News: 11 March 2016 - Forum Rules
Current Moderators - DarkSol, KingMike, MathOnNapkins, Azkadellia, Danke

Author Topic: POST parameter value empty-tampering  (Read 2709 times)

securitylover

  • Newbie
  • *
  • Posts: 1
    • View Profile
POST parameter value empty-tampering
« on: October 22, 2014, 07:37:19 am »
I am learning security testing of web application and couldn't find answer to my question online.

I tried to tamper POST request  with Tamper Data on Mozilla ( application does not use SSL) .

Post Parameter Name tab has in JSON string parameter name and value in plain text ( username and password), and tab Post Parameter Value was empty.

Searching online I saw that parameter values are in POST parameter value box,

so is it mistake or security issue to be like in my case?

Thanks in advance,
Regards

Gideon Zhi

  • Discord Staff
  • Hero Member
  • *****
  • Posts: 3532
    • View Profile
    • Aeon Genesis
Re: POST parameter value empty-tampering
« Reply #1 on: October 22, 2014, 11:48:05 am »
I don't think you realize what we do here, and in order to prevent a sudden influx of further questions like this I'm going to try to nip it in the bud. This is a forum dedicated to reverse-engineering old games. Console games primarily, though that absolutely does not preclude PC games or anything like that. None of us do anything that could in any way be even remotely construed as black-hat or security-focused hacking; our goals tend to be run along the lines of making old games behave in new and interesting ways. While I don't think your post is necessarily against any site rules, you should be aware that the type of hacking you describe here isn't really the sort of thing most of us do.

henke37

  • Hero Member
  • *****
  • Posts: 643
    • View Profile
Re: POST parameter value empty-tampering
« Reply #2 on: October 22, 2014, 02:03:55 pm »
I think you might be exaggerating with that "none". But your core point remains: this isn't that kind of forum.