Theme Layout

Boxed or Wide or Framed

Wide

Theme Translation

Display Featured Slider

Featured Slider Styles

Display Grid Slider

yes

Grid Slider Styles

Display Trending Posts

Display Author Bio

Display Instagram Footer

off

Dark or Light Style

Light
Powered by Blogger.
Navigation Menu

All rights reserved
komorebi 2016

Friday, December 23, 2016

[low] HTML Injection - Reflected (POST)

9:38:00 AM
to Read (
Words)

# Introduction

 :BWAPP → Low→ HTML Injection - reflected (POST)


# Training

 : htmli_post.php uses POST Method to transfer data. So, Variable values sent to the server are not exposed to the URL. You can check the '/var/www/bWAPP/htmli_post.php' for practice, but I used a proxy tool(Burp suite).

First, When I enter a value into a variable, I confirmed that the output is the same as html_get.php. 


One difference is that the variable values are not exposed to the URL, as described above.

I set the proxy settings and modified the variable values using the buff suite.


The modified values are the same as the html tags used in html_get.php



QuickEdit
Unknown
0 Comments
Share This Post :

You Might Also Like

Web

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Follow @SunriseSunsetBlog