Search

SearchSearch

cURL โš™๏ธ

Nov 15, 20242 min read

  • Download a file from the Internet:
curl -O https://website.com
  • Download a file silent (wihout info) from the Internet:
curl -s -O https://website.com
  • Skip the certificate:
curl -k https://website.com
  • Preview the full http request:
curl https://website.com -v
curl https://website.com -vvv
  • Just see the response headers:
curl -I https://website.com
  • Set your own user agent:
curl https://website.com -A 'Mozilla/5.0'
  • Execute a command to a web shell url-encoding the command (and watching errors):
curl -s -X GET 'http://localhost/index.php' -G --data-urlencode "cmd=ip a 2>&1"
  • Access with username and password:
curl -u admin:admin http://<SERVER_IP>:<PORT>/
# or
curl http://admin:admin@<SERVER_IP>:<PORT>/
  • Access setting manually authorization header:
curl -H 'Authorization: Basic YWRtaW46YWRtaW4=' http://<SERVER_IP>:<PORT>/
  • Send a GET Request with cURL:
    • Open the browser devtools
    • Right click on the request and select Copy>Copy as cURL
    • Then:
curl 'http://<SERVER_IP>:<PORT>/search.php?search=le' -H 'Authorization: Basic YWRtaW46YWRtaW4='
  • Send a POST request with data:
curl -X POST -d 'username=admin&password=admin' http://<SERVER_IP>:<PORT>/
  • Authenticate with a cookie:
curl -b 'PHPSESSID=c1nsa6op7vtk7kdis7bcnbadf1' http://<SERVER_IP>:<PORT>/
# or
curl -H 'Cookie: PHPSESSID=c1nsa6op7vtk7kdis7bcnbadf1' http://<SERVER_IP>:<PORT>/
  • A full POST example (with cookie and JSON data):
curl -X POST -d '{"search":"flag"}' -H 'Content-Type: application/json' -b 'PHPSESSID=149437hctb1edgbb6gs807fmv2' http://83.136.252.57:48546/search.php -i
  • Send a PUT request:
curl -X PUT http://<SERVER_IP>:<PORT>/api.php/city/london
  • Read data of an API:
curl http://<SERVER_IP>:<PORT>/api.php/city/london
 
# read it as json string
curl http://<SERVER_IP>:<PORT>/api.php/city/london | jq
 
# provide a search term
curl -s http://<SERVER_IP>:<PORT>/api.php/city/le | jq
 
# pass an empty string to retrieve all entries in the table
curl -s http://<SERVER_IP>:<PORT>/api.php/city/ | jq
  • Create data on an API:
curl -X POST http://<SERVER_IP>:<PORT>/api.php/city/ -d '{"city_name":"HTB_City", "country_name":"HTB"}' -H 'Content-Type: application/json'
  • Update data on an API:
curl -X PUT http://<SERVER_IP>:<PORT>/api.php/city/london -d '{"city_name":"New_HTB_City", "country_name":"HTB"}' -H 'Content-Type: application/json'
  • Delete data on an API:
curl -X DELETE http://<SERVER_IP>:<PORT>/api.php/city/New_HTB_City

Graph View

Backlinks