CalvinBackup/NeuroSploit
1
0
Fork 0
mirror of https://github.com/CyberSecurityUP/NeuroSploit.git synced 2026-02-12 14:02:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d5899c19f46ddb25129e74051b4954a05933eac2
NeuroSploit/reports/report_20260109_222127.html
Joas A Santos d5899c19f4 Add files via upload
2026-01-09 22:48:39 -03:00

519 lines
18 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Security Assessment Report - 20260109_222127</title>
<script src="https://cdn.jsdelivr.net/npm/chart.js"></script>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/styles/github-dark.min.css">
<style>
:root {
--bg-primary: #0a0e17;
--bg-secondary: #111827;
--bg-card: #1a1f2e;
--border-color: #2d3748;
--text-primary: #e2e8f0;
--text-secondary: #94a3b8;
--accent: #3b82f6;
--critical: #ef4444;
--high: #f97316;
--medium: #eab308;
--low: #22c55e;
--info: #6366f1;
}
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
font-family: 'Inter', -apple-system, BlinkMacSystemFont, 'Segoe UI', sans-serif;
background: var(--bg-primary);
color: var(--text-primary);
line-height: 1.6;
}
.container { max-width: 1400px; margin: 0 auto; padding: 2rem; }
/* Header */
.header {
background: linear-gradient(135deg, #1e3a5f 0%, #0f172a 100%);
padding: 3rem 2rem;
border-radius: 16px;
margin-bottom: 2rem;
border: 1px solid var(--border-color);
}
.header-content { display: flex; justify-content: space-between; align-items: center; flex-wrap: wrap; gap: 1rem; }
.logo { font-size: 2rem; font-weight: 800; background: linear-gradient(90deg, #3b82f6, #8b5cf6); -webkit-background-clip: text; -webkit-text-fill-color: transparent; }
.report-meta { text-align: right; color: var(--text-secondary); font-size: 0.9rem; }
/* Stats Grid */
.stats-grid { display: grid; grid-template-columns: repeat(auto-fit, minmax(200px, 1fr)); gap: 1.5rem; margin-bottom: 2rem; }
.stat-card {
background: var(--bg-card);
border-radius: 12px;
padding: 1.5rem;
border: 1px solid var(--border-color);
transition: transform 0.2s, box-shadow 0.2s;
}
.stat-card:hover { transform: translateY(-2px); box-shadow: 0 8px 25px rgba(0,0,0,0.3); }
.stat-value { font-size: 2.5rem; font-weight: 700; }
.stat-label { color: var(--text-secondary); font-size: 0.875rem; text-transform: uppercase; letter-spacing: 0.5px; }
.stat-critical .stat-value { color: var(--critical); }
.stat-high .stat-value { color: var(--high); }
.stat-medium .stat-value { color: var(--medium); }
.stat-low .stat-value { color: var(--low); }
/* Risk Score */
.risk-section { display: grid; grid-template-columns: 1fr 1fr; gap: 2rem; margin-bottom: 2rem; }
@media (max-width: 900px) { .risk-section { grid-template-columns: 1fr; } }
.risk-card {
background: var(--bg-card);
border-radius: 16px;
padding: 2rem;
border: 1px solid var(--border-color);
}
.risk-score-circle {
width: 180px; height: 180px;
border-radius: 50%;
background: conic-gradient(#e74c3c 0deg, #e74c3c 360.0deg, #2d3748 360.0deg);
display: flex; align-items: center; justify-content: center;
margin: 0 auto 1rem;
}
.risk-score-inner {
width: 140px; height: 140px;
border-radius: 50%;
background: var(--bg-card);
display: flex; flex-direction: column; align-items: center; justify-content: center;
}
.risk-score-value { font-size: 3rem; font-weight: 800; color: #e74c3c; }
.risk-score-label { color: var(--text-secondary); font-size: 0.875rem; }
.chart-container { height: 250px; }
/* Targets */
.targets-list { display: flex; flex-wrap: wrap; gap: 0.5rem; margin-top: 1rem; }
.target-tag {
background: rgba(59, 130, 246, 0.2);
border: 1px solid var(--accent);
padding: 0.5rem 1rem;
border-radius: 20px;
font-size: 0.875rem;
font-family: monospace;
}
/* Main Report */
.report-section {
background: var(--bg-card);
border-radius: 16px;
padding: 2rem;
border: 1px solid var(--border-color);
margin-bottom: 2rem;
}
.section-title {
font-size: 1.5rem;
font-weight: 700;
margin-bottom: 1.5rem;
padding-bottom: 1rem;
border-bottom: 2px solid var(--accent);
display: flex;
align-items: center;
gap: 0.75rem;
}
.section-title::before {
content: '';
width: 4px;
height: 24px;
background: var(--accent);
border-radius: 2px;
}
/* Vulnerability Cards */
.report-content h2 {
background: linear-gradient(90deg, var(--bg-secondary), transparent);
padding: 1rem 1.5rem;
border-radius: 8px;
margin: 2rem 0 1rem;
border-left: 4px solid var(--accent);
font-size: 1.25rem;
}
.report-content h2:has-text("Critical"), .report-content h2:contains("CRITICAL") { border-left-color: var(--critical); }
.report-content h3 { color: var(--accent); margin: 1.5rem 0 0.75rem; font-size: 1.1rem; }
.report-content table {
width: 100%;
border-collapse: collapse;
margin: 1rem 0;
background: var(--bg-secondary);
border-radius: 8px;
overflow: hidden;
}
.report-content th, .report-content td {
padding: 0.75rem 1rem;
text-align: left;
border-bottom: 1px solid var(--border-color);
}
.report-content th { background: rgba(59, 130, 246, 0.1); color: var(--accent); font-weight: 600; }
.report-content pre {
background: #0d1117;
border: 1px solid var(--border-color);
border-radius: 8px;
padding: 1rem;
overflow-x: auto;
margin: 1rem 0;
}
.report-content code {
font-family: 'JetBrains Mono', 'Fira Code', monospace;
font-size: 0.875rem;
}
.report-content p { margin: 0.75rem 0; }
.report-content hr { border: none; border-top: 1px solid var(--border-color); margin: 2rem 0; }
.report-content ul, .report-content ol { margin: 1rem 0; padding-left: 1.5rem; }
.report-content li { margin: 0.5rem 0; }
/* Severity Badges */
.report-content h2 { position: relative; }
/* Footer */
.footer {
text-align: center;
padding: 2rem;
color: var(--text-secondary);
font-size: 0.875rem;
border-top: 1px solid var(--border-color);
margin-top: 3rem;
}
/* Print Styles */
@media print {
body { background: white; color: black; }
.stat-card, .risk-card, .report-section { border: 1px solid #ddd; }
}
</style>
</head>
<body>
<div class="container">
<div class="header">
<div class="header-content">
<div>
<div class="logo">NeuroSploit</div>
<p style="color: var(--text-secondary); margin-top: 0.5rem;">AI-Powered Security Assessment Report</p>
</div>
<div class="report-meta">
<div><strong>Report ID:</strong> 20260109_222127</div>
<div><strong>Date:</strong> 2026-01-09 22:25</div>
<div><strong>Agent:</strong> Pentestfull</div>
</div>
</div>
<div class="targets-list">
<span class="target-tag">http://testphp.vulnweb.com/</span>
</div>
</div>
<div class="stats-grid">
<div class="stat-card stat-critical">
<div class="stat-value">4</div>
<div class="stat-label">Critical</div>
</div>
<div class="stat-card stat-high">
<div class="stat-value">8</div>
<div class="stat-label">High</div>
</div>
<div class="stat-card stat-medium">
<div class="stat-value">4</div>
<div class="stat-label">Medium</div>
</div>
<div class="stat-card stat-low">
<div class="stat-value">4</div>
<div class="stat-label">Low</div>
</div>
<div class="stat-card">
<div class="stat-value" style="color: var(--accent);">36</div>
<div class="stat-label">Tests Run</div>
</div>
</div>
<div class="risk-section">
<div class="risk-card">
<h3 style="text-align: center; margin-bottom: 1rem; color: var(--text-secondary);">Risk Score</h3>
<div class="risk-score-circle">
<div class="risk-score-inner">
<div class="risk-score-value">100</div>
<div class="risk-score-label">Critical</div>
</div>
</div>
</div>
<div class="risk-card">
<h3 style="margin-bottom: 1rem; color: var(--text-secondary);">Severity Distribution</h3>
<div class="chart-container">
<canvas id="severityChart"></canvas>
</div>
</div>
</div>
<div class="report-section">
<div class="section-title">Vulnerability Report</div>
<div class="report-content">
<h1>Executive Summary</h1>
<p>The penetration test of http://testphp.vulnweb.com revealed multiple critical security vulnerabilities including SQL injection, reflected XSS, and local file inclusion. The application demonstrates classic web application security flaws that could lead to complete database compromise and arbitrary code execution.</p>
<h1>Vulnerabilities Found</h1>
<hr />
<h2>[CRITICAL] SQL Injection in listproducts.php</h2>
<table>
<thead>
<tr>
<th>Field</th>
<th>Value</th>
</tr>
</thead>
<tbody>
<tr>
<td>Severity</td>
<td>Critical</td>
</tr>
<tr>
<td>CVSS</td>
<td>9.8</td>
</tr>
<tr>
<td>CWE</td>
<td>CWE-89</td>
</tr>
<tr>
<td>Location</td>
<td>http://testphp.vulnweb.com/listproducts.php?cat=1</td>
</tr>
</tbody>
</table>
<h3>Description</h3>
<p>The <code>cat</code> parameter in listproducts.php is vulnerable to SQL injection. SQLMap successfully identified multiple injection techniques including boolean-based blind, error-based, time-based blind, and UNION query injection.</p>
<h3>Proof of Concept</h3>
<p><strong>Vulnerable Request:</strong></p>
<pre><code>curl &quot;http://testphp.vulnweb.com/listproducts.php?cat=1&quot;
</code></pre>
<p><strong>Payload Used:</strong></p>
<pre><code>Standard SQLMap payloads for MySQL detection
</code></pre>
<p><strong>Evidence (Response excerpt):</strong></p>
<pre><code>GET parameter 'cat' appears to be 'AND boolean-based blind - WHERE or HAVING clause' injectable
GET parameter 'cat' is 'MySQL &gt;= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)' injectable
GET parameter 'cat' appears to be 'MySQL &gt;= 5.0.12 AND time-based blind (query SLEEP)' injectable
GET parameter 'cat' is 'Generic UNION query (NULL) - 1 to 20 columns' injectable
target URL appears to have 11 columns in query
</code></pre>
<h3>Impact</h3>
<p>Complete database compromise including ability to extract sensitive data, modify database contents, and potentially execute operating system commands depending on database privileges.</p>
<h3>Remediation</h3>
<p>Implement parameterized queries/prepared statements for all database interactions. Validate and sanitize all user input before database queries.</p>
<hr />
<h2>[HIGH] Reflected Cross-Site Scripting (XSS) in search.php</h2>
<table>
<thead>
<tr>
<th>Field</th>
<th>Value</th>
</tr>
</thead>
<tbody>
<tr>
<td>Severity</td>
<td>High</td>
</tr>
<tr>
<td>CVSS</td>
<td>7.5</td>
</tr>
<tr>
<td>CWE</td>
<td>CWE-79</td>
</tr>
<tr>
<td>Location</td>
<td>http://testphp.vulnweb.com/search.php?test=</td>
</tr>
</tbody>
</table>
<h3>Description</h3>
<p>The search functionality reflects user input directly into MySQL error messages without proper sanitization, creating a reflected XSS vulnerability.</p>
<h3>Proof of Concept</h3>
<p><strong>Vulnerable Request:</strong></p>
<pre><code>curl &quot;http://testphp.vulnweb.com/search.php?test=%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E&quot;
</code></pre>
<p><strong>Payload Used:</strong></p>
<pre><code>&lt;script&gt;alert('XSS')&lt;/script&gt;
</code></pre>
<p><strong>Evidence (Response excerpt):</strong></p>
<pre><code>Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'XSS')&lt;/script&gt;'' at line 1
</code></pre>
<h3>Impact</h3>
<p>Attackers can execute arbitrary JavaScript in victim browsers, leading to session hijacking, credential theft, and malicious actions on behalf of users.</p>
<h3>Remediation</h3>
<p>Implement proper output encoding/escaping for all user-controlled data. Use Content Security Policy (CSP) headers to mitigate XSS attacks.</p>
<hr />
<h2>[HIGH] Local File Inclusion in showimage.php</h2>
<table>
<thead>
<tr>
<th>Field</th>
<th>Value</th>
</tr>
</thead>
<tbody>
<tr>
<td>Severity</td>
<td>High</td>
</tr>
<tr>
<td>CVSS</td>
<td>7.5</td>
</tr>
<tr>
<td>CWE</td>
<td>CWE-22</td>
</tr>
<tr>
<td>Location</td>
<td>http://testphp.vulnweb.com/showimage.php?file=</td>
</tr>
</tbody>
</table>
<h3>Description</h3>
<p>The showimage.php script is vulnerable to local file inclusion through the <code>file</code> parameter, though protected by open_basedir restrictions.</p>
<h3>Proof of Concept</h3>
<p><strong>Vulnerable Request:</strong></p>
<pre><code>curl &quot;http://testphp.vulnweb.com/showimage.php?file=../../../../../etc/passwd&quot;
</code></pre>
<p><strong>Payload Used:</strong></p>
<pre><code>../../../../../etc/passwd
</code></pre>
<p><strong>Evidence (Response excerpt):</strong></p>
<pre><code>Warning: fopen(): open_basedir restriction in effect. File(../../../../../etc/passwd) is not within the allowed path(s): (/hj/:/tmp/:/proc/) in /hj/var/www/showimage.php on line 13
Warning: fopen(../../../../../etc/passwd): failed to open stream: Operation not permitted in /hj/var/www/showimage.php on line 13
</code></pre>
<h3>Impact</h3>
<p>While currently mitigated by open_basedir restrictions, this vulnerability could allow attackers to read sensitive files if restrictions are bypassed or misconfigured.</p>
<h3>Remediation</h3>
<p>Implement a whitelist of allowed files instead of accepting user input for file paths. Validate file paths against allowed directories and use basename() to prevent directory traversal.</p>
<hr />
<h2>[MEDIUM] Information Disclosure - Server Version</h2>
<table>
<thead>
<tr>
<th>Field</th>
<th>Value</th>
</tr>
</thead>
<tbody>
<tr>
<td>Severity</td>
<td>Medium</td>
</tr>
<tr>
<td>CVSS</td>
<td>5.0</td>
</tr>
<tr>
<td>CWE</td>
<td>CWE-200</td>
</tr>
<tr>
<td>Location</td>
<td>http://testphp.vulnweb.com/</td>
</tr>
</tbody>
</table>
<h3>Description</h3>
<p>The server reveals detailed version information in HTTP headers and error pages.</p>
<h3>Proof of Concept</h3>
<p><strong>Vulnerable Request:</strong></p>
<pre><code>curl -I &quot;http://testphp.vulnweb.com/&quot;
</code></pre>
<p><strong>Evidence (Response excerpt):</strong></p>
<pre><code>Server: nginx/1.19.0
X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1
</code></pre>
<h3>Impact</h3>
<p>Version information aids attackers in identifying specific vulnerabilities and attack vectors for the disclosed software versions.</p>
<h3>Remediation</h3>
<p>Configure web server and PHP to suppress version information in headers and error pages.</p>
<h1>Summary Table</h1>
<table>
<thead>
<tr>
<th>#</th>
<th>Vulnerability</th>
<th>Severity</th>
<th>Location</th>
</tr>
</thead>
<tbody>
<tr>
<td>1</td>
<td>SQL Injection</td>
<td>Critical</td>
<td>/listproducts.php?cat=</td>
</tr>
<tr>
<td>2</td>
<td>Reflected XSS</td>
<td>High</td>
<td>/search.php?test=</td>
</tr>
<tr>
<td>3</td>
<td>Local File Inclusion</td>
<td>High</td>
<td>/showimage.php?file=</td>
</tr>
<tr>
<td>4</td>
<td>Information Disclosure</td>
<td>Medium</td>
<td>Server headers</td>
</tr>
</tbody>
</table>
<h1>Recommendations</h1>
<ol>
<li><strong>Immediate Priority</strong>: Fix SQL injection vulnerability in listproducts.php by implementing parameterized queries</li>
<li><strong>High Priority</strong>: Implement proper input validation and output encoding to prevent XSS attacks</li>
<li><strong>High Priority</strong>: Restrict file access in showimage.php using whitelisting approach</li>
<li><strong>Medium Priority</strong>: Configure server to suppress version information disclosure</li>
<li><strong>General</strong>: Implement a comprehensive security code review and testing process for all user input handling</li>
</ol>
</div>
</div>
<div class="footer">
<p>Generated by <strong>NeuroSploit</strong> - AI-Powered Penetration Testing Framework</p>
<p style="margin-top: 0.5rem;">Confidential - For authorized personnel only</p>
</div>
</div>
<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/highlight.min.js"></script>
<script>
hljs.highlightAll();
// Severity Chart
const ctx = document.getElementById('severityChart').getContext('2d');
new Chart(ctx, {
type: 'doughnut',
data: {
labels: ['Critical', 'High', 'Medium', 'Low', 'Info'],
datasets: [{
data: [4, 8, 4, 4, 6],
backgroundColor: ['#ef4444', '#f97316', '#eab308', '#22c55e', '#6366f1'],
borderWidth: 0,
hoverOffset: 10
}]
},
options: {
responsive: true,
maintainAspectRatio: false,
plugins: {
legend: {
position: 'right',
labels: { color: '#94a3b8', padding: 15, font: { size: 12 } }
}
},
cutout: '60%'
}
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink