Often Misused: Login - http://zero.webappsecurity.com:80/adcenter.cgi
Created by: armorcodegithubqa[bot]
Category: Often Misused: Login Instance Id: b466b5f7-20d1-4f9f-99a5-ae60952d711f Vulnerability Id: 8051d4e7-beb3-46d2-83b5-e46ac8070156 Scan Type: Dynamic severity: 3 CheckType: Vulnerability Abstract: An unencrypted login form has been discovered. Any area of a web application that possibly contains sensitive information or access to privileged functionality such as remote site administration functionality should utilize SSL or another form of encryption to prevent login information from being sniffed or otherwise intercepted or stolen. If the login form is being served over SSL, the page that the form is being submitted to MUST be accessed over SSL. Every link/URL present on that page (not just the form action) needs to be served over HTTPS. This will prevent Man-in-the-Middle attacks on the login form. Recommendations include ensuring that sensitive areas of your web application have proper encryption protocols in place to prevent login information and other data that could be helpful to an attacker from being intercepted. Request: GET /adcenter.cgi HTTP/1.1 Referer: http://zero.webappsecurity.com:80/pindex.asp User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322) Accept: / Pragma: no-cache Host: zero.webappsecurity.com X-Scan-Memo: Category="Crawl"; Function="CreateStateRequest"; SID="8B91FAA33009378BA04E34B6FD189311"; PSID="DDAF520E2E30901117999914F5CB2876"; SessionType="Crawl"; CrawlType="HTML"; AttackType="None"; OriginatingEngineID="00000000-0000-0000-0000-000000000000"; ThreadId="51"; ThreadType="CrawlBreadthFirstDBReader"; Connection: Keep-Alive Cookie: CustomCookie=WebInspect69383ZXB3FCEA2CCD6849B0A63D3EFF65615601Y3637;status=yes;username=;userid=;sessionid=;ASPSESSIONIDCARBTACT=BFDJMBECKAHAMJENBDMOPBPC;state=;passes3=;passes=;passes2=
Response:
Content-Length: 3118
Content-Type: application/octet-stream
Last-Modified: Sun, 15 Jul 2001 22:38:20 GMT
Accept-Ranges: bytes
ETag: "016f4d87edc11:277c"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 13 May 2011 19:45:00 GMT
<HTML>
<HEAD>
<TITLE>AdCenter Login Page</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" LINK="#0000FF" VLINK="#0000FF">
<CENTER>
<TABLE CELLPADDING=0 CELLSPACING=0 WIDTH=625 BORDER=0 BGCOLOR="#33CC99">
<TR>
<TD>
<IMG SRC="http://www.heardinthehive.com/adimages/account_header.gif" WIDTH="625" HEIGHT="45" BORDER=0>
</TD>
</TR>
</TABLE>
<TABLE CELLPADDING=4 CELLSPACING=0 WIDTH=625 BORDER=0 BGCOLOR="#33CC99">
<TR>
<TD>
<CENTER>
<iframe src="http://pluto.adcycle.com/go/adcycle.cgi?group=1&media=1&id=681&delivery=iframe" height=60 width=468 border=0 marginheight=0 scrolling=no marginwidth=0 frameborder=no>
<a href="http://pluto.adcycle.com/go/adclick.cgi?manager=adcycle.com&id=681" target="_top"><img src="http://pluto.adcycle.com/go/adcycle.cgi?group=1&media=1&id=681" width=468 height=60 border=1 ALT="Click to Visit"></a>
</iframe><BR>
</CENTER>
</TD>
</TR>
</TABLE>
<TABLE CELLPADDING=0 CELLSPACING=0 WIDTH=625 BORDER=0>
<TR>
<TD BGCOLOR="#33CC99" VALIGN="TOP">
<IMG SRC="http://www.heardinthehive.com/adimages/clear.gif" WIDTH=20 HEIGHT=55><BR>
</TD>
<TD>
<IMG SRC="http://www.heardinthehive.com/adimages/top_blend.gif" WIDTH=585 HEIGHT=15><BR>
<TABLE CELLPADDING=20 CELLSPACING=0 width="100%" BORDER=0>
<TR>
<TD BGCOLOR="#FFFFFF">
<BR>
<FORM NAME="form1" ACTION="http://www.heardinthehive.com/cgi-bin/adcycle/adcenter.cgi" METHOD="GET">
<TABLE CELLPADDING=3 CELLSPACING=0 BORDER=0 BGCOLOR="000000">
<TR>
<TD ALIGN=LEFT WIDTH=95%>
<FONT FACE="VERDANA,ARIAL" SIZE=2 COLOR="WHITE"><STRONG> Account Login</STRONG></FONT>
</TD>
</TR>
<TR>
<TD BGCOLOR="FFFFFF">
<FONT FACE="VERDANA,ARIAL" SIZE=2>
User Name: <FONT FACE="VERDANA,ARIAL" SIZE=3><INPUT TYPE="TEXT" NAME="account" VALUE="" SIZE=14></FONT><BR>
<IMG SRC="http://www.heardinthehive.com/adimages/clear.gif" WIDTH=1 HEIGHT=4><BR>
<FONT FACE="VERDANA,ARIAL" SIZE=2>
Password: <FONT FACE="VERDANA,ARIAL" SIZE=3><INPUT TYPE="PASSWORD" NAME="pwd" VALUE="" SIZE=12></FONT><BR>
<FONT SIZE=2 FACE="VERDANA,ARIAL"><b>
<BR>
<INPUT TYPE="SUBMIT" NAME="change" VALUE="Login">
</TD>
</TR>
</TABLE>
<INPUT TYPE="HIDDEN" NAME="cache" VALUE="681">
</FORM>
<SCRIPT LANGUAGE="JavaScript">
<!--
var MC=document.cookie;
var temp;
if(MC){
var start=MC.indexOf("!!");
var end=MC.indexOf("!!",start+2);
temp=MC.substring(start+2,end);
if(temp.length > 1 && temp.length < 20){
document.form1.account.value=temp;
}
}
// -->
</SCRIPT>
<BR>
</TD>
</TR>
</TABLE>
<IMG SRC="http://www.heardinthehive.com/adimages/bottom_blend.gif" WIDTH=585 HEIGHT=15><BR>
</TD>
<TD BGCOLOR="#33CC99"><IMG SRC="http://www.heardinthehive.com/adimages/clear.gif" WIDTH=20 HEIGHT=1><BR></TD>
</TR>
</TABLE>
<IMG SRC="http://www.heardinthehive.com/adimages/account_footer.gif" WIDTH=625 HEIGHT=25><BR>
<TABLE CELLPADDING=0 CELLSPACING=0 WIDTH=625 BORDER=0>
<TR>
<TD align=right>
<font face=arial size=1>powered by <a href="http://www.adcycle.com">adcycle.com</a> v0.77b <IMG SRC="http://www.heardinthehive.com/adimages/clear.gif" WIDTH=20 HEIGHT=1><BR>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>File Path: //zero.webappsecurity.com:0
Mitigation:
For Security Operations:
Ensure that sensitive areas of your web application have proper encryption protocols in place to prevent login information and other data that could be helpful to an attacker from being intercepted.
For Development:
Ensure that sensitive areas of your web application have proper encryption protocols in place to prevent login information and other data that could be helpful to an attacker from being intercepted.
For QA:
Test the application not only from the perspective of a normal user, but also from the perspective of a malicious one.