Burp Scanner Report
Summary
The table below shows the numbers of issues identified in different categories. Issues are classified according to severity as High, Medium, Low or Information. This reflects the likely impact of each issue for a typical organization. Issues are also classified according to confidence as Certain, Firm or Tentative. This reflects the inherent reliability of the technique that was used to identify the issue.| Confidence | |||||
| Certain | Firm | Tentative | Total | ||
| Severity | High | 2 | 0 | 250 | 252 |
| Medium | 0 | 0 | 0 | 0 | |
| Low | 3 | 1 | 0 | 4 | |
| Information | 9 | 9 | 8 | 26 | |
The chart below shows the aggregated numbers of issues identified in each category. Solid colored bars represent issues with a confidence level of Certain, and the bars fade as the confidence level falls.
| Number of issues | |||||||||||
| 0 | 50 | 100 | 150 | 200 | 250 | ||||||
| Severity | High |
|
|||||||||
| Medium |
|
||||||||||
| Low |
|
||||||||||
Contents
1. Cleartext submission of password
1.1. http://testasp.vulnweb.com/Login.asp
1.2. http://testasp.vulnweb.com/Register.asp
2. Request vulnerable to Cross-site Request Forgery
2.1. http://testasp.vulnweb.com/Login.asp
2.2. http://testasp.vulnweb.com/Login.asp
2.3. http://testasp.vulnweb.com/Login.asp
2.4. http://testasp.vulnweb.com/Login.asp
2.5. http://testasp.vulnweb.com/Login.asp
2.6. http://testasp.vulnweb.com/Login.asp
2.7. http://testasp.vulnweb.com/Login.asp
2.8. http://testasp.vulnweb.com/Login.asp
2.9. http://testasp.vulnweb.com/Login.asp
2.10. http://testasp.vulnweb.com/Login.asp
2.11. http://testasp.vulnweb.com/Login.asp
2.12. http://testasp.vulnweb.com/Login.asp
2.13. http://testasp.vulnweb.com/Login.asp
2.14. http://testasp.vulnweb.com/Login.asp
2.15. http://testasp.vulnweb.com/Login.asp
2.16. http://testasp.vulnweb.com/Login.asp
2.17. http://testasp.vulnweb.com/Login.asp
2.18. http://testasp.vulnweb.com/Login.asp
2.19. http://testasp.vulnweb.com/Login.asp
2.20. http://testasp.vulnweb.com/Login.asp
2.21. http://testasp.vulnweb.com/Login.asp
2.22. http://testasp.vulnweb.com/Login.asp
2.23. http://testasp.vulnweb.com/Login.asp
2.24. http://testasp.vulnweb.com/Login.asp
2.25. http://testasp.vulnweb.com/Login.asp
2.26. http://testasp.vulnweb.com/Login.asp
2.27. http://testasp.vulnweb.com/Login.asp
2.28. http://testasp.vulnweb.com/Login.asp
2.29. http://testasp.vulnweb.com/Login.asp
2.30. http://testasp.vulnweb.com/Login.asp
2.31. http://testasp.vulnweb.com/Login.asp
2.32. http://testasp.vulnweb.com/Login.asp
2.33. http://testasp.vulnweb.com/Login.asp
2.34. http://testasp.vulnweb.com/Login.asp
2.35. http://testasp.vulnweb.com/Login.asp
2.36. http://testasp.vulnweb.com/Login.asp
2.37. http://testasp.vulnweb.com/Login.asp
2.38. http://testasp.vulnweb.com/Login.asp
2.39. http://testasp.vulnweb.com/Login.asp
2.40. http://testasp.vulnweb.com/Login.asp
2.41. http://testasp.vulnweb.com/Login.asp
2.42. http://testasp.vulnweb.com/Login.asp
2.43. http://testasp.vulnweb.com/Login.asp
2.44. http://testasp.vulnweb.com/Login.asp
2.45. http://testasp.vulnweb.com/Login.asp
2.46. http://testasp.vulnweb.com/Login.asp
2.47. http://testasp.vulnweb.com/Login.asp
2.48. http://testasp.vulnweb.com/Login.asp
2.49. http://testasp.vulnweb.com/Login.asp
2.50. http://testasp.vulnweb.com/Login.asp
2.51. http://testasp.vulnweb.com/Register.asp
2.52. http://testasp.vulnweb.com/Register.asp
2.53. http://testasp.vulnweb.com/Register.asp
2.54. http://testasp.vulnweb.com/Register.asp
2.55. http://testasp.vulnweb.com/Register.asp
2.56. http://testasp.vulnweb.com/Register.asp
2.57. http://testasp.vulnweb.com/Register.asp
2.58. http://testasp.vulnweb.com/Register.asp
2.59. http://testasp.vulnweb.com/Register.asp
2.60. http://testasp.vulnweb.com/Register.asp
2.61. http://testasp.vulnweb.com/Register.asp
2.62. http://testasp.vulnweb.com/Register.asp
2.63. http://testasp.vulnweb.com/Register.asp
2.64. http://testasp.vulnweb.com/Register.asp
2.65. http://testasp.vulnweb.com/Register.asp
2.66. http://testasp.vulnweb.com/Register.asp
2.67. http://testasp.vulnweb.com/Register.asp
2.68. http://testasp.vulnweb.com/Register.asp
2.69. http://testasp.vulnweb.com/Register.asp
2.70. http://testasp.vulnweb.com/Register.asp
2.71. http://testasp.vulnweb.com/Register.asp
2.72. http://testasp.vulnweb.com/Register.asp
2.73. http://testasp.vulnweb.com/Register.asp
2.74. http://testasp.vulnweb.com/Register.asp
2.75. http://testasp.vulnweb.com/Register.asp
2.76. http://testasp.vulnweb.com/Register.asp
2.77. http://testasp.vulnweb.com/Register.asp
2.78. http://testasp.vulnweb.com/Register.asp
2.79. http://testasp.vulnweb.com/Register.asp
2.80. http://testasp.vulnweb.com/Register.asp
2.81. http://testasp.vulnweb.com/Register.asp
2.82. http://testasp.vulnweb.com/Register.asp
2.83. http://testasp.vulnweb.com/Register.asp
2.84. http://testasp.vulnweb.com/Register.asp
2.85. http://testasp.vulnweb.com/Register.asp
2.86. http://testasp.vulnweb.com/Register.asp
2.87. http://testasp.vulnweb.com/Register.asp
2.88. http://testasp.vulnweb.com/Register.asp
2.89. http://testasp.vulnweb.com/Register.asp
2.90. http://testasp.vulnweb.com/Register.asp
2.91. http://testasp.vulnweb.com/Register.asp
2.92. http://testasp.vulnweb.com/Register.asp
2.93. http://testasp.vulnweb.com/Register.asp
2.94. http://testasp.vulnweb.com/Register.asp
2.95. http://testasp.vulnweb.com/Register.asp
2.96. http://testasp.vulnweb.com/Register.asp
2.97. http://testasp.vulnweb.com/Register.asp
2.98. http://testasp.vulnweb.com/Register.asp
2.99. http://testasp.vulnweb.com/Register.asp
2.100. http://testasp.vulnweb.com/Register.asp
2.101. http://testasp.vulnweb.com/Search.asp
2.102. http://testasp.vulnweb.com/Search.asp
2.103. http://testasp.vulnweb.com/Templatize.asp
2.104. http://testasp.vulnweb.com/showforum.asp
2.105. http://testasp.vulnweb.com/showforum.asp
2.106. http://testasp.vulnweb.com/showforum.asp
2.107. http://testasp.vulnweb.com/showthread.asp
2.108. http://testasp.vulnweb.com/showthread.asp
2.109. http://testasp.vulnweb.com/showthread.asp
2.110. http://testasp.vulnweb.com/showthread.asp
2.111. http://testasp.vulnweb.com/showthread.asp
2.112. http://testasp.vulnweb.com/showthread.asp
2.113. http://testasp.vulnweb.com/showthread.asp
2.114. http://testasp.vulnweb.com/showthread.asp
2.115. http://testasp.vulnweb.com/showthread.asp
2.116. http://testasp.vulnweb.com/showthread.asp
2.117. http://testasp.vulnweb.com/showthread.asp
2.118. http://testasp.vulnweb.com/showthread.asp
2.119. http://testasp.vulnweb.com/showthread.asp
2.120. http://testasp.vulnweb.com/showthread.asp
2.121. http://testasp.vulnweb.com/showthread.asp
2.122. http://testasp.vulnweb.com/showthread.asp
2.123. http://testasp.vulnweb.com/showthread.asp
2.124. http://testasp.vulnweb.com/showthread.asp
2.125. http://testasp.vulnweb.com/showthread.asp
2.126. http://testasp.vulnweb.com/showthread.asp
2.127. http://testasp.vulnweb.com/showthread.asp
2.128. http://testasp.vulnweb.com/showthread.asp
2.129. http://testasp.vulnweb.com/showthread.asp
2.130. http://testasp.vulnweb.com/showthread.asp
2.131. http://testasp.vulnweb.com/showthread.asp
2.132. http://testasp.vulnweb.com/showthread.asp
2.133. http://testasp.vulnweb.com/showthread.asp
2.134. http://testasp.vulnweb.com/showthread.asp
2.135. http://testasp.vulnweb.com/showthread.asp
2.136. http://testasp.vulnweb.com/showthread.asp
2.137. http://testasp.vulnweb.com/showthread.asp
2.138. http://testasp.vulnweb.com/showthread.asp
2.139. http://testasp.vulnweb.com/showthread.asp
2.140. http://testasp.vulnweb.com/showthread.asp
2.141. http://testasp.vulnweb.com/showthread.asp
2.142. http://testasp.vulnweb.com/showthread.asp
2.143. http://testasp.vulnweb.com/showthread.asp
2.144. http://testasp.vulnweb.com/showthread.asp
2.145. http://testasp.vulnweb.com/showthread.asp
3. Form does not contain an anti-CSRF token
3.1. http://testasp.vulnweb.com/Login.asp
3.2. http://testasp.vulnweb.com/Login.asp
3.3. http://testasp.vulnweb.com/Login.asp
3.4. http://testasp.vulnweb.com/Login.asp
3.5. http://testasp.vulnweb.com/Login.asp
3.6. http://testasp.vulnweb.com/Login.asp
3.7. http://testasp.vulnweb.com/Login.asp
3.8. http://testasp.vulnweb.com/Login.asp
3.9. http://testasp.vulnweb.com/Login.asp
3.10. http://testasp.vulnweb.com/Login.asp
3.11. http://testasp.vulnweb.com/Login.asp
3.12. http://testasp.vulnweb.com/Login.asp
3.13. http://testasp.vulnweb.com/Login.asp
3.14. http://testasp.vulnweb.com/Login.asp
3.15. http://testasp.vulnweb.com/Login.asp
3.16. http://testasp.vulnweb.com/Login.asp
3.17. http://testasp.vulnweb.com/Login.asp
3.18. http://testasp.vulnweb.com/Login.asp
3.19. http://testasp.vulnweb.com/Login.asp
3.20. http://testasp.vulnweb.com/Login.asp
3.21. http://testasp.vulnweb.com/Login.asp
3.22. http://testasp.vulnweb.com/Login.asp
3.23. http://testasp.vulnweb.com/Login.asp
3.24. http://testasp.vulnweb.com/Login.asp
3.25. http://testasp.vulnweb.com/Login.asp
3.26. http://testasp.vulnweb.com/Login.asp
3.27. http://testasp.vulnweb.com/Login.asp
3.28. http://testasp.vulnweb.com/Login.asp
3.29. http://testasp.vulnweb.com/Login.asp
3.30. http://testasp.vulnweb.com/Login.asp
3.31. http://testasp.vulnweb.com/Login.asp
3.32. http://testasp.vulnweb.com/Login.asp
3.33. http://testasp.vulnweb.com/Login.asp
3.34. http://testasp.vulnweb.com/Login.asp
3.35. http://testasp.vulnweb.com/Login.asp
3.36. http://testasp.vulnweb.com/Login.asp
3.37. http://testasp.vulnweb.com/Login.asp
3.38. http://testasp.vulnweb.com/Login.asp
3.39. http://testasp.vulnweb.com/Login.asp
3.40. http://testasp.vulnweb.com/Login.asp
3.41. http://testasp.vulnweb.com/Login.asp
3.42. http://testasp.vulnweb.com/Login.asp
3.43. http://testasp.vulnweb.com/Login.asp
3.44. http://testasp.vulnweb.com/Login.asp
3.45. http://testasp.vulnweb.com/Login.asp
3.46. http://testasp.vulnweb.com/Login.asp
3.47. http://testasp.vulnweb.com/Login.asp
3.48. http://testasp.vulnweb.com/Login.asp
3.49. http://testasp.vulnweb.com/Login.asp
3.50. http://testasp.vulnweb.com/Login.asp
3.51. http://testasp.vulnweb.com/Login.asp
3.52. http://testasp.vulnweb.com/Register.asp
3.53. http://testasp.vulnweb.com/Register.asp
3.54. http://testasp.vulnweb.com/Register.asp
3.55. http://testasp.vulnweb.com/Register.asp
3.56. http://testasp.vulnweb.com/Register.asp
3.57. http://testasp.vulnweb.com/Register.asp
3.58. http://testasp.vulnweb.com/Register.asp
3.59. http://testasp.vulnweb.com/Register.asp
3.60. http://testasp.vulnweb.com/Register.asp
3.61. http://testasp.vulnweb.com/Register.asp
3.62. http://testasp.vulnweb.com/Register.asp
3.63. http://testasp.vulnweb.com/Register.asp
3.64. http://testasp.vulnweb.com/Register.asp
3.65. http://testasp.vulnweb.com/Register.asp
3.66. http://testasp.vulnweb.com/Register.asp
3.67. http://testasp.vulnweb.com/Register.asp
3.68. http://testasp.vulnweb.com/Register.asp
3.69. http://testasp.vulnweb.com/Register.asp
3.70. http://testasp.vulnweb.com/Register.asp
3.71. http://testasp.vulnweb.com/Register.asp
3.72. http://testasp.vulnweb.com/Register.asp
3.73. http://testasp.vulnweb.com/Register.asp
3.74. http://testasp.vulnweb.com/Register.asp
3.75. http://testasp.vulnweb.com/Register.asp
3.76. http://testasp.vulnweb.com/Register.asp
3.77. http://testasp.vulnweb.com/Register.asp
3.78. http://testasp.vulnweb.com/Register.asp
3.79. http://testasp.vulnweb.com/Register.asp
3.80. http://testasp.vulnweb.com/Register.asp
3.81. http://testasp.vulnweb.com/Register.asp
3.82. http://testasp.vulnweb.com/Register.asp
3.83. http://testasp.vulnweb.com/Register.asp
3.84. http://testasp.vulnweb.com/Register.asp
3.85. http://testasp.vulnweb.com/Register.asp
3.86. http://testasp.vulnweb.com/Register.asp
3.87. http://testasp.vulnweb.com/Register.asp
3.88. http://testasp.vulnweb.com/Register.asp
3.89. http://testasp.vulnweb.com/Register.asp
3.90. http://testasp.vulnweb.com/Register.asp
3.91. http://testasp.vulnweb.com/Register.asp
3.92. http://testasp.vulnweb.com/Register.asp
3.93. http://testasp.vulnweb.com/Register.asp
3.94. http://testasp.vulnweb.com/Register.asp
3.95. http://testasp.vulnweb.com/Register.asp
3.96. http://testasp.vulnweb.com/Register.asp
3.97. http://testasp.vulnweb.com/Register.asp
3.98. http://testasp.vulnweb.com/Register.asp
3.99. http://testasp.vulnweb.com/Register.asp
3.100. http://testasp.vulnweb.com/Register.asp
3.101. http://testasp.vulnweb.com/Register.asp
3.102. http://testasp.vulnweb.com/Register.asp
3.103. http://testasp.vulnweb.com/Search.asp
3.104. http://testasp.vulnweb.com/Search.asp
3.105. http://testasp.vulnweb.com/Search.asp
4. Cookie without HttpOnly flag set
5. Password field with autocomplete enabled
5.1. http://testasp.vulnweb.com/Login.asp
5.2. http://testasp.vulnweb.com/Register.asp
7. Path-relative style sheet import
7.1. http://testasp.vulnweb.com/
7.2. http://testasp.vulnweb.com/Default.asp
7.3. http://testasp.vulnweb.com/Login.asp
7.4. http://testasp.vulnweb.com/Register.asp
7.5. http://testasp.vulnweb.com/Search.asp
7.6. http://testasp.vulnweb.com/Templatize.asp
7.7. http://testasp.vulnweb.com/showforum.asp
7.8. http://testasp.vulnweb.com/showthread.asp
8. Cross-domain Referer leakage
8.1. http://testasp.vulnweb.com/Login.asp
8.2. http://testasp.vulnweb.com/Register.asp
8.3. http://testasp.vulnweb.com/Search.asp
8.4. http://testasp.vulnweb.com/Templatize.asp
8.5. http://testasp.vulnweb.com/showforum.asp
8.6. http://testasp.vulnweb.com/showthread.asp
9. Frameable response (potential Clickjacking)
9.1. http://testasp.vulnweb.com/
9.2. http://testasp.vulnweb.com/Default.asp
9.3. http://testasp.vulnweb.com/Login.asp
9.4. http://testasp.vulnweb.com/Register.asp
9.5. http://testasp.vulnweb.com/Search.asp
9.6. http://testasp.vulnweb.com/Templatize.asp
9.7. http://testasp.vulnweb.com/favicon.ico
9.8. http://testasp.vulnweb.com/showforum.asp
9.9. http://testasp.vulnweb.com/showthread.asp
11. HTML does not specify charset
11.1. http://testasp.vulnweb.com/Images/
11.2. http://testasp.vulnweb.com/avatars/
1. Cleartext submission of password
Next
There are 2 instances of this issue:
Issue background
Some applications transmit passwords over unencrypted connections, making them vulnerable to interception. To exploit this vulnerability, an attacker must be suitably positioned to eavesdrop on the victim's network traffic. This scenario typically occurs when a client communicates with the server over an insecure connection such as public Wi-Fi, or a corporate or home network that is shared with a compromised computer. Common defenses such as switched networks are not sufficient to prevent this. An attacker situated in the user's ISP or the application's hosting infrastructure could also perform this attack. Note that an advanced adversary could potentially target any connection made over the Internet's core infrastructure.
Vulnerabilities that result in the disclosure of users' passwords can result in compromises that are extremely difficult to investigate due to obscured audit trails. Even if the application itself only handles non-sensitive information, exposing passwords puts users who have re-used their password elsewhere at risk.
Issue remediation
Applications should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.
1.1. http://testasp.vulnweb.com/Login.asp
Next
Summary
| Severity: | High | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Issue detail
The page contains a form with the following action URL, which is submitted over clear-text HTTP:- http://testasp.vulnweb.com/Login.asp
- tfUPass
Request 1
GET /Login.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response 1
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
...[SNIP]...
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
...[SNIP]...
1.2. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
...[SNIP]...
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Issue detail
The page contains a form with the following action URL, which is submitted over clear-text HTTP:- http://testasp.vulnweb.com/Register.asp
- tfUPass
Request 1
GET /Register.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response 1
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
...[SNIP]...
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
...[SNIP]...
2. Request vulnerable to Cross-site Request Forgery
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
...[SNIP]...
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
...[SNIP]...
Previous Next
There are 145 instances of this issue:
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Search.asp
- /Search.asp
- /Templatize.asp
- /showforum.asp
- /showforum.asp
- /showforum.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
- /showthread.asp
Issue background
Cross-site Request Forgery (CSRF) is an attack which forces an end user to execute unwanted actions on a web application to which he/she is currently authenticated. With a little help of social engineering (like sending a link via email / chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and may allow an attacker to perform an account hijack. If the targeted end user is the administrator account, this can compromise the entire web application.Issue remediation
The application should implement anti-CSRF tokens into all requests that perform actions which change the application state or which add/modify/delete content. An anti-CSRF token should be a long randomly generated value unique to each user so that attackers cannot easily brute-force it.It is important that anti-CSRF tokens are validated when user requests are handled by the application. The application should both verify that the token exists in the request, and also check that it matches the user's current token. If either of these checks fails, the application should reject the request.
2.1. http://testasp.vulnweb.com/Login.asp
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FDefault%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2308
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.2. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2308
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FLogin%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.3. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FRegister%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2310
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.4. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2310
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FSearch%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2306
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.5. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2306
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3D555%2D555%2D0199%40example%2Ecom HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2392
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.6. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2392
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FTemplatize%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2314
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.7. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2314
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2366
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.8. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2366
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.9. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.10. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.11. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.12. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.13. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=10
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=10
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.14. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=11
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=11
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.15. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=12
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=12
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.16. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=13
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=13
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.17. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=14
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=14
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.18. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=15
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=15
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.19. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=16
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=16
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.20. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.21. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=18
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=18
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.22. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=19
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=19
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.23. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.24. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=20
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=20
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.25. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=21
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=21
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.26. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=22
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=22
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.27. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=23
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=23
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.28. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=24
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=24
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.29. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=25
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=25
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.30. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=26
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=26
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.31. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=27
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=27
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.32. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=28
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=28
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.33. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=29
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=29
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.34. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=3
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=3
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.35. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=30
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=30
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.36. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=31
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=31
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.37. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=32
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=32
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.38. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=33
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=33
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.39. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=34
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=34
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.40. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.41. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=36
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=36
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.42. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=37
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=37
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.43. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=38
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=38
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.44. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=4
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=4
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.45. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=5
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=5
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.46. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=6
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=6
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.47. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=7
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=7
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.48. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=8
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=8
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.49. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=9
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=9
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.50. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request body parameters do not appear to contain an anti-CSRF token.Request
POST /Login.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Content-Type: application/x-www-form-urlencoded
Content-Length: 17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
tfUPass=&tfUName=
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Content-Type: application/x-www-form-urlencoded
Content-Length: 17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
tfUPass=&tfUName=
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.51. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FDefault%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2725
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.52. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2725
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FLogin%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2721
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.53. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2721
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FRegister%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.54. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FSearch%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2723
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.55. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2723
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3D555%2D555%2D0199%40example%2Ecom HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2809
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.56. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2809
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FTemplatize%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2731
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.57. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2731
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2783
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.58. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2783
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.59. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.60. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.61. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.62. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.63. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=10
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=10
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.64. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=11
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=11
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.65. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=12
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=12
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.66. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=13
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=13
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.67. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=14
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=14
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.68. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=15
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=15
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.69. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=16
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=16
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.70. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.71. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=18
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=18
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.72. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=19
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=19
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.73. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.74. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=20
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=20
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.75. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=21
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=21
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.76. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=22
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=22
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.77. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=23
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=23
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.78. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=24
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=24
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.79. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=25
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=25
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.80. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=26
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=26
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.81. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=27
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=27
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.82. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=28
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=28
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.83. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=29
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=29
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.84. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=3
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=3
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.85. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=30
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=30
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.86. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=31
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=31
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.87. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=32
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=32
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.88. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=33
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=33
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.89. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=34
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=34
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.90. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.91. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=36
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=36
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.92. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=37
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=37
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.93. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=38
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=38
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.94. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=4
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=4
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.95. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=5
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=5
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.96. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=6
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=6
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.97. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=7
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=7
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.98. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=8
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=8
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.99. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=9
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=9
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.100. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request body parameters do not appear to contain an anti-CSRF token.Request
POST /Register.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Content-Type: application/x-www-form-urlencoded
Content-Length: 35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
tfUPass=&tfRName=&tfEmail=&tfUName=
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Content-Type: application/x-www-form-urlencoded
Content-Length: 35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
tfUPass=&tfRName=&tfEmail=&tfUName=
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.101. http://testasp.vulnweb.com/Search.asp
Connection: close
Date: Tue, 17 May 2016 16:18:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Search.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Search.asp?tfSearch=555-555-0199@example.com HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 500 Internal Server Error
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2197
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.102. http://testasp.vulnweb.com/Search.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2197
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Search.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Search.asp?tfSearch=555-555-0199@example.com&tfSearch=555-555-0199@example.com HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 500 Internal Server Error
Connection: close
Date: Tue, 17 May 2016 16:18:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2315
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.103. http://testasp.vulnweb.com/Templatize.asp
Connection: close
Date: Tue, 17 May 2016 16:18:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2315
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Templatize.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /Templatize.asp?item=html/about.html HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 3700
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.104. http://testasp.vulnweb.com/showforum.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 3700
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showforum.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showforum.asp?id=0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10105
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.105. http://testasp.vulnweb.com/showforum.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10105
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showforum.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showforum.asp?id=1 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2152
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.106. http://testasp.vulnweb.com/showforum.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2152
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showforum.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showforum.asp?id=2 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2166
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.107. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2166
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2697
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.108. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2697
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=1 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2141
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.109. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2141
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=10 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8806
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.110. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8806
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=11 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9991
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.111. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9991
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=12 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8662
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.112. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8662
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=13 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8820
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.113. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8820
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=14 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10273
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.114. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10273
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=15 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 7847
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.115. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 7847
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=16 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8638
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.116. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8638
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=17 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8139
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.117. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8139
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=18 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10137
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.118. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10137
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=19 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 3453
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.119. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 3453
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=2 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2451
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.120. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2451
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=20 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2697
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.121. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2697
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=21 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2645
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.122. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2645
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=22 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2233
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.123. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2233
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=23 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8643
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.124. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:05 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8643
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=24 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8285
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.125. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8285
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=25 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 16628
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.126. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 16628
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=26 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8112
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.127. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8112
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=27 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2710
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.128. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2710
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=28 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8666
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.129. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8666
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=29 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2648
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.130. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2648
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=3 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2220
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.131. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2220
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=30 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 3249
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.132. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 3249
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=31 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8165
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.133. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8165
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=32 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9907
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.134. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9907
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=33 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9999
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.135. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9999
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=34 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8048
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.136. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8048
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=35 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10415
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.137. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10415
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=36 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9719
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.138. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9719
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=37 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10157
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.139. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10157
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=38 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9969
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.140. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9969
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=4 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10135
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.141. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10135
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=5 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9005
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.142. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9005
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=6 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9901
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.143. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 9901
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=7 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8799
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.144. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8799
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=8 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8930
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
2.145. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8930
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The request parameters do not appear to contain an anti-CSRF token.Request
GET /showthread.asp?id=9 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8878
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
3. Form does not contain an anti-CSRF token
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 8878
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
There are 105 instances of this issue:
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Login.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Register.asp
- /Search.asp
- /Search.asp
- /Search.asp
Issue background
Cross-site Request Forgery (CSRF) is an attack which forces an end user to execute unwanted actions on a web application to which he/she is currently authenticated. With a little help of social engineering (like sending a link via email / chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and may allow an attacker to perform an account hijack. If the targeted end user is the administrator account, this can compromise the entire web application.Issue remediation
The application should implement anti-CSRF tokens into all requests that perform actions which change the application state or which add/modify/delete content. An anti-CSRF token should be a long randomly generated value unique to each user so that attackers cannot easily brute-force it.It is important that anti-CSRF tokens are validated when user requests are handled by the application. The application should both verify that the token exists in the request, and also check that it matches the user's current token. If either of these checks fails, the application should reject the request.
3.1. http://testasp.vulnweb.com/Login.asp
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.2. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FDefault%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2308
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.3. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2308
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FLogin%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.4. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FRegister%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2310
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.5. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2310
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FSearch%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2306
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.6. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2306
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3D555%2D555%2D0199%40example%2Ecom HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2392
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.7. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2392
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FTemplatize%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2314
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.8. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2314
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2366
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.9. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2366
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.10. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.11. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.12. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2324
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.13. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.14. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=10
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=10
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.15. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=11
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=11
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.16. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=12
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=12
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.17. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=13
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=13
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.18. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=14
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=14
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.19. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=15
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=15
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.20. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=16
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=16
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.21. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.22. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=18
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=18
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.23. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=19
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=19
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.24. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.25. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=20
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=20
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.26. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=21
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=21
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.27. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=22
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=22
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.28. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=23
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=23
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.29. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=24
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=24
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.30. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=25
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=25
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.31. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=26
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=26
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.32. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=27
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=27
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.33. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=28
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=28
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.34. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=29
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=29
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.35. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=3
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=3
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.36. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=30
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=30
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.37. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=31
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=31
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.38. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=32
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=32
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.39. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=33
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=33
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.40. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=34
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=34
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.41. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.42. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=36
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=36
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.43. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=37
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=37
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.44. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=38
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=38
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.45. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2328
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=4
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=4
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.46. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=5
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=5
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.47. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=6
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=6
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.48. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=7
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=7
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.49. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=8
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=8
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.50. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Login.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=9
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=9
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.51. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2326
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
POST /Login.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Content-Type: application/x-www-form-urlencoded
Content-Length: 17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
tfUPass=&tfUName=
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Content-Type: application/x-www-form-urlencoded
Content-Length: 17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
tfUPass=&tfUName=
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.52. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" class="Login" id="tfUName"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Login"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.53. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FDefault%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2725
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.54. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2725
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FLogin%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Login.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2721
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.55. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2721
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FRegister%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.56. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FSearch%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2723
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.57. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2723
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FSearch%2Easp%3FtfSearch%3D555%2D555%2D0199%40example%2Ecom HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2809
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.58. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2809
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FTemplatize%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2731
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.59. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2731
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2FTemplatize%2Easp%3Fitem%3Dhtml%2Fabout%2Ehtml HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Templatize.asp?item=html/about.html
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2783
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.60. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2783
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.61. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D1 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.62. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowforum%2Easp%3Fid%3D2 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.63. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2741
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=0
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.64. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:06 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D1 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.65. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D10 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=10
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=10
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.66. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D11 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=11
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=11
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.67. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D12 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=12
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=12
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.68. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D13 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=13
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=13
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.69. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D14 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=14
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=14
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.70. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D15 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=15
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=15
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.71. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D16 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=16
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=16
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.72. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D17 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=17
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.73. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D18 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=18
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=18
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.74. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D19 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=19
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=19
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.75. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D2 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.76. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D20 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=20
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=20
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.77. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D21 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=21
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=21
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.78. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D22 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=22
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=22
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.79. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D23 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=23
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=23
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.80. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D24 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=24
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=24
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.81. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D25 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=25
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=25
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.82. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D26 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=26
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=26
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.83. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D27 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=27
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=27
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.84. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D28 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=28
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=28
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.85. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D29 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=29
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=29
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.86. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D3 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=3
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=3
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.87. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D30 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=30
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=30
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.88. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D31 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=31
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=31
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.89. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D32 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=32
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=32
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.90. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D33 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=33
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=33
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.91. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:09 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D34 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=34
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=34
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.92. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D35 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.93. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D36 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=36
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=36
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.94. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D37 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=37
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=37
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.95. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D38 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=38
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=38
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.96. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2745
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D4 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=4
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=4
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.97. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D5 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=5
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=5
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.98. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D6 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=6
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=6
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.99. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D7 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=7
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=7
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.100. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D8 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=8
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=8
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.101. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Register.asp?RetURL=%2Fshowthread%2Easp%3Fid%3D9 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=9
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showthread.asp?id=9
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.102. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:07 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2743
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
POST /Register.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Content-Type: application/x-www-form-urlencoded
Content-Length: 35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
tfUPass=&tfRName=&tfEmail=&tfUName=
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Register.asp
Content-Type: application/x-www-form-urlencoded
Content-Length: 35
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
tfUPass=&tfRName=&tfEmail=&tfUName=
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.103. http://testasp.vulnweb.com/Search.asp
Connection: close
Date: Tue, 17 May 2016 16:18:11 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
<tr>
<td>Username:</td>
<td align="right"><input name="tfUName" type="text" id="tfUName" class="Login"></td>
</tr>
<tr>
<td>Real name:</td>
<td align="right"><input name="tfRName" type="text" id="tfRName" class="Login"></td>
</tr>
<tr>
<td>Email:</td>
<td align="right"><input name="tfEmail" type="text" id="tfEmail" class="Login"></td>
</tr>
<tr>
<td>Password:</td>
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
</tr>
<tr>
<td> </td>
<td align="right"><input type="submit" value="Register me"></td>
</tr>
</table>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Search.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Search.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 1919
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form name="frmSearch" method="get" action="">
<div class="FramedForm">
<input name="tfSearch" type="text" class="search">
<input class="search" type="submit" value="search posts">
</div>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
3.104. http://testasp.vulnweb.com/Search.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 1919
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form name="frmSearch" method="get" action="">
<div class="FramedForm">
<input name="tfSearch" type="text" class="search">
<input class="search" type="submit" value="search posts">
</div>
</form>
<!-- InstanceEndEditable -->
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Search.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Search.asp?tfSearch=555-555-0199@example.com HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 500 Internal Server Error
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2197
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form name="frmSearch" method="get" action="">
<div class="FramedForm">
<input name="tfSearch" type="text" class="search">
<input class="search" type="submit" value="search posts">
</div>
</form>
<div class='path'>
...[SNIP]...
3.105. http://testasp.vulnweb.com/Search.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2197
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form name="frmSearch" method="get" action="">
<div class="FramedForm">
<input name="tfSearch" type="text" class="search">
<input class="search" type="submit" value="search posts">
</div>
</form>
<div class='path'>
...[SNIP]...
Previous Next
Summary
| Severity: | High | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Search.asp |
Note: This issue was generated by the Burp extension: CSRF Scanner.
Issue detail
The response contains a form which does not appear to contain an anti-CSRF token.Request
GET /Search.asp?tfSearch=555-555-0199@example.com&tfSearch=555-555-0199@example.com HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp?tfSearch=555-555-0199@example.com
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 500 Internal Server Error
Connection: close
Date: Tue, 17 May 2016 16:18:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2315
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form name="frmSearch" method="get" action="">
<div class="FramedForm">
<input name="tfSearch" type="text" class="search">
<input class="search" type="submit" value="search posts">
</div>
</form>
<div class='path'>
...[SNIP]...
4. Cookie without HttpOnly flag set
Connection: close
Date: Tue, 17 May 2016 16:18:14 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2315
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form name="frmSearch" method="get" action="">
<div class="FramedForm">
<input name="tfSearch" type="text" class="search">
<input class="search" type="submit" value="search posts">
</div>
</form>
<div class='path'>
...[SNIP]...
Previous Next
Summary
| Severity: | Low | |
| Confidence: | Firm | |
| Host: | http://testasp.vulnweb.com | |
| Path: | / |
Issue detail
The following cookie was issued by the application and does not have the HttpOnly flag set:- ASPSESSIONIDSSDDDTQQ
Issue background
If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure makes certain client-side attacks, such as cross-site scripting, slightly harder to exploit by preventing them from trivially capturing the cookie's value via an injected script.
Issue remediation
There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.
You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.
Request 1
GET / HTTP/1.1
Host: testasp.vulnweb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Host: testasp.vulnweb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Response 1
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2671
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE; path=/
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
5. Password field with autocomplete enabled
Connection: close
Date: Tue, 17 May 2016 16:18:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2671
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE; path=/
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
There are 2 instances of this issue:
Issue background
Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications that employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.
The stored credentials can be captured by an attacker who gains control over the user's computer. Further, an attacker who finds a separate application vulnerability such as cross-site scripting may be able to exploit this to retrieve a user's browser-stored credentials.
Issue remediation
To prevent browsers from storing credentials entered into HTML forms, include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).
Please note that modern web browsers may ignore this directive. In spite of this there is a chance that not disabling autocomplete may cause problems obtaining PCI compliance.
5.1. http://testasp.vulnweb.com/Login.asp
Previous Next
Summary
| Severity: | Low | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Issue detail
The page contains a form with the following action URL:- http://testasp.vulnweb.com/Login.asp
- tfUPass
Request
GET /Login.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
...[SNIP]...
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
...[SNIP]...
5.2. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="POST">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
...[SNIP]...
<td align="right"><input name="tfUPass" type="password" class="Login" id="tfUPass"></td>
...[SNIP]...
Previous Next
Summary
| Severity: | Low | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Issue detail
The page contains a form with the following action URL:- http://testasp.vulnweb.com/Register.asp
- tfUPass
Request
GET /Register.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
...[SNIP]...
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
...[SNIP]...
6. Unencrypted communications
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceBeginEditable name="MainContentLeft" -->
<form action="" method="post" enctype="application/x-www-form-urlencoded" name="frmRegister">
<table width="350" border="0" align="center" cellpadding="0" cellspacing="5" class="FramedForm">
...[SNIP]...
<td align="right"><input name="tfUPass" type="password" id="tfUPass" class="Login"></td>
...[SNIP]...
Previous Next
Summary
| Severity: | Low | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | / |
Issue description
The application allows users to connect to it over unencrypted connections. An attacker suitably positioned to view a legitimate user's network traffic could record and monitor their interactions with the application and obtain any information the user supplies. Furthermore, an attacker able to modify traffic could use the application as a platform for attacks against its users and third-party websites. Unencrypted connections have been exploited by ISPs and governments to track users, and to inject adverts and malicious JavaScript. Due to these concerns, web browser vendors are planning to visually flag unencrypted connections as hazardous.
To exploit this vulnerability, an attacker must be suitably positioned to eavesdrop on the victim's network traffic. This scenario typically occurs when a client communicates with the server over an insecure connection such as public Wi-Fi, or a corporate or home network that is shared with a compromised computer. Common defenses such as switched networks are not sufficient to prevent this. An attacker situated in the user's ISP or the application's hosting infrastructure could also perform this attack. Note that an advanced adversary could potentially target any connection made over the Internet's core infrastructure.
Please note that using a mixture of encrypted and unencrypted communications is an ineffective defense against active attackers, because they can easily remove references to encrypted resources when these references are transmitted over an unencrypted connection.
Issue remediation
Applications should use transport-level encryption (SSL/TLS) to protect all communications passing between the client and the server. The Strict-Transport-Security HTTP header should be used to ensure that clients refuse to access the server over an insecure connection.
References
7. Path-relative style sheet importPrevious Next
There are 8 instances of this issue:
Issue background
Path-relative style sheet import vulnerabilities arise when the following conditions hold:
- A response contains a style sheet import that uses a path-relative URL (for example, the page at "/original-path/file.php" might import "styles/main.css").
- When handling requests, the application or platform tolerates superfluous path-like data following the original filename in the URL (for example, "/original-path/file.php/extra-junk/"). When superfluous data is added to the original URL, the application's response still contains a path-relative stylesheet import.
- The response in condition 2 can be made to render in a browser's quirks mode, either because it has a missing or old doctype directive, or because it allows itself to be framed by a page under an attacker's control.
- When a browser requests the style sheet that is imported in the response from the modified URL (using the URL "/original-path/file.php/extra-junk/styles/main.css"), the application returns something other than the CSS response that was supposed to be imported. Given the behavior described in condition 2, this will typically be the same response that was originally returned in condition 1.
- An attacker has a means of manipulating some text within the response in condition 4, for example because the application stores and displays some past input, or echoes some text within the current URL.
Given the above conditions, an attacker can execute CSS injection within the browser of the target user. The attacker can construct a URL that causes the victim's browser to import as CSS a different URL than normal, containing text that the attacker can manipulate. Being able to inject arbitrary CSS into the victim's browser may enable various attacks, including:
- Executing arbitrary JavaScript using IE's expression() function.
- Using CSS selectors to read parts of the HTML source, which may include sensitive data such as anti-CSRF tokens.
- Capturing any sensitive data within the URL query string by making a further style sheet import to a URL on the attacker's domain, and monitoring the incoming Referer header.
Issue remediation
The root cause of the vulnerability can be resolved by not using path-relative URLs in style sheet imports. Aside from this, attacks can also be prevented by implementing all of the following defensive measures:
- Setting the HTTP response header "X-Frame-Options: deny" in all responses. One method that an attacker can use to make a page render in quirks mode is to frame it within their own page that is rendered in quirks mode. Setting this header prevents the page from being framed.
- Setting a modern doctype (e.g. "<!doctype html>") in all HTML responses. This prevents the page from being rendered in quirks mode (unless it is being framed, as described above).
- Setting the HTTP response header "X-Content-Type-Options: no sniff" in all responses. This prevents the browser from processing a non-CSS response as CSS, even if another page loads the response via a style sheet import.
References
7.1. http://testasp.vulnweb.com/
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | / |
Issue detail
The application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.Burp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.
Request
GET / HTTP/1.1
Host: testasp.vulnweb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Host: testasp.vulnweb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2671
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE; path=/
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
7.2. http://testasp.vulnweb.com/Default.asp
Connection: close
Date: Tue, 17 May 2016 16:18:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2671
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE; path=/
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Default.asp |
Issue detail
The application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.Burp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.
Request
GET /Default.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2671
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
7.3. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2671
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Issue detail
The application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.Burp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.
Request
GET /Login.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
7.4. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Issue detail
The application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.Burp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.
Request
GET /Register.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
7.5. http://testasp.vulnweb.com/Search.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Search.asp |
Issue detail
The application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.Burp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.
Request
GET /Search.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 1919
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
7.6. http://testasp.vulnweb.com/Templatize.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 1919
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Templatize.asp |
Issue detail
The application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.Burp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.
Request
GET /Templatize.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 500 Internal Server Error
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 1699
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
7.7. http://testasp.vulnweb.com/showforum.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 1699
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showforum.asp |
Issue detail
The application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.Burp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.
Request
GET /showforum.asp?id=0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10105
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
7.8. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10105
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Tentative | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Issue detail
The application may be vulnerable to path-relative style sheet import (PRSSI) attacks. The response contains a path-relative style sheet import, and so condition 1 for an exploitable vulnerability is present (see issue background). The response can also be made to render in a browser's quirks mode. The page does not contain a doctype directive, and so it will always be rendered in quirks mode. Further, the response does not prevent itself from being framed, so an attacker can frame the response within a page that they control, to force it to be rendered in quirks mode. (Note that this technique is IE-specific and due to P3P restrictions might sometimes limit the impact of a successful attack.) This means that condition 3 for an exploitable vulnerability is probably present if condition 2 is present.Burp was not able to confirm that the other conditions hold, and you should manually investigate this issue to confirm whether they do hold.
Request
GET /showthread.asp?id=0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2697
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
8. Cross-domain Referer leakage
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2697
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<!-- InstanceEndEditable -->
<link href="styles.css" rel="stylesheet" type="text/css">
</head>
...[SNIP]...
Previous Next
There are 6 instances of this issue:
Issue background
When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.
If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.
You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.
Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behavior should not be relied upon to protect the originating URL from disclosure.
Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.
Issue remediation
Applications should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.
8.1. http://testasp.vulnweb.com/Login.asp
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Issue detail
The page was loaded from a URL containing a query string:- http://testasp.vulnweb.com/Login.asp
- http://www.acunetix.com/
Request 1
GET /Login.asp?RetURL=%2FDefault%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response 1
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2308
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
8.2. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2308
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Issue detail
The page was loaded from a URL containing a query string:- http://testasp.vulnweb.com/Register.asp
- http://www.acunetix.com/
Request 1
GET /Register.asp?RetURL=%2FDefault%2Easp%3F HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response 1
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2725
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
8.3. http://testasp.vulnweb.com/Search.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2725
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Search.asp |
Issue detail
The page was loaded from a URL containing a query string:- http://testasp.vulnweb.com/Search.asp
- http://www.acunetix.com/
Request 1
GET /Search.asp?tfSearch=555-555-0199@example.com HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/Search.asp
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response 1
HTTP/1.1 500 Internal Server Error
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2197
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
8.4. http://testasp.vulnweb.com/Templatize.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2197
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Templatize.asp |
Issue detail
The page was loaded from a URL containing a query string:- http://testasp.vulnweb.com/Templatize.asp
- http://www.acunetix.com/
- http://www.acunetix.com/company/contact.htm
Request 1
GET /Templatize.asp?item=html/about.html HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response 1
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 3700
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
<P>Acunetix is a privately held company with its <A href="http://www.acunetix.com/company/contact.htm">
offices</A>
...[SNIP]...
8.5. http://testasp.vulnweb.com/showforum.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 3700
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
<P>Acunetix is a privately held company with its <A href="http://www.acunetix.com/company/contact.htm">
offices</A>
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showforum.asp |
Issue detail
The page was loaded from a URL containing a query string:- http://testasp.vulnweb.com/showforum.asp
- http://www.acunetix.com/
Request 1
GET /showforum.asp?id=0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response 1
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10105
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
8.6. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10105
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Issue detail
The page was loaded from a URL containing a query string:- http://testasp.vulnweb.com/showthread.asp
- http://www.acunetix.com/
Request 1
GET /showthread.asp?id=0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response 1
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2697
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
9. Frameable response (potential Clickjacking)
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2697
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
<td width="306px"><a href="http://www.acunetix.com/"><img src="Images/logo.gif" width="306" height="38" border="0">
...[SNIP]...
Previous Next
There are 9 instances of this issue:
Issue description
If a page fails to set an appropriate X-Frame-Options or Content-Security-Policy HTTP header, it might be possible for a page controlled by an attacker to load it within an iframe. This may enable a clickjacking attack, in which the attacker's page overlays the target application's interface with a different interface provided by the attacker. By inducing victim users to perform actions such as mouse clicks and keystrokes, the attacker can cause them to unwittingly carry out actions within the application that is being targeted. This technique allows the attacker to circumvent defenses against cross-site request forgery, and may result in unauthorized actions.
Note that some applications attempt to prevent these attacks from within the HTML page itself, using "framebusting" code. However, this type of defense is normally ineffective and can usually be circumvented by a skilled attacker.
You should determine whether any functions accessible within frameable pages can be used by application users to perform any sensitive actions within the application.
Issue remediation
To effectively prevent framing attacks, the application should return a response header with the name X-Frame-Options and the value DENY to prevent framing altogether, or the value SAMEORIGIN to allow framing only by pages on the same origin as the response itself. Note that the SAMEORIGIN header can be partially bypassed if the application itself can be made to frame untrusted websites.
References
9.1. http://testasp.vulnweb.com/
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Firm | |
| Host: | http://testasp.vulnweb.com | |
| Path: | / |
Request
GET / HTTP/1.1
Host: testasp.vulnweb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Host: testasp.vulnweb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: close
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2671
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE; path=/
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
9.2. http://testasp.vulnweb.com/Default.asp
Connection: close
Date: Tue, 17 May 2016 16:18:01 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2671
Content-Type: text/html
Set-Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE; path=/
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Firm | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Default.asp |
Request
GET /Default.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2671
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
9.3. http://testasp.vulnweb.com/Login.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2671
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Firm | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Login.asp |
Request
GET /Login.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
9.4. http://testasp.vulnweb.com/Register.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2304
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Firm | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Register.asp |
Request
GET /Register.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
9.5. http://testasp.vulnweb.com/Search.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2727
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Firm | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Search.asp |
Request
GET /Search.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 1919
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
9.6. http://testasp.vulnweb.com/Templatize.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 1919
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Firm | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Templatize.asp |
Request
GET /Templatize.asp HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 500 Internal Server Error
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 1699
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
9.7. http://testasp.vulnweb.com/favicon.ico
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 1699
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Firm | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /favicon.ico |
Request
GET /favicon.ico HTTP/1.1
Host: testasp.vulnweb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Connection: close
Host: testasp.vulnweb.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Connection: close
Response
HTTP/1.1 404 Not Found
Content-Length: 1635
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 17 May 2016 16:18:02 GMT
Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>The page cannot be found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; cha
...[SNIP]...
9.8. http://testasp.vulnweb.com/showforum.asp
Content-Length: 1635
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 17 May 2016 16:18:02 GMT
Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>The page cannot be found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; cha
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Firm | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showforum.asp |
Request
GET /showforum.asp?id=0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10105
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
9.9. http://testasp.vulnweb.com/showthread.asp
Connection: close
Date: Tue, 17 May 2016 16:18:03 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 10105
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Firm | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /showthread.asp |
Request
GET /showthread.asp?id=0 HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Referer: http://testasp.vulnweb.com/showforum.asp?id=2
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response
HTTP/1.1 200 OK
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2697
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
10. Robots.txt file
Connection: close
Date: Tue, 17 May 2016 16:18:04 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 2697
Content-Type: text/html
Cache-control: private
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><!-- InstanceBegin template="/Templates/MainTemplate.dwt.asp" codeOutsideHTMLIsLocked="f
...[SNIP]...
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /robots.txt |
Issue detail
The web server contains a robots.txt file.Issue background
The file robots.txt is used to give instructions to web robots, such as search engine crawlers, about locations within the web site that robots are allowed, or not allowed, to crawl and index.
The presence of the robots.txt does not in itself present any kind of security vulnerability. However, it is often used to identify restricted or private areas of a site's contents. The information in the file may therefore help an attacker to map out the site's contents, especially if some of the locations identified are not linked from elsewhere in the site. If the application relies on robots.txt to protect access to these areas, and does not enforce proper access control over them, then this presents a serious vulnerability.
Issue remediation
The robots.txt file is not itself a security threat, and its correct use can represent good practice for non-security reasons. You should not assume that all web robots will honor the file's instructions. Rather, assume that attackers will pay close attention to any locations identified in the file. Do not rely on robots.txt to provide any kind of protection over unauthorized access.
Request 1
GET /robots.txt HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Response 1
HTTP/1.1 200 OK
Content-Length: 26
Content-Type: text/plain
Last-Modified: Thu, 08 Apr 2010 08:58:24 GMT
Accept-Ranges: bytes
ETag: "ec789ea5f9d6ca1:295"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 17 May 2016 16:17:58 GMT
Connection: close
User-agent: *
Disallow: /
11. HTML does not specify charset
Content-Length: 26
Content-Type: text/plain
Last-Modified: Thu, 08 Apr 2010 08:58:24 GMT
Accept-Ranges: bytes
ETag: "ec789ea5f9d6ca1:295"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 17 May 2016 16:17:58 GMT
Connection: close
User-agent: *
Disallow: /
Previous
There are 2 instances of this issue:
Issue description
If a response states that it contains HTML content but does not specify a character set, then the browser may analyze the HTML and attempt to determine which character set it appears to be using. Even if the majority of the HTML actually employs a standard character set such as UTF-8, the presence of non-standard characters anywhere in the response may cause the browser to interpret the content using a different character set. This can have unexpected results, and can lead to cross-site scripting vulnerabilities in which non-standard encodings like UTF-7 can be used to bypass the application's defensive filters.
In most cases, the absence of a charset directive does not constitute a security flaw, particularly if the response contains static content. You should review the contents of affected responses, and the context in which they appear, to determine whether any vulnerability exists.
Issue remediation
For every response containing HTML content, the application should include within the Content-type header a directive specifying a standard recognized character set, for example charset=ISO-8859-1.
11.1. http://testasp.vulnweb.com/Images/
Previous Next
Summary
| Severity: | Information | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /Images/ |
Request 1
GET /Images/ HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response 1
HTTP/1.1 403 Forbidden
Content-Length: 218
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 17 May 2016 16:18:03 GMT
Connection: close
<html><head><title>Error</title></head><body><head><title>Directory Listing Denied</title></head>
<body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</b
...[SNIP]...
11.2. http://testasp.vulnweb.com/avatars/
Content-Length: 218
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 17 May 2016 16:18:03 GMT
Connection: close
<html><head><title>Error</title></head><body><head><title>Directory Listing Denied</title></head>
<body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</b
...[SNIP]...
Previous
Summary
| Severity: | Information | |
| Confidence: | Certain | |
| Host: | http://testasp.vulnweb.com | |
| Path: | /avatars/ |
Request 1
GET /avatars/ HTTP/1.1
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Host: testasp.vulnweb.com
Accept: */*
Accept-Language: en
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
Connection: close
Cookie: ASPSESSIONIDSSDDDTQQ=PGOJBGHBMNEDFCIFDKELNPDE
Response 1
HTTP/1.1 403 Forbidden
Content-Length: 218
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 17 May 2016 16:18:06 GMT
Connection: close
<html><head><title>Error</title></head><body><head><title>Directory Listing Denied</title></head>
<body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</b
...[SNIP]...
Content-Length: 218
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 17 May 2016 16:18:06 GMT
Connection: close
<html><head><title>Error</title></head><body><head><title>Directory Listing Denied</title></head>
<body><h1>Directory Listing Denied</h1>This Virtual Directory does not allow contents to be listed.</b
...[SNIP]...
Report generated by Burp Scanner v1.6.39, at Tue May 17 13:02:38 AST 2016.