labrova

Make Sure You Fill All Required Fields

Login Information

Username Password
Click Here for Demo Report

Labrova is sponsered by ISnSC

What is Labrova ?
Labrova is a PHP gateway that can be integrated in any Web application as an intrusion protection system (IPS). It prevents SQL injections, XSS, and many other known attacks. It intercepts all submitted parameters and compares them with its knowledge base. If the parameters passed are identified as a threat, the values will be blocked before reaching the underlying Web application, a report will be shown to the attacker, and the attack details will be logged into the Labrova database.

How does it work?
You setup the Client script on your website, and include it in your scripts.
in case of any Atack on your website, a socket with the Atack information will be directed to our server and stopped.
It can display the attack information to the attacker, or can work in a silent mode.

How to Setup ?
Once registered, email us your user ID & website to be used on. Labrova will email you the PHP client.
Upload the client PHP script to your website
edit config.php with required setup information
Your ID is, the ID number registered on Our server.
Client contains, HTML template to customize your report, configuration file for settings, client engine and signature file will be regularly updated from IRQX website.


How to Integrate into Web Application ?
PHP: In your main Script global.php or main.php, add on the first line
include "/home/username/foldername/labrova.php";
the full physical path to the labrova.php file
PERL: To read more about accessing PERL from PHP Click Here
To run PHP from PERL, add the following to your Perl Code. use CGI::SSI;
$ssi = CGI::SSI->new();
print $ssi->exec(cgi => '/home/username/foldername/labrova.php');
ASP: To integrate with ASP you can try the tutorial from Microsoft Here
OR Include the Labrova PHP script in .Net Environment directly.
To know howto Pass Session from ASP MouseOverHere
Oracle Application Server: Read this tutorial from Oracle Here
JSP: Under Research, Contact me if you know how

Proof of Concept:
PHPNuke on dokfleed.net/duh/ is vulnerable
To verify, try this: http://www.dokfleed.net/duh/banners.php?op=EmailStats&name=sex&bid=[vulnerable]
now try to exploit he vulnerability i.e.
Try: http://www.dokfleed.net/duh/banners.php?op=EmailStats&name=sex&bid=<script> alert('boo');</script>
Did Labrova get you !!!