HTTP Verbs

It is used to request a resource. We can also pass arguments to webserver in url using ?

It is used to submit HTML form data. POST parameters should be in message body

It asks header of the response instead of also getting the body.

It is used to upload a file to the server. It is very dangerous if allowed and misconfigured

PUT /path/to/destination HTTP/1.1
Host: www.example.com

<Put Data>

You have to specify the size of file that you are sending

$ wc -m payload.php
20 payload.php

$ nc victim_ip port
PUT /payload.php HTTP/1.0
Content-type: text/html
Content-length: 20

<?php phpinfo(); ?>

It is used to remove a file from the server. It is also very dangerous which can lead to denial of service and data loss

DELETE /path/to/destination HTTP/1.1
Host: www.example.com

It is used to query web server for enabled http verbs.

Last updated 2 years ago