Jump to content

Search the Community

Showing results for tags 'hacking'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to PHP Freaks
    • Announcements
    • Introductions
  • PHP Coding
    • PHP Coding Help
    • Regex Help
    • Third Party Scripts
    • FAQ/Code Snippet Repository
  • SQL / Database
    • MySQL Help
    • PostgreSQL
    • Microsoft SQL - MSSQL
    • Other RDBMS and SQL dialects
  • Client Side
    • HTML Help
    • CSS Help
    • Javascript Help
    • Other
  • Applications and Frameworks
    • Applications
    • Frameworks
    • Other Libraries
  • Web Server Administration
    • PHP Installation and Configuration
    • Linux
    • Apache HTTP Server
    • Microsoft IIS
    • Other Web Server Software
  • Other
    • Application Design
    • Other Programming Languages
    • Editor Help (PhpStorm, VS Code, etc)
    • Website Critique
    • Beta Test Your Stuff!
  • Freelance, Contracts, Employment, etc.
    • Services Offered
    • Job Offerings
  • General Discussion
    • PHPFreaks.com Website Feedback
    • Miscellaneous

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Age


Donation Link

Found 3 results

  1. Hi all, I have a security problem with my website who is a social network (like facebook). Let's me Explain : You can execute this page on my website. www.SocialNetWork.com/ChangeStatus.php?param=Hello So your status become "Hello". On your profile, you can create a link to a picture on the web, for example : <img src='http://www.hacking.com/pic.jpg'> The problem is that a "hacker" create several russian girl profile and made links to pic.jpg on his server, and this .jpg file rewrite URL to : www.SocialNetWork.com/ChangeStatus.php?param=Suck. So when you visite his profil, the php code is launched, and the status OF THE VISITOR is changed ! I have no idea of how to stop this ? If i check the variable : $_SERVER['HTTP_REFERER'] The value is empty or www.SocialNetWork.com, but never www.hacking.com ... How can i stop the fact that a foreign picture could launch a php page on my website ? thanks for help ! ps: sorry for my english
  2. I just don't get it. If you protect the above two, other than server hacking, or if you have file uploads, what other ways are there for a user to hack your site. Even if the user knows the directory structure of the site? I built my site, and I'm about to upload it, My hosting company is one of the best, and I don't have file any uploads in the site, So, what more would you watch out for, if you were in my solution? btw, I am using mysql so, by inputs I mean all (GET & POST ) are protected with regex, htmlentities, mysql_real_escape_string() functions. thanks in advance
  3. I am a young php developer who also does pen-testing for websites and company's. I am looking for some people interested in getting their web applications tested for security flaws. I am doing this just for experience (so it is free). All i need is a comment in one of your pages giving me permission to do so. That proves it is your website and that I have permission. I do not mess with any data or functionality, all I do is test your website security and send you a report with what I find. I can also offer to fix the bugs I find. Looking forward to helping some people secure their websites!
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.