Category Archives: xampp

Can you perform a penetration test on a web application that is running on local host and using an XAMPP server? [closed]

Posted on by

I created a basic website that includes a login and signup system. The website uses a mySQL server as the backend to store login information. I want to use Kali Linux to perform a white box test on it as a project for class.
Is this even p… Continue reading Can you perform a penetration test on a web application that is running on local host and using an XAMPP server? [closed]

Block access from an IP that tries too many requests to Apache server XAMPP [duplicate]

Posted on by

This question already has an answer here:

I have a VPS server with Windows 2016 Server and use XAMPP as Apache Server. Yesterday I receied too many requests from 1-2 IPs. How can I detect how many requests I get per 10 seconds and block them?

Continue reading Block access from an IP that tries too many requests to Apache server XAMPP [duplicate]

scan web site show PHP sessions error

Posted on by

I user opencart v2.3.0.2 and after finished my site I use a scanner to scan my website but after while from starting scaning I get this error :

Fatal error: session_set_save_handler(): Session handler’s function
table is corrupt in \system\library\session.php on line 16

i use many scanner some times vega , wa3f , Acunetix .

I use XAMPP as a web server

the session file where he show me the problem :

adaptor = new $class($this);
        } else {
            throw new \Exception('Error: Could not load session adaptor ' . $adaptor . ' session!');
        }       

        if ($this->adaptor) {
            session_set_save_handler($this->adaptor);
        }

        if ($this->adaptor && !session_id()) {
            ini_set('session.use_only_cookies', 'Off');
            ini_set('session.use_cookies', 'On');
            ini_set('session.use_trans_sid', 'Off');
            ini_set('session.cookie_httponly', 'On');

            if (isset($_COOKIE[session_name()]) && !preg_match('/^[a-zA-Z0-9,\-]{22,52}$/', $_COOKIE[session_name()])) {
                exit('Error: Invalid session ID!');
            }

            session_set_cookie_params(0, '/');
            session_start();
        }           
    }

    public function start($key = 'default', $value = '') {
        if ($value) {
            $this->session_id = $value;
        } elseif (isset($_COOKIE[$key])) {
            $this->session_id = $_COOKIE[$key];
        } else {
            $this->session_id = $this->createId();
        }   

        if (!isset($_SESSION[$this->session_id])) {
            $_SESSION[$this->session_id] = array();
        }

        $this->data = &$_SESSION[$this->session_id];

        if ($key != 'PHPSESSID') {
            setcookie($key, $this->session_id, ini_get('session.cookie_lifetime'), ini_get('session.cookie_path'), ini_get('session.cookie_domain'), ini_get('session.cookie_secure'), ini_get('session.cookie_httponly'));
        }

        return $this->session_id;
    }   

    public function getId() {
        return $this->session_id;
    }

    public function createId() {
        if (version_compare(phpversion(), '5.5.4', '>') == true) {
            return $this->adaptor->create_sid();
        } elseif (function_exists('random_bytes')) {
            return substr(bin2hex(random_bytes(26)), 0, 26);
        } elseif (function_exists('openssl_random_pseudo_bytes')) {
            return substr(bin2hex(openssl_random_pseudo_bytes(26)), 0, 26);
        } else {
            return substr(bin2hex(mcrypt_create_iv(26, MCRYPT_DEV_URANDOM)), 0, 26);
        }
    }

    public function destroy($key = 'default') {
        if (isset($_SESSION[$key])) {
            unset($_SESSION[$key]);
        }

        setcookie($key, '', time() - 42000, ini_get('session.cookie_path'), ini_get('session.cookie_domain'));
    }
}

please ask for any information you may need to help .
also suggest any tags will be so helpful

Continue reading scan web site show PHP sessions error