Message: Hey man, I need a big favour from you. Remember that website I showed you once before? Uncle Arnold's Band Review Page? Well, a long time ago I made a $500 bet with a friend that my band would be at the top of the list by the end of the year. Well, as you already know, two of my band members have died in a horrendous car accident... but this ass hole still insists that the bet is on!
I know you're good with computers and stuff, so I was wondering, is there any way for you to hack this website and make my band on the top of the list? My band is Raging Inferno. Thanks a lot, man!
Notes
I didn't mention in the video (which perhaps I shoud have) some useful information:
- The reason this attack works is that the value you have altered and sent was not being checked on the server side e.g. there was no statement like this:
if($_POST("voteVal") < 1 || $_POST("voteVal") > 5)
handleError();
- It is extremely important that form values are checked both client and server side. However, as you have just seen it is more important to check them server side to make sure the value isn't just executed with the code. The need to check client-side is more of an efficiency method so that genuine-bad input (accidental input) does not take up server resources by handling http requests. You will see how important this really is when we come to do SQL Injections.
- The other method I spoke of was to save the web page locally to your machine and then alter the form values within the HTML.
