Re: manipulating query strings

From: Chan Fook Sheng (chanfooksheng@pacific.net.sg)
Date: Thu May 06 2004 - 22:57:23 EDT

• Next message: a arse: "Re: The Ultimate Toolkit..."
• Previous message: Max: "Re: The Ultimate Toolkit..."
• In reply to: Vel: "manipulating query strings"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

hi

if the method is POST, you can't manipulate the url to send the data you
want. You can use Paros (a web apps assesement tool), it can be found at
http://www.proofsecure.com/. it's a free tool that is supported by
donations, it's a great tool!!

fook sheng

Vel wrote:

>Hello Group,
>
>Is there a way to send values to hidden fields ,
>
>i.e Input tags with type=hidden attribute a value from the URL if the action
>attribute on the FORM is ACTION ?
>
>e.g:
>
><FORM form1 ACTION= '/search/search.asp' METHOD=post>
>
><Input type=hidden name=serverName value=www.abc.com>
><Input type=hidden name=serverName value=www.def.com>
>
>
>---------------------------------------------------------------------------
>
>Given the Method is "POST", can I pass values to the Hidden Input fields
>using the URL. i.e URL manipulation ?
>I know I can pass variables in URL to Server side script variables if METHOD
>is "GET".
>
>But how about POST method ?
>
>Thanks.
>
>Kumar.
>
>
>---------------------------------------------------------------------------
>Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
>
>Protect your network with the comprehensive security solution that
>integrates six applications for ease of use and lower TCO.
>
>Firewall - Virus protection - Spam protection - URL blocking - VPN
>- Wireless security.
>
>Download 30-day evaluation at:
>http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
>----------------------------------------------------------------------------
>
>

------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------

• Next message: a arse: "Re: The Ultimate Toolkit..."
• Previous message: Max: "Re: The Ultimate Toolkit..."
• In reply to: Vel: "manipulating query strings"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:53 EDT