Limited Access Too (Exploit, HTTP)
Limited Access Too
Haha, thank you so much for your feedback from the first challenge.
Especially thanks to a special person who sent in a fixed .htaccess to secure my pages.
The protected/protected.php is now secured :)
To prove me wrong, please access protected/protected.php again.
Especially thanks to a special person who sent in a fixed .htaccess to secure my pages.
The protected/protected.php is now secured :)
To prove me wrong, please access protected/protected.php again.
GeSHi`ed Plaintext code for .htaccess
1 2 3 4 56 7 8 9 1011 12 13 | AuthUserFile .htpasswd AuthGroupFile /dev/null AuthName "Authorization Required for the Limited Access Too Challenge" AuthType Basic <Limit GET POST HEAD PUT DELETE CONNECT OPTIONS PATCH>require valid-user </Limit> # TRACE is not allowed in Limit if TraceEnable is off, so disallow it completely # to support both TraceEnable being on and off RewriteEngine OnRewriteCond %{REQUEST_METHOD} ^TRACE RewriteRule ^ - [F] |
© 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 and 2024 by wannabe7331 and lordOric