Post by MikiSoft on Oct 14, 2015 14:10:48 GMT
People who saw mine and maybe configurations from others probably got little confused by the ways that strings are built. There are two ways so I'm today showing you the both of them which can be used in any of the value fields.
First, let me show you the most used and basic way how the strings can be built. For example, we have to build some Post data which we grabbed from a catched request:
So, in this case it will be fine to do it like that. What about this Post data:
That's all, I hope you now understand!
First, let me show you the most used and basic way how the strings can be built. For example, we have to build some Post data which we grabbed from a catched request:
username=MikiSoft&password=mypassword&token=6536543gFger6dEA53&dummyrandomstring=63@%254^^$gTGR%$5326#^DS
We extract token parameter from a login page source, make user and pass (crucial) input strings (with [inp] value in them of course) and make random string with a [rnd] command, then put all of them in the Post data we got, and the result will be this: username=%user%&password=%pass%&token=%token%&dummyrandomstring=[rnd]
But, the downside is that in this approach we can't use string commands like Regex and others.So, in this case it will be fine to do it like that. What about this Post data:
utf8=%E2%9C%93&token=6536543gFger6dEA53&user%5Bemail%5D=mikisoft@notamail.com&user%5Bpassword%5D=mypassword
We can't go with the basic way because there are % characters in parameter names and their static values like for utf-8, so the result will be corrupted once we put there strings like from above, because we must enclose their names with the same symbol. The solution is, to build a string like we do with the strings itself when we're using dependent commands, so we use the explicit way and the result will be this: 'utf8=%E2%9C%93&token='+%token%+'&user%5Bemail%5D='+%email%+'&user%5Bpassword%5D='+%pass%
That's all, I hope you now understand!