Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


Help Needed !!

  • 0 Vote(s) - 0 Average


10-25-2014, 12:38 AM #1
AnonGuy Offline Gravity Sucks ***
TeaM MaDLeeTs
Posts:23 Threads:5 Joined:Feb 2014 Reputation: 4
Mood: None
Assalam o Alaikum MaDs , I hope you all are find by grace of Allah swt , Well I need some help - basically My friend has a site to sell some goods & i was using/testing his site, i tried tampering the 'data packets' using tamper data add-on and i succeeded in changing the values/prices of the goods, so i was wondering is there a way to secure the site from tamper data?
Jazak Allah Khair

~ AnonGuy

10-25-2014, 12:42 AM #2
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:790 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
LOL you can change the price by using temperdata ???
your friend need to programm the hole site new Biggrinsmiley
tell him he need a ID system a example
Name | ID | Price
Apple | 1 | 0.30 Euro
so if he buy a item 1 he need to sell 30 cent
but if he want 3 of them then
90 cent Smiley1
understand ?

[Image: xodhvlpa.jpg]
[Image: test.php]

10-25-2014, 12:49 AM #3
AnonGuy Offline Gravity Sucks ***
TeaM MaDLeeTs
Posts:23 Threads:5 Joined:Feb 2014 Reputation: 4
Mood: None
Nope, i didn't understand what u said, could u elaborate more please?

~ AnonGuy

10-25-2014, 12:59 AM #4
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:790 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
at first you need to know that the user have no choise to change the price by his own.
the site calculat all prices in the background Smiley1
Example
ID | Name | Price
1 | Apple | 0.30 Euro
2 | Bananas | 0.40 Euro
3 | Coffee | 1.00 Euro
4 | Otherdrugs | 2.50 Euro
so if the user want to buy something he click a link like that :
http://example.com/buy.php?id=4&mass=2
so the user have buy the item 4 (OTHERDRUGS) and that 2 a time so he need to pay 5 Euro
the result goes out over mail and all people are proud of the best web shop on the world Biggrinsmiley Biggrinsmiley

[Image: xodhvlpa.jpg]
[Image: test.php]

10-25-2014, 01:21 AM #5
AnonGuy Offline Gravity Sucks ***
TeaM MaDLeeTs
Posts:23 Threads:5 Joined:Feb 2014 Reputation: 4
Mood: None
Ahan, Thanks a lot.. Rep Added Biggrinsmiley

~ AnonGuy

10-25-2014, 01:23 AM #6
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:790 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
Smiley1 great, just pm me if you want someday again help Smiley1

[Image: xodhvlpa.jpg]
[Image: test.php]

10-25-2014, 01:58 AM #7
H4x0rl1f3 Offline Commander In Cheif *******
Administrators
Posts:1,118 Threads:24 Joined:Jun 2012 Reputation: 15
Mood: Stoned
There can be never 100% security in this, because php language is server side software, please read this article
http://jemwebdesign.co.uk/tutorials/othe...protection
also check our this..
http://www.devnetwork.net/viewtopic.php?f=34&t=97223
The problem is user input, you can neither block it as user need to buy something he need to add quantities and etc.
I hope you understand.
Try to secure your script in the best manner you can.
Good Luck...

Always Aspect Reward from the Creator and not anyone or anything Created.
For Complaints & Help Contact:- [email protected]
Zone-h
http://zone-h.org/archive/notifier=H4x0rL1f3
I am the orphan of Gaza & Kashmir. Ruins of Iraq,Syria & Palestine Bombarded of Pakistan,Afghanistan, Mali & Yemen Change of Libya and Egypt Discriminated of Bahrain & Turkey Freedom of Earth's paradise and Al-AQSA. I am the hunger stricken child of Somalia, Ethopia, & rest of Africa I am the suffering of each and every single corner of the world. But Listen!!! Hope is what I am!!


10-25-2014, 02:03 AM #8
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:790 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
for sure 100% security can never be, one good method to gain 100% computer security is that :
[Image: computer-stirb.jpg]

[Image: xodhvlpa.jpg]
[Image: test.php]






Forum Jump:


Users browsing this thread:1 Guest(s)