Steal username and password from cookies
Hello I have a website that people can connect with it from a login area
made with php + some cookies functions . The problem is one of my enemies
always login with my admin username and password and modify my website . I
want to know how hackers could steal ur username and password of admins
from cookies . Please help me Your answer will help alot of other victims
of this hack like me and here is my code that I use into my website.
switch($method){
case 'login';
$user_name =
addslashes(trim($_POST['user_name']));
$user_pass =
addslashes(md5($_POST['user_pass']));
if(isset($user_name) and isset($user_pass)
and $user_name != '' and $user_pass != ''){
if(is_in_db($user_name) > 0){
if(check_pass($user_name,$user_pass)){
setcookie('user_name_cookie',$user_name,time(. )+(60*60*24*30));
setcookie('user_pass_cookie',$user_pass,time()+. (60*60*24*30));
}
}
}
break;
No comments:
Post a Comment