zoukankan      html  css  js  c++  java

  • 通用表单上传参数

    参考文章:https://www.t00ls.net/articles-53395.html
    作者:redn3ck

    通用的表单上传:

    POST /upload_file.php HTTP/1.1
Host: xxxxxxxx
Content-Length: 296
Cache-Control: max-age=0
Origin: http://118.24.246.72
Upgrade-Insecure-Requests: 1
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHPiofjFbJ4l6hDZW
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://xxxxxxxxxxxxx/upload.html
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Cookie: PHPSESSID=503qgvpca3d7e7pmovl0d1h0q6
Connection: close

------WebKitFormBoundaryHPiofjFbJ4l6hDZW
Content-Disposition: form-data; name="file"; filename="c2.php"
Content-Type: application/octet-stream

123
------WebKitFormBoundaryHPiofjFbJ4l6hDZW
Content-Disposition: form-data; name="submit"

Submit
------WebKitFormBoundaryHPiofjFbJ4l6hDZW--

    案例如下:

    Content-Type: multipart/form-data; boundary=--------1036030574

----------1036030574
Content-Disposition: form-data; name="Filedata"; filename="pic.jpg"
Content-Type: text/plain

123

----------1036030574--

    完整的http报文:

    ----------1036030574
Content-Disposition: form-data; name="ObjNM"; 
Content-Type: text/plain

1

----------1036030574
Content-Disposition: form-data; name="FilePath"; 
Content-Type: text/plain

pic.jpg

----------1036030574
Content-Disposition: form-data; name="UpLoadBtnNM"; 
Content-Type: text/plain

1

----------1036030574
Content-Disposition: form-data; name="DeleteBtnNM"; 
Content-Type: text/plain

1

----------1036030574
Content-Disposition: form-data; name="MaxFileSize"; 
Content-Type: text/plain

1

----------1036030574
Content-Disposition: form-data; name="MaxSize"; 
Content-Type: text/plain

1

----------1036030574
Content-Disposition: form-data; name="IsCover"; 
Content-Type: text/plain

1
----------1036030574--

    完整的http报文:
  • 相关阅读:
    VScode+phpStudy搭建php代码调试环境
    bluekeep漏洞(CVE-2019-0708)利用
    bugku论剑场web解题记录
    upload-labs通关集
    攻防世界web新手区
    Vulnhub-XXE靶机学习
    Volatility取证使用笔记
    攻防世界WEB新手练习
    攻防世界MISC新手练习
    攻防世界CRYPTO新手练习
  • 原文地址:https://www.cnblogs.com/zpchcbd/p/11701536.html
Copyright © 2011-2022 走看看