HTTP File Upload by The UnXplAiNED

Post date: Dec 21, 2010 9:36:34 PM

This interesting project, coded in Delphi by The UnXplAiNED, details how to upload a file to a webpage via the HTTP POST method.

Author: The UnXplAiNED

Website: opensc.ws

Compiled: Delphi 2007

PHP Script:

<?php

    $path='./';

       move_uploaded_file($_FILES['data']['tmp_name'], $path.$_FILES['data']['name']) or die('');

?>

Delphi Unit:

   uHttpUploadFile

  Author: The UnXplAiNED

  Description: Upload a file to a webpage via the HTTP POST method

  Website: www.opensc.ws

  Credits:

    steve10120

    datemme(I basically ported and fixed his C version of httpfile upload)

    steve10120

    LeadMX

    Squeezer

    Counterstrikewi

  Release date: 18/12/2010

  Note:

    host - should always be in that form, site.com, no http://  infront.

    script - should always be preceded by a /, e.g /directory/index.php

    filepath - the full path to the file

    remotefilename - the name to be given when uploaded

    The form upload name used is "data" if you are using a different one

    on your webpage, make sure to change it in the function.

    No check is done on the response headers to check if the file was uploaded  correctly.

unit uHttpUploadFile;

interface

uses Windows, WinSock, SysUtils;

function HTTPPostData(host:string;script:string;filePath:string;remoteFilename:String):integer;

var

  sSock : TSocket;

  sAddr: TSockAddrIn;

  sWsa : TWSAData;

  sPort : integer = 80;

  rturn :integer;

  i: Integer;

implementation

//found somewhere on the net

function GetIPFromHost(const HostName: string): string;

type

  TaPInAddr = array[0..10] of PInAddr;

  PaPInAddr = ^TaPInAddr;

var

  phe: PHostEnt;

  pptr: PaPInAddr;

  i: Integer;

  GInitData: TWSAData;

begin

  WSAStartup($101, GInitData);

  Result := '';

  phe := GetHostByName(PChar(HostName));

  if phe = nil then Exit;

  pPtr := PaPInAddr(phe^.h_addr_list);

  i := 0;

  while pPtr^[i] <> nil do

  begin

    Result := inet_ntoa(pptr^[i]^);

    Inc(i);

  end;

  WSACleanup;

end;

//credits to steve10120

function readFiletoString(fpath:string; var fbuffer:string):boolean;

var

      fhandle: Thandle;

      dSize: DWORD;

      dRead: DWORD;

  begin

    Result:= False;

    fhandle := CreateFile(PChar(fpath), GENERIC_READ, FILE_SHARE_READ, nil, OPEN_EXISTING, 0, 0);

    if fhandle <> 0 then

      begin

         dSize := GetFileSize(fhandle, nil);

         if dSize<>0 then

          begin

            SetFilepointer(fhandle,0,nil, FILE_BEGIN);

            SetLength(fbuffer, dSize);

              if ReadFile(fhandle, fbuffer[1],dSize, dRead, nil) then

                begin

                  Result:= True;

                end;

             CloseHandle(fhandle);

          end;

      end;

end;

function HTTPPostData(host:string;script:string;filePath:string;remoteFilename:String):integer;

var

  data : string;

  fileContents : string;

  bodySize: string;

  bodyContents: string;

  hostIp: string;

  boundary: string;

  formName: string;

 begin

   boundary :=  '---------------------------282861610524488';

   formName := 'data';

  //read file

  if  not readFiletoString(filePath,fileContents) then

    begin

      Result :=-1;

      exit;

    end;

  bodyContents := '--' + boundary + #13#10;

  bodyContents := bodyContents + 'Content-Disposition: form-data; name="'+formName+'"; filename="'+ remotefilename +'"';

  bodyContents := bodyContents + #13#10 + 'Content-Type: application/octet-stream';

  bodyContents := bodyContents + #13#10 + #13#10 + fileContents + #13#10;

  bodyContents := bodyContents  + '--'+ boundary + '--' + #13#10;

  bodySize := IntToStr(Length(bodyContents));

 //generate headers and body

  data := 'POST ' + script +' HTTP/1.1' + #13#10 + 'Host: ' + host  +#13#10;

  data := data + 'User-Agent: Uploador' + #13#10;

  data := data + 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' + #13#10;

  data := data + 'Content-Type: multipart/form-data; boundary=' + boundary + #13#10;

  data := data + 'Connection: Keep-Alive' + #13#10;

  data := data + 'Content-Length: ' + bodySize + #13#10 + #13#10;

  data := data + bodyContents;

  WSAStartup($1010, sWsa);

  sSock := Socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);

  //get ip from hostname

  hostIp := GetIpFromHost(host);

  if  hostIp = '' then

    begin

      Result:=-2;

      Exit;

    end;

  sAddr.sin_family := AF_INET;

  sAddr.sin_port := hTons(sPort);

  sAddr.sin_addr.S_addr := inet_addr(PChar(hostIp));

  rturn := connect(sSock, sAddr, SizeOf(sAddr));

  if rturn = SOCKET_ERROR Then

    begin

      Result:=-3;

      exit;

end

  else

    begin

      rturn:=send(sSock, data[1], Length(data), 0);

      Sleep(4000);

      closesocket(sSock);

      Result:=0;

    end;

 end;

end.

Only Delphi source code is included in the archive.