Front End Bypass

Want to run this Docker container locally?

docker run -d --name front-end-bypass-challenge -p 9020:80 --restart always joshbeck2024/front-end-bypass-challenge

If we attempt to log in, you’ll see that your login attempt is set as a URL `GET` parameter, which is submitted to `action.php`

This website is performing `front-end` validation. (Key Security+ Term!)

Within the `index.php` source code we see the following Javascript.

form.addEventListener('submit', function(event) {
        const val = input.value;
        if (val.includes(',')) {
            event.preventDefault();
            errorMsg.textContent = "Error: Commas are not allowed!";
            input.style.borderColor = "var(--error)";

It’s important to know that Javascript runs in the user’s browser. Javascript is a `front-end` technology for this reason. Once the user clicks ‘submit’, the logic is handed off to `action.php`, which processes the request on the `back-end` by the `PHP` interpreter.

Solution:

Submit a comma as a URL param to bypass the front-end validation

Want to run this Docker container locally?

If we attempt to log in, you’ll see that your login attempt is set as a URL GET parameter, which is submitted to action.php

This website is performing front-end validation. (Key Security+ Term!)

Within the index.php source code we see the following Javascript.

It’s important to know that Javascript runs in the user’s browser. Javascript is a front-end technology for this reason. Once the user clicks ‘submit’, the logic is handed off to action.php, which processes the request on the back-end by the PHP interpreter.

Solution:

If we attempt to log in, you’ll see that your login attempt is set as a URL `GET` parameter, which is submitted to `action.php`

This website is performing `front-end` validation. (Key Security+ Term!)

Within the `index.php` source code we see the following Javascript.

It’s important to know that Javascript runs in the user’s browser. Javascript is a `front-end` technology for this reason. Once the user clicks ‘submit’, the logic is handed off to `action.php`, which processes the request on the `back-end` by the `PHP` interpreter.