An Interest In:
Web News this Week
- April 27, 2024
- April 26, 2024
- April 25, 2024
- April 24, 2024
- April 23, 2024
- April 22, 2024
- April 21, 2024
October 26, 2021 09:55 am GMT
What input would you need to pass as
Original Link: https://dev.to/nombrekeff/can-you-find-the-bug-in-this-piece-of-php-code-g7l
Can you find the bug in this piece of php code?
Hey there!
I was doing a bit of bug-hunting in an old project of mine when I found an interesting bug. Can you find it?
If you know your security or PHP this might be quite easy for you. Otherwise, it might be a good exercise.
!! Don't look at the comments to prevent spoilers if you want to solve it by yourself !!
This is the request you would make to the server:
curl --location --request POST 'https://super.secure-api.com/check-pin' \ --header 'Content-Type: application/json' \ --header 'Authorization: Bearer <token>' \ --data-raw '{ "pin": <you_answer> }'
And this is the code for that given endpoint (/check-pin
)
if(params['pin'] != $user->getPin()) { throw new HttpException(403, "The pin is incorrect");}return "The pin is correct!";
PD: This is just a demo, not real code. You should never check passwords/pins/secrets like this.
What input would you need to pass as pin
to be able to bypass the check?
I will release a post in a couple of days explaining the bug in detail and how to fix it.
Original Link: https://dev.to/nombrekeff/can-you-find-the-bug-in-this-piece-of-php-code-g7l
Share this article:
Tweet
View Full Article
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To