Multipart form data

payload

改变multipart/form-data的大小写即可绕过

原理

源码中使用以下类似的语句读取multipart/form-data里的内容然后再应用过滤规则进行过滤

if (HttpContext.Current.Request.ContentType.IndexOf("multipart/form-data") > -1){
………………
过滤规则
………………
}

完整案例

public static void CheckUpladFiles()
    {
        HttpRequest request = HttpContext.Current.Request;
        HttpResponse response = HttpContext.Current.Response;
        if (HttpContext.Current.Request.ContentType.IndexOf("multipart/form-data") > -1)
        {
            HttpFileCollection files = request.Files;
            for (int i = 0; i < files.Count; i++)
            {
                HttpPostedFile httpPostedFile = files[i];
                string fileName = httpPostedFile.FileName;
                if (httpPostedFile.ContentLength > 0)
                {
                    if (fileName.IndexOf(".") > -1)
                    {
                        string[] array = fileName.Split(new char[]
                        {
                            '.'
                        });
                        for (int j = 1; j < array.Length; j++)
                        {
                            string ext = array[j].ToString().ToLower();
                            if (!ZoomlaSecurityCenter.ExNameCheck(ext))
                            {
                                string findStr = System.IO.Path.GetExtension(fileName).ToLower().Replace(".", "");
                                string text = SiteConfig.SiteOption.UploadFileExts.ToLower();
                                if (!StringHelper.FoundCharInArr(text, findStr, "|"))
                                {
                                    function.WriteErrMsg("上传的文件不是符合扩展名" + text + "的文件");
                                    response.End();
                                }
                            }
                            else
                            {
                                function.WriteErrMsg("请勿上传可疑文件!");
                                response.End();
                            }
                        }
                    }
                    else
                    {
                        function.WriteErrMsg("请勿上传可疑文件!");
                        response.End();
                    }
                }
            }
        }
    }