eWPTXv3 - Notes
GitHubPortfolioTwitter/X MediumCont@ctHome
  • 📝eWPTXv3
    • Web Application Penetration Testing Methodology
      • 1.1 Introduction to Web App Security Testing
        • 1.1.1 Web Application
        • 1.1.2 Web App Architecture
        • 1.1.3 HTTP/HTTPS
      • 1.2 Web App Pentesting Methodology
    • Web Application Reconnaissance
      • 2.1 Information Gathering
        • 2.1.1 DNS Recon
          • 2.1.1.1 DNS Zone Transfer
          • 2.1.1.2 Subdomain Enumeration
        • 2.1.2 WAF Recon
      • 2.2 Passive Crawling & Spidering
      • 2.3 Web Server Fingerprinting
        • 2.3.1 File & Directory Brute-Force
      • 2.4 Web Proxies
        • 2.4.1 Burp Suite
        • 2.4.2 OWASP ZAP
    • Authentication Attacks
      • 6.1 HTTP Attacks
        • 6.1.1 HTTP Method Tampering
        • 6.1.2 Attacking HTTP Authentication
      • 6.2 Session Attacks
        • 6.2.1 Session Hijacking
        • 6.2.2 Session Fixation
        • 6.2.3 Session Hijacking via Cookie Tampering
      • 6.3 JWT Attacks
      • 6.4 CSRF
    • Injection Vulnerabilities
      • 4.1 Command Injection
      • 4.2 Cross-Site Scripting (XSS)
        • 4.2.1 XSS Anatomy
        • 4.2.2 Reflected XSS
        • 4.2.3 Stored XSS
        • 4.2.4 DOM-Based XSS
        • 4.2.5 Identifying & Exploiting XSS with XSSer
      • 4.3 ​SQL Injection (SQLi)
        • 4.3.1 DB & SQL Introduction
        • 4.3.2 SQL Injection (SQLi)
        • 4.3.3 In-Band SQLi
        • 4.3.4 Blind SQLi
        • 4.3.5 NoSQL
        • 4.3.6 SQLMap
        • 4.3.7 Mitigation Strategies
    • API Penetration Testing
      • 5.1 API Testing
    • Server-Side Attacks
      • 6.1 Server-side request forgery (SSRF)
      • 6.2 Deserialization
      • 6.3 ​File & Resource Attacks
        • 6.1 File Upload Vulnerability
        • 6.2 Directory Traversal
        • 6.3 File Inclusion (LFI and RFI)
          • 6.3.1 Local File Inclusion (LFI)
          • 6.3.2 Remote File Inclusion (RFI)
        • 6.4 CMS Pentesting
          • 6.4.1 Wordpress, Drupal & Magento
    • Filter Evasion & WAF Bypass
      • 7.1 Obfuscating attacks using encodings
    • 📄Report
      • How to write a PT Report
  • 🛣️RoadMap / Exam Preparation
  • 📔eWPTX Cheat Sheet
Powered by GitBook
On this page
  • HTTP Method Tampering
  • Examples of HTTP Method Tampering
  1. eWPTXv3
  2. Authentication Attacks
  3. 6.1 HTTP Attacks

6.1.1 HTTP Method Tampering

Previous6.1 HTTP AttacksNext6.1.2 Attacking HTTP Authentication

HTTP Method Tampering

HTTP Method Tampering is a type of security vulnerability that can be exploited in web apps, that occurs when an attacker manipulates the HTTP request method used to interact with a web server.

HTTP Request typically use methods like GET, POST, PUT, DELETE, OPTIONS, etc to perform specific actions on a web application.

Examples of HTTP Method Tampering

Various situation and examples can be:

  • Changing a GET request to a DELETE request: if the application doesn't properly validate the method used, it might inadvertently delete data when we try to retrieving it.

  • Changing a POST request to a GET: it could expose sensitive data that should only be accessible via a POST request.

We can do it using Burp Repeater or Curl utility as below:

See allow method information -> curl -v <Target_URL>

And specify request options using -X (default is GET) -> curl -v -X OPTIONS <Target_URL>

Good new, more methods are allowed, then we can upload everything

curl <Target_URL>/uploads/ --upload-file shell.php

and open shell.php file uploaded into <Target_URL>/uploads/

📝