Jump to content
Sign in to follow this  
  • entries
    97
  • comments
    98
  • views
    50848

Oops.

Sign in to follow this  
caffeineaddict

152 views

Here's a PHP snafu for you to avoid. A friend of mine made a site for someone and used PHP for the job. I decided to check the site out today and what did I discover? A security hole! Oh noes. It was really no fault of my friend, just oversight.

REGISTER_GLOBALS was apparently turned on and he used session IDs. In various places on the site he was getting user Ids and whatnot for the current session.

If you had an account and were signed in and knew a user ID, you could go their profile and it would set the current session to their profile ID, when you went to "My Account" you had access to all of the OTHER persons info. This included the ability to change passwords and e-mail and whatnot. Not cool. Luckily the site has only been live for a day so it's doubtful anyone else has discovered it. The server he had to use was a shared server, so he couldn't really change the settings, but he had a workaround by changing the variable names.
Sign in to follow this  


1 Comment


Recommended Comments

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!