About autologin's params
Hi team,
I know the format of autologin's params is "username=myusername&password=mypassword". But I noticed that you check whether a form is login form by checking if this form's parameters contain "username" and "password". Many login forms have various names for username and password input fields, like "user", "uid", "passwd", "pwd", etc. Can Arachni handle them automatically? Or users must specify names for these input fields? Thank you.
Regards,
Yanjin
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Tasos Laskos on 19 Sep, 2012 07:48 PM
Hi Yanjin,
If you read the option descriptions:
It doesn't really expect the username and password values, it expects the form parameters which need to be filled in, as a query string.
The form to be submitted is then located based on the parameter names in the query -- and is also updated before each login attempt in case there are tokens that need to be refreshed.
Cool tip: The suggested article for your question would have explained this in even more detail.
Tasos Laskos closed this discussion on 19 Sep, 2012 07:48 PM.