forked from webpwnized/mutillidae
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathshow-log.php
executable file
·144 lines (129 loc) · 5.04 KB
/
show-log.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
<?php
/* Known Vulnerabilities
* Cross Site Scripting, Cross Site Scripting via HTTP Headers,
* Denial of Service via Logging
*/
switch ($_SESSION["security-level"]){
case "0": // This code is insecure
case "1": // This code is insecure
// DO NOTHING: This is insecure
$lEncodeOutput = FALSE;
$lLimitOutput = FALSE;
break;
case "2":
case "3":
case "4":
case "5": // This code is fairly secure
/*
* NOTE: Input validation is excellent but not enough. The output must be
* encoded per context. For example, if output is placed in HTML,
* then HTML encode it. Blacklisting is a losing proposition. You
* cannot blacklist everything. The business requirements will usually
* require allowing dangerous charaters. In the example here, we can
* validate username but we have to allow special characters in passwords
* least we force weak passwords. We cannot validate the signature hardly
* at all. The business requirements for text fields will demand most
* characters. Output encoding is the answer. Validate what you can, encode it
* all.
*/
// encode the output following OWASP standards
// this will be HTML encoding because we are outputting data into HTML
$lEncodeOutput = TRUE;
$lLimitOutput = TRUE;
break;
}// end switch
if(isset($_GET["deleteLogs"])){
$lQueryResult = $SQLQueryHandler->truncateHitLog();
}// end if isset
$lQueryResult = $SQLQueryHandler->getHitLogEntries();
?>
<!-- Bubble hints code -->
<?php
try{
$lReflectedXSSExecutionPointBallonTip = $BubbleHintHandler->getHint("ReflectedXSSExecutionPoint");
} catch (Exception $e) {
echo $CustomErrorHandler->FormatError($e, "Error attempting to execute query to fetch bubble hints.");
}// end try
?>
<script type="text/javascript">
$(function() {
$('[ReflectedXSSExecutionPoint]').attr("title", "<?php echo $lReflectedXSSExecutionPointBallonTip; ?>");
$('[ReflectedXSSExecutionPoint]').balloon();
});
</script>
<div class="page-title">Log</div>
<?php include_once (__ROOT__.'/includes/back-button.inc');?>
<?php include_once (__ROOT__.'/includes/hints/hints-menu-wrapper.inc'); ?>
<style>
#idLogRecords tr td{
border: 1px solid black;
}
#idLogRecords{
width: 100%;
}
img{
vertical-align:middle;
}
</style>
<table class="results-table" id="idLogRecords">
<tr class="report-header">
<td colspan="10">
<span>
<img width="32px" height="32px" src="./images/information-icon-64-64.png" />
<?php echo $lQueryResult->num_rows; ?> log records found
</span>
<span title="Click to refresh log file" onclick="document.location.href=document.location.href.replace('&deleteLogs=deleteLogs','').replace('&popUpNotificationCode=LFD1','').concat('&popUpNotificationCode=LFR1');" style="cursor: pointer;margin-left:35px;margin-right:35px;white-space:nowrap;font-weight:bold;">
<img width="32px" height="32px" src="./images/refresh-button-48px-by-48px.png" />
Refresh Logs
</span>
<span title="Click to delete log file" onclick="document.location='./index.php?page=show-log.php&deleteLogs=deleteLogs&popUpNotificationCode=LFD1';" style="cursor: pointer;white-space:nowrap;font-weight:bold;">
<img width="32px" height="32px" src="./images/delete-icon-48-48.png" />
Delete Logs
</span>
</td>
</tr>
<tr class="report-header">
<td style="font-weight:bold;">Hostname</td>
<td style="font-weight:bold;">IP</td>
<td style="font-weight:bold;">Browser Agent</td>
<td style="font-weight:bold;">Message</td>
<td style="font-weight:bold;">Date/Time</td>
</tr>
<?php
try{// to draw table
if ($lLimitOutput){
echo '<tr><td class="error-header" colspan="10">Note: DOS defenses enabled. Rows limited to last 20.</td></tr>';
}// end if
if($lQueryResult->num_rows > 0){
$lRowNumber = 0;
while($row = $lQueryResult->fetch_object()){
$lRowNumber++;
if(!$lEncodeOutput){
$lHostname = $row->hostname;
$lClientIPAddress = $row->ip;
$lBrowser = $row->browser;
$lReferer = $row->referer;
$lDate = $row->date;
}else{
$lHostname = $Encoder->encodeForHTML($row->hostname);
$lClientIPAddress = $Encoder->encodeForHTML($row->ip);
$lBrowser = $Encoder->encodeForHTML($row->browser);
$lReferer = $Encoder->encodeForHTML($row->referer);
$lDate = $Encoder->encodeForHTML($row->date);
}// end if
echo "<tr>
<td>{$lHostname}</td>
<td>{$lClientIPAddress}</td>
<td ReflectedXSSExecutionPoint=\"1\">{$lBrowser}</td>
<td ReflectedXSSExecutionPoint=\"1\">{$lReferer}</td>
<td>{$lDate}</td>
</tr>\n";
}//end while $row
}else{
echo '<tr><td class="warning-message" colspan="10">No Records Found</td></tr>';
}//end if
} catch (Exception $e) {
echo $CustomErrorHandler->FormatError($e, "Error writing log table rows.".$lQueryString);
}// end try;
?>
</table>