Penetration Testing mailing list archives
Re: manipulating query strings
From: Ariel Martinez <ariel () muiscas udea edu co>
Date: Wed, 25 Feb 2004 18:02:12 -0500 (COT)
On Tue, 24 Feb 2004, Eric Paynter wrote:
Vel said:Given the Method is "POST", can I pass values to the Hidden Input fields using the URL. i.e URL manipulation ? I know I can pass variables in URL to Server side script variables if METHOD is "GET".
[...]
More reliable way: save the HTML, edit it, and post it.
You can search a tool called Form Scalpel. It can manipulate any field (hidden or not), with POST o GET. Or simply use any proxy tool like Achilles or Paros. -- Ariel Martinez. --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- manipulating query strings Vel (Feb 24)
- Re: manipulating query strings Eric Paynter (Feb 25)
- Re: manipulating query strings Ariel Martinez (Feb 26)
- RE: manipulating query strings Campbell Murray (Feb 25)
- Re: manipulating query strings Markus Toman (Feb 25)
- <Possible follow-ups>
- RE: manipulating query strings Kris Wilkinson (Feb 25)
- Re: manipulating query strings ma1ler_deamon (Feb 25)
- RE: manipulating query strings Toni Heinonen (Feb 25)
- Re: manipulating query strings morning_wood (Feb 26)
- Re: manipulating query strings Karsten Johansson (Feb 25)
- RE: manipulating query strings Scovetta, Michael V (Feb 25)
- Re: manipulating query strings marko (Feb 26)
- RE: manipulating query strings Nick Besant (Feb 26)
- Re: manipulating query strings Eric Paynter (Feb 25)