moubik Posted December 16, 2007 Report Share Posted December 16, 2007 ma uitam la exploit-urile de pe milw0rm si l-am vazut pe acesta. la description scrieVulnerable code in admin/administrator.php near lines 5-8( ($_SESSION['adminid']=="") && ($_SESSION['admintype'] !=1)){header("Location: logout.php"); // Bypass Me } de ce este acest cod vulnerabil ? Quote Link to comment Share on other sites More sharing options...
lucian Posted December 17, 2007 Report Share Posted December 17, 2007 codul este corect numai ca pt mai multa siguranta mai trebuia un die() dupa header. erorile de genu "...headers already sent ...." afiseaza doar un warning ... si restul codului tot se executa ... Quote Link to comment Share on other sites More sharing options...
moubik Posted December 17, 2007 Author Report Share Posted December 17, 2007 la asta ma gandeam si eu ca daca faci request si nu tii cont de headere scriptul php se executa in continuare. si partea evil abia dupa este Quote Link to comment Share on other sites More sharing options...
