Quote:
Originally Posted by tchia
Also, you may want to modify your "other fields" post data. When I run it through LiveHTTPHeaders it shows it should read:
other fields: action=process_login&submit.x=3&submit.y=10&submit=submit
rather than just:
other fields: action=process_login&submit.x=3&submit.y=10
|
I agree. Plus, most likelly you can omit submit.x=38&submit.y=10 since this is a random field usually that just changed from session to session to see is the attack automated, but i believe form@ refreshes this automatically itself.