Nonstandard query string markers and field separators in a web application

0 votes

In some of the websites I have seen that the parameters aren't being passed in the url qeury string in a typical manner as below.

www.abc.com/xyz?foo=bar

But they are being passed in a different way:

www.abc.com/xyz;foo=bar

My question is: Should I consider these as entry points or neglect them?

Aug 22, 2019 in Cyber Security & Ethical Hacking by Karan
886 views

1 answer to this question.

0 votes

You should definitely consider them as entry points. The url query string mentioned in the question

www.abc.com/xyz;foo=bar

is just a custom scheme for requests but the purpose is the same. Some other example of customized schemas are:

www.abc.com/xyz;foo%3dbar
www.abc.com/xyz?param=foo:bar

To know more join our Ethical Hacking Course Online today.

answered Aug 22, 2019 by Likith

Related Questions In Cyber Security & Ethical Hacking

0 votes
1 answer
–1 vote
1 answer
0 votes
1 answer

Is it possible to find technolgy name of a web application using session tokens?

If the web application uses web servers that ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Kumar

edited Oct 7, 2021 by Sarfaraz 775 views
0 votes
1 answer
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP