Application Threat Modeling Report

 Scan Name: WebScantest
 Date: 12/13/2011 4:15:27 PM
 Authenticated User: (none)
 Total Links / Attackable Links: 266 / 218
 Target URL: http://www.webscantest.com/
 Reports:

Summary


Attack Points by Site Layer

Crawl Statistics

  Links Discovered 266  
  Total Forms 108  
  Unique Forms 17  
  Form Reuse 91  
  Javascript Executed 1,611  
  Javascript Succeeded 1,426  
  Javascript Executed for Crawling 19  
  Javascript Succeeded for Crawling 18  
  Javascript-Discovered Links 28  
  Ajax Links 1  

Site Links & Interdependencies

Vulnerability Statistics

  Module Performed Found  
  SQL Injection  11,375    105    
  HTTP Response Splitting  1,365       
  Blind SQL  4,395    91    
  Arbitrary File Upload        
  OS Commanding  4,830       
  Cross-Site Scripting  2,369    218    
  Authentication Form SQL Injection        
  Authentication Testing  370       
  Parameter Analysis  922    28    
  Session Strength Analysis        
  Directory Indexing  207       
  Predictable Resource Location  2,707       
  Source Code Disclosure  13,896       
  Java Grinder        
  Web Service (SOAP) Analysis        
  Remote File Include  1,679       

Resource Maps

http://www.webscantest.com:80


Resource Summary

  Only show links with Vulnerabilities Only show links with Forms Only show links with Parameters Only show links with Login Pages Only show links with Set-Cookie Only show links with Scripts Only show links with Hidden Fields Only show links with Applets Only show links with Email Only show links with Out of Domain IFrames Only show links with Comments Only show links with Authenticated
Collapse Vulnerabilities Attack Point Form Query Parameters Login Page     Hidden          
http://www.webscantest.com:80/crosstraining/review.php?product_id=1
http://www.webscantest.com:80/crosstraining/review.php?product_id=2
http://www.webscantest.com:80/crosstraining/review.php?product_id=3
http://www.webscantest.com:80/crosstraining/review.php?product_id=5
http://www.webscantest.com:80/crosstraining/review.php?product_id=6
http://www.webscantest.com:80/crosstraining/review.php?product_id=7
Collapse Vulnerabilities Attack Point Form     Cookie Interesting ScriptsScripts            
http://www.webscantest.com:80/
Collapse Vulnerabilities Attack Point Form   Login Page Cookie              
http://www.webscantest.com:80/login.php
Collapse Vulnerabilities Attack Point Form   Login Page   Interesting ScriptsScripts            
http://www.webscantest.com:80/
Collapse Vulnerabilities Attack Point Form Query Parameters       Hidden          
http://www.webscantest.com:80/crosstraining/review.php?product_id=4
http://www.webscantest.com:80/crosstraining/review.php?product_id=8
http://www.webscantest.com:80/crosstraining/review.php?product_id=9
Collapse Vulnerabilities Attack Point Form   Login Page     Hidden          
http://www.webscantest.com:80/crosstraining/aboutyou2.php
http://www.webscantest.com:80/picshare/upload.php
http://www.webscantest.com:80/picshare/uploadpic.php
http://www.webscantest.com:80/rfplaces/script.php
Collapse Vulnerabilities Attack Point   Query Parameters   Cookie              
http://www.webscantest.com:80/datastore/search_get_by_id.php?id=3
http://www.webscantest.com:80/datastore/search_get_by_id.php?id=4
http://www.webscantest.com:80/shutterdb/search_get_by_id4.php?id=1
http://www.webscantest.com:80/shutterdb/search_get_by_id4.php?id=2
http://www.webscantest.com:80/shutterdb/search_get_by_id4.php?id=3
http://www.webscantest.com:80/shutterdb/search_get_by_id5.php?id=1
http://www.webscantest.com:80/shutterdb/search_get_by_id5.php?id=2
http://www.webscantest.com:80/shutterdb/search_get_by_id5.php?id=3
Collapse Vulnerabilities Attack Point Form       Interesting ScriptsScripts            
http://www.webscantest.com:80/?redirect=hrs
http://www.webscantest.com:80/index.php
http://www.webscantest.com:80/index.php?redirect=hrs
Collapse Vulnerabilities Attack Point Form   Login Page                
http://www.webscantest.com:80/crosstraining/blockedbyns.php
http://www.webscantest.com:80/crosstraining/reservation.php
http://www.webscantest.com:80/crosstraining/sitereviews.php
http://www.webscantest.com:80/datastore/search_by_id.php
http://www.webscantest.com:80/datastore/search_by_name.php
http://www.webscantest.com:80/datastore/search_double_by_name.php
http://www.webscantest.com:80/datastore/search_single_by_name.php
http://www.webscantest.com:80/login.php
http://www.webscantest.com:80/osrun/whois.php
http://www.webscantest.com:80/osrun/whois_nv.php
http://www.webscantest.com:80/payment_analysis/checkdata.php
http://www.webscantest.com:80/payment_analysis/checkdata_get.php
http://www.webscantest.com:80/shutterdb/search_by_id.php
http://www.webscantest.com:80/shutterdb/search_by_name.php
http://www.webscantest.com:80/static/product6.html
Collapse Vulnerabilities Attack Point Form         Hidden          
http://www.webscantest.com:80/picshare/upload.php
http://www.webscantest.com:80/picshare/uploadpic.php
http://www.webscantest.com:80/rfplaces/script.php
Collapse Vulnerabilities Attack Point Form             Email      
http://www.webscantest.com:80/crosstraining/sitereviews.php
Collapse Vulnerabilities Attack Point       Cookie              
http://www.webscantest.com:80/rfplaces/
Collapse Vulnerabilities Attack Point         Interesting ScriptsScripts            
http://www.webscantest.com:80/crosstraining/
http://www.webscantest.com:80/jsmenu/auto_crosstraining.php
http://www.webscantest.com:80/jsmenu/auto_datastore.php
http://www.webscantest.com:80/jsmenu/auto_osrun.php
http://www.webscantest.com:80/jsmenu/auto_shutterdb.php
http://www.webscantest.com:80/jsmenu/cookie_set_coffeepits.php
http://www.webscantest.com:80/jsmenu/cookie_test_coffeepits.php
http://www.webscantest.com:80/jsmenu/dynalink_myfiles.php
http://www.webscantest.com:80/jsmenu/dynalink_rfplaces.php
Collapse Vulnerabilities Attack Point   Query Parameters                  
http://www.webscantest.com:80/crosstraining/linkout.php?name=Rake
http://www.webscantest.com:80/crosstraining/product.php?id=1
http://www.webscantest.com:80/crosstraining/product.php?id=2
http://www.webscantest.com:80/crosstraining/product.php?id=3
http://www.webscantest.com:80/crosstraining/product.php?id=4
http://www.webscantest.com:80/crosstraining/product.php?id=5
http://www.webscantest.com:80/crosstraining/product.php?id=6
http://www.webscantest.com:80/crosstraining/product.php?id=7
http://www.webscantest.com:80/crosstraining/product.php?id=8
http://www.webscantest.com:80/crosstraining/product.php?id=9
http://www.webscantest.com:80/crosstraining/reservation_receipt.php?cn=232713595
http://www.webscantest.com:80/datastore/getimage_by_id.php?id=3
http://www.webscantest.com:80/datastore/getimage_by_name.php?name=Rake
http://www.webscantest.com:80/datastore/search_get_by_name.php?name=Rake
http://www.webscantest.com:80/hrs/redir.php?q=mightyseek
http://www.webscantest.com:80/hrs/redir_nv.php?q=mightyseek
http://www.webscantest.com:80/shutterdb/item.php?id=1
http://www.webscantest.com:80/shutterdb/item.php?id=2
http://www.webscantest.com:80/shutterdb/item.php?id=3
http://www.webscantest.com:80/shutterdb/search_get_by_id.php?id=1
http://www.webscantest.com:80/shutterdb/search_get_by_id.php?id=2
http://www.webscantest.com:80/shutterdb/search_get_by_id.php?id=3
http://www.webscantest.com:80/shutterdb/search_get_by_id2.php?id=4
http://www.webscantest.com:80/shutterdb/search_get_by_id2.php?id=5
http://www.webscantest.com:80/shutterdb/search_get_by_id2.php?id=6
http://www.webscantest.com:80/shutterdb/search_get_by_id3.php?id=7
http://www.webscantest.com:80/shutterdb/search_get_by_id3.php?id=8
http://www.webscantest.com:80/shutterdb/search_get_by_id3.php?id=9
Collapse Vulnerabilities Attack Point Form                    
http://www.webscantest.com:80/crosstraining/blockedbyns.php?Comment=&submit=submit
http://www.webscantest.com:80/crosstraining/reservation.php
http://www.webscantest.com:80/datastore/search_by_id.php
http://www.webscantest.com:80/datastore/search_by_name.php
http://www.webscantest.com:80/datastore/search_double_by_name.php
http://www.webscantest.com:80/datastore/search_single_by_name.php
http://www.webscantest.com:80/osrun/whois.php
http://www.webscantest.com:80/osrun/whois_nv.php
http://www.webscantest.com:80/shutterdb/search_by_id.php
http://www.webscantest.com:80/shutterdb/search_by_name.php
http://www.webscantest.com:80/static/product1.html
http://www.webscantest.com:80/static/product10.html
http://www.webscantest.com:80/static/product11.html
http://www.webscantest.com:80/static/product12.html
http://www.webscantest.com:80/static/product13.html
http://www.webscantest.com:80/static/product14.html
http://www.webscantest.com:80/static/product15.html
http://www.webscantest.com:80/static/product16.html
http://www.webscantest.com:80/static/product17.html
http://www.webscantest.com:80/static/product18.html
http://www.webscantest.com:80/static/product19.html
http://www.webscantest.com:80/static/product2.html
http://www.webscantest.com:80/static/product20.html
http://www.webscantest.com:80/static/product21.html
http://www.webscantest.com:80/static/product22.html
http://www.webscantest.com:80/static/product23.html
http://www.webscantest.com:80/static/product24.html
http://www.webscantest.com:80/static/product25.html
http://www.webscantest.com:80/static/product26.html
http://www.webscantest.com:80/static/product27.html
http://www.webscantest.com:80/static/product28.html
http://www.webscantest.com:80/static/product29.html
http://www.webscantest.com:80/static/product3.html
http://www.webscantest.com:80/static/product30.html
http://www.webscantest.com:80/static/product31.html
http://www.webscantest.com:80/static/product32.html
http://www.webscantest.com:80/static/product33.html
http://www.webscantest.com:80/static/product34.html
http://www.webscantest.com:80/static/product35.html
http://www.webscantest.com:80/static/product36.html
http://www.webscantest.com:80/static/product37.html
http://www.webscantest.com:80/static/product38.html
http://www.webscantest.com:80/static/product39.html
http://www.webscantest.com:80/static/product4.html
http://www.webscantest.com:80/static/product40.html
http://www.webscantest.com:80/static/product41.html
http://www.webscantest.com:80/static/product42.html
http://www.webscantest.com:80/static/product43.html
http://www.webscantest.com:80/static/product44.html
http://www.webscantest.com:80/static/product45.html
http://www.webscantest.com:80/static/product46.html
http://www.webscantest.com:80/static/product47.html
http://www.webscantest.com:80/static/product48.html
http://www.webscantest.com:80/static/product49.html
http://www.webscantest.com:80/static/product5.html
http://www.webscantest.com:80/static/product50.html
http://www.webscantest.com:80/static/product7.html
http://www.webscantest.com:80/static/product8.html
http://www.webscantest.com:80/static/product9.html
Collapse   Attack Point Form   Login Page                
http://www.webscantest.com:80/shutterform/
Collapse Vulnerabilities Attack Point                      
http://www.webscantest.com:80/*
http://www.webscantest.com:80/bjax/servertime.php
http://www.webscantest.com:80/bjax/servertime.php
http://www.webscantest.com:80/crosstraining/aboutyou.php
http://www.webscantest.com:80/crosstraining/aboutyou2.php
http://www.webscantest.com:80/crosstraining/products.php
http://www.webscantest.com:80/crosstraining/reservation_history.php
http://www.webscantest.com:80/crosstraining/reservation_submit.php
http://www.webscantest.com:80/crosstraining/review.php
http://www.webscantest.com:80/crosstraining/review.php
http://www.webscantest.com:80/crosstraining/review.php
http://www.webscantest.com:80/crosstraining/review.php
http://www.webscantest.com:80/crosstraining/review.php
http://www.webscantest.com:80/crosstraining/review.php
http://www.webscantest.com:80/crosstraining/review.php
http://www.webscantest.com:80/crosstraining/review.php
http://www.webscantest.com:80/crosstraining/review.php
http://www.webscantest.com:80/datastore/
http://www.webscantest.com:80/gonowhere
http://www.webscantest.com:80/hrs/
http://www.webscantest.com:80/hrs/?
http://www.webscantest.com:80/myfiles/
http://www.webscantest.com:80/osrun/
http://www.webscantest.com:80/osrun/*
http://www.webscantest.com:80/payment_analysis/
http://www.webscantest.com:80/payment_analysis/checkdata.php
http://www.webscantest.com:80/payment_analysis/checkdata_get.php?anything=&number=0&strlen1=&strlen2=&strlen3=&str_only=string&letters_only=string&alpha_only=string
http://www.webscantest.com:80/picshare/
http://www.webscantest.com:80/picshare/upload.pl
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/newfile.txt
http://www.webscantest.com:80/picshare/uploadsafe.php
http://www.webscantest.com:80/privacy.php
http://www.webscantest.com:80/report/*
http://www.webscantest.com:80/rfplaces/$url
http://www.webscantest.com:80/rfplaces/'%20.%20$GLOBALS%5B'phpgw'%5D-%3Elink($link,$extravars)%20.%20'
http://www.webscantest.com:80/rfplaces/'%20.%20$setup_dir%20.%20'
http://www.webscantest.com:80/rfplaces/'%20.%20$tab%5B'link'%5D%20.%20'
http://www.webscantest.com:80/rfplaces/*
http://www.webscantest.com:80/rfplaces/'.%20$tab%5B1%5D%5B'link'%5D%20.%20'
http://www.webscantest.com:80/rfplaces/include/
http://www.webscantest.com:80/rfplaces/include/$url
http://www.webscantest.com:80/rfplaces/include/'%20.%20$GLOBALS%5B'phpgw'%5D-%3Elink($link,$extravars)%20.%20'
http://www.webscantest.com:80/rfplaces/include/'%20.%20$setup_dir%20.%20'
http://www.webscantest.com:80/rfplaces/include/'%20.%20$tab%5B'link'%5D%20.%20'
http://www.webscantest.com:80/rfplaces/include/'.%20$tab%5B1%5D%5B'link'%5D%20.%20'
http://www.webscantest.com:80/rfplaces/include/core.php
http://www.webscantest.com:80/rfplaces/include/database.inc
http://www.webscantest.com:80/rfplaces/somedir1/
http://www.webscantest.com:80/rfplaces/somedir2/
http://www.webscantest.com:80/shutterdb/
http://www.webscantest.com:80/shutterdb/
http://www.webscantest.com:80/static/
http://www.webscantest.com:80/static/search.php
Collapse   Attack Point       Cookie              
http://www.webscantest.com:80/login.php
http://www.webscantest.com:80/login.php
Collapse   Attack Point         Interesting ScriptsScripts            
http://www.webscantest.com:80/bjax/
http://www.webscantest.com:80/bjax/
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/g0xitxdk.html
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/h4iqrepu.html
Collapse   Attack Point   Query Parameters                  
http://www.webscantest.com:80/crosstraining/reservation_receipt.php?cn=232713595
http://www.webscantest.com:80/datastore/getimage_by_id.php?id=1
http://www.webscantest.com:80/datastore/getimage_by_id.php?id=2
http://www.webscantest.com:80/datastore/getimage_by_id.php?id=4
http://www.webscantest.com:80/datastore/getimage_by_id.php?id=5
http://www.webscantest.com:80/datastore/getimage_by_id.php?id=6
http://www.webscantest.com:80/datastore/getimage_by_id.php?id=7
http://www.webscantest.com:80/datastore/getimage_by_id.php?id=8
http://www.webscantest.com:80/datastore/getimage_by_id.php?id=9
http://www.webscantest.com:80/images/bouncingmike.jpg?a=b
http://www.webscantest.com:80/jsmenu/gotoframeme.php?foo%3D0+bar%3D+url%3Dhttps%3A%2F%2Fauth.ntobjectives.com+dr%3Dsomedir
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/?C=D%3BO%3DA
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/?C=M%3BO%3DA
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/?C=N%3BO%3DD
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/?C=S%3BO%3DA
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/?M=A
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/?PageServices
Collapse   Attack Point Form                    
http://www.webscantest.com:80/shutterform/index.php
Collapse   Attack Point               Email      
http://www.webscantest.com:80/picshare/upload.pl
Collapse   Attack Point                      
http://www.webscantest.com:80/shutterform/index.php
Collapse                          
http://www.webscantest.com:80/bjax/ajax.js
http://www.webscantest.com:80/bjax/servertime.php
http://www.webscantest.com:80/crosstraining/reservation_submit.php
http://www.webscantest.com:80/jsmenu/auto_osrun_inc.js
http://www.webscantest.com:80/jsmenu/gotoajax.php
http://www.webscantest.com:80/myfiles/blah.txt
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/fahi0jiy.php
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/fbdpqy2y.dat
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/i120c1l4.php
http://www.webscantest.com:80/picshare/uploads/8901103f136231ff278561d8fd113a9c/iri5o3oc.dat
http://www.webscantest.com:80/rfplaces/adovbs.inc
http://www.webscantest.com:80/rfplaces/conn.inc
http://www.webscantest.com:80/rfplaces/consts.inc
http://www.webscantest.com:80/rfplaces/database.inc
http://www.webscantest.com:80/rfplaces/db.inc
http://www.webscantest.com:80/rfplaces/debug.inc
http://www.webscantest.com:80/rfplaces/functions.inc
http://www.webscantest.com:80/rfplaces/global.inc
http://www.webscantest.com:80/rfplaces/global.js
http://www.webscantest.com:80/rfplaces/globals.inc
http://www.webscantest.com:80/rfplaces/globals.jsa
http://www.webscantest.com:80/rfplaces/include/adovbs.inc
http://www.webscantest.com:80/rfplaces/include/conn.inc
http://www.webscantest.com:80/rfplaces/include/consts.inc
http://www.webscantest.com:80/rfplaces/include/core.php.bak
http://www.webscantest.com:80/rfplaces/include/db.inc
http://www.webscantest.com:80/rfplaces/include/debug.inc
http://www.webscantest.com:80/rfplaces/include/functions.inc
http://www.webscantest.com:80/rfplaces/include/global.inc
http://www.webscantest.com:80/rfplaces/include/globals.inc
http://www.webscantest.com:80/rfplaces/include/index.php.bak
http://www.webscantest.com:80/rfplaces/include/lib.php
http://www.webscantest.com:80/rfplaces/include/lib.php.bak
http://www.webscantest.com:80/rfplaces/include/vars.inc
http://www.webscantest.com:80/rfplaces/local.js
http://www.webscantest.com:80/rfplaces/readme.txt
http://www.webscantest.com:80/rfplaces/robots.txt
http://www.webscantest.com:80/rfplaces/somedir2.zip
http://www.webscantest.com:80/rfplaces/vars.inc
http://www.webscantest.com:80/rfplaces/Ws_ftp.log
http://www.webscantest.com:80/robots.txt
http://www.webscantest.com:80/shutterdb/filter_by_name.php


NT OBJECTives Inc.