标签:order isa bsp each with check 分享 题解 img
The form below uses HTML form field restrictions. In order to pass this lesson, submit the form with each field containing an unallowed value. You must submit invalid values for all six fields in one form submission.
1、这个习题如果直接用burp拦截提交请求后,发现Disabled input field没有被抓取到,所以就利用开发者工具将Disabled input field的“disabled”属性删掉
2、利用burp拦截提交请求,并将6个输入区域(包含radio button,checkbox,输入框,submit按钮);此时发现Disabled input field输入值也被抓取到了
3、将输入值改成invalid value之后,点击“forward”;这样misson就完成了
【WebGoat习题解析】Parameter Tampering->Bypass HTML Field Restrictions
标签:order isa bsp each with check 分享 题解 img
原文地址:http://www.cnblogs.com/lauren1003/p/6224236.html