O'Reilly logo

Burp Suite Cookbook by Sunny Wear

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

How to do it...

  1. Switch to Burp's Proxy tab, scroll down to the Response Modification section, and check the boxes for Unhide hidden form fields and Prominently highlight unhidden fields:

  1. Navigate to the User Info page. OWASP 2013 | A1 – Injection (SQL) | SQLi – Extract Data | User Info (SQL):

  1. Note the hidden form fields now prominently displayed on the page:

  1. Let's try to manipulate the value shown, user-info.php, by changing it to admin.php ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required