Book Image

Python Penetration Testing Essentials

By : Mohit Raj
Book Image

Python Penetration Testing Essentials

By: Mohit Raj

Overview of this book

Table of Contents (14 chapters)
Python Penetration Testing Essentials
About the Author
About the Reviewers

Tampering with the client-side parameter with Python

The two most commonly used methods, POST and GET, are used to pass the parameters in the HTTP protocol. If the website uses the GET method, its passing parameter is shown in the URL, and you can change this parameter and pass it to a web server; this is in contrast to the POST method, where the parameters are not shown in the URL.

In this section, we will use a dummy website with simple JavaScript code, along with parameters passed by the POST method and hosted on the Apache web server.

Let's look at the index.php code:

<body background="wel.jpg">

  <h1>Leave your Comments </h1>
  <form Name="sample" action="submit.php" onsubmit="return validateForm()" method="POST">

    <table-cellpadding="3" cellspacing="4" border="0">
        <td> <font size= 4><b>Your name:</b></font></td>
        <td><input type="text" name="name" rows...