Home page logo

pen-test logo Penetration Testing mailing list archives

Re: manipulating query strings
From: marko <chrome () liquidinfo net>
Date: Thu, 26 Feb 2004 08:43:44 +0200


Is there a way to send values to hidden fields,
i.e Input tags with type=hidden attribute a value from the URL if the
action attribute on the FORM is ACTION ?

Yes, you could copy the page locally and edit it, before you execute the
form. Or another method is using a local intercepting proxy for this.
Instead of repeating things, you might want to check out the
webappsec-mailinglist archives on SecurityFocus, where there was a
discussion about different proxies just a few digests ago.

But how about POST method ?

Same applies to POST :) In my opinion, using a local proxy is more
convenient than copying the page locally on your harddrive.

Best Regards,
- Liquid Information - http://www.liquidinfo.net
- E-mail: Remove NOS_PAM if present in address (Usenet)
- PGP: http://www.liquidinfo.net/about.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]