Trying to submit a post request to a really old website.
I am trying to post a payload similar to this (this is from google)
------WebKitFormBoundaryosJxc86zagk885w4
Content-Disposition: form-data; name="hashid"
+13334445555
------WebKitFormBoundaryosJxc86zagk885w4
Content-Disposition: form-data; name="reqUID"
ajpm
------WebKitFormBoundaryosJxc86zagk885w4
Content-Disposition: form-data; name="recipients"
------WebKitFormBoundaryosJxc86zagk885w4
Content-Disposition: form-data; name="file-name"
------WebKitFormBoundaryosJxc86zagk885w4
Content-Disposition: form-data; name="text"
too%20complicated
------WebKitFormBoundaryosJxc86zagk885w4--
with these headers (from inspect element):
Accept:*/*
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.9
Connection:keep-alive
Content-Length:547
Content-Type:multipart/form-data; boundary=----WebKitFormBoundaryosJxc86zagk885w4
Host:127.0.0.1:333
Origin:http://127.0.0.1:333
Referer:http://127.0.0.1:333/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36
X-Requested-With:XMLHttpRequest
to http://127.0.0.1:333/sendMessage.srv.
I am using this simple python script to do it.
#!/usr/bin/env python3
import random
import requests
url = "http://127.0.0.1:333/sendMessage.srv/"
message = "hello"
number = "+13334445555"
# https://stackoverflow.com/questions/2267362/how-to-convert-an-integer-in-any-base-to-a-string
def baseN(num,b,numerals="0123456789abcdefghijklmnopqrstuvwxyz"):
return ((num == 0) and numerals[0]) or (baseN(num // b, b, numerals).lstrip(numerals[0]) + numerals[num % b])
reqId = baseN(round(random.random() * 1679616), 36)
data = {
'hashid':number,
'reqUID':reqId,
'recipients':"",
'file-name':"",
'text':message,
}
r = requests.post(url, data=data)
print(r.status_code, r.reason)
print(r.text)
print("finished")
It gives me a 200 OK but it says Your browser tried to send a message without supplying a form boundary in the post.. What am I doing wrong?
