How To Patch No Redirect Bug on Your Website

in #utopian-io7 years ago (edited)

What Will I Learn?

  • You will learn a hacker's path to hack websites with bugs No Redirect.
  • You will learn to secure your website from bugs No Redirect.

Requirements

  • You should be able to PHP language.

Difficulty

Either choose between the following options:

  • Basic

Tutorial Contents

Well hello People, now I wan't to tell you "How To Patch No Redirect Bug on Your Website".
But first I will tell you what is bugs no redirect? Technique No Redirect Login Page allows hackers to exploit the admin area on a website that has bug No Redirect . With this gap hacker can become a web admin without knowing the web Developer's username and password. But in this bugs hackers will use the help of add ons mozilla firefox is NoRedirect.Okay I will show you how a hacker using this bugs.

nopatch.gif

You look that guys? a hacker can become a web admin without knowing the web Developer's username and password,huh?. Okay now I want to tell you why this bug can happen and how to take it.

This bug exists in the absence of function exit; on the dashboard admin page, and how to patch this bug?
You can see the source below which there is no exit function at all,

<?php

session_start();

if (!$_SESSION['email']) {
  $_SESSION["sigin_error"] = "Please Signin";
header("Location: index.php");
}

include 'dbconnection.php';

$sql_query="SELECT * FROM contact1 ORDER BY entrydate DESC";
$result_set=mysql_query($sql_query);
if(isset($_GET['delete_id']))
{
 $sql_query="DELETE FROM contact1 WHERE id=".$_GET['delete_id'];
 mysql_query($sql_query);
 header("Location: admin.php");
}
$count=0;
?>

Because on admin.php file is admin dashboard page then I take source from admin.php file.
look on source

if (!$_SESSION['email']) {
  $_SESSION["sigin_error"] = "Please Signin";
header("Location: index.php");
}

It should be under command header ("Location: index.php"); must have exit; function to remove or stop the hacker's command.

This source has added exit; function,

<?php

session_start();

if (!$_SESSION['email']) {
  $_SESSION["sigin_error"] = "Please Signin";
header("Location: index.php");
exit;
}

include 'dbconnection.php';

$sql_query="SELECT * FROM contact1 ORDER BY entrydate DESC";
$result_set=mysql_query($sql_query);
if(isset($_GET['delete_id']))
{
 $sql_query="DELETE FROM contact1 WHERE id=".$_GET['delete_id'];
 mysql_query($sql_query);
 header("Location: admin.php");
}
$count=0;
?>

And this results after the patch,

patched.gif

okay guys until here I told you "How To Patch No Redirect Bug on Your Website",
hopefully useful for you and your website. don't let hackers damage your system again. :)

Curriculum



Posted on Utopian.io - Rewarding Open Source Contributors

Sort:  

Your contribution cannot be approved because it does not follow the Utopian Rules.

Explanation:

  • nonsense: The only thing your tutorial does is add the exit() function in a session conditional.
  • the other php code has nothing to do with the admin area you're showing
  • it's unclear what type of admin area (application) you're trying to login to
  • you're logging out of the admin area in your Gif, meaning you logged in before
  • you failed to explain that a properly configured PHP engine doesn't display the php file paths, therefore the path /admin/admin.php is unknown on unknown systems.

Bogus!

You can contact us on Discord.
[utopian-moderator]

@farahulfa, Like your contribution, upvote.