I'm currently trying to reverse-engineer a private REST-Webservice, which lacks documentation. The only thing I know about it is, that it's written in PHP, using the ZendFramework. Is there any simple way of finding out, which actions are allowed and which parameters I have to supply to make the service work correctly?
Greets, Rob
In the USA reverse engineering APIs, as described by you, will typically be prohibited by a EULA, or if not specifically mentioned in a EULA by the DMCA.
You can also use shortcut 'Ctrl' + Shift + “I” for most of the browsers like Chrome, Firefox, etc. The uppermost tab holds different options provided by the browser. We will first discuss each option in brief. Elements: Provides the source code of the page displayed along with CSS.
Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object. Knowing how an API actually behaves enables you to identify flaws and security vulnerabilities like accidental data leakage.
You can use network analyzer tool like WIRESHARK to capture data sent on network Read more about it on wireshark site
For example i hit login web service data captured by wireshark is as:
In above image you can see data sent on HTTP protocol
1.) method POST
2.) Under MIME info for example
Content-Disposition: form-data; name="phoneNumber"\r\n\r\n
name of parameter is phoneNumber
===========UPDATE==============
Here you can see fiddle captured data:
1.) Click on GO bottun, after that it starts capturing requests
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With