The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

Perform a complete, valid login using an account you control. Record

Download 5,76 Mb.

Pdf ko'rish

bet	278/875
Sana	01.01.2022
Hajmi	5,76 Mb.
	#293004

1 ... 274 275 276 277 278 279 280 281 ... 875

Bog'liq
3794 1008 4334

Submit the same item multiple times, with the same and different values.

Perform a complete, valid login using an account you control. Record

every piece of data submitted to the application, and every response

received, using your intercepting proxy.

■

Repeat the login process numerous times, modifying pieces of the data

submitted in unexpected ways. For example, for each request parameter

or cookie sent by the client:

■

Submit an empty string as the value.

■

Remove the name/value pair altogether.

■

Submit very long and very short values.

■

Submit strings instead of numbers and vice versa.

■

Submit the same item multiple times, with the same and different values.

■

For each malformed request submitted, review closely the application’s

response to identify any divergences from the base case.

■

Download 5,76 Mb.

Do'stlaringiz bilan baham:

1 ... 274 275 276 277 278 279 280 281 ... 875