0

I recently started learning about pentesting, and I tried to see the request body of a website that I use frequently, and that's what I saw:

u

("senha" means "password" in portuguese and "entrar" means "to enter"). My question is: Is this a correct approach? I mean, can someone intercept this data and get my password? And how could this be possible?

Incognitex
  • 11
  • 2
  • 2
    This question is missing essential context, i.e. if this is plain HTTP or secure HTTPS. If this is using plain HTTP then it is unsafe - as practically everything with plain HTTP is. If this is using HTTPS instead the question is a duplicate of [Protecting form post values when on https](https://security.stackexchange.com/questions/54656/protecting-form-post-values-when-on-https) or [POST over HTTPS “secure enough” for sensitive data?](https://security.stackexchange.com/questions/51069/post-over-https-secure-enough-for-sensitive-data). – Steffen Ullrich Apr 19 '20 at 15:01
  • If you look at every major website, you will likely see the same thing. – multithr3at3d Apr 19 '20 at 15:06
  • @SteffenUllrich yeah, it's HTTPS, so I will close the question. Thank you all. – Incognitex Apr 19 '20 at 15:14

0 Answers0