O'Reilly logo

Burp Suite Cookbook by Sunny Wear

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

How to do it...

  1. Navigate to OWASP 2013 | A1 – Injection (Other) | HTMLi Via Cookie Injection | Capture Data Page:

  1. Note how the page looks before the attack:

  1. Switch to the Burp Proxy Intercept tab, and turn Interceptor on with the button Intercept is on.
  2. While the request is paused, make note of the last cookie, acgroupswitchpersist=nada:

  1. While the request is paused, replace the value of the last cookie, with this HTML injection script: ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required