Thursday, 25 March 2021

VAPT

<meta http-equiv="Content-Security-Policy" content="default-src 'self' * 'unsafe-inline'; child-src *; object-src *; frame-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; font-src *">

 -----------

 void Application_PreSendRequestHeaders(object sender, EventArgs e)

    {

        HttpContext.Current.Response.Headers.Remove("Server");

        Response.Headers.Set("Server", "My httpd server");


        HttpContext.Current.Response.Headers.Remove("X-AspNet-Version");

        Response.Headers.Set("X-AspNet-Version", "XXX");


        HttpContext.Current.Response.Headers.Remove("X-AspNetMvc-Version");

        Response.Headers.Set("X-AspNetMvc-Version", "XXX");


        HttpContext.Current.Response.Headers.Remove("X-Powered-By");

        Response.Headers.Set("X-Powered-By", "XXX");  

    }



https://portswigger.net/research/exploiting-cors-misconfigurations-for-bitcoins-and-bounties

https://portswigger.net/web-security/cors


Access-Control-Allow-Origin: https://www.drreddys.com/

Access-Control-Allow-Credentials: true

-------------

Cookies HttpOnly 

<add name="strict-transport-security" value="max-age=31536000" />: 

<compilation debug="false" targetFramework="4.7.1" numRecompilesBeforeAppRestart="2000">

--------

<system.webServer>

    <httpProtocol>

      <customHeaders>

        <add name="Cache-Control" value="no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0" />

        <add name="Pragma" value="no-cache" />

        <add name="Expires" value="0" />

<add name="X-Frame-Options" value="deny" />

<add name="X-content-type-options" value="nosniff" />

<add name="strict-transport-security" value="max-age=31536000" />

      </customHeaders>

    </httpProtocol>

    </system.webServer>


1. XPath injection                                     –Pramod -- done

5. Input returned in response (reflected)               –Pramod -- Done

6. Suspicious input transformation (reflected)     –Pramod –Done

7. Cross-domain Referer leakage                               -- Sudha --WIP



$("input[type='checkbox'][name='checkhlprof']:checked").length

$("input[type='checkbox'][name='checkhltermcond']:checked").length



1. XPath injection

WIP


2. SSL certificate

Nitin : please check the SSL certificate


3. Content type incorrectly stated

<add name="X-content-type-options" value="nosniff" />


4. Strict transport security not enforced

I have redirect from http to https 

  <rewrite>

   <rules>

      <rule name="HTTPS Rule behind AWS Elastic Load Balancer Rule" stopProcessing="true">

         <match url="^(.*)$" ignoreCase="false" />

         <conditions>

            <add input="{HTTP_X_FORWARDED_PROTO}" pattern="^http$" ignoreCase="false" />

         </conditions>

         <action type="Redirect" url="https://{SERVER_NAME}{URL}" redirectType="Found" />

      </rule>

   </rules>

</rewrite>



5. Input returned in response (reflected)

WIP



6. Suspicious input transformation (reflected)

Error page Default redirect ot error page thus response is showing "error page" by Umbraco CMS


9. Frameable response (potential Clickjacking)

<add name="X-Frame-Options" value="deny" />sameorigin


10. Cacheable HTTPS response

 <add name="Cache-Control" value="no-cache, no-store, must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0" />

        <add name="Pragma" value="no-cache" />

        <add name="Expires" value="0" />



7. Cross-domain Referer leakage

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js


8. Cross-domain script include

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js


Posted by at No comments:

Thursday, 21 January 2021

RSS feed API read and show on your website

 private string ParseRssFile()

{
    XmlDocument rssXmlDoc = new XmlDocument();

    // Load the RSS file from the RSS URL
    rssXmlDoc.Load("http://feeds.feedburner.com/techulator/articles");

    // Parse the Items in the RSS file
    XmlNodeList rssNodes = rssXmlDoc.SelectNodes("rss/channel/item");

    StringBuilder rssContent = new StringBuilder();

    // Iterate through the items in the RSS file
    foreach (XmlNode rssNode in rssNodes)
    {
        XmlNode rssSubNode = rssNode.SelectSingleNode("title");
        string title = rssSubNode != null ? rssSubNode.InnerText : "";
                
        rssSubNode = rssNode.SelectSingleNode("link");
        string link = rssSubNode != null ? rssSubNode.InnerText : "";
                
        rssSubNode = rssNode.SelectSingleNode("description");
        string description = rssSubNode != null ? rssSubNode.InnerText : "";

        rssContent.Append("<a href='" + link + "'>" + title + "</a><br>" + description);
    }

    // Return the string that contain the RSS items
    return rssContent.ToString();
}
Posted by at No comments:

Thursday, 18 June 2020

Umbraco internal page redirect setting

Posted by at No comments:

Thursday, 12 March 2020

Insert UserIP C sharp


public string getExternalIp()
        {
            try
            {
                string ipAddress;
                ipAddress = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
                if (ipAddress == "" || ipAddress == null)
                {
                    ipAddress = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
                }
                return ipAddress;

               
            }
            catch { return null; }
        }

public string getExternalIp()
        {
            try
            {
               
string externalIP;
externalIP = (new System.Net.WebClient()).DownloadString("http://checkip.dyndns.org/");
externalIP = (new System.Text.RegularExpressions.Regex( @"\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}") ).Matches(externalIP)[0].ToString();
                return externalIP;
            }
            catch { return null; }
        }

string IPAddress =  getExternalIp() ?? HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"].ToString();

Posted by at No comments:

Monday, 14 October 2019

Sitefinity 403 and SSL issue

Posted by at No comments:

Friday, 30 August 2019

Add Custom property in page property and use in Sitefinity

 public class Global : System.Web.HttpApplication
    {

        protected void Application_Start(object sender, EventArgs e)
        {
            SqlServerTypes.Utilities.LoadNativeAssemblies(Server.MapPath("~/bin"));
            Bootstrapper.Initialized += Bootstrapper_Initialized;
        }

        void Bootstrapper_Initialized(object sender, Telerik.Sitefinity.Data.ExecutedEventArgs e)
        {
            if (e.CommandName == "Bootstrapped")
            {
                EventHub.Subscribe<IPagePreRenderCompleteEvent>((x) =>
                {
                    if (!x.PageSiteNode.IsBackend)
                    {
                        var page = x.Page;
                        var siteNode = x.PageSiteNode;
                        if (!string.IsNullOrEmpty(siteNode.Attributes["IndigoPageTitle"]))
                        {
                            page.Header.Title = string.Format("{0}", siteNode.Attributes["IndigoPageTitle"]);
                        }
                    }
                });
            }
        }
}
----------------------------------------------
Register your custom property as per below step 




Posted by at No comments:

Add meta to sitefinity website site

------Register user control and use below code for meta data--------

-----------------xml file

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<meta-data xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<url>
    <newurl value="nav-dividends/nav-dividends">
      <meta>
        <mAttributes>property</mAttributes>
        <mAttributesContent>mAttributesContent</mAttributesContent>
        <mContent>twitterCreator</mContent>
      </meta>
      <meta>
        <mAttributes>itemprop</mAttributes>
        <mAttributesContent>mAttributesContent</mAttributesContent>
        <mContent>twitterCreator</mContent>
      </meta>
    </newurl>
    <oldurl>http://localhost:60878/navs-dividends/nav-dividends</oldurl>
  </url>
</meta-data>
----------------------
try
            {
                string myurl = Request.Url.ToString().ToLower().Trim();
                string BrowseFileDomainName = ConfigurationManager.AppSettings["RootURL"].ToString();
                DataSet listofpage = new DataSet();
                listofpage.ReadXml(Server.MapPath(ConfigurationManager.AppSettings["pagemeta"].ToString()));
                myurl = HttpUtility.UrlDecode(myurl);

                if (BrowseFileDomainName.Contains(";"))
                {
                    string[] domainstr = BrowseFileDomainName.Split(';');
                    if (domainstr.Length > 0)
                    {
                        foreach (string strdomain1 in domainstr)
                        { //To Replace last forward slash from request string
                            myurl = myurl.Replace(strdomain1, "");
                        }
                    }
                }
                else
                {
                    myurl = myurl.Replace(BrowseFileDomainName, "");
                }
                if (myurl.Contains("/"))
                {
                    myurl = (myurl.Substring(myurl.Length - 1, 1) == "/") ? myurl.Substring(0, myurl.Length - 1) : myurl;
                }
                //BrowseFileDomainName = (BrowseFileDomainName.Substring(BrowseFileDomainName.Length - 1, 1) == "/") ? BrowseFileDomainName.Substring(0, BrowseFileDomainName.Length - 1) : BrowseFileDomainName;


                if (myurl.Trim() == "")
                {
                    myurl = "home";
                }
                //   Response.Write("myurl" + myurl);
                if (listofpage.Tables[0].Rows.Count > 0)
                {
                    foreach (DataRow dr in listofpage.Tables[0].Rows)
                    {
                        if (listofpage.Tables[1].Rows.Count > 0)
                        {
                            foreach (DataRow dr1 in listofpage.Tables[1].Rows)
                            {
                                if (dr["url_id"].ToString().Trim().ToLower() == dr1["url_id"].ToString().Trim().ToLower())
                                {
                                    if (myurl.Equals(dr1["value"].ToString().Trim().ToLower()))
                                    {
                                        if (listofpage.Tables[2].Rows.Count > 0)
                                        {
                                            foreach (DataRow dr2 in listofpage.Tables[2].Rows)
                                            {
                                                try
                                                {
                                                    if (dr1["newurl_id"].ToString().Trim().ToLower() == dr2["newurl_id"].ToString().Trim().ToLower())
                                                    {
                                                        var page5 = (System.Web.UI.Page)Telerik.Sitefinity.Services.SystemManager.CurrentHttpContext.CurrentHandler;
                                                        var creatorMetaTag = new System.Web.UI.HtmlControls.HtmlMeta();
                                                        creatorMetaTag.Attributes[dr2["mAttributes"].ToString().Trim().ToLower()] = dr2["mAttributesContent"].ToString().Trim();
                                                        creatorMetaTag.Content = dr2["mContent"].ToString().Trim();
                                                        page5.Header.Controls.Add(creatorMetaTag);
                                                    }
                                                    // page5.Header.InnerHtml = "<meta " + dr2["mAttributes"].ToString().Trim().ToLower() + "=\"" + dr2["mAttributesContent"].ToString().Trim() + "\" Content=\"" + dr2["mContent"].ToString().Trim() + "\"/>";
                                                }
                                                catch (Exception ex)
                                                {
                                                 
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }

                    }
                }
            }
            catch (Exception ex)
            {
             
            }
Posted by at No comments:
Subscribe to: Posts (Atom)