Is it possible to manipulate http request header?

Asked

Viewed 699 times

1

This is a requisition http, it is possible to perform header manipulation of the request? Or is it only possible to make such a manipulation in the response? If possible, in which languages with you? Is there an example that can better elucidate the understanding?

  • Yes, you can mount a request with any field you want, such as sending a user-agent worthwhile qualquer coisa, example => en.stackoverflow.com/q/38725/91. example in powershel simpler. One of the utilities is to automate batch records of Formulars once it is known which fields to send.

  • 1

    @rray, thank you very much I found with Jquery it is also possible to perform such manipulation with ajax (http://api.jquery.com/jQuery.ajax/). I just found it, I’m going to run some tests. A question, which would be batch form registration?

  • 1

    Let’s say you have to register the 200 new products that have arrived, but do not have access to the database, do 200 times the same process is not good, what can be done is create a script with the values already formatted (each value associated with respective field) and send the 200 requests and solved problem. This does not apply to all systems some have mechanisms to prevent or hinder this, whether through a Tolken, captcha etc.

  • Got it, I didn’t know by that name. When I need to do this kind of task, I use theAutoIt (https://www.autoitscript.com/site/autoit/). It breaks the branch a lot, rs

1 answer

1


it is possible yes!

There are currently several languages that you can modify the Header: C, Pyton, Java, PHP, Javascript... and also there is something interesting, even more dealing with security, a look at:

Linux Kali

In this system there are security test tools, basic to advanced, you can modify the header or assemble an attack sequence, etc.. to test, if the target that wants to run this macro or Autoit as you say, is yours, you will not have problems creating a bot for the same, if not, you may have problems as it can be seen as a Cracker!

NOTE: Test only on domains that you are the administrator or owner!

Tools for use:

  • Burpsuite
  • Commix
  • Httptrack
  • Among others...

that’s it, good luck and good education!

Browser other questions tagged

You are not signed in. Login or sign up in order to post.