Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vladimir Adam2018-12-26 06:47:35
Python
Vladimir Adam, 2018-12-26 06:47:35

How to trace hidden post/get requests?

Is it possible to somehow trace all the hidden requests/headers sent by one site or another using some technical means? If the answer is positive, then how?
A small digression into the problem:
Some time ago I started working on creating a wrapper for the site (Without OpenAPI), but everything went pretty well. I implemented authorization through a POST request, started parsing various closed sections of the site, but the problem appeared when I tried to write a function wrapper for sending private messages. What exactly does it consist of? The tracked POST request simply does not work out or is rejected by the server (that is, there are no changes after it), but if sent through the browser (without request tracking), then everything goes perfectly.
And that is why I have suspicions that the request form has a number of hidden fields that the tool I use (Temper Data for FF Quantum) cannot intercept.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
Z
Zanak, 2018-12-26
@binxpy

I would take a closer look at what is given and where:
- the first thing I would start looking for in the form code is the csrf token, which is now considered a good practice to insert.
- how the action of the form is formed, if you go to the page with sending a message and click "update". sometimes the form's target url has a random component that can also be used as a marker.
- is it possible to go to the page for sending a message by bookmarking in the burkmark. if possible, you should check if this saves messages after sending. if not, among other things, the referrer value can be checked
- also, I would look at how many fields, both hidden and open, are in the form, and how many of them are actually transmitted.
- sometimes helps to look into localstorage and cookies.
If all this did not help, then you are lucky to come across something interesting, arm yourself with DevTools and start studying scripts in order, who loads, in what order, and what they do. This is where searching for the names of js files on the net helps a lot in order to discourage consideration of known js packages.

Report
A
Alexander, 2018-12-26
@NeiroNx

You open the developer tools, go to the network tab and there you look at what and where was sent. Perhaps the site takes into account Referer, dynamic cookies (sequence control), perhaps the site has a script that tracks your tracking.

Similar questions
D
Dmitry Astvafiev2017-08-17 08:51:12
How to write your OpenID? 2Reply
D
Dex7772015-09-14 10:30:19
How to put a slider on a site based on Kohana? 3Reply
S
S-mind2017-08-24 09:57:50
How to get Lenovo G710 EFI InsydeH2O BIOS binary file for firmware flashing? 3Reply
M
Maks Burkov2017-10-06 16:15:57
Error "Not Connected", How to join? 3Reply
R
RionRedhand2020-03-11 20:54:44
Which microSD is suitable for storing samples? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question