you can change values in the query string easily thats the "GET" action
values that are "POST"'ed are sent in plaintext after the main http
header. all of this can be done through telnet or netcat
(actually havent tried doing a POST through telnet but i suspect
if your POST headers are right the server wont prematurly spit the
page at you after the HTTP headers 2 CRLF come through ?)
the best thing you can do is set up a sniffer and make some forms
on your server and watch the data actually fly by to see how HTTP
forms work.
cookies are the only things the browser stores and spits back to the
server their values are included in a special field in the HTTP
header.
again your sniffer is your best friend.
