Nonstandard query string markers and field separators in a web application

0 votes

In some of the websites I have seen that the parameters aren't being passed in the url qeury string in a typical manner as below.

www.abc.com/xyz?foo=bar

But they are being passed in a different way:

www.abc.com/xyz;foo=bar

My question is: Should I consider these as entry points or neglect them?

Aug 22, 2019 in Cyber Security & Ethical Hacking by Karan
 474 views

1 answer to this question.

0 votes

You should definitely consider them as entry points. The url query string mentioned in the question

www.abc.com/xyz;foo=bar

is just a custom scheme for requests but the purpose is the same. Some other example of customized schemas are:

www.abc.com/xyz;foo%3dbar
www.abc.com/xyz?param=foo:bar

To know more join our Ethical Hacking Course Online today.

answered Aug 22, 2019 by Likith

Related Questions In Cyber Security & Ethical Hacking

0 votes
1 answer

How to modify hidden content in a web page?

You can save the source code as ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Emilia
 622 views
0 votes
1 answer

Can anyone assist with a novel problem for this generic topic 'Cybersecurity issues and solutions for Big Data systems in healthcare

Not a problem! I can suggest a ...READ MORE

answered Apr 19, 2023 in Cyber Security & Ethical Hacking by Edureka
 • 12,690 points 228 views
0 votes
1 answer

What is a DNS server and how to check whether it is configured or not?

A DNS server is used to enable a machine to ...READ MORE

answered Mar 22, 2019 in Cyber Security & Ethical Hacking by Priyaj
 • 58,090 points 1,196 views
0 votes
0 answers

I do not have a real result about encryption file use AES mode CFB in pycrptodome on python

I'm using Ubuntu win. on python I ...READ MORE

Aug 23, 2019 in Cyber Security & Ethical Hacking by Ahmed
 • 310 points
closed Aug 23, 2019 by Ahmed 674 views
–1 vote
1 answer

Out-of-band channels for entry points in web application hacking

The out-of-band channels for entry depends on ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Daniel
 667 views
0 votes
1 answer

Find web application technology using directory names found during fingerprinting

You can find the technology using recon ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Rachek
 405 views
0 votes
1 answer

Is it possible to find technolgy name of a web application using session tokens?

If the web application uses web servers that ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Kumar
edited Oct 7, 2021 by Sarfaraz 571 views
0 votes
1 answer

Why do some webserver send immutable data to client and get it back to the server?

The main reason for this behavior is ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Gemini
 466 views
0 votes
1 answer

How to identify Entry points for user input in a web application?

Following are the key entry points for ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Raman
 1,766 views
0 votes
1 answer

Finding platform or programming language used in web application by file extension

Yes. It is possible to understand the ...READ MORE

answered Aug 22, 2019 in Cyber Security & Ethical Hacking by Will
 803 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.