|
-
March 10th, 2009, 07:47 AM
#3
Hey,
You simply need to craft your query properly.
1) Is the form method POST or GET? This will change how the query is crafted. Your example makes use of a GET (no body, simply URL parameters).
2) Is the action a URL or javascript? Is there an action? Does the login button have javascript for onClick that overrides the action?
Then you simply need to format your query properly... Since POST would be the proper approach for a login, let's assume that's used. Using "Nickname" and "Password" as the actual values, and assuming the action page is "/default.aspx", you'd compose a request that looks something like this
Code:
POST /default.aspx HTTP/1.1
HOST: example.com
Content-Type: application/x-www-form-urlencoded
Content-Length: 105
__VIEWSTATE=dDwzNTU2MjMyMTU7dDw7b&MemberSignin1%3AtbNickname=Nickname&MemberSignin1%3AtbPassword=Password
I'm assuming my count wasn't off on Content-Length... it's a count of the body characters... Note that the : was replaced with %3A.
Similar Threads
-
By sandeshtrivedi in forum Newbie Security Questions
Replies: 15
Last Post: October 15th, 2005, 10:45 PM
-
By XTC46 in forum Site Feedback/Questions/Suggestions
Replies: 15
Last Post: August 24th, 2005, 07:52 PM
-
By zxtech in forum AntiOnline's General Chit Chat
Replies: 27
Last Post: July 5th, 2002, 08:39 PM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote