<<< Date Index >>>     <<< Thread Index >>>

Re: redirection vuln crawlers breed & security through obscurity



Ivan Sergio Borgonovo schrieb:

> I just came across such kind of code (php) written by a colegue:
>
> //header.inc
> if($_SESSION['UN']!='hardcoded_UN' or $_SESSION['UN']!='hardcoded_PW')
>       header("Location: ./login.html");
> //missing else to mitigate the problem!!
> //HTML stuff here...

What about inserting a die() or exit() after the redirection? That
should solve the problem, I think.

> Now some questions and a proposal:
> - how safe is to rely on secrecy of the URL? I'm looking for a quantification 
> of the risk, not a "it is a bad idea" ;)
>  of course http://site/`pwgen -N1 30`/`pwgen -N1 30`.php is safer than 
> http://site/admin/index.php. Any already made study? numbers?

I'd prefer to close the hole.

-thh