url redirection

Pages: 12
ok , then I will try to find the solution myself

pray find it
now , this is a continuation to the topic with some refresh

this is for educational purpose

in a website (http://www.example.com/index.php) after the user is logged by submitting his password and username ,

he tried to access http://www.example.com/access.php. The browser sent a request to the server to access http://www.example.com/access.php by clicking a link but the server respond by 302 moved temporarily and redirect the user to
http://www.example.com/denied.php once redirected the page gives access denied
you do not have the permission to access the page.

lets replace access.php with admin.php

http://www.example.com/admin.php

when I try to access http://www.example.com/admin.php

it gives access denied

can anyone tells me how to get admin.php page

what are the methods??? (the classical methods will not work and sql injection does not work)
the site show cookie through javascript:alert(document.cookie)
but I tried to edit them ; I deleted them , but I went nowhere with it

any suggestion? any advice? any hint? any special technique









finally I find it
closed account (S6k9GNh0)
php scripts are held completely server side. What the browser sees is the result of the php script. You cannot "get" a php page (through normal means anyways).

SQL injection only works on a page where SQL queries are made to a database. Manipulating how input is filtered, you can make a SQL request to grab data you weren't supposed to. Various things can actually prevent this such as database user permissions and cleansing the input. I see no such query being made or any input taken.

Also, unless the example.com page has changed since this topic started, the path of the URL seems to be completely ignored. Am I missing something?
Last edited on
"Am I missing something? "

YES

strongard63 :

finally I find it


thanks for your information , but I already found the solution
Topic archived. No new replies allowed.
Pages: 12