bennybutler
asked on
header(Location:)
I'm testing someone else's code that hey have put in my site. I know that as part of their security suite, they used header (Location:) to redirect to a login page, but I need to make sure that after it's redirected it stops executing.
For those who don't know why... if a page does not stop executing, all a hacker needs to do is to find a browser that will not honor the header(Location:) and they can get in.
What I'm looking for us such a browser, or other method for testing the site. Yeah, I know I could go dig through the code myself, but it's going to take forever. I just want a method to test a handful of sensitive pages (user accounts, etc) to make sure that we're secure.
So here's the question. Anyone know of such a browser or method for testing? I know a hacker would just have to download the firefox source, find the place where it redirects because of header(location) and comment it out. I'm no coder, so that's beyond me.
Thanks
For those who don't know why... if a page does not stop executing, all a hacker needs to do is to find a browser that will not honor the header(Location:) and they can get in.
What I'm looking for us such a browser, or other method for testing the site. Yeah, I know I could go dig through the code myself, but it's going to take forever. I just want a method to test a handful of sensitive pages (user accounts, etc) to make sure that we're secure.
So here's the question. Anyone know of such a browser or method for testing? I know a hacker would just have to download the firefox source, find the place where it redirects because of header(location) and comment it out. I'm no coder, so that's beyond me.
Thanks
ASKER
The code is currently running on their server, I don't have the resources to set up a mirror environment. I'm trying to pen test it from the outside.
add exit(); after header();
ASKER
Yes, I put exit() after header in all of my stuff, but I'm trying to test from the outside without access to the code.
to test, comment out the header() line, unless you happen to have a browser that ignores such line. If nothing is happening that's because nothing is happening, plus if you setup your conditional statements correctly, if a hacker was to use a browser that ignored the header line, then they should get a blank page regardless if you used exit or not, exit should be an assurance not a life line.
I've had an investigate, but can't find a way. Sorry.
Olly.
Olly.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
not really what I was looking for, but I hate asking for refunded points ;)
The code in the login page should set a session variable to identify the user to each page. The presence of a valid session variable should lead to the redirect being circumvented.
Olly.