Donate to us via Paypal!
Capitalism is an Island of wealth in a sea of poverty
Saturday, November 28, 2020
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 96
Guests Online: 96
Members Online: 0

Registered Members: 130549
Newest Member: Michaelquoca
Latest Articles

View Thread

HellBound Hackers | Computer General | Web hacking

Author

Javascript Cookie Authorization


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-10-06 01:37
I was wondering, how can I make my website's content unavailable to visitors unless they pass my stupid login (which was taken from JS1). Right now, I have a simple login screen set as my index, and when they pass the login, it takes them to the main page. But, all they have to do is change the extension in the url line from index.html to main.html, and they can still gain access that way.

Here's what I want:

Once the user passes the login, I have a cookie set to "Authorized=Yes". The only way (other than js injection) that they can view the page is if the cookie reads "Authorized=Yes", otherwise it sends them back to the login page, index.html. (Refer to JS13 for an example).

I tried to set a default cookie on the main page to "Authorized=No", in wich it refers them back to the login. The only way that they can see that page is if the login voids the cookie to "Authorized=Yes". I tried to write the script, but it just forms a loop.

My question:

Is there a way I can do this with javascript, or is some other language required? If, so, would you mind sending it to me? (PM, forum reply)


Author

RE: Javascript Cookie Authorization


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-10-06 01:41
message me on MSN Grin


Author

RE: Javascript Cookie Authorization


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-10-06 02:21
Well Javascript never rime with security, i suggest you to do a true login page in PHP which is more secure.


Author

RE: Javascript Cookie Authorization


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-10-06 02:30
no he was just doin a noob test

but i helped him and hes fine now


Author

RE: Javascript Cookie Authorization


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-10-06 02:45
that you did, DSOM, and thanks again.


Author

RE: Javascript Cookie Authorization


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-10-06 03:25
too bad that wasnt publicly posted for the rest of us...
a friend of mine and i are working on the same type of deal but we didnt get as far as to start messing with the authorization
Author

RE: Javascript Cookie Authorization


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 26-10-06 03:30
too bad that wasnt publicly posted for the rest of us...
a friend of mine and i are working on the same type of deal but we didnt get as far as to start messing with the authorization