How To Patch No Redirect Bug on Your Website

farahulfa (42)in #utopian-io • 7 years ago (edited)

What Will I Learn?

You will learn a hacker's path to hack websites with bugs No Redirect.
You will learn to secure your website from bugs No Redirect.

Requirements

You should be able to PHP language.

Difficulty

Either choose between the following options:

Basic

Tutorial Contents

Well hello People, now I wan't to tell you "How To Patch No Redirect Bug on Your Website".
But first I will tell you what is bugs no redirect? Technique No Redirect Login Page allows hackers to exploit the admin area on a website that has bug No Redirect . With this gap hacker can become a web admin without knowing the web Developer's username and password. But in this bugs hackers will use the help of add ons mozilla firefox is NoRedirect.Okay I will show you how a hacker using this bugs.

You look that guys? a hacker can become a web admin without knowing the web Developer's username and password,huh?. Okay now I want to tell you why this bug can happen and how to take it.

This bug exists in the absence of function exit; on the dashboard admin page, and how to patch this bug?
You can see the source below which there is no exit function at all,

<?php

session_start();

if (!$_SESSION['email']) {
  $_SESSION["sigin_error"] = "Please Signin";
header("Location: index.php");
}

include 'dbconnection.php';

$sql_query="SELECT * FROM contact1 ORDER BY entrydate DESC";
$result_set=mysql_query($sql_query);
if(isset($_GET['delete_id']))
{
 $sql_query="DELETE FROM contact1 WHERE id=".$_GET['delete_id'];
 mysql_query($sql_query);
 header("Location: admin.php");
}
$count=0;
?>

Because on admin.php file is admin dashboard page then I take source from admin.php file.
look on source

if (!$_SESSION['email']) {
  $_SESSION["sigin_error"] = "Please Signin";
header("Location: index.php");
}

It should be under command header ("Location: index.php"); must have exit; function to remove or stop the hacker's command.

This source has added exit; function,

<?php

session_start();

if (!$_SESSION['email']) {
  $_SESSION["sigin_error"] = "Please Signin";
header("Location: index.php");
exit;
}

include 'dbconnection.php';

$sql_query="SELECT * FROM contact1 ORDER BY entrydate DESC";
$result_set=mysql_query($sql_query);
if(isset($_GET['delete_id']))
{
 $sql_query="DELETE FROM contact1 WHERE id=".$_GET['delete_id'];
 mysql_query($sql_query);
 header("Location: admin.php");
}
$count=0;
?>

And this results after the patch,

okay guys until here I told you "How To Patch No Redirect Bug on Your Website",
hopefully useful for you and your website. don't let hackers damage your system again. :)

Curriculum

How To Patch SQLI on Your Website: Bypass Admin

Posted on Utopian.io - Rewarding Open Source Contributors

#hacking #patch #hacker

7 years ago in #utopian-io by farahulfa (42)

Sort:

scipio (65) 7 years ago

Your contribution cannot be approved because it does not follow the Utopian Rules.

Explanation:

nonsense: The only thing your tutorial does is add the exit() function in a session conditional.
the other php code has nothing to do with the admin area you're showing
it's unclear what type of admin area (application) you're trying to login to
you're logging out of the admin area in your Gif, meaning you logged in before
you failed to explain that a properly configured PHP engine doesn't display the php file paths, therefore the path /admin/admin.php is unknown on unknown systems.

Bogus!

You can contact us on Discord.
[utopian-moderator]

$0.58

1 vote

[-]

steemitstats (47) 7 years ago

@farahulfa, Like your contribution, upvote.

$0.00

STEEM 0.18

TRX 0.16

JST 0.030

BTC 67773.53

ETH 2617.28

USDT 1.00

SBD 2.71