Re: POST data includes headers
Posted: Sun Mar 15, 2015 6:32 pm
Only 'a=b' is passed with both POST and RAWPOST here.
NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/
Code: Select all
http://rghost.net/private/6jlN6NpwD/dfcbeb58cade67e99a69c0e64e317057
Code: Select all
argc=9
[0]: len=49: 'C:\hiawatha-9.2.UNP\hiawatha-9.2\wwwroot\test.exe'
00000000: 43 3a 5c 68 69 61 77 61 74 68 61 2d 39 2e 32 2e C:\hiawatha-9.2.
00000010: 55 4e 50 5c 68 69 61 77 61 74 68 61 2d 39 2e 32 UNP\hiawatha-9.2
00000020: 5c 77 77 77 72 6f 6f 74 5c 74 65 73 74 2e 65 78 \wwwroot\test.ex
00000030: 65 e
[1]: len=4: '-url'
00000000: 2d 75 72 6c -url
[2]: len=25: 'http://localhost/test.php'
00000000: 68 74 74 70 3a 2f 2f 6c 6f 63 61 6c 68 6f 73 74 http://localhost
00000010: 2f 74 65 73 74 2e 70 68 70 /test.php
[3]: len=5: '-post'
00000000: 2d 70 6f 73 74 -post
[4]: len=3: 'a=b'
00000000: 61 3d 62 a=b
[5]: len=8: '-rawpost'
00000000: 2d 72 61 77 70 6f 73 74 -rawpost
[6]: len=240: 'Content-Type: multipart/form-data; boundary=---------------------------54912754623
Content-Length: 133
-----------------------------54912754623
Content-Disposition: form-data; name="a"
b
-----------------------------54912754623--
'
00000000: 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 6d 75 Content-Type: mu
00000010: 6c 74 69 70 61 72 74 2f 66 6f 72 6d 2d 64 61 74 ltipart/form-dat
00000020: 61 3b 20 62 6f 75 6e 64 61 72 79 3d 2d 2d 2d 2d a; boundary=----
00000030: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d ----------------
00000040: 2d 2d 2d 2d 2d 2d 2d 35 34 39 31 32 37 35 34 36 -------549127546
00000050: 32 33 0d 0a 43 6f 6e 74 65 6e 74 2d 4c 65 6e 67 23..Content-Leng
00000060: 74 68 3a 20 31 33 33 0d 0a 0d 0a 2d 2d 2d 2d 2d th: 133....-----
00000070: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d ----------------
00000080: 2d 2d 2d 2d 2d 2d 2d 2d 35 34 39 31 32 37 35 34 --------54912754
00000090: 36 32 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 623..Content-Dis
000000a0: 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 position: form-d
000000b0: 61 74 61 3b 20 6e 61 6d 65 3d 22 61 22 0d 0a 0d ata; name="a"...
000000c0: 0a 62 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d .b..------------
000000d0: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d ----------------
000000e0: 2d 35 34 39 31 32 37 35 34 36 32 33 2d 2d 0d 0a -54912754623--..
[7]: len=8: '-headers'
00000000: 2d 68 65 61 64 65 72 73 -headers
[8]: len=68: 'content-type: application/x-www-form-urlencoded
content-length: 3
'
00000000: 63 6f 6e 74 65 6e 74 2d 74 79 70 65 3a 20 61 70 content-type: ap
00000010: 70 6c 69 63 61 74 69 6f 6e 2f 78 2d 77 77 77 2d plication/x-www-
00000020: 66 6f 72 6d 2d 75 72 6c 65 6e 63 6f 64 65 64 0d form-urlencoded.
00000030: 0a 63 6f 6e 74 65 6e 74 2d 6c 65 6e 67 74 68 3a .content-length:
00000040: 20 33 0d 0a 3..
Code: Select all
http://rghost.net/private/7YmxFH6d7/68e989df63e16898cb7b280e23fb392f
Code: Select all
[;;;URL;;;] [-u ;;;UA;;;] [-e ;;;REFERER;;;] [-D ;;;FOLDER;;;] [-o ;;;FNAME;;;] [-K ;;;CFILE;;;] [-p ;;;RAWPOST;;;] [--header=HEADER] [-h HEADERS] -r -VVV
Code: Select all
2015-03-18T11:01:46.623Z Extracting post data...
2015-03-18T11:01:46.623Z res.rawPostData (len=73): 'Content-Type: application/x-www-form-urlencoded
Content-Length: 3
a=b'
2015-03-18T11:01:46.623Z headerVisitor::visitHeader: name='Host', value='localhost'
2015-03-18T11:01:46.623Z headerVisitor::visitHeader: name='User-Agent', value='Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 SeaMonkey/2.25'
2015-03-18T11:01:46.623Z headerVisitor::visitHeader: name='Accept', value='text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'
2015-03-18T11:01:46.623Z headerVisitor::visitHeader: name='Accept-Encoding', value='gzip, deflate'
2015-03-18T11:01:46.623Z headerVisitor::visitHeader: name='DNT', value='1'
2015-03-18T11:01:46.623Z headerVisitor::visitHeader: name='Referer', value='http://localhost/test.html'
2015-03-18T11:01:46.623Z headerVisitor::visitHeader: name='Connection', value='keep-alive'
2015-03-18T11:01:46.623Z origPostContentType='null'
2015-03-18T11:01:46.623Z headerVisitor::visitHeader: name='Content-Type', value='application/x-www-form-urlencoded'
2015-03-18T11:01:46.623Z headerVisitor::visitHeader: name='Content-Length', value='3'
2015-03-18T11:01:46.623Z extractPostData: OUT:
2015-03-18T11:01:46.623Z res.rawPostData: len=73: 'Content-Type: application/x-www-form-urlencoded
Content-Length: 3
a=b'
2015-03-18T11:01:46.623Z res.postData: len=3: 'a=b'
2015-03-18T11:01:46.623Z res.extraHeaders: [object Object]
2015-03-18T11:01:46.623Z 'content-type: application/x-www-form-urlencoded'
2015-03-18T11:01:46.624Z 'content-length: 3'
2015-03-18T11:01:48.808Z Preprocessing done in ms9
2015-03-18T11:01:48.810Z Starting dispatch
2015-03-18T11:01:50.212Z FlashGotDMCust::performJob: l.rawPostData: len=73: 'Content-Type: application/x-www-form-urlencoded
Content-Length: 3
a=b'
2015-03-18T11:01:50.212Z FlashGotDMCust::performJob: l.extraHeaders: [object Object]
2015-03-18T11:01:50.212Z FlashGotDMCust::performJob: extraHeaders: len=68: 'content-type: application/x-www-form-urlencoded
content-length: 3
'
2015-03-18T11:01:50.234Z Running C:\hiawatha-9.2.UNP\hiawatha-9.2\wwwroot\test.exe ;;;http://localhost/test.php ;;; -u ;;;Mozilla/5.0 (Windows NT 6.1; WOW64; rv:28.0) Gecko/20100101 SeaMonkey/2.25 ;;; -e ;;;http://localhost/test.html ;;; -D ;;;C:\Users\пк\Downloads\1 ;;; -o ;;;test_php.mp3 ;;; -K ;;;C:\Users\7349~1\AppData\Local\Temp\flashgot.1e3apr2v.default\cookies ;;; -p ;;;Content-Type: application/x-www-form-urlencoded
Content-Length: 3
a=b ;;; --header=content-type: application/x-www-form-urlencoded --header=content-length: 3 -h content-type: application/x-www-form-urlencoded
content-length: 3
-r -VVV -- async
2015-03-18T11:01:50.247Z Native execution time 13
2015-03-18T11:01:50.289Z Dispatch done in ms1478
Total processing time: ms1489
Code: Select all
http://rghost.net/private/84h9sZlGg/2c16726a4d25cf97648b586a03f4c407
Code: Select all
http://rghost.net/private/8wcv4XgJL/bdc170463cdb1e32b1bc41e19b88171a
Code: Select all
http://rghost.net/private/8jrbfYyfb/13cbb284880cca59176da43965d69ed6
So...MoSal wrote:I hope a working RAWPOST will be included in an official release someday.
In case you've lost the version I uploaded before, I can reupload it. And if you haven't, why do you even care about AMO?MoSal wrote:Is flashgot with working RAWPOST ever going to be available in AMO?