Unsanitized Data – An XSS Case Study                                 Chapter 4

            Now when we submit, you should see the browser favicon indicate a submission without
            anything changing on the form. If you go back to Burp, you'll see you've intercepted the
            form's 1045 request (note that if you have other tabs open, you might see that the Burp
            proxy has intercepted requests from those pages, and has to forward them):
































            We want to send this request over to the Burp intruder feature, where we can do more to
            manipulate the 1045 data. To do that, right-click on the request and click Send to Intruder:
























                                                    [ 60 ]