nc contract returns "HTTP/1.1 4 0 0 Bad Request" solution-vulnerability warning-the black bar safety net

2009-05-18T00:00:00
ID MYHACK58:62200923278
Type myhack58
Reporter 佚名
Modified 2009-05-18T00:00:00

Description

Copyright statement: reprint, Please to hyperlink marked article origin and author information and this statement http://qiuren.blogbus.com/logs/37117725.html

A lot of times in the debugger when you need to customize the contract, in the ordinary post to submit with Firefox plug-ins enough to cope with, such as Tamper Data.

But in the upload image or file when this tool becomes powerless.

This time with a winsock expert capture,Save As txt, modify the txt, and then use nc to submit is the more common approach.

The article before I often contract encountered such an echo

HTTP/1.1 4 0 0 Bad Request Content-Type: text/html Date: Mon, 2 7 Mar 2 0 0 9 0 3:3 3:3 2 GMT Connection: close Content-Length: 3 5

Bad Request (Invalid Verb)

sent 3 0 5 3, rcvd 1 6 4: NOTSOCK

This is relatively depressed, with ULtraEdit-3 2 hex editing found as shown in Figure 1. bmp No wonder the server does not recognize.

On the site looking for some information that“Unicode, Unicode big endian and UTF-8 encoded txt file at the beginning will be more than a few bytes are FF, FE(Unicode),FE, FF(Unicode big endian,and EF, BB, BF(UTF-8)。”

It's the coding problem, then change the coding. 2. bmp

3. bmp

OK,now normal.

Sometimes in the POST earlier or there will be“EF BB BF”which of the three bytes, this time can be used c32asm put these three bytes del out.

Have to whining about this coding problem is really a chronic problem