Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: manipulating query strings.
.

  • To: [EMAIL PROTECTED]
  • Subject: Re: manipulating query strings.
  • From: "Omar V.M." <[EMAIL PROTECTED]>
  • Date: Tue, 24 Feb 2004 19:59:51 -0600 (CST)
  • Cc: [EMAIL PROTECTED]
  • Reply-to: [EMAIL PROTECTED]
.
 
Hello vel & list,

I suggest you to use an http proxy like Achilles, then you can edit the 
hidden fields. Since HTTP POST requests go in clear text you would easily 
locate where those values are modified within the request.

A shortcut is to use the Address input box of your browser and write those 
fields just like a GET request. That's because often at the server side 
input is accepted no matter the method being used.

Just like this:

/searc/search.asp?serverName=www.abc.com&serverName=www.def.com

cu..

Vel wrote:

> Hello Group,
> 
> Is there a way to send values to hidden fields ,
> 
> i.e Input tags with type=hidden attribute a value from the URL if the 
action
> attribute on the FORM is ACTION ?
> 
> e.g:
> 
> <FORM form1 ACTION= '/search/search.asp'  METHOD=post>
> 
> <Input type=hidden name=serverName value=www.abc.com>
> <Input type=hidden name=serverName value=www.def.com>
> 
> 
> 
---------------------------------------------------------------------------
> 
> Given the Method is "POST", can I pass values to the Hidden Input fields
> using the URL. i.e URL manipulation ?
> I know I can pass variables in URL to Server side script variables if 
METHOD
> is "GET".
> 
> But how about POST method ?
> 
> Thanks.
> 
> Kumar.
> 
> 
> 
---------------------------------------------------------------------------
> Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection
> 
> Protect your network with the comprehensive security solution that
> integrates six applications for ease of use and lower TCO.
> 
> Firewall - Virus protection - Spam protection - URL blocking - VPN
> - Wireless security.
> 
> Download 30-day evaluation at:
> http://www.securityfocus.com/sponsor/Astaro_pen-test_040219
> 
----------------------------------------------------------------------------
> 

-- 
--
Omar Valerio Minero
SerproNet S.A. de C.V.
[EMAIL PROTECTED]
Tel.: 52 (55) 5395 4246 Ext. 111
http://www.serpro.net.mx/
http://www.benology.com.mx/


---------------------------------------------------------------------------
----------------------------------------------------------------------------
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.