- Website: www.arctil.com
- Date: 2022-10-25
Disclaimer
Arctil Desktop application is a security testing tool that must only be used with prior permission from the target("website owner"), we cannot be held responsible for any misuse of arctil desktop application. You("the operator") are solely responsible for all your use of arctil desktop application.
Arctil(company) cannot be held responsible for your use of arctil(application). By downloading/using arctil(application) you are agreeing to the terms set out on our disclaimer & legal page.
- Website: www.arctil.com
- Date: 2022-10-25
Scan Summary
- Target: http://localhost/avwa/ -L
- IP: 127.0.0.1
Scans Conducted
A scan using the "Loud" scanning profile has been conducted.
- URLs Found: 12
- Points Of Interest: 17
- Website: www.arctil.com
- Date: 2022-10-25
Points of interest
- Server Misconfiguration: Apache/2.4.52 (Unix) OpenSSL/1.1.1m PHP/8.1.2 mod_perl/2.0.11 Perl/v5.32.1
In this instance server misconfiguraion refers when an administrator has not removed software versions, these versions can sometimes be found within the request headers or default error pages. These software versions can be used to find pre-existing exploits.
Find out more at https://arctil.com/article/guide-to-server-misconfiguration
- Server Misconfiguration: PHP/8.1.2
In this instance server misconfiguraion refers when an administrator has not removed software versions, these versions can sometimes be found within the request headers or default error pages. These software versions can be used to find pre-existing exploits.
Find out more at https://arctil.com/article/guide-to-server-misconfiguration
- Target Uses Cookies: Check out the cookie inspector for more information.
Cookies are small text files with pieces of data that websites send to your browser/device, like login information, which are used to monitor and identify you.
- Missing Security Headers: Target does not make use of common security headers.
The target website is not making use of all recommended security headers, you'll be able to see the missing headers below;
Strict-Transport-Security Content-Security-Policy X-Frame-Options X-Content-Type-Options Referrer-Policy Permissions-Policy
- No Forced SSL: Target does not enforce SSL encryption.
Lack of forced secure socket layer can lead to sesitive data exposure.
- Default Error Pages: 404 page found
Default error pages can give up server information or can allow website enumeration through common basenames.
- Robots.txt: http://localhost/robots.txt
The robots.txt file is used to instruct search engines which files they're allowed to access, the main purpose of this is to prevent a crawler from overloading a website. Additionally, the robots file can be useful for attackers to aid in finding content such as restricted locations such as: admin/ cpanel/
Find out more at https://arctil.com/article/what-is-robots-txt-file
- Reflected Cross Site Scripting: FORM http://localhost/avwa/search.php?q="><''>{arct1l};...
Cross site scripting (also known as XSS) is the process of injection HTML and Javascript code into a website for malicious gains. This can accomplish simple things such as webpage defacement through to stealing login credentials. On this occasion the input is passed through an unsanitized GET parameter allows for code to be reflected back resulting in Cross Site Scripting (XSS).
Find out more at https://arctil.com/article/preventing-cross-site-scripting
- SQL Injection: http://localhost/avwa/article.php?id=38
SQL injection is the process of injecting unsanitized commands into a website and altering the original database query. This can range from retrieving information or deleting records to in extreme cases file upload. SQL injection can be achieved at any location on a website where they user input is inserted into a database query. In this example the injection occurs at a URL GET parameter.
Vulnerable GET Parameter: ?id=38
- Blind SQL Injection: http://localhost/avwa/article.php?id=38
SQL injection is the process of injecting unsanitized commands into a website and altering the original database query. This can range from retrieving information or deleting records to in extreme cases file upload. SQL injection can be achieved at any location on a website where they user input is inserted into a database query. In this example the injection occurs at a GET parameter.
Vulnerable Get Parameter: ?id=38
- Full Path Disclosure: http://localhost/avwa/dev-logs.php?log=changes.txt
Full path disclosure (FPD) if the process of learning the absolute path (location) of a file, alone this vulnerability is fairly harmless. However, full path disclosure can often be teamed with other vulnerabilities such as local file inclusion.
Find out more at https://arctil.com/article/guide-to-full-path-disclosure
- Local File Inclusion: http://localhost/avwa/dev-logs.php?log=changes.txt
Local File Inclusion is the process of including files that are already locally present on the server, through the exploitation of vulnerable inclusion procedures.
Find out more at https://arctil.com/article/guide-to-local-file-inclusion
- SQL Injection: http://localhost/avwa/profile.php?id=3
SQL injection is the process of injecting unsanitized commands into a website and altering the original database query. This can range from retrieving information or deleting records to in extreme cases file upload. SQL injection can be achieved at any location on a website where they user input is inserted into a database query. In this example the injection occurs at a URL GET parameter.
Vulnerable GET Parameter: ?id=3
- Blind SQL Injection: http://localhost/avwa/profile.php?id=3
SQL injection is the process of injecting unsanitized commands into a website and altering the original database query. This can range from retrieving information or deleting records to in extreme cases file upload. SQL injection can be achieved at any location on a website where they user input is inserted into a database query. In this example the injection occurs at a GET parameter.
Vulnerable Get Parameter: ?id=3
- Unvalidated Redirect: http://localhost/avwa/redirect.php?url=https://arctil.com/download...
Unvalidated redirects are possible when a web application accepts untrusted input that can cause the web application to redirect the request to a URL.
Find out more at https://arctil.com/article/what-are-unvalidated-redirects
- Reflected Cross Site Scripting: URL http://localhost/avwa/redirect.php?url=https://arctil.com/download...
Cross site scripting (also known as XSS) is the process of injection HTML and Javascript code into a website for malicious gains. This can accomplish simple things such as webpage defacement through to stealing login credentials. On this occasion the input is passed through an unsanitized GET parameter allows for code to be reflected back resulting in Cross Site Scripting (XSS).
Vulnerable GET Parameter: ?url=https
- Full Path Disclosure: http://localhost/avwa/redirect.php?url=https://arctil.com/download
Full path disclosure (FPD) if the process of learning the absolute path (location) of a file, alone this vulnerability is fairly harmless. However, full path disclosure can often be teamed with other vulnerabilities such as local file inclusion.
Find out more at https://arctil.com/article/guide-to-full-path-disclosure
- Website: www.arctil.com
- Date: 2022-10-25
Crawler Results
- 200http://localhost/avwa/index.php
- 200http://localhost/avwa/search.php
- 200http://localhost/avwa/news.php
- 200http://localhost/avwa/article.php?id=38
- 200http://localhost/avwa/news.php?limit=25
- 200http://localhost/avwa/about.php
- 200http://localhost/avwa/vulnerabilities.php
- 200http://localhost/avwa/dev-logs.php?log=changes.txt
- 200http://localhost/avwa/backup/
- 200http://localhost/avwa/profile.php?id=3
- 200http://localhost/avwa/redirect.php?url=https://arctil.com/download
- 200http://localhost/avwa/backup/?C=N;O=D