0x00 什么是分块传输编码

好久没有更新博客了,最近比较忙,在这里道个歉

HTTP分块传输编码其实在年初的时候freebuf和安全科都已经科普过一次了

引用wiki百科中分块传输编码的定义:

分块传输编码(Chunked transfer encoding)是超文本传输协议(HTTP)中的一种数据传输机制,允许HTTP由網頁伺服器发送给客户端应用( 通常是网页浏览器)的数据可以分成多个部分。分块传输编码只在HTTP协议1.1版本(HTTP/1.1)中提供。

0x01 分块传输编码的格式

如果一个HTTP消息(请求消息或应答消息)的Transfer-Encoding消息头的值为chunked,那么,消息体由数量未定的块组成,并以最后一个大小为0的块为结束。

每一个非空的块都以该块包含数据的字节数(字节数以十六进制表示)开始,跟随一个CRLF (回车及換行),然后是数据本身,最后块CRLF结束。在一些实现中,块大小和CRLF之间填充有白空格(0x20)。

最后一块是单行,由块大小(0),一些可选的填充白空格,以及CRLF。最后一块不再包含任何数据,但是可以发送可选的尾部,包括消息头字段。

消息最后以CRLF结尾。

读完上述概念后,有几个知识点需要总结一下:

1、分块传输仅在HTTP/1.1版本中提供,作为一个"坏小子"第一时间想到的是否可进行Dos攻击,曾经确实有中间件处理不当存在Dos的例子

2、分块传输只能用在POST请求,显而易见GET请求中不包含任何内容,但是服务器对GET/POST返回响应中都可以使用分块传输。

0x02 分块传输编码扩展

在《图解HTTP》中对Chunked介绍如下图所示:
imgs

在RFC7230中的Chunked的介绍:
imgs

在wiki百科中的介绍:
imgs

我在本地的尝试

首先后端接受代码如下:
imgs

使用burpsuite构造请求如下:

imgs

如图所示,后端成功接受了参数

0x03 Hacking in Tools

sqlmap

感谢w8ay大佬对sqlmap的扩展

sqlmap -u "eval.com" --data="id" --chunked

imgs

burpsuite

感谢c0ny1大佬对burpsuite的扩展

https://github.com/c0ny1/chunked-coding-converter

imgs

编译好的1.0版本的jar文件

点我下载

540 对 “HTTP分块传输编码”的想法;

  12. https://tinyurl.com/2p8sxszn https://tinyurl.com/2d6kc7z4 https://is.gd/6g4B4T https://cutt.ly/OHvcWt2 http://ubezpieczenia-nysa.pl https://rebrand.ly/0f2d62 http://ubezpieczenianaraty.pl https://Bit.ly/3LmXrTk https://is.gd/YPnAWd https://tinyurl.com/24py37ve
    https://Bit.ly/3MlFoOz https://cutt.ly/rHvvOSp http://stolicaubezpieczen.pl http://ubezpieczeniaporeba.pl http://fart-ubezpieczenia.pl/ https://is.gd/1mQ4ga https://tinyurl.com/2p8sxszn https://bit.ly/3Lw37L3 http://ubezpieczenialink4.pl https://cutt.ly/FHvcN2Z
    https://Is.gd/ ubezpieczto.pl https://bit.ly/3NfCzyB https://Cutt.ly https://rebrand.ly/
    Ubezpieczenie-Dziecka.pl bit.ly bit.ly

    tinyurl.com https://bit.ly/3lgLX9w
    bit.ly https://is.gd/Lw9uqX rebrand.ly https://bit.ly/ https://bit.ly/3wrJ22V
    is.gd

    回复

  13. https://tinyurl.com/2fwhzur5 http://ubezpieczniewroclaw.pl https://Bit.ly/3NgfL1Y https://rebrand.ly/c2f455 http://noweubezpieczenia.pl https://cutt.ly/oHvvdf3 https://tinyurl.com/yckpz4uw https://tinyurl.com/yndb3mf5 https://is.gd/lvyxYX https://cutt.ly/uHvcO81
    https://cutt.ly/EHvbame http://prawoiubezpieczenia.pl https://Tinyurl.com/zpnnuu5k https://cutt.ly/0Hvbds5 http://ubezpieczenia-ranking.pl http://ubezpieczenia-warszawa.com.pl https://is.gd/CcEK64 https://rebrand.ly/862cda https://cutt.ly/FHvcN2Z https://tinyurl.com/m8f4dyw7
    ubezpieczeniabb.pl bit.ly https://bit.ly/3yETPcx https://rebrand.ly/3a25d3 http://Ubezpieczenieprzezinternet.pl/ ubezpieczenia-jaworzno.pl
    https://rebrand.ly/f22a04 is.gd
    https://is.gd http://Westaubezpieczenia.pl is.gd cutt.ly https://rebrand.ly/2eb078 is.gd https://bit.ly/3leo8Pr Ubezpieczeniacompensa.pl

    回复

  72. The only thing you need to worry about is how you’re going to celebrate your victory. The total jackpot amount will be credited to your account, and you will be able to initiate withdrawals of your jackpot winnings provided you have met the playthrough requirements (wagering requirements) of bonuses, and that you comply with the online casino’s maximum daily monthly withdraw limits. Contact customer support or an account manager at the casino for information on how best to manage your jackpot wins. Slotomania is one of the top online slots for real money with no deposit. It can be found on the Mistplay app. In order to get paid for playing, you must have a free Mistplay account and download the game through Mistplay. From there, every time you reach a new level or checkpoint in the game, Mistplay rewards you with units.
    https://trading.neotecalia.com/foro/profile/reinabayer6558/
    This is a simple game of no limit Texas Hold ‘Em Poker where you play against 4 computer players. What makes up the best online poker software? How do you find the best online poker site for your skill range and playing style? After spending hours reviewing several online poker sites, we gathered the most important tips and advice and put it all together for you. When choosing a good poker site for real money, consider these questions: Game play is simple and the site will automatically let you know when it’s your turn to act, so you don’t have to make everyone at the table wait while you try to figure out how to play. That’s one of the benefits to online poker compared to live poker. If you’re playing live poker and you hold up the game, chances are that others at the table will yell at you.

    回复

  86. Gender discrimination and the gender pay gap are still realities that women face on a daily basis. And in 2020, women’s rights to abortion and more may be at risk if a conservative winds up filling Justice Ruth Bader Ginsburg’s Supreme Court seat. However, many students find it difficult to come up with a good persuasive speech topic. Are you also looking for a perfect topic to write your persuasive speech on? Then this blog is for you. 60 Speech Topics on Religion and Spirituality Universidad Tecnologica de Honduras Campus El Progreso It takes time and effort to produce a good persuasive speech. You must ensure that you’ve chosen one of the most effective persuasive speech topics and used the proper terminology to express your point. This is your opportunity to voice your opinion freely and honestly, so don’t be concerned or reserved.
    https://www.orbitsound.com/forum/user-185846.html
    Take the examples above and use them as a starting point to craft an excellent persuasive essay. It will help you achieve the grades you deserve. Persuasive Essay Example 8th Grade PERSUASIVE ESSAY EXAMPLES FOR 5TH GRADE Sample work English K–10 Stage 5: Activity 1 – Film analysis My daily life is filled with writing, which I craft with care and satisfaction—correspondence with friends, reports about students, dealings with vendors, condolences. I have tried to create authentic writing experiences like these for my students, in order to motivate them to write with care and to understand and enjoy the power of good writing. Using this format, your fifth grader should write a short and straightforward outline that showcases every paragraph’s main ideas and contents in logical order.

    回复

  436. 20 games to play! Win up to 5X your prize! Enter the Gala Bingo promo code where prompted. Deposit and spend at least the required amount as stated in the tcs. Your bonus funds will be credited automatically. Gala Bingo Welcome Bonus Terms and Conditions. Select Date Range:From: To: Warning: Jackpot Cash Casino has certain sections of Terms and Conditions that we consider to be unfair to the casino’s players. Because of this, we advise you to look for a casino with fair rules or at least pay special attention to this casino’s Terms and Conditions if you decide to play at it. Click next to have a code sent to your . Both the Mega Millions’ and the Powerball’s annuities are paid out in 30 annual installments, increasing 5 percent yearly. Jackpot Cash Chest value will be boosted by $10,000 should Max Verstappen or Sergio Perez place on the podium. If Jackpot Cash Chest is opened, the value will reset to the original amount for the next Grand Prix. https://micro.blog/aviatorappinr The campaign features multiple linear TV and OTT spots with O’Connell appearing on a bright, vibrant Quick Hit Slots-branded Vegas Strip and content for digital and in-app assets. He touts the thrilling free-to-play app experience that provides users with daily bonuses and prizes, including a 6-million-coin bonus for new users that download the game.; Package of Quick Hit Extraordinary Coins Minimum requirement to run Quick Hit Casino Slot Games on your PC The worst part? Casinos often advertise that their “average payouts” are as high as 95 percent. But beware: That number applies only to certain machines, and the casinos don’t rush to tell you which ones. You really need to read or ask about the fine print before playing. You can also check the information on the machine to see if it lists its payouts. (Don’t expect this information to be front and center.)

    回复

发表回复

您的电子邮箱地址不会被公开。