A php chat room attack

Hello Tom gave me a chat room ip address and asked me to check it out. I tried to intrude into its server. I probably didn't get into the system even after 10 minutes. So I was looking for any bugs in this chat room. The chat room can be seen that PHP + MySQL is used. The topics include user registration, password forgetting, data modification, user suicide, chat rankings, chat instructions, and chat room ip address for the netizen "Xiaohao". let me check it out. I tried to intrude into its server. I probably didn't get into the system even after 10 minutes. So I was looking for any bugs in this chat room. The chat room can be seen that PHP + MySQL is used. Topics include user registration, password forgetting, data modification, user suicide, chat list, chat description, and refresh list. Then chat.
I registered a username and liked to open xxxxxx users according to my preferences. in this way, I registered a user with xxxxxx. Log in.
Where can I start? I 'd like to take a look at modifying the information first. there are always such vulnerabilities in the chat room. Click modify information to go to the next screen and enter the user name and secret. After losing the information, go to the next step and modify the information. YES! There is a user nickname in the material modification, which is actually the user name. view the source file immediately and see the following HMTL statement:
========================================================== ========== Cut ==========































========================================================== ===End ============================Obviously, two of them are used to determine whether you have the permission to modify the data. However, what this person did not expect is that it is not safe to put a readnly input box, like the last asp Forum, readonly cannot solve anything. By convention, I saved this file without modifying two Den and removed readonly. Then I read a username on the chatbot list. Modify the form action. remember to add the url path in front of it and then change the nickname of this user. Press the "modify" command. what does it show?========================================================== =Modified successfullyCongratulations, you have successfully modified the materials \ ^ _ ^/========================================================== =Haha, so I captured a user name. although I didn't intrude into its server, I could still get a good user name, which was not in vain. To sum up, when submitting a form, we can think about whether the form value can be modified to achieve what the administrator cannot think. This is also a good way to cultivate our observation ability! :)From: Chen Feng originalityOriginal Author: eastdark

User information
User nickname:*