Web Application

Penetration
Testing Report Of
SGRH VAPT Demo
Report For
Security Knock
Pvt. Ltd.
Project Summary

EXECUTIVE SUMMARY
AnoF Demo conducted a comprehensive security assessment of Security Knock Pvt. Ltd. in order to
determine existing vulnerabilities and establish the current level of security risk associated with the
environment and the technologies in use. This assessment harnessed penetration testing and social
engineering techniques to provide Security Knock Pvt. Ltd. management with an understanding of
the risks and security posture of their corporate environment.

Project Details
This engagement has been conducted to assess the security posture of the high-value targets
mentioned by our client Security Knock Pvt. Ltd.. We have gone through the SGRH VAPT Demo
Report Web Application Penetration Testing as per OWASP Top 10 standards.

Scope

Scope Scope Type Start Date End Date

https://sgrh.com/ Web Application Penetration Testing Aug. 1, 2023 Aug. 1, 2023

Description
SGRH VAPT Demo Report

3
Project Involvement

Name Email Address Phone Company

Demo Report sgrh.com SGRH-DR-10823 Security Knock Pvt. Ltd.

4
Vulnerability Details

Vulnerabilities Classification
Sr Vulnerability Name Severity Status

1 Html Injection and XSS Critical Vulnerable

2 SQL Injection Critical Vulnerable

3 SQL Injection Critical Vulnerable

4 Cpanel and Webmail Exposed High Vulnerable

5 (xss) Dom Based High Vulnerable

6 Service Version Disclousre Medium Vulnerable

5
Html Injection and XSS
Vulnerable Critical

CVSS Score - 9.0

CVSS Vector - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Description

HTML injection is a type of security vulnerability that allows an

attacker to inject HTML code into web pages that are viewed by
other users. Attackers often inject malicious JavaScript, VBScript,
ActiveX, and/or HTML into vulnerable applications to deceive the
user in order to gather data from them. HTML injection is similar to
cross-site scripting (XSS), but the HTML injection attack only
allows the injection of certain HTML tags. When an application
does not properly handle user-supplied data, an attacker can
supply valid HTML code, typically via a parameter value, and inject
their own content into the page.This attack is typically used in
conjunction with some form of social engineering, as the attack is
exploiting a code-based vulnerability and a user

Proof Of Concept

Solution

Main rule to prevent HTML attack is appropriate data validation.

Every input should be checked if it contains any script code or any HTML code. Usually it is
being checked, if the code contains any special script or HTML brackets

Reference Link

Vulnerable Instances

URL Paramter

https://sgrh.com/searchresult?q=

6
SQL Injection
Vulnerable Critical

CVSS Score - 9.9

CVSS Vector - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

SQL injection (SQLi) is a web security vulnerability that allows an attacker to interfere with the
queries that an application makes to its database. It generally allows an attacker to view data
that they are not normally able to retrieve. This might include data belonging to other users, or
any other data that the application itself is able to access. In many cases, an attacker can
modify or delete this data, causing persistent changes to the application

Proof Of Concept

Solution

The only sure way to prevent SQL Injection attacks is input validation and parametrized queries
including prepared statements. The application code should never use the input directly. The
developer must sanitize all input, not only web form inputs such as login forms. They must
remove potential malicious code elements such as single quotes. It is also a good idea to turn
off the visibility of database errors on your production sites. Database errors can be used with
SQL Injection to gain information about your database.

Reference Link

OWASP
PortSwigger

Vulnerable Instances

URL Paramter

https://labresults.sgrh.com/Login.aspx

7
SQL Injection
Vulnerable Critical

CVSS Score - 9.9

CVSS Vector - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Description

SQL injection (SQLi) is a web security vulnerability that allows an attacker to interfere with the
queries that an application makes to its database. It generally allows an attacker to view data
that they are not normally able to retrieve. This might include data belonging to other users, or
any other data that the application itself is able to access. In many cases, an attacker can
modify or delete this data, causing persistent changes to the application

Proof Of Concept

Solution

The only sure way to prevent SQL Injection attacks is input validation and parametrized queries
including prepared statements. The application code should never use the input directly. The
developer must sanitize all input, not only web form inputs such as login forms. They must
remove potential malicious code elements such as single quotes. It is also a good idea to turn
off the visibility of database errors on your production sites. Database errors can be used with
SQL Injection to gain information about your database.

Reference Link

Vulnerable Instances

URL Paramter

https://reachout.sgrh.com/?event_name_id=

8
Cpanel and Webmail Exposed
Vulnerable High

CVSS Score - 8.2

CVSS Vector - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L

Description

Cpanel and Web mail page is accessible through any IP address.

An attacker could exploit this finding to perform BruteForce attacks against users. He can also
use it to create similar phishing pages, confusing users and more.

Proof Of Concept

Solution

Define and restrict access which IP addresses are allowed to access the administrator

Reference Link

Vulnerable Instances

URL Paramter

https://cpanel.sgrh.com/ | https://sgrh.com:2083/

https://sgrh.com:2096/src/configtest.php

9
(xss) Dom Based
Vulnerable High

CVSS Score - 8.0

CVSS Vector - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Description

DOM-based XSS is a web application vulnerability that allows attackers

to inject and execute malicious scripts in the victim

Proof Of Concept

Solution

Reference Link

Vulnerable Instances

URL Paramter

https://reachout.sgrh.com/

10
Service Version Disclousre
Vulnerable Medium

CVSS Score - 6.4

CVSS Vector - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

Description

service version disclousre in http response , Host:

Labresults.sgrh.com
1. Server: Microsoft-IIS/8.5 , X-AspNet-Version: 4.0.30319
2. https://reachout.sgrh.com/info.php

1. In summary, server version disclosure is a vulnerability that can

be exploited by attackers to identify vulnerabilities in web servers
and launch targeted attacks. Developers can prevent server
version disclosure by configuring their web servers to stop sending
detailed information in the Server header and properly configuring
their web servers to prevent information leakage from error
messages and warning messages.

2. In summary, info.php disclosure is a vulnerability that can be

exploited by attackers to obtain sensitive information about a web
server. Developers can prevent info.php disclosure by removing
the info.php file from their web server or restricting access to it,
and by configuring their web servers to prevent information
leakage in HTTP response headers.

Proof Of Concept

Solution

Hide info.php

Reference Link

Vulnerable Instances

URL Paramter

https://reachout.sgrh.com/info.php

11