Solved

header(Location:)

Posted on 2009-04-08
9
348 Views
Last Modified: 2012-05-06
I'm testing someone else's code that hey have put in my site.  I know that as part of their security suite, they used header (Location:) to redirect to a login page, but I need to make sure that after it's redirected it stops executing.

For those who don't know why... if a page does not stop executing, all a hacker needs to do is to find a browser that will not honor the header(Location:) and they can get in.

What I'm looking for us such a browser, or other method for testing the site.  Yeah, I know I could go dig through the code myself, but it's going to take forever.  I just want a method to test a handful of sensitive pages (user accounts, etc) to make sure that we're secure.

So here's the question.  Anyone know of such a browser or method for testing?  I know  a hacker would just have to download the firefox source, find the place where it redirects because of header(location) and comment it out.  I'm no coder, so that's beyond me.

Thanks
0
Comment
Question by:bennybutler
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
9 Comments
 
LVL 10

Expert Comment

by:ollyatstithians
ID: 24097023
Just break the line that has the header or comment it out so it won't redirect.

The code in the login page should set a session variable to identify the user to each page. The presence of a valid session variable should lead to the redirect being circumvented.

Olly.
0
 
LVL 1

Author Comment

by:bennybutler
ID: 24097240
The code is currently running on their server, I don't have the resources to set up a mirror environment.  I'm trying to pen test it from the outside.
0
 
LVL 17

Expert Comment

by:nplib
ID: 24101159
add exit(); after header();
0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 
LVL 1

Author Comment

by:bennybutler
ID: 24101188
Yes, I put exit() after header in all of my stuff, but I'm trying to test from the outside without access to the code.

0
 
LVL 17

Expert Comment

by:nplib
ID: 24101299
to test, comment out the header() line, unless you happen to have a browser that ignores such line. If nothing is happening that's because nothing is happening, plus if you setup your conditional statements correctly, if a hacker was to use a browser that ignored the header line, then they should get a blank page regardless if you used exit or not, exit should be an assurance not a life line.
0
 
LVL 10

Expert Comment

by:ollyatstithians
ID: 24105044
I've had an investigate, but can't find a way. Sorry.

Olly.
0
 
LVL 2

Accepted Solution

by:
ozanhazer earned 125 total points
ID: 24106924
Well, If you can't hack a browser act like a browser:)
Open a command prompt window or shell...

telnet www.poorsite.com 80
GET /somepage.php HTTP/1.1
Host: www.google.com
<press enter twice>

0
 
LVL 1

Author Closing Comment

by:bennybutler
ID: 31568012
not really what I was looking for, but I hate asking for refunded points ;)
0

Featured Post

How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Email attacks are the most common methods for initiating ransomware and phishing scams. Attackers want you to open an infected attachment or click a malicious link, and unwittingly download malware to your machine. Here are 7 ways you can stay safe.
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to count occurrences of each item in an array.

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question