You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
0x01 analysis
Navigate to line 307~328 of the /mermber.php file:
0x02 recurrent
First we register two users: User A, User B
This is my registered user A and user B. Let's see how to try any user password modification.
Url:http://localhost:8081/member.php?mod=repsw4
POST:repswname=shate&repswcode=y&repswnew1=shate&repswnew2=shate
This shows that the password reset is successful and the password of User B is completely changed.
0x03 repair
The first thing we want to consider is the value of the repswcode inserted at the time of registration, and the value when the password was successfully changed:
1, this value can not be a number
2, this value can not be less than 10 characters
3, this value can be an encrypted value to prevent blasting
The text was updated successfully, but these errors were encountered:
0x01 analysis
Navigate to line 307~328 of the /mermber.php file:
0x02 recurrent
First we register two users: User A, User B
This is my registered user A and user B. Let's see how to try any user password modification.
Url:http://localhost:8081/member.php?mod=repsw4
POST:repswname=shate&repswcode=y&repswnew1=shate&repswnew2=shate
This shows that the password reset is successful and the password of User B is completely changed.
0x03 repair
The first thing we want to consider is the value of the repswcode inserted at the time of registration, and the value when the password was successfully changed:
1, this value can not be a number
2, this value can not be less than 10 characters
3, this value can be an encrypted value to prevent blasting
The text was updated successfully, but these errors were encountered: