mailing list archives
Re: View and edit hidden HTML form fields (fwd)
From: riptide () idle curiosity org
Date: Tue, 17 Jun 2003 10:54:08 -0500 (CDT)
Personally I liked rfp proxy, if you can find it.
On 11 Jun 2003, sirkus wrote:
Sure...for those of us who use the LWP and regex. (or other tools.)
But it looks like the point of this "sidebar" tool is to make the
forms (and other elements) a quick browse, and provide the ability to
change input fields easily while browsing. While I don't usually use IE
for Web App Security Assessments, this is actually a slick tool for
prodding around without too much effort. Beats the "View->source"
recommendation made earlier for modifying input fields.
Of course, I just downloaded it 5 mins ago... so add a grain or two of
On Wed, 2003-06-11 at 13:45, Tim Greer wrote:
Why not just use Perl with the LWP module and a simple regex and run it on
any site you wish, allowing you to alter the referer and browser, fields,
etc. as well.
Tim Greer chatmaster () charter net
Server administration, security, programming, consulting.
----- Original Message -----
From: <bugtraq () cgisecurity net>
To: <webappsec () securityfocus com>
Sent: Wednesday, June 11, 2003 9:23 AM
Subject: View and edit hidden HTML form fields (fwd)
This may be of interest to this list.
Delivered-To: mailing list vuln-dev () securityfocus com
Delivered-To: moderator for vuln-dev () securityfocus com
Date: Mon, 9 Jun 2003 16:23:38 +0200
From: Richard van den Berg <richard () vdberg org>
To: vuln-dev () securityfocus com, submissions () packetstormsecurity org
Subject: View and edit hidden HTML form fields
Message-ID: <20030609142338.GA14082 () vdberg org>
Content-Type: text/plain; charset=us-ascii
This might be the most trivial security tool ever written, but I needed
it and could not find it. I used this as an opportunity to learn some
IE/ALT/WLT/COM programming.. so don't expect a flawless tool.
What it does is display HTML fill-out form fields (including hidden
in a table outside the normal browser view. Values can be edited and are
inserted back in to the live HTML view of the browser. This makes it
possible to research the behaviour of CGI scripts to unexpected form
Many thanks to Bjarke Viksoe who made the initial HtmlBar upon which
I build. HtmlBar is an Internet Explorer 5+ plugin.
Any feedback is appreciated.
Richard van den Berg
RE: View and edit hidden HTML form fields (fwd) Oliver White (Jun 12)
Re: View and edit hidden HTML form fields (fwd) MK Cheung (Jun 12)
- Re: View and edit hidden HTML form fields (fwd), (continued)
- Re: View and edit hidden HTML form fields (fwd) riptide (Jun 17)