Paid Advertising is
ha.ckers sla.cking
This group should mostly be dealing with how web applications enable networking security issues that are otherwise not there. Everything is being tunneled over port 80 now so what does that enable and how do we fix it? 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Default [Doubt]How to manipulate POST header
Posted by: movien
Date: January 06, 2009 10:02AM

hello everyone.

I need any of you to kindly explain about manipulating POST header.

I am not a pro,so please be simple!

I just know to view the POST headers using the Live http header firefoX addon.
Can the manipulating of a POST header change the data being sent to the server?

've read some where about POST manipulation vulnerability.
Like some site sends to some information,mostly if suppose is a shopping site and is the online banking site where in which a user has a bank a/c.
So the cost of the product can be manipulated in the POST header and I've heard it is encrypted in base 64 which is quite easy to decode.

Please help me out

Thnx in advance

Options: ReplyQuote
Re: Default [Doubt]How to manipulate POST header
Posted by: thornmaker
Date: January 06, 2009 10:19AM

It's hard to tell what your looking for, but a tool like Burp Proxy allows you to edit any GET/POST request and modify it before sending it on to the server. You can edit/add/delete anything you want to the request including headers.

FYI: it sounds like the "cost of the product" is being sent as a POST parameter (aka variable), and will likely be in the body of the request, not the headers.

Options: ReplyQuote

Sorry, only registered users may post in this forum.