Jump to content


This topic is now archived and is closed to further replies.



Recommended Posts

I hate to ask the exact same question in different forums, but here goes!

I am writing a PHP script which sends an HTTP client request header to an HTTP server by generating the header with a php scirpt.

Some websites that i am submitting these 'forged' headers to have me baffled. They contain, what as far as i can tell, is random data coded into the header and i'm not sure how this is generated or even why.

Do you understand HTTP? Then maybe you can help me out!

Heres the HTTP client header (one of the many which uses this random technique):


POST /jobboard/index.pl?post HTTP/1.1
Host: www.goteach.ca
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv: Gecko/20060728 Firefox/
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://www.goteach.ca/jobboard/index.pl?form=0
Content-Type: multipart/form-data; boundary=---------------------------491299511942
Content-Length: 537
Content-Disposition: form-data; name="name"

Content-Disposition: form-data; name="email"

Content-Disposition: form-data; name="subject"

Content-Disposition: form-data; name="body"

Content-Disposition: form-data; name="Post"

Post Message

This HTTP header has the random numbers 491299511942 coded into it.

When you submit the EXACT same POST data, the number are always different! For example: 222333444555.

The HTTP headers content length is of course affected by this change.

What i'm trying to figure out, or at least even get the slightest hint too, is how is this/why is being generated. And if i can go so far, how would i replicate this algorithm?



The form can found at:

and you can get an HTTP header capture plugin for mozilla at:

Share this post

Link to post
Share on other sites
the number is a boundary marker that changes with each request, this is a client header and has nothing to do with the server. A boundary indetifier, signifies each part of a multipart document, so each part is a separate entity that makes up the complete multipart document. A multipart HTTP document works the same as a SMTP multi part document, where each entity starts with the boundary marker that has (2) extra (--) befoe it, followed by a single (\r\n) then information header(s), which can contain (type, name and disposition) header(s), followed by (\r\n\r\n) then the content, up to the start of the next boundary indentifier or the ending of the document, (the last) part is ended with (--) on the right hand side of the boundary marker.

//header declaration
Content-Type: multipart/form-data; boundary=--abc

//entity declaration
Content-Disposition: form-data; name="name"

//content declaration

//close document declaration


Share this post

Link to post
Share on other sites


Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.