PUT上传

配置支持PUT上传的web环境

支持put上传需要修改以下配置
http.conf

//打开下面两个module
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so

//增加一下配置，允许Apache支持put方法
<Directory />
   Dav On
   AllowOverride None
   Options ALL
   Order allow,deny
   Allow from all
</Directory>
DavLockDB  DavLock

除此之外，想要通过put上传文件，需要建立一个文件夹 DavLock 
文件目录位置为  ./Apache/DavLock
为Apache安装目录下增加一个锁文件
WebDAV使得应用程序可以直接将文件写到 Web Server 上，
并且在写文件时候可以对文件加锁，写完后对文件解锁，还可以支持对文件所做的版本控制。
基于 WebDAV可以实现一个功能强大的内容管理系统或者配置管理系统。

PUT上传报文模板

PUT /test.txt HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Host: 127.0.0.1

hello world

COPY报文模板

COPY /test.txt HTTP/1.1
Host: test.com
Destination:  http://test.com/test.asp

MOVE报文模板

MOVE /dir_name/test.aspx HTTP/1.1
Destination: /test.aspx
Host: test.com

//MOVE方法要求移动的文件不在同一个文件夹内

Success后服务器响应状态

PUT，COPY，MOVE等方法执行成功后服务器响应的返回值都会是201

测试

使用BurpSuit的Repeater模块发包

put上传

Request请求包

PUT /test.txt HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Host: 127.0.0.1
Content-Length: 35

<?php echo "<h2>hello world<h2>" ?>

Respons响应包

HTTP/1.1 201 Created
Date: Fri, 22 Dec 2017 09:46:32 GMT
Server: Apache/2.4.23 (Win32) OpenSSL/1.0.2j PHP/5.5.38
Location: http://127.0.0.1/test.txt
Content-Length: 181
Content-Type: text/html; charset=ISO-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>201 Created</title>
</head><body>
<h1>Created</h1>
<p>Resource /test.txt has been created.</p>
</body></html>

COPY修改文件后缀

Request请求包

COPY /test.txt HTTP/1.1
Accept: */*
Accept-Language: en-US
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Host: 127.0.0.1
Destination: http://127.0.0.1/test.php
Content-Length: 2
\r\n
\r\n
#必须要有两个回车,便于理解使用(\r\n)表明，实际直接敲两个回车就好。

Respons响应包

HTTP/1.1 201 Created
Date: Fri, 22 Dec 2017 09:56:11 GMT
Server: Apache/2.4.23 (Win32) OpenSSL/1.0.2j PHP/5.5.38
Location: http://127.0.0.1/test.php
Content-Length: 184
Content-Type: text/html; charset=ISO-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>201 Created</title>
</head><body>
<h1>Created</h1>
<p>Destination /test.php has been created.</p>
</body></html>

访问test.php

Request请求包

GET /test.php HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://127.0.0.1/
Connection: close
Upgrade-Insecure-Requests: 1

Respons响应包

HTTP/1.1 200 OK
Date: Fri, 22 Dec 2017 10:07:57 GMT
Server: Apache/2.4.23 (Win32) OpenSSL/1.0.2j PHP/5.5.38
X-Powered-By: PHP/5.5.38
Content-Length: 19
Connection: close
Content-Type: text/html

<h2>hello world<h2>

访问test.txt

Request请求包

GET /test.txt HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://127.0.0.1/
Connection: close
Upgrade-Insecure-Requests: 1

Respons响应包

HTTP/1.1 200 OK
Date: Fri, 22 Dec 2017 10:09:23 GMT
Server: Apache/2.4.23 (Win32) OpenSSL/1.0.2j PHP/5.5.38
Last-Modified: Fri, 22 Dec 2017 09:46:32 GMT
ETag: "1a-560eab110da27"
Accept-Ranges: bytes
Content-Length: 26
Connection: close
Content-Type: text/plain

echo "<h2>hello world<h2>"