If a page checks for the existence of a PHP Session:
if (isset($_SESSION['secret'])) {...grant access to EVERYTHING!!!}
Is it possible / How could I generate $_SESSION['secret']
on my machine, in a situation where I don't have access to the page's back-end code? I'm trying to hack into the international space station...
You cannot. Or well, you can generate a $_SESSION['secret']
on your machine, but it is a different value and you cannot simply put it onto the ISS. You cannot directly alter the $_SESSION
superglobal unless there's a bug or security hole in the script that lets you.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With