GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Possible solution to brute force password hacking our member area's (code inside)

strainer · 11-14-2002, 04:12 PM

Here is a snip of what I tried - doesn't work, browsers still prompts for password:
<?

$directory = "/members/" ;

$uname = $_POST["name"] ;

$upassword = $_POST["password"] ;

// first, is this a good password???
// just testing here, later the "real" directory will be a random number

$file = @ fopen ("http://$uname:$upassword@www.mysite.com$directory", "r");

if (!$file) {
echo "<p>DEBUG Unable to open remote file.\n";
exit;
}

// if good password, just redirect to the section as expected
header("Location: http://$uname:$upassword@www.mysite.com$directory/index.html");

?>

11-14-2002, 04:12 PM
strainer Confirmed User Join Date: Oct 2002 Location: Philadelphia Posts: 418	Here is a snip of what I tried - doesn't work, browsers still prompts for password: <? $directory = "/members/" ; $uname = $_POST["name"] ; $upassword = $_POST["password"] ; // first, is this a good password??? // just testing here, later the "real" directory will be a random number $file = @ fopen ("http://$uname:$upassword@www.mysite.com$directory", "r"); if (!$file) { echo "<p>DEBUG Unable to open remote file.\n"; exit; } // if good password, just redirect to the section as expected header("Location: http://$uname:$upassword@www.mysite.com$directory/index.html"); ?>