How To Bypass PHP Session To Avoid Security Question

[mtrp]

Hi guys
I'm now working on php bot that can submit you website to many directory
But the problem now is the Security Question like tihs

How To avoid this Question because i want my bot to submit website Automatically without answer the question
i Searched in google and found some threads that talk about Bypass Session
so Is this true ؟
anyway
i downloaded the directory script And found that it uses a simple Session

Here is Session code for Add-Site,php Page >

PHP Code:

session_start();

if($_POST['code'] != $_SESSION['captchacode'] OR $_SESSION["captchacode"]=='')
{
tpl_header("Error");

if($showblocks == 1){
echo "<div class='indexw'>
<table border='0' width='100%' id='AutoNumber10'>
<tr>
<td width='10%' valign='top'>";
right_blocks();
echo "</td><td width='80%' valign='top'>";
$ssss = "<div class='divmessage'>Error , Invalid Answer <a href='javascript:history.back(1)'>BACK</a></div>";
//tpl_table("ERROR",$ssss);
echo "<fieldset>
<legend><span class='aa'>ERROR</span></legend>
<div align='center'>$ssss</div>
</fieldset>";
echo "</td><td width='10%' valign='top'>";
left_blocks();
echo "</td></tr></table></div>";

}else{

$ssss = "<div class='divmessage'>Error.Please Try Agine <a href='javascript:history.back(1)'>back</a></div>";

echo "<div class='indexw'><fieldset>
<legend><span class='aa'>error</span></legend>
<div align='center'>$ssss</div>
</fieldset></div>";

} 


Of course this is only captcha SECUIRTY question code not the entire page

also there is another code in function.php page

PHP Code:

function addsite() {
global $htmlorphp,$numbercharcomments,$typeaddcheck,$_SESSION,$textadd,$name_site;

$text1 = rand(0,9);
$text2 = rand(0,9);
$text3 = "Type The Answer ".$text1." + ".$text2."";
$text4 = $text1 + $text2;

$_SESSION["captchacode"] = $text4;

if($htmlorphp==1){
$z = "insert-site.html";
}else{
$z = "add.php?action=insert";
} 


Can anyone help me to bypass the Session ? or is there is any other method to bypass the Security Question
thanks

[Schmoopy]

Go away.

[mtrp]

what do you mean ?
Please respect yourself

[djr33]

He means that we don't want to help people trying to bypass security.

Even if we wanted to help, the entire point is that is what those questions are designed to block.

As a general rule, we do not help with illegal requests or those violating the TOS of a website and clearly this would fall into that category.

The theoretical answer is that the bot would need to be capable of completing the security question just like a human and then it would "bypass" it.

PHP is serverside and secure. You can't just find a way around it.


One possible alternative is that there may be an exception for certain bots such as google robots to search the pages, so perhaps if your site falls within what the site allows then you could ask them to include you on that list.

And of course you could just ask the website if they will allow you to have access.

[kupa999]

Good answer mod..
If it is exposed then using session would be as easy as nut-cracking