Form spoofing - step by step

Posted by mustapha under Security
[3] Comments | No Trackbacks
I came across a site where the guy out there sells some php scripts. He has a demo page for a $6 rating system. I was wondering, with all the good design of the site, how secure his script is.
First of all, I write about form spoofing and take the guy's script as example after I informed him about the security hole in his stuff and I have seen that he has corrected the problem. I didn't even receive thanks from him :-(

Anyway, look at the demo page (before I do anything):

» Read More

 

How to bypass the REFERER security check

Posted by mustapha under Security
[40] Comments | No Trackbacks
The http-Referer header is nothing more than the web address of the page that referred a browser to the actual page.
If you are trying to "protect" a file by making sure that the http-referer value (or any other browser passed variable) is your own website, you can be bypassed by this simple technique. You cannot trust any browser passed variables.

Suppose you have a form that requests the user to enter his user name and a comment. The form sends the user inputs to, let say formprocess.php. In the formprocess.php you check if the http-referer is your site to prevent from spam comments:

» Read More