7NQywWP2eKecCHZ4+BhK2+/5mYPK2waLQKlEZTAYzuKLsqVswlTLb74TWUYHDlViu1UYNiLVxzIM
8ZXy3rpCe3IUIsLnwCBoPKKk1znLHU8YOVcTuPAwlF144Y96sNsHYdQK6j06Hwk9zbIeKDuZWbaFgBUJrFZopARz
Host: hackerbook.sgv2.com:80
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 302 Found
Date: Mon, 19 Dec 2011 13:47:41 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Location: /login/show?return_url=
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
Response
Possible sensitive files
LowSeverity
ValidationType
Scripting (Possible_Sensitive_Files.script)Reported by module
Description
4Acunetix Website Audit
Impact
Recommendation
Affected items
Details
/.htaccess
GET /.htaccess HTTP/1.1
Accept: acunetix/wvs
Range: bytes=0-99999
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1;
cc_data=i88xvUK5QRtvsV4K7zjz0jWrZ0OHUNCjZV700pRVPGsbJZPy/ecxgBk3B/4QkzI0xyGHfTvbBttPIVU4
a4pTR4nTRA+h7NQywWP2eKecCHZ4+BhK2+/5mYPK2waLQKlEZTAYzuKLsqVswlTLb74TWUYHDlViu1UYNiLVxzIM
8ZXy3rpCe3IUIsLnwCBoPKKk1znLHU8YOVcTuPAwlF144Y96sNsHYdQK6j06Hwk9zbIeKDuZWbaFgBUJrFZopARz
Host: hackerbook.sgv2.com:80
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 206 Partial Content
Date: Mon, 19 Dec 2011 13:48:09 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Fri, 16 Dec 2011 18:07:51 GMT
ETag: "2dd153-38d-4b4397aaaebc0"
Accept-Ranges: bytes
Content-Length: 909
Content-Range: bytes 0-908/909
Connection: close
Content-Type: text/plain
Response
Broken links
InformationalSeverity
InformationalType
CrawlerReported by module
Impact
Description
Recommendation
Affected items
Details
/a
GET /a HTTP/1.1
Pragma: no-cache
Request
5Acunetix Website Audit
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1;
cc_data=i88xvUK5QRtvsV4K7zjz0jWrZ0OHUNCjZV700pRVPGsbJZPy/ecxgBk3B/4QkzI0xyGHfTvbBttPIVU4
a4pTR4nTRA+h7NQywWP2eKecCHZ4+BhK2+/5mYPK2waLQKlEZTAYzuKLsqVswlTLb74TWUYHDlViu1UYNiLVxzIM
8ZXy3rpCe3IUIsLnwCBoPKKk1znLHU8YOVcTuPAwlF144Y96sNsHYdQK6j06Hwk9zbIeKDuZWbaFgBUJrFZopARz
Host: hackerbook.sgv2.com
Connection: Keep-alive
HTTP/1.0 404 Not Found
Date: Mon, 19 Dec 2011 13:44:38 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
X-Error: Could not locate page "a".
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8034
Response
Email address found
InformationalSeverity
InformationalType
Scripting (Text_Search.script)Reported by module
Impact
Description
Recommendation
Affected items
Details
/legal/terms.html
GET /legal/terms.html HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/signup
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
Response
6Acunetix Website Audit
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:45 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Fri, 16 Dec 2011 18:07:51 GMT
ETag: "484e5e-d0cc-4b4397aaaebc0"
Accept-Ranges: bytes
Content-Length: 53452
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Password type input with autocomplete enabled
InformationalSeverity
InformationalType
CrawlerReported by module
Impact
Description
Recommendation
Affected items
Details
/lightbox/auth/login
GET /lightbox/auth/login HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5096
Connection: close
Content-Type: text/html; charset=utf-8
Response
7Acunetix Website Audit
Details
/lightbox/auth/login/index
GET /lightbox/auth/login/index HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5102
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (177e60186c4ff03ad3b116dc0ecc546b)
POST /lightbox/auth/login/index?return_url=/lightbox/account/messages&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 235
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=ukumcqwc&login%5bpassword%5d=sdynirof&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fmessages
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:47 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5620
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (1b0c6d09097b224971bd8d408c494f42)
Request
8Acunetix Website Audit
POST /lightbox/auth/login/index?return_url=/lightbox/account/settings&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 235
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=drxwdlfb&login%5bpassword%5d=sushunmt&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fsettings
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:47 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5620
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (30ab0b260f70a150bb6d67419fc6cc34)
POST /lightbox/auth/login/index?return_url=/lightbox/account/changePhoto&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 238
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=smtwphop&login%5bpassword%5d=xyrencfl&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fchangePhoto
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:32:36 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5632
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (3f0812576408dc837d0ba30fe794ad7c)
9Acunetix Website Audit
POST /lightbox/auth/login/index?return_url=/lightbox/account/changePhoto&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 238
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=uujumerh&login%5bpassword%5d=rmleqsgr&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fchangePhoto
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:44 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5686
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (3f2ea49c4ed467ac2968885d962f4a3a)
POST /lightbox/auth/login/index?return_url=/lightbox/account/changePhoto&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 205
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=smtwphop&login%5bpassword%5d=eqtrhweb&login%5breturn_url%5d=%2flig
htbox%2faccount%2fchangePhoto
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:46 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5626
Connection: close
Content-Type: text/html; charset=utf-8
Response
10Acunetix Website Audit
Details
/lightbox/auth/login/index (455d5fb6869a713d5ffa2fb6a6183f3a)
POST /lightbox/auth/login/index?return_url=/lightbox/account/changePhoto&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 238
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=uujumerh&login%5bpassword%5d=wteukrpt&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fchangePhoto
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:32:36 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5632
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (45dfe7aa3aeadc85596a1ac2e0ec1c8a)
POST /lightbox/auth/login/index HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 178
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=d71d16c5c05d925a84ba0b138feb
ce61&login%5bemail%5d=poyjbdux&login%5bpassword%5d=wwgumwcq&login%5breturn_url%5d=ahdouh
ta
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:45 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5406
Connection: close
Content-Type: text/html; charset=utf-8
Response
11Acunetix Website Audit
Details
/lightbox/auth/login/index (7286d44665ac5abace3aab5586a5a746)
POST /lightbox/auth/login/index HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 211
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=d71d16c5c05d925a84ba0b138feb
ce61&login%5bemail%5d=ddyvovds&login%5bpassword%5d=yyewcjgf&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=kmlwxvcp
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:45 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5411
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (8b12e9f4595addd0543beaf6ab8d5c8e)
GET /lightbox/auth/login/index?return_url=/lightbox/account/editProfile&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/account/editProfile
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:30:13 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5385
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (9727730793e7546f62807fc6bb7dc7b9)
12Acunetix Website Audit
POST
/lightbox/auth/login/index?return_url=/lightbox/account/changePhoto/index&source=lightbo
x HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 246
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=dkxajafo&login%5bpassword%5d=qcxujgev&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fchangePhoto%2findex
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:51 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5660
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (c2ccbf1e7c8f08004412a923c063950a)
GET /lightbox/auth/login/index?return_url=/lightbox/account/messages&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/account/messages
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:30:12 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5373
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (da6055aa9c25eac29fc1ae2b1950e480)
POST /lightbox/auth/login/index?return_url=/lightbox/account/editProfile&source=lightbox
HTTP/1.1
Request
13Acunetix Website Audit
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 238
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=kqgpmfji&login%5bpassword%5d=rchqygbl&login%5bpersistent_login%5d
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:51 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5632
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (e2fd744a875a2831ceefe9fa7fbf2507)
GET /lightbox/auth/login/index?return_url=/lightbox/account/changePhoto&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/account/changePhoto
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:30:15 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5385
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (fc4798b90988e5dde1bb2061020f1336)
GET
/lightbox/auth/login/index?return_url=/lightbox/account/changePhoto/index&source=lightbo
x HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Request
14Acunetix Website Audit
Referer: http://hackerbook.sgv2.com/lightbox/account/changePhoto/index
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:29:51 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5419
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (ff806fad47c288609ff0f0d8a643c757)
GET /lightbox/auth/login/index?return_url=/lightbox/account/settings&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/account/settings
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:30:18 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5373
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index/navname/login
GET /lightbox/auth/login/index/navname/login HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:00 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Response
15Acunetix Website Audit
Content-Length: 5143
Connection: close
Details
/lightbox/auth/login/index/navname/login (1b6403c0232d433acd94fcb046575512)
POST /lightbox/auth/login/index/navname/login HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index/navname/login
Content-Length: 211
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=d71d16c5c05d925a84ba0b138feb
ce61&login%5bemail%5d=ygkiewgq&login%5bpassword%5d=gsrbrsfj&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=ewrfjkby
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:16 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5452
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index/navname/login (e7c502e97dbe53a2ff17247ae44351e3)
POST /lightbox/auth/login/index/navname/login HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index/navname/login
Content-Length: 178
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=d71d16c5c05d925a84ba0b138feb
ce61&login%5bemail%5d=mecjnhfr&login%5bpassword%5d=yhnhrvob&login%5breturn_url%5d=klkssw
yu
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:16 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5420
Response
16Acunetix Website Audit
Connection: close
Details
/lightbox/auth/signup
GET /lightbox/auth/signup HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6114
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/signup
GET /lightbox/auth/signup HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6114
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/signup/index
GET /lightbox/auth/signup/index HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Request
17Acunetix Website Audit
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6120
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/signup/index
GET /lightbox/auth/signup/index HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6120
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/signup/index/navname/signup
GET /lightbox/auth/signup/index/navname/signup HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:00 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6162
Connection: close
Content-Type: text/html; charset=utf-8
Response
18Acunetix Website Audit
Details
/lightbox/auth/signup/index/navname/signup
GET /lightbox/auth/signup/index/navname/signup HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:00 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6162
Connection: close
Content-Type: text/html; charset=utf-8
Response
19Acunetix Website Audit