Penetration Testing mailing list archives
Re: [PEN-TEST] HTTP Secure Session State Management
From: "Matt W." <kmx () EGATOBAS ORG>
Date: Thu, 28 Dec 2000 14:26:04 -0600
um. PHP4 has session_start() / session_register() etc. This creates a spiffy little hash table called $SESSION that stores anything you want in it. So you can do things like this $SESSION["login_id"] and then check and see if it's set in all your php pages to do your session management. for better examples: http://www.devshed.com/Server_Side/PHP/Commerce2/page7.html -------- Matt W. farm9, Inc. www.farm9.com "van der Kooij, Hugo" wrote:
On Thu, 28 Dec 2000, Drew Simonis wrote:"Edwards, David (JTD)" wrote:To attempt to bring this back "on-topic" a bit :-) Has anyone looked at network penetration using WEBDAV/NDSDAV? Or even seen a security evaluation of WEBDAV/NDSDAV?Also more on topic... Don't PHP4 and MS ASP have some built in session management features? Has anyone hacked these methods enough to understand what they do?Can't tell a bit about ASP but PHP(4) does not have anything regarding session management. Hugo. -- Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ Maasland hvdkooij () caiw nl http://home.kabelfoon.nl/~hvdkooij/ -------------------------------------------------------------- This message has not been checked and may contain harmfull content.
Current thread:
- Re: [PEN-TEST] HTTP Secure Session State Management, (continued)
- Re: [PEN-TEST] HTTP Secure Session State Management Mark Curphey (Dec 27)
- Re: [PEN-TEST] HTTP Secure Session State Management Robert van der Meulen (Dec 27)
- Re: [PEN-TEST] HTTP Secure Session State Management Yonatan Bokovza (Dec 27)
- Re: [PEN-TEST] HTTP Secure Session State Management Dom De Vitto (Dec 27)
- Re: [PEN-TEST] HTTP Secure Session State Management Ian Charnas (Dec 27)
- Re: [PEN-TEST] HTTP Secure Session State Management Dom De Vitto (Dec 27)
- Re: [PEN-TEST] HTTP Secure Session State Management St. Clair, James (Dec 27)
- Re: [PEN-TEST] HTTP Secure Session State Management Edwards, David (JTD) (Dec 27)
- Re: [PEN-TEST] HTTP Secure Session State Management Drew Simonis (Dec 28)
- Re: [PEN-TEST] HTTP Secure Session State Management van der Kooij, Hugo (Dec 28)
- Re: [PEN-TEST] HTTP Secure Session State Management Thomas Reinke (Dec 28)
- Re: [PEN-TEST] HTTP Secure Session State Management Matt W. (Dec 28)
- Re: [PEN-TEST] HTTP Secure Session State Management Drew Simonis (Dec 28)
- Re: [PEN-TEST] HTTP Secure Session State Management Drew Simonis (Dec 28)