Squirrel mail?

[Gogeta70]

That input field is saying 0, as false. What it did is a PHP check to see if a session for the site you're on already existed, and it returned false, thus 0. That way, if you tried to log in again, it'd tell you if you're already logged in. This is just a guess.

[ayu]

simply get the whole package:
http://www.squirrelmail.org/download.php

I have no idea what´s the hidden field is about, maybe some kind of validation thing when you're already logged in so you don´t have to login for every single site....

Geez now i feel stupid ;/ never saw the download where i got all the webblogin files, i only noticed the rpm's ..well...thanks alot ^^

[ayu]

That input field is saying 0, as false. What it did is a PHP check to see if a session for the site you're on already existed, and it returned false, thus 0. That way, if you tried to log in again, it'd tell you if you're already logged in. This is just a guess.

if this is true, wouldnt it be possible to trick the server to think that someone already was loged in?

[Gogeta70]

No, only you.

However, you can always try session hijacking.

[ayu]

No, only you.

However, you can always try session hijacking.

hmm alright, explain session hijacking then, and how do i do it? ^^


EDIT: googled and read about it ^^ so...i know what it is....but still...how do i do it? =P

[Gogeta70]

It isn't letting me post the tutorial.

edit: http://fatalh.sytes.net/sess.txt

[ayu]

It isn't letting me post the tutorial.

edit: http://fatalh.sytes.net/sess.txt

Thanks alot mate! <3

[ayu]

i got

Parse error: parse error, unexpected '<' in C:\wamp2\www\ghs\index.php on line 4



could you explain that error? :/ i mean is it because it cant fine the cookie or what? and is "c" suposed to be the cookie name? :S explain more please =)

[Gogeta70]

Neo, you should learn php before asking questions. try www.w3schools.com for beginning PHP.

[ayu]

Alright, just one more thing, is there anyone here that knows the name for the"user is logged in" cookie in squirrelmail? ;/