Download goes here. If you like it, rate it here.

Functionality
This VB program can be used to gain an URL which can be used to replay a form submit with method POST. Most of the logon pages of common Web sites are such kinds of forms. Normally, you can't simulate a logon to those sites just by using a simple URL because this issues a GET request rather than a POST request. The URL returned from my program *can*.

Prerequisites
The replay works in every browser on every operating system. The VB program requires a Windows machine with Internet Explorer 4 or greater. The VB6 or at least the VB6 runtime needs to be installed. You can get the runtime from here

Installation
The ZIP file you get from the download contains the VB sources, the VB executable and the ASP pages which is refererenced in the generated URL. If you are a VB programmer you know how to deal with the sources. If you aren't one, just unzip the executable somewhere to your harddisk and start it.

Usage
Open your Internet Explorer and navigate to the page containing the form to be sniffed. Then open FormSniffer2.exe. Choose the Browser window you want to sniff. There may be more than one when you have more than one Explorer open. After receivng the message box do the submit in the browser. Then you back to the VB program and copy the replay URL. You may also start the reply immediately from here.

How it works
The sniffing works simply be catching the BeforeNavigate2 event for the chosen browser window. The replay URL goes to my public ASP page www.watchtheweb.de/get2post.asp and passes the post fields as URL parameters. The ASP page assembles a form containing hidden fields for these URL parameters and posts these to the original URL. Simple, isnt't it?

Known issues
Security: When you submit your URL to my public ASP page there is security risk. I can't guarantee that somebody hacks my Web site and replaces my innocent ASP page by another one which sniffs all the passwords hitting the page. So better publish the page in your intranet the change the URL generation accordingly.
On some machines I had difficulties to create the ShellWindows object. If this doesn't work, the whole thing is stuck. No idea what this is. It has to do with the browser version or the configuration.

Revisions