How to Hack a PHP Site? What is the Solution?

lastmafia

Administrator
Staff member
Jun 4, 2024
5
0
1
With PHP, the indispensable language of web software, we can create dynamic websites. Today, I would like to discuss the hacking methods used in PHP, which has been the most used programming language on the internet for the last year. To manage websites, there is an interface that normal visitors cannot access and can only be accessed with a password, allowing you to manage your websites comfortably. You can think of this interface as similar to your profile on Facebook or the interface you use to configure your modem settings. To access this interface, you will inevitably face a password authentication option. So, is it possible to access such sites directly without a password? Unfortunately, the answer to this question is not a straightforward yes, but in some cases, it becomes possible due to a command overlooked by the developers who built the site’s infrastructure.

To access the interface, the user first enters the password, and if the password exists in the database, the user is allowed to log in. If the password is incorrect, the database checks it, and if the password is wrong, the person is redirected back to the login page instead of being directed to the interface. But what happens if there is no redirection? We are considered to have logged into the system directly, right? Exactly as you might think, yes, you can log into the system directly. So, if you know the exact address of an internet site’s admin panel, you can access that site by canceling the redirection. This is somewhat like hacking the system as people say. So how do we do this? How do we cancel the redirection?

With browser extensions available in Chrome and Mozilla that cancel redirection, you can easily access the system. My preferred choice is the Mozilla NoRedirect extension, with which you can hack sites made with PHP or easily check if there is any vulnerability in your existing PHP script. After installing the NoRedirect extension, if you enter the admin address of the site you want to access in the options section, you can directly access that site.

How to Solve the NoRedirect Issue?

If the password that comes with PHP logic does not exist in the databases, using exit(); or die(); commands to terminate the page directly will provide you with a solution. You can make your system highly secure with just a 5 or 8 character command. To better understand the situation, here’s a simple example:


PHP:
<?php
....
if(!$user->is_logged_in()){
header('Location: login.php');
}
?>
<!-- HTML code, etc. -->

Let’s simply interpret the above code together: "if 'is_logged_in' does not exist, redirect to login.php". It’s just a redirection process, nothing else. In such cases, you can directly access such sites with the extension mentioned above. However, the solution should be as follows:


PHP:
<?php
....
if(!$user->is_logged_in()){
header('Location: login.php');
die(); // or you can use exit();
}
?>
<!-- HTML code, etc. -->

You can interpret the above code as follows: "if 'is_logged_in' does not exist, redirect to login.php and do not show the below, i.e., HTML codes". With exit(); or die();, you can terminate the lower codes directly.
PHP: