How to upload large data to a web server

From EggeWiki

One area where applications are often vulnerable is attacks which post large amounts of data to the server. The server might be expecting only a user name, and may fail if given a large amount of data. Here's an easy way to see what happens when you send a web server a load of garbage.

First we'll use dd to create a file filled with random data. Here I create a 50MB file. <geshi lang="bash"> dd if=/dev/zero of=/tmp/bigfile bs=1024 count=51200 </geshi>

Next, we'll send that file to the web server and see what happens: <geshi lang="bash"> curl -v -L -F file=@/tmp/bigfile -k -c cj https://banking.example.com/login.cgi </geshi>

I used the following options:

  • -v verbose
  • -L follow location hints
  • -F Specify HTTP multipart POST data
  • -k Allow connections to SSL sites without certs
  • -c Write cookies to this file after operation
Retrieved from "https://www.theeggeadventure.com/wikimedia/wikimedia/index.php?title=How_to_upload_large_data_to_a_web_server&oldid=2046"