Results 1 to 8 of 8
-
01-12-2005, 03:08 PM #1Junior Guru Wannabe
- Join Date
- Jul 2004
- Posts
- 73
Simple Web-Based Vulnerability Testing
Hello,
This is more of an "interest check" than an offer, although I will happily take orders right now.
My name is Andrew Smith and I am considering offering a Basic Web Based Penetration Testing service to Web Hosts.
I plan offer checks for Cross-Site Scripting(Definition) Vulnerabilities and basic SQL Injection(Definition).
This is not about securing your server, it is about making sure that the website is secure and that user inputted data can not be exploited for someone else's gain.
I believe it is important for Web hosts especially to have secure websites, as an insecure website could have some serious implications. Included but not limited to:
Phishing Scams (XSS)
Cookie Theft (XSS)
Database Theft/Alteration (SQL Injection)
Up until recently an XSS vulnerability in a web host's site has not be particularly important (unless that host has some kind of login system based there, but even then it meant little) but with a huge increase in targeted Phishing scams web hosts could easily become victim of Phishers. If an XSS vulnerability existed in your website a Phisher could spam a carefully constructed URL to users of your website and trick them in to thinking that you were requesting their username and password (this could be fairly convincing, with your URL in the "address bar")
I am offering one service; I will manually check your website for the common vulnerabilities mentioned above, inform you if and when i find such vulnerabilities and advise you as to how to fix them.
I was considering charging $30.00 per domain checked, would this interest all you hosts out there?
I have found many XSS vulnerabilities in the past (some notable websites: CNN.com, BankofAmerica.com, BankOne.com, TrustE.org and the "Plesk 7" software"), you can find evidence of some of my work here: examples of my work
Please Note: The above work was not paid for; it was done voluntarily as a learning experience. Everyone listed on the website was informed of such vulnerabilities. If I were to discover vulnerabilities in your website they would not be listed there.
Thanks alot,
Any feedback would be greatly appreciated.Last edited by _rse; 01-12-2005 at 03:11 PM.
-
01-12-2005, 04:17 PM #2Evenly Divided
- Join Date
- Aug 2001
- Posts
- 4,028
I'm rather intriqued with your offer, but I do have one question.
An example on your website: http://wheresthebeef.co.uk/XSS/cnn.com.html shows HTML that entered into the search box I assume... how bad can this be? And how come the page didn't execute your HTML code? Wouldn't that mean it's not really penetrating the document?
I really am not trying to cause any problems... I just want to know what I'm buying before I make payment.
Thanks for your time.
-
01-12-2005, 04:38 PM #3Junior Guru Wannabe
- Join Date
- Jul 2004
- Posts
- 73
Well, it no longer works because I informed CNN of the bug and they have fixed it. If they hadn't fixed it you would not see HTML in the search box, you would see a different page. As shown in the screen shot:
http://wheresthebeef.co.uk/XSS/cnn.com.example.1.png
That is a rather ugly example, but any HTML could have been injected leaving the vulnerability abusable by phishers.
-
01-13-2005, 06:53 PM #4Junior Guru Wannabe
- Join Date
- Jul 2004
- Posts
- 73
To demonstrate how any host can be vulnerable I went hunting for a vulnerability in RackCheck.com's website. I found one:
http://wheresthebeef.co.uk/XSS/rackcheck.com.html
RackCheck.com have been informed of this vulnerability and have fixed the problem.
There doesn't appear to be much interest in this service, perhaps the price is a problem? Could the offer that if I do not find a vulnerability in your website I charge nothing (or a small percentage of the price). I assume that hosts either feel that their website is secure or can not appreciate the severity of such vulnerabilities.
Thanks,
Any feedback would be appreciated.
-
01-15-2005, 08:07 AM #5Junior Guru Wannabe
- Join Date
- Jul 2004
- Posts
- 73
OK, not seeing much interest.
I will fix a trial price of $30 (through paypal) per security check (one domain/website) if I do find vulnerabilities, if I am unsuccessful (which is possible, if your site is secure) then I will charge nothing.
If you are interested please reply here, send a private message or contact me via e-mail:
rs@wheresthebeef.co.uk
All sales and enquiries will be kept completely confidential.
Thanks.
-
01-16-2005, 01:18 AM #6WHT Addict
- Join Date
- Oct 2003
- Location
- Germany
- Posts
- 160
mate, you may correct me if im wrong, but i assume you are talking about rackspace and not rackcheck.
-
01-16-2005, 07:15 AM #7Junior Guru Wannabe
- Join Date
- Jul 2004
- Posts
- 73
Oh, yes. Sorry, i always get the two confused.
(I would edit the post, but apparently I am not allowed)
-
02-14-2005, 02:56 PM #8Junior Guru Wannabe
- Join Date
- Jul 2004
- Posts
- 73
Shameless bump.
I'm suprised at the lack of interest in this, no feedback as to why?