How To Bypass PHP Session To Avoid Security Question

Discussion in 'PHP' started by yallabrmga, Mar 9, 2010.

0
  1. #1
    Hi guys
    I'm now working on php bot that can submit you website to many directory
    But the problem now is the Security Question like tihs
    [​IMG]
    How To avoid this Question because i want my bot to submit website Automatically without answer the question
    i Searched in google and found some threads that talk about Bypass Session
    so Is this true ØŸ
    anyway
    i downloaded the directory script And found that it uses a simple Session

    Here is Session code for Add-Site,php Page >
      
session_start();

if($_POST['code'] != $_SESSION['captchacode'] OR $_SESSION["captchacode"]=='')
{
tpl_header("Error");

if($showblocks == 1){
echo "<div class='indexw'>
<table border='0' width='100%' id='AutoNumber10'>
<tr>
<td width='10%' valign='top'>";
right_blocks();
echo "</td><td width='80%' valign='top'>";
$ssss = "<div class='divmessage'>Error , Invalid Answer <a href='javascript:history.back(1)'>BACK</a></div>";
//tpl_table("ERROR",$ssss);
echo "<fieldset>
<legend><span class='aa'>ERROR</span></legend>
<div align='center'>$ssss</div>
</fieldset>";
echo "</td><td width='10%' valign='top'>";
left_blocks();
echo "</td></tr></table></div>";

}else{

$ssss = "<div class='divmessage'>Error.Please Try Agine <a href='javascript:history.back(1)'>back</a></div>";

echo "<div class='indexw'><fieldset>
<legend><span class='aa'>error</span></legend>
<div align='center'>$ssss</div>
</fieldset></div>";

}
    PHP:
    Of course this is only captcha SECUIRTY question code not the entire page

    also there is another code in function.php page

    function addsite() {
global $htmlorphp,$numbercharcomments,$typeaddcheck,$_SESSION,$textadd,$name_site;

$text1 = rand(0,9);
$text2 = rand(0,9);
$text3 = "Type The Answer ".$text1." + ".$text2."";
$text4 = $text1 + $text2;

$_SESSION["captchacode"] = $text4;

if($htmlorphp==1){
$z = "insert-site.html";
}else{
$z = "add.php?action=insert";
}
    PHP:
    Can anyone help me to bypass the Session ? or is there is any other method to bypass the Security Question
    thanks
     
    yallabrmga, Mar 9, 2010 IP
  2. BingP

    BingP Peon

    Messages:
    16
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #2
    You will need to add some logic that can read and answer the CAPTCHA challenge for the sites that need it.

    Good luck.
     
    BingP, Mar 10, 2010 IP