Saotn.org

Veelgemaakte fout in login form redirect leidt tot kwetsbaarheden

Veelgemaakte fout in login form redirect leidt tot kwetsbaarheden

Bogdan Calin van Acunetix beschrijft een real-life scenario hoe een veelgemaakte fout in een (PHP) login form er toe kan leiden dat derden zich toegang verschaffen tot het back-end dat juist beschermd moet zijn.

http://www.acunetix.com/blog/web-security-zone/articles/html-form-found-in-redirect-page/

 

 


Sysadmins of the North
About The Author
My name is Jan Reilink. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing his daily thing at Vevida Services in the Netherlands. With over 10 years of experience, my specialties include Windows Server (2003, 2008 and 2012), Windows 7, IIS (6.0, 7.5 and 8.0), Linux (CentOS, Debian), PHP, websites, optimization and security. More about me @ www.reilink.nl.

 

There are no comments yet, but you can be the first

Search & find

Custom Search
About Sysadmins of the North

Hi and welcome to Sysadmins of the North!
Sysadmins of the North is just another technical blog. Just like so many others out there. Most posts are written in English, some in Dutch. On Saotn.org you can find all kinds of computer, server, web, sysadmin, database and security related stuff.

About me: My name is Jan Reilink. I am not a hacker, coder, developer, programmer or guru. I am merely a system administrator, doing his daily thing at Vevida Services in the Netherlands. Living in the north of the Netherlands, so hence the name Sysadmins of the North :-)
Drop me a comment somewhere or send an email to say hi, or discuss about security, website or WordPress, performance, Windows or IIS topics.

Support Saotn.org

If you feel that Sysadmins of the North has helped solve your problem, saved you time, or you just simply like Saotn.org, then please consider making a donation with Paypal. Thanks! :)

IT Books & WP Themes

Windows PowerShell Cookbook: The Complete Guide to Scripting Microsoft\'s Command Shell
DNS and BIND - 5th Edition
DNSSEC Mastery: Securing the Domain Name System with BIND
Windows Server 2012 Unleashed
Enfold - Responsive Multi-Purpose WordPress Theme
Striking MultiFlex & Ecommerce Responsive WordPress Theme

 

The Sysadmins of the North network

Just for the fun of it, Sysadmins of the North is hosted on mulitple servers:

  1. one (shared) Windows Server 2012, IIS 8.0 webserver running PHP 5.5
  2. one (shared) MySQL database server, running MariaDB 5.5
  3. one Varnish Cache HTTP reverse proxy with Nginx Droplet, for offloaded static content, running Debian 7.0 @ DigitalOcean
Easy share

Share this post easy on:
RSS feed
If you like Saotn.org:
donate to Sysadmins of the North
Twitter Feed

What's happening, right now, around Saotn.org?


Bad Authentication data
Copyright © 2007-2014 Saotn.org . Design by OrangeIdea