From aldeid
Jump to navigation Jump to search


In this lesson, you will learn how to:

  • forge manual requests based on an existing chat
  • compare the results sent by the server


Access the chats list, right click on a chat and select Send to > Manual Request to send it to the Manual Request module.


In the example above, we test the login page (the one that sends the parameters) by sending a correct authentication and an incorrect one. For the first request in the Manual Request module, check that the parameters are correct (username=admin&password=password) and click on the "SEND" button. Do it again, but this time, modify the parameters, by sending admin=foo&password=bar.

The first request The second request
Watobo-manual-request-example-2.png Watobo-manual-request-example-3.png

On the right panel, select the "Differ" tab, select the first request, and click on the "Diff it!" button. Do the same thing for the second request. You can easily spot the differences:


The first request (correct authentication) shows a redirection to index.php whereas the second one (incorrect credentials) redirects to the login.php page.