If I set up a html page with the following form:
<html>
<body>
<form action="upload_file.php" method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="file" id="file" />
<br />
<input type="submit" name="submit" value="Submit" />
</form>
</body>
</html>
I can upload a file to upload_file.php where I can handle it using a php script.
For testing purposes, I need to do the same using raw HTTP via a Putty session.
I can do a normal POST (just sending text data) this way:
POST /test_post.php HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 11
name=myname
How can I send a file this way?
You have to use multipart content-type and encode the file data into hex/binary
Try the following in telnet:
POST /the_url HTTP/1.1
User-Agent: Mozilla
Host: www.example.com
Content-Length: xxxx
Content-Type: multipart/form-data; boundary=--------------------31063722920652
------------------------------31063722920652
Content-Disposition: form-data; name="a"
value_for_a
------------------------------31063722920652
Content-Disposition: form-data; name="b"
value_for_b
------------------------------31063722920652
Content-Disposition: form-data; name="c"; filename="myfile.txt"
Content-Type: text/plain
This is a test
and more
-----------------------------31063722920652
Content-Disposition: form-data; name="submit"
Submit
-----------------------------31063722920652--
Remember that an extra newline is necessary between field name and its data. Also, update the Content-Length value.
Open a port with netcat and save the incoming request:
nc -l -p 1090 > income-http.txt
Then modify your form to send the data to the netcat:
<form action="http://localhost:1090/upload_file.php"
method="post" enctype="multipart/form-data">
Submit the form from your browser. You can find the full raw request with the contents of the file in the income-http.txt file.
Saving the income-http.txt is an one-time activity. Later you can send the saved request out any times. Please note that you should edit the Host: header in the saved txt.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 我命由我不由天 的文章《Sending a file via POST using raw HTTP (Putty)》','https://www.manongdao.com/article-208063.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}