Rank 1
im playing a bit with HTTP requests with fiddler. Basically the site is my router interface which asks for a password. The password is then encrypted (with a function i have, branded MD5 of some kind) and passed to the server with a POST request.
With fiddler i sniffed the browser request and i am able to reproduce it at 100% in terms of header and body. By using the "Composer" tab i sent the raw request header+body which is 1:1 to the one that the browser would send. The problem is that the server still answer me with the login interface instead of moving on to the option page.
Is there some kind of protection or am i missing something?
Moreover
10/10 POST request were perfectly identical. Code is in clear, you can't mistake. Could it be due to CF or LF ? I mean, when i use the RAW tab of fiddler is it showing the exact data or is it encoding things like Linefeed and carrier return?? I manually encode symbols like +,/,= in the body but perhaps new lines are not automatically?
Regards,