• Welcome to Valhalla Legends Archive.
 

Levels of Authentication

Started by Raven, June 12, 2003, 03:40 PM

Previous topic - Next topic
Print
|
Go Down Pages1
User actions

Raven

June 12, 2003, 03:40 PM
When data is sent from a web-site to a server, at what level is the data validated? Does the web-site authenticate something, and sent the packets to the server, or does the web-site send the query to the server, and authentication+storage occur at the level?

Thing

#1
June 12, 2003, 04:31 PM
Websites can authenticate in a variety of ways.  If you are referring to one that stores usernames and passwords in a database, then the website will prompt the user for his/her username and password.  Then it will query the database to see if they match.  It will then do whatever you tell it to based on the success or failure.  I like to send kill 1 to the user if they fail.  ;D
That sucking sound you hear is my bandwidth.

Raven

#2
June 12, 2003, 07:18 PM
Thanks for the reply, but I'm actually asking about a situation where something regarding an account is being modified, but requires server confirmation in order for the changes to be made. I'm trying to see if I can bypass such authentication by forging a packet which tells the server to make such changes even though they aren't valid to make. I'm trying to see if I can just bypass something. Eh, I'll have to try it for myself. :(

Raven

#3
June 12, 2003, 07:19 PM
I think I explained what I needed improperly.
Print
|
Go Up Pages1
User actions