Dreamweaver Login User Server Behavior

Forum Moderators: open

Message Too Old, No Replies

Dreamweaver Login User Server Behavior

mattr555

7:36 am on Jun 2, 2004 (gmt 0)

I have used the DW Login User Server Behavior to restrict access to a collection of pages which allow users to add news items to the website. Recently this security has been comprimised with crackers leaving messages in the database. Does anyone know of any documentation regarding security issues in this behavior.

The messages in the database left by the hackers suggested I disallow quotes in my php.ini file but the page is ASP using an Access database.

yowza

3:57 am on Jun 3, 2004 (gmt 0)

That's too bad. I use the same DW Login and have never been hacked; however, I use PHP and MySQL.

Based on the cracker suggestion I would say it could be your server setup. I know almost nothing about security though.

Maybe someone else could help out?

mattr555

11:38 am on Jun 3, 2004 (gmt 0)

Upon further investigation it would seem that Dreamweaver reads the password value directly from the HTML form without performing any validation or error checking.

For example if you include

' or '1=1

as the password value, the login server behavior will then check that the database password is like the form value (which it wont be umless its a valid login) or where 1=1 which will always be true and thus gain the cracker access to the restricted pages.

This appears to be an Ultradev 4 issue as MX2004 strips any inserted "'" before inserting the value into the sql query.