General | HTTP Basics (3) | Cycubix Docs
Learn what type of HTTP command WebGoat used for this lesson. Discover the solution to the HTTP quiz we offered as part of our web application security course.
Last updated
Learn what type of HTTP command WebGoat used for this lesson. Discover the solution to the HTTP quiz we offered as part of our web application security course.
Last updated
What type of HTTP command did WebGoat use for this lesson. A POST or a GET.
Turn on Show Parameters or other features.
Try to intercept the request with ZAP
The HTTP request observed in the previous exercise was a POST message. The magic number is hidden in the web page's JavaScript. One of the methods to view this is to right click on the web page and select "Inspect".
In the "Body" section, search for the phrase "magic" until you identify the value stored by the hidden magic_num field.
Visit Cycubix.com to find out more about our Application Security training courses. We also offer (ISC)² Official training for CISSP, SSCP, CCSP and CSSLP certifications.
