Jump to content

MasterCJ

New Members
  • Posts

    2
  • Joined

  • Last visited

    Never

Posts posted by MasterCJ

  1. I hate to ask the exact same question in different forums, but here goes!

    I am writing a PHP script which sends an HTTP client request header to an HTTP server by generating the header with a php scirpt.

    Some websites that i am submitting these 'forged' headers to have me baffled. They contain, what as far as i can tell, is random data coded into the header and i'm not sure how this is generated or even why.

    Do you understand HTTP? Then maybe you can help me out!

    Heres the HTTP client header (one of the many which uses this random technique):

    [code]
    http://www.goteach.ca/jobboard/index.pl?post

    POST /jobboard/index.pl?post HTTP/1.1
    Host: www.goteach.ca
    User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6
    Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
    Accept-Language: en-us,en;q=0.5
    Accept-Encoding: gzip,deflate
    Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
    Keep-Alive: 300
    Connection: keep-alive
    Referer: http://www.goteach.ca/jobboard/index.pl?form=0
    Content-Type: multipart/form-data; boundary=---------------------------491299511942
    Content-Length: 537
    -----------------------------491299511942
    Content-Disposition: form-data; name="name"

    TEST
    -----------------------------491299511942
    Content-Disposition: form-data; name="email"

    TEST
    -----------------------------491299511942
    Content-Disposition: form-data; name="subject"

    TEST
    -----------------------------491299511942
    Content-Disposition: form-data; name="body"

    TEST
    -----------------------------491299511942
    Content-Disposition: form-data; name="Post"

    Post Message
    -----------------------------491299511942--
    [/code]


    This HTTP header has the random numbers 491299511942 coded into it.

    When you submit the EXACT same POST data, the number are always different! For example: 222333444555.

    The HTTP headers content length is of course affected by this change.

    What i'm trying to figure out, or at least even get the slightest hint too, is how is this/why is being generated. And if i can go so far, how would i replicate this algorithm?


    Thanks,

    MasterCJ

    The form can found at:
    http://www.goteach.ca/jobboard/index.pl?form=0

    and you can get an HTTP header capture plugin for mozilla at:
    http://livehttpheaders.mozdev.org/installation.html
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.