Web server returning "413 Request Entity Too Large"
Moderator: General Moderators
-
impulse()
- Forum Regular
- Posts: 748
- Joined: Wed Aug 09, 2006 8:36 am
- Location: Staffordshire, UK
- Contact:
Web server returning "413 Request Entity Too Large"
I have wrote a simple login page that sends the username and password as POST variables to my server. I'm trying to write a PHP brute force script to try and guess the login details by sending headers to my server over and over with details from a dictionary file. I have no intentions to use the maliciously, only to see my options in defending against this type of attack.
My problem is that my web server (Apache) is returning the error "413 Request Entity Too Large". The headers I'm sending are the following:
POST /header/login.php HTTP/1.1
Host: myServer.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://myServer.co.uk/header/login.php
Content-Type: application/x-www-form-urlencoded
Content-Length: 19\r\n
user=ste&pass=pword
Connection: Close\r\n
The headers are stored in a variable to start with and I run a foreach loop on each line to add "\r\n" to the end of each line. The reason there's some manual newlines is because from reading there needs to be 2 newlines in some places.
Can anybody see where the problem is here? Google has told me I need to change the configuration on the server but I think I'm sending wrong headers as trying to login through a web browser works fine.
My problem is that my web server (Apache) is returning the error "413 Request Entity Too Large". The headers I'm sending are the following:
POST /header/login.php HTTP/1.1
Host: myServer.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://myServer.co.uk/header/login.php
Content-Type: application/x-www-form-urlencoded
Content-Length: 19\r\n
user=ste&pass=pword
Connection: Close\r\n
The headers are stored in a variable to start with and I run a foreach loop on each line to add "\r\n" to the end of each line. The reason there's some manual newlines is because from reading there needs to be 2 newlines in some places.
Can anybody see where the problem is here? Google has told me I need to change the configuration on the server but I think I'm sending wrong headers as trying to login through a web browser works fine.
Re: Web server returning "413 Request Entity Too Large"
Code: Select all
Content-Length: 19\r\n
user=ste&pass=pword
Connection: Close\r\nCode: Select all
Content-Length: 19
\r\n(i.e. another empty line)
user=ste&pass=pword
Re: Web server returning "413 Request Entity Too Large"
Have a look at this Apache module: http://www.zdziarski.com/projects/mod_evasive/
It's very effective against username/password bruteforcing.
It's very effective against username/password bruteforcing.
There are 10 types of people in this world, those who understand binary and those who don't
-
impulse()
- Forum Regular
- Posts: 748
- Joined: Wed Aug 09, 2006 8:36 am
- Location: Staffordshire, UK
- Contact:
Re: Web server returning "413 Request Entity Too Large"
I haven't ventured as far into web development to have learnt about HTTP headers, this is sort of my first day. I used Firefox Live HTTP headers to grab what headers are sent and copied and pasted them. I didn't want to tamper with them too much incase it caused problems.
Have you got any links to hand for pipelining documentation? All I've found so far is an explanation of pipelining and howtos to enable it in Firefox.
That is how I do have it. Each line has "\r\n" added to it by default from a foreach loop then I added in "\r\n" manually so I do have an empty line below the POST variables.should be
1.
2. Content-Length: 19
3. \r\n(i.e. another empty line)
4. user=ste&pass=pword
5.
Have you got any links to hand for pipelining documentation? All I've found so far is an explanation of pipelining and howtos to enable it in Firefox.
-
impulse()
- Forum Regular
- Posts: 748
- Joined: Wed Aug 09, 2006 8:36 am
- Location: Staffordshire, UK
- Contact:
Re: Web server returning "413 Request Entity Too Large"
Thanks VladSon but this is more of a learning trip for me to mess about with headers, I don't really need to go that far in protecting pages as I don't have anything important behind a login form, well, only on an internal network.
Re: Web server returning "413 Request Entity Too Large"
In that case where did the Connection: close header come from?impulse() wrote:.. I didn't want to tamper with them too much incase it caused problems.
No, you didn't. You had an additional Connection: close header, which to Apache was extra content, hence the 413.impulse() wrote:That is how I do have it. Each line has "\r\n" added to it by default from a foreach loop then I added in "\r\n" manually so I do have an empty line below the POST variables.should be
1.
2. Content-Length: 19
3. \r\n(i.e. another empty line)
4. user=ste&pass=pword
5.
After the double \r\n and POST string you shouldn't have anything else. The length in the Content-Length header should exactly match the strlen() of the POST data.
Err, google?impulse() wrote: Have you got any links to hand for pipelining documentation? All I've found so far is an explanation of pipelining and howtos to enable it in Firefox.
Pipelining is simple in theory - you send multiple requests on a keep-alive connection without waiting for responses. In practice, there's stuff to consider, I won't go into that now - have some working code first
-
impulse()
- Forum Regular
- Posts: 748
- Joined: Wed Aug 09, 2006 8:36 am
- Location: Staffordshire, UK
- Contact:
Re: Web server returning "413 Request Entity Too Large"
I'm not sure where I picked that up from. It may be from the PHP fsockopen() page. I have tried removing it and making sure Content-length is the exact length of the POST data I'm sending and now a different error is being generated. These are the headers I'm sending:
But I still receive "HTTP/1.1 413 Request Entity Too Large"POST /header/login.php HTTP/1.1
Host: myServer.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: http://myServer.co.uk/header/login.php
Content-Type: application/x-www-form-urlencoded
Content-Length: 19
user=ste&pass=pword
Re: Web server returning "413 Request Entity Too Large"
Code: Select all
error_reporting(E_ALL);
$host = '127.0.0.1';
$fp = fsockopen($host, 80, $errno, $errstr, 30);
if (!$fp)
{
echo "$errstr ($errno)<br />\n";
}
else
{
$post_data = 'user=user&pass=user';
$out = "POST / HTTP/1.1\r\n";
$out .= "Host: $host\r\n";
$out .= "Content-Type: application/x-www-form-urlencoded\r\n";
$out .= "Content-Length: ".strlen($post_data)."\r\n";
$out .= "Connection: Close\r\n";
$out .= "User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.11) Gecko/20071127 Firefox/2.0.0.11\r\n";
$out .= "Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5\r\n";
$out .= "Accept-Language: en-gb,en;q=0.5\r\n";
$out .= "Accept-Encoding: gzip,deflate\r\n";
$out .= "Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7\r\n";
$out .= "\r\n";
$out .= "$post_data\r\n";
fwrite($fp, $out);
while (!feof($fp))
{
echo fgets($fp, 128);
}
fclose($fp);
}
There are 10 types of people in this world, those who understand binary and those who don't
Re: Web server returning "413 Request Entity Too Large"
About pipelining: http://www.w3.org/Protocols/HTTP/Perfor ... eline.html
There are 10 types of people in this world, those who understand binary and those who don't
-
impulse()
- Forum Regular
- Posts: 748
- Joined: Wed Aug 09, 2006 8:36 am
- Location: Staffordshire, UK
- Contact:
Re: Web server returning "413 Request Entity Too Large"
Thanks Vladsun, your headers worked.
I've been reading about pipelining and it's said that pipelining shouldn't be used on POST requests.
I've been reading about pipelining and it's said that pipelining shouldn't be used on POST requests.