Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

PUT upload

2025-03-10 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Configure web environment that supports PUT upload support put upload need to modify the following configuration http.conf// open the following two moduleLoadModule dav_module modules/mod_dav.soLoadModule dav_fs_module modules/mod_dav_fs.so// to add configuration, allow Apache to support put method Dav On AllowOverride None Options ALL Order allow,deny Allow from allDavLockDB DavLock in addition, want to upload files through put Need to establish a folder DavLock file directory location. / Apache/DavLock add a lock file WebDAV to the Apache installation directory so that the application can write the file directly to Web Server, and can lock the file when writing, unlock the file after writing, and can also support version control of the file. A powerful content management system or configuration management system can be implemented based on WebDAV. PUT upload message template PUT / test.txt HTTP/1.1Accept: * / * Accept-Language: en-USUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0) Win32) Host: 127.0.0.1hello worldCOPY message template COPY / test.txt HTTP/1.1Host: test.comDestination: http://test.com/test.aspMOVE message template MOVE / dir_name/test.aspx HTTP/1.1Destination: / test.aspxHost: test.com//MOVE method requires that the moved files are not in the same folder. After Success, the server response status PUT,COPY,MOVE and other methods successfully execute, and the return value of the server response will be 201 test.

Send a package using BurpSuit's Repeater module

Put upload

Request request packet

PUT / test.txt HTTP/1.1Accept: * / * Accept-Language: en-USUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32) Host: 127.0.0.1Content-Length: 35

Respons response package

HTTP/1.1 201 CreatedDate: Fri, 22 Dec 2017 09:46:32 GMTServer: Apache/2.4.23 (Win32) OpenSSL/1.0.2j PHP/5.5.38Location: http://127.0.0.1/test.txtContent-Length: 181Content-Type: text/html; charset=ISO-8859-1201 CreatedCreated

Resource / test.txt has been created.

COPY modifies the file suffix

Request request packet

COPY / test.txt HTTP/1.1Accept: * / * Accept-Language: en-USUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32) Host: 127.0.0.1Destination: http://127.0.0.1/test.phpContent-Length: 2\ r\ n\ r\ n# there must be two carriage returns, which are easy to understand and use (\ r\ n) indicates that you can actually hit two carriage returns directly.

Respons response package

HTTP/1.1 201 CreatedDate: Fri, 22 Dec 2017 09:56:11 GMTServer: Apache/2.4.23 (Win32) OpenSSL/1.0.2j PHP/5.5.38Location: http://127.0.0.1/test.phpContent-Length: 184Content-Type: text/html; charset=ISO-8859-1201 CreatedCreated

Destination / test.php has been created.

Visit test.php

Request request packet

GET / test.php HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://127.0.0.1/Connection: closeUpgrade-Insecure-Requests: 1

Respons response package

HTTP/1.1 200 OKDate: Fri, 22 Dec 2017 10:07:57 GMTServer: Apache/2.4.23 (Win32) OpenSSL/1.0.2j PHP/5.5.38X-Powered-By: PHP/5.5.38Content-Length: 19Connection: closeContent-Type: text/htmlhello world visit test.txt

Request request packet

GET / test.txt HTTP/1.1Host: 127.0.0.1User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateReferer: http://127.0.0.1/Connection: closeUpgrade-Insecure-Requests: 1

Respons response package

HTTP/1.1 200 OKDate: Fri, 22 Dec 2017 10:09:23 GMTServer: Apache/2.4.23 (Win32) OpenSSL/1.0.2j PHP/5.5.38Last-Modified: Fri, 22 Dec 2017 09:46:32 GMTETag: "1a-560eab110da27" Accept-Ranges: bytesContent-Length: 26Connection: closeContent-Type: text/plainecho "hello world"

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report