Upload
sab
View
39
Download
4
Tags:
Embed Size (px)
Citation preview
Acunetix Website Audit
22 December, 2011
Detailed Scan Report
Generated by Acunetix WVS Reporter (v7.0 Build 20100921)
Scan of http://hackerbook.sgv2.com:80/
Scan information
Scan details
Starttime 19/12/2011 9:27:59 PM
Finish time 19/12/2011 11:50:50 PM
Scan time 2 hours, 22 minutes
Profile Default
Server information
Responsive True
Server banner Apache/2.2.14 (Ubuntu)
Server OS Unix
Server technologies PHP
Threat level
Alerts distribution
High
Medium
Low
Informational 28
2
0
0
30Total alerts found
Knowledge base
List of open TCP ports
Alerts summary
2Acunetix Website Audit
Possible sensitive directories
Affects Variations
1/login
Possible sensitive files
Affects Variations
1/.htaccess
Broken links
Affects Variations
1/a
Email address found
Affects Variations
1/legal/terms.html
Password type input with autocomplete enabled
Affects Variations
1/lightbox/auth/login
1/lightbox/auth/login/index
1/lightbox/auth/login/index (177e60186c4ff03ad3b116dc0ecc546b)
1/lightbox/auth/login/index (1b0c6d09097b224971bd8d408c494f42)
1/lightbox/auth/login/index (30ab0b260f70a150bb6d67419fc6cc34)
1/lightbox/auth/login/index (3f0812576408dc837d0ba30fe794ad7c)
1/lightbox/auth/login/index (3f2ea49c4ed467ac2968885d962f4a3a)
1/lightbox/auth/login/index (455d5fb6869a713d5ffa2fb6a6183f3a)
1/lightbox/auth/login/index (45dfe7aa3aeadc85596a1ac2e0ec1c8a)
1/lightbox/auth/login/index (7286d44665ac5abace3aab5586a5a746)
1/lightbox/auth/login/index (8b12e9f4595addd0543beaf6ab8d5c8e)
1/lightbox/auth/login/index (9727730793e7546f62807fc6bb7dc7b9)
1/lightbox/auth/login/index (c2ccbf1e7c8f08004412a923c063950a)
1/lightbox/auth/login/index (da6055aa9c25eac29fc1ae2b1950e480)
1/lightbox/auth/login/index (e2fd744a875a2831ceefe9fa7fbf2507)
1/lightbox/auth/login/index (fc4798b90988e5dde1bb2061020f1336)
1/lightbox/auth/login/index (ff806fad47c288609ff0f0d8a643c757)
1/lightbox/auth/login/index/navname/login
1/lightbox/auth/login/index/navname/login (1b6403c0232d433acd94fcb046575512)
1/lightbox/auth/login/index/navname/login (e7c502e97dbe53a2ff17247ae44351e3)
2/lightbox/auth/signup
2/lightbox/auth/signup/index
2/lightbox/auth/signup/index/navname/signup
3Acunetix Website Audit
Alert details
Possible sensitive directories
LowSeverity
ValidationType
Scripting (Possible_Sensitive_Directories.script)Reported by module
Impact
Description
Recommendation
Affected items
Details
/login
GET /login HTTP/1.1
Accept: acunetix/wvs
Range: bytes=0-99999
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1;
cc_data=i88xvUK5QRtvsV4K7zjz0jWrZ0OHUNCjZV700pRVPGsbJZPy/ecxgBk3B/4QkzI0xyGHfTvbBttPIVU4
a4pTR4nTRA+h7NQywWP2eKecCHZ4+BhK2+/5mYPK2waLQKlEZTAYzuKLsqVswlTLb74TWUYHDlViu1UYNiLVxzIM
8ZXy3rpCe3IUIsLnwCBoPKKk1znLHU8YOVcTuPAwlF144Y96sNsHYdQK6j06Hwk9zbIeKDuZWbaFgBUJrFZopARz
Host: hackerbook.sgv2.com:80
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 302 Found
Date: Mon, 19 Dec 2011 13:47:41 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Location: /login/show?return_url=
Vary: Accept-Encoding
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
Response
Possible sensitive files
LowSeverity
ValidationType
Scripting (Possible_Sensitive_Files.script)Reported by module
Description
4Acunetix Website Audit
Impact
Recommendation
Affected items
Details
/.htaccess
GET /.htaccess HTTP/1.1
Accept: acunetix/wvs
Range: bytes=0-99999
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1;
cc_data=i88xvUK5QRtvsV4K7zjz0jWrZ0OHUNCjZV700pRVPGsbJZPy/ecxgBk3B/4QkzI0xyGHfTvbBttPIVU4
a4pTR4nTRA+h7NQywWP2eKecCHZ4+BhK2+/5mYPK2waLQKlEZTAYzuKLsqVswlTLb74TWUYHDlViu1UYNiLVxzIM
8ZXy3rpCe3IUIsLnwCBoPKKk1znLHU8YOVcTuPAwlF144Y96sNsHYdQK6j06Hwk9zbIeKDuZWbaFgBUJrFZopARz
Host: hackerbook.sgv2.com:80
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 206 Partial Content
Date: Mon, 19 Dec 2011 13:48:09 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Fri, 16 Dec 2011 18:07:51 GMT
ETag: "2dd153-38d-4b4397aaaebc0"
Accept-Ranges: bytes
Content-Length: 909
Content-Range: bytes 0-908/909
Connection: close
Content-Type: text/plain
Response
Broken links
InformationalSeverity
InformationalType
CrawlerReported by module
Impact
Description
Recommendation
Affected items
Details
/a
GET /a HTTP/1.1
Pragma: no-cache
Request
5Acunetix Website Audit
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1;
cc_data=i88xvUK5QRtvsV4K7zjz0jWrZ0OHUNCjZV700pRVPGsbJZPy/ecxgBk3B/4QkzI0xyGHfTvbBttPIVU4
a4pTR4nTRA+h7NQywWP2eKecCHZ4+BhK2+/5mYPK2waLQKlEZTAYzuKLsqVswlTLb74TWUYHDlViu1UYNiLVxzIM
8ZXy3rpCe3IUIsLnwCBoPKKk1znLHU8YOVcTuPAwlF144Y96sNsHYdQK6j06Hwk9zbIeKDuZWbaFgBUJrFZopARz
Host: hackerbook.sgv2.com
Connection: Keep-alive
HTTP/1.0 404 Not Found
Date: Mon, 19 Dec 2011 13:44:38 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
X-Error: Could not locate page "a".
Vary: Accept-Encoding
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 8034
Response
Email address found
InformationalSeverity
InformationalType
Scripting (Text_Search.script)Reported by module
Impact
Description
Recommendation
Affected items
Details
/legal/terms.html
GET /legal/terms.html HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/signup
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
Response
6Acunetix Website Audit
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:45 GMT
Server: Apache/2.2.14 (Ubuntu)
Last-Modified: Fri, 16 Dec 2011 18:07:51 GMT
ETag: "484e5e-d0cc-4b4397aaaebc0"
Accept-Ranges: bytes
Content-Length: 53452
Vary: Accept-Encoding
Connection: close
Content-Type: text/html
Password type input with autocomplete enabled
InformationalSeverity
InformationalType
CrawlerReported by module
Impact
Description
Recommendation
Affected items
Details
/lightbox/auth/login
GET /lightbox/auth/login HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5096
Connection: close
Content-Type: text/html; charset=utf-8
Response
7Acunetix Website Audit
Details
/lightbox/auth/login/index
GET /lightbox/auth/login/index HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5102
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (177e60186c4ff03ad3b116dc0ecc546b)
POST /lightbox/auth/login/index?return_url=/lightbox/account/messages&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 235
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=ukumcqwc&login%5bpassword%5d=sdynirof&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fmessages
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:47 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5620
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (1b0c6d09097b224971bd8d408c494f42)
Request
8Acunetix Website Audit
POST /lightbox/auth/login/index?return_url=/lightbox/account/settings&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 235
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=drxwdlfb&login%5bpassword%5d=sushunmt&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fsettings
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:47 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5620
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (30ab0b260f70a150bb6d67419fc6cc34)
POST /lightbox/auth/login/index?return_url=/lightbox/account/changePhoto&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 238
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=smtwphop&login%5bpassword%5d=xyrencfl&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fchangePhoto
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:32:36 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5632
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (3f0812576408dc837d0ba30fe794ad7c)
9Acunetix Website Audit
POST /lightbox/auth/login/index?return_url=/lightbox/account/changePhoto&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 238
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=uujumerh&login%5bpassword%5d=rmleqsgr&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fchangePhoto
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:44 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5686
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (3f2ea49c4ed467ac2968885d962f4a3a)
POST /lightbox/auth/login/index?return_url=/lightbox/account/changePhoto&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 205
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=smtwphop&login%5bpassword%5d=eqtrhweb&login%5breturn_url%5d=%2flig
htbox%2faccount%2fchangePhoto
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:46 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5626
Connection: close
Content-Type: text/html; charset=utf-8
Response
10Acunetix Website Audit
Details
/lightbox/auth/login/index (455d5fb6869a713d5ffa2fb6a6183f3a)
POST /lightbox/auth/login/index?return_url=/lightbox/account/changePhoto&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 238
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=uujumerh&login%5bpassword%5d=wteukrpt&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fchangePhoto
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:32:36 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5632
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (45dfe7aa3aeadc85596a1ac2e0ec1c8a)
POST /lightbox/auth/login/index HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 178
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=d71d16c5c05d925a84ba0b138feb
ce61&login%5bemail%5d=poyjbdux&login%5bpassword%5d=wwgumwcq&login%5breturn_url%5d=ahdouh
ta
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:45 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5406
Connection: close
Content-Type: text/html; charset=utf-8
Response
11Acunetix Website Audit
Details
/lightbox/auth/login/index (7286d44665ac5abace3aab5586a5a746)
POST /lightbox/auth/login/index HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 211
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=d71d16c5c05d925a84ba0b138feb
ce61&login%5bemail%5d=ddyvovds&login%5bpassword%5d=yyewcjgf&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=kmlwxvcp
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:45 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5411
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (8b12e9f4595addd0543beaf6ab8d5c8e)
GET /lightbox/auth/login/index?return_url=/lightbox/account/editProfile&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/account/editProfile
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:30:13 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5385
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (9727730793e7546f62807fc6bb7dc7b9)
12Acunetix Website Audit
POST
/lightbox/auth/login/index?return_url=/lightbox/account/changePhoto/index&source=lightbo
x HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 246
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=dkxajafo&login%5bpassword%5d=qcxujgev&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=%2flightbox%2faccount%2fchangePhoto%2findex
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:51 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5660
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (c2ccbf1e7c8f08004412a923c063950a)
GET /lightbox/auth/login/index?return_url=/lightbox/account/messages&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/account/messages
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:30:12 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5373
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (da6055aa9c25eac29fc1ae2b1950e480)
POST /lightbox/auth/login/index?return_url=/lightbox/account/editProfile&source=lightbox
HTTP/1.1
Request
13Acunetix Website Audit
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index
Content-Length: 238
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=61cd4ddd1c482372e1d223e56141
fa6f&login%5bemail%5d=kqgpmfji&login%5bpassword%5d=rchqygbl&login%5bpersistent_login%5d
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:31:51 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5632
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (e2fd744a875a2831ceefe9fa7fbf2507)
GET /lightbox/auth/login/index?return_url=/lightbox/account/changePhoto&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/account/changePhoto
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:30:15 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5385
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (fc4798b90988e5dde1bb2061020f1336)
GET
/lightbox/auth/login/index?return_url=/lightbox/account/changePhoto/index&source=lightbo
x HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Request
14Acunetix Website Audit
Referer: http://hackerbook.sgv2.com/lightbox/account/changePhoto/index
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:29:51 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5419
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index (ff806fad47c288609ff0f0d8a643c757)
GET /lightbox/auth/login/index?return_url=/lightbox/account/settings&source=lightbox
HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/account/settings
Cookie: socialgo=o9ohbanuqe4vgou50t9m0dcno1
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:30:18 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5373
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index/navname/login
GET /lightbox/auth/login/index/navname/login HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:00 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Response
15Acunetix Website Audit
Content-Length: 5143
Connection: close
Details
/lightbox/auth/login/index/navname/login (1b6403c0232d433acd94fcb046575512)
POST /lightbox/auth/login/index/navname/login HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index/navname/login
Content-Length: 211
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=d71d16c5c05d925a84ba0b138feb
ce61&login%5bemail%5d=ygkiewgq&login%5bpassword%5d=gsrbrsfj&login%5bpersistent_login%5d=
true&login%5breturn_url%5d=ewrfjkby
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:16 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5452
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/login/index/navname/login (e7c502e97dbe53a2ff17247ae44351e3)
POST /lightbox/auth/login/index/navname/login HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/lightbox/auth/login/index/navname/login
Content-Length: 178
Content-Type: application/x-www-form-urlencoded
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
button-cancel=Cancel&commit=Log%20in&login%5b_csrf_token%5d=d71d16c5c05d925a84ba0b138feb
ce61&login%5bemail%5d=mecjnhfr&login%5bpassword%5d=yhnhrvob&login%5breturn_url%5d=klkssw
yu
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:16 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 5420
Response
16Acunetix Website Audit
Connection: close
Details
/lightbox/auth/signup
GET /lightbox/auth/signup HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6114
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/signup
GET /lightbox/auth/signup HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6114
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/signup/index
GET /lightbox/auth/signup/index HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Request
17Acunetix Website Audit
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6120
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/signup/index
GET /lightbox/auth/signup/index HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:06 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6120
Connection: close
Content-Type: text/html; charset=utf-8
Response
Details
/lightbox/auth/signup/index/navname/signup
GET /lightbox/auth/signup/index/navname/signup HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:00 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6162
Connection: close
Content-Type: text/html; charset=utf-8
Response
18Acunetix Website Audit
Details
/lightbox/auth/signup/index/navname/signup
GET /lightbox/auth/signup/index/navname/signup HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: *****
Acunetix-Aspect-Queries: filelist;aspectalerts
Referer: http://hackerbook.sgv2.com/
Cookie: socialgo=rv9uhdna4cb0j0tclcam13ft67
Host: hackerbook.sgv2.com
Connection: Keep-alive
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Request
HTTP/1.0 200 OK
Date: Mon, 19 Dec 2011 13:28:00 GMT
Server: Apache/2.2.14 (Ubuntu)
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Vary: Accept-Encoding
Content-Length: 6162
Connection: close
Content-Type: text/html; charset=utf-8
Response
19Acunetix Website Audit