This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Other Technologies Safe offense and defense Intrusion Penetration: Application of HTTP headers
View: 12586|Reply: 0

[Safety Tutorial] Intrusion Penetration: Application of HTTP headers

[Copy link]
Posted on 2/7/2015 5:59:07 PM | | |

About the application of HTTP headers

http header is commonly used in the transmission mechanism of websites, but most beginners in China have not noticed this piece, this article is only dedicated to beginners, the role of http header in the intrusion process.

Take the shopping page as an example to analyze a small part of the role of HTTP headers.

First, let's analyze a form on the shopping page.

<form method="post" action="shop.php?id=1">

prodct: iphone 4s <br />

price:2400 <br />  <!--注意此行代码-->

Quantity: <input type="text" name="gouwu"> (Maximum gouwu is 50) <br />

<input type="hidden" name="price" value="449">

<input type="submit" value="Buy">

</form>

During the opening process, take a screenshot of his http message header and take a look

POST /shop/2/shop.php?id=1 HTTP/1.1
Host: shop.net
Content-Type: application/x-www/form-urlencoded
Content-Length: 20

quantity=1&price=2400

Although the price field is not displayed on the page when opening the shopping page, it can still be edited and operated by the user.

There are two ways to achieve editing

1. Save the HTML source code for modification, and then reload it into the browser to run

2. Use proxy interception to modify HTTP headers (proxy construction in tool burp)

Take the HTTP header above as an example
Before the change
POST /shop/2/shop.php?id=1 HTTP/1.1                  
Host: shop.net
Content-Type: application/x-www/form-urlencoded
Content-Length: 20

quantity=1&price=2400

After the change
POST /shop/2/shop.php?id=1 HTTP/1.1
Host: shop.net
Content-Type: application/x-www/form-urlencoded
Content-Length: 20

quantity=1&price=1


In the last line the field Price has a value of 2400 and if we change it to 1 we can get the iPhone 4S at a cheaper price.

This article only provides an idea of unexpected gains such as LDAP injection.




Previous:MySQL Forgot Password Recovery Password Implementation Method
Next:SQL injection to obtain the complete website path

Related Posts
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com