Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 361
  • Last Modified:

header(Location:)

I'm testing someone else's code that hey have put in my site.  I know that as part of their security suite, they used header (Location:) to redirect to a login page, but I need to make sure that after it's redirected it stops executing.

For those who don't know why... if a page does not stop executing, all a hacker needs to do is to find a browser that will not honor the header(Location:) and they can get in.

What I'm looking for us such a browser, or other method for testing the site.  Yeah, I know I could go dig through the code myself, but it's going to take forever.  I just want a method to test a handful of sensitive pages (user accounts, etc) to make sure that we're secure.

So here's the question.  Anyone know of such a browser or method for testing?  I know  a hacker would just have to download the firefox source, find the place where it redirects because of header(location) and comment it out.  I'm no coder, so that's beyond me.

Thanks
0
bennybutler
Asked:
bennybutler
  • 3
  • 2
  • 2
  • +1
1 Solution
 
ollyatstithiansCommented:
Just break the line that has the header or comment it out so it won't redirect.

The code in the login page should set a session variable to identify the user to each page. The presence of a valid session variable should lead to the redirect being circumvented.

Olly.
0
 
bennybutlerAuthor Commented:
The code is currently running on their server, I don't have the resources to set up a mirror environment.  I'm trying to pen test it from the outside.
0
 
nplibCommented:
add exit(); after header();
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
bennybutlerAuthor Commented:
Yes, I put exit() after header in all of my stuff, but I'm trying to test from the outside without access to the code.

0
 
nplibCommented:
to test, comment out the header() line, unless you happen to have a browser that ignores such line. If nothing is happening that's because nothing is happening, plus if you setup your conditional statements correctly, if a hacker was to use a browser that ignored the header line, then they should get a blank page regardless if you used exit or not, exit should be an assurance not a life line.
0
 
ollyatstithiansCommented:
I've had an investigate, but can't find a way. Sorry.

Olly.
0
 
ozanhazerCommented:
Well, If you can't hack a browser act like a browser:)
Open a command prompt window or shell...

telnet www.poorsite.com 80
GET /somepage.php HTTP/1.1
Host: www.google.com
<press enter twice>

0
 
bennybutlerAuthor Commented:
not really what I was looking for, but I hate asking for refunded points ;)
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now