Curl For Pentesters
19 Apr 2022, 12:44 p.m.
22 Apr 2022, 4:55 p.m.
01:28 minutes
Curl can be used for a number of useful activities during a pentest engagement. It can send HTTP Methods and data to an API endpoint, upload a file to a WebDav Server or grab server response headers, amongst other things. This article looks at a couple of practical uses for the Curl utility.
Curl
Uploading
Uploading a webshell to a WebDav server
curl --user <user>:<pass> -T /ftphome/mshell.php http://192.168.30.55/webdav/ --anyauth
Break down of Flags
| Flag | Description |
|---|---|
| –anyauth | Tells curl to figure out an authentication method by itself and use the most secure one the remote site claims to support. |
| -T | Upload-file |
| -u, –user | Specify User:Password credentials. |
HTTP Method
Specify the method to use: POST, HEAD, PUT, GET, DELETE
curl -X <Method>
Banner grabbing for websites
Includes the headers
curl -i <ip>
Includes headers and follows redirects
curl -i -L <ip>
Viewing Websites
Looking at a webpage from the shell
curl <ip> -s -L | html2text -width '99'
robots.txt check
curl <ip>/robots.txt -s | html2text
Grep a page for all title and href tags
curl -s -L 10.11.1.71 | grep "title\|href" | sed -e s/^[[:space:]]*//
Flags
| Flag | Description |
|---|---|
| -i | Include the HTTP header in the output. |
| -o | Output to a file |
| -s | for silent mode, better if you want to save it to file |
| -L | Follow redirects |
Anonymous
You're not logged in; your comment will be anonymous.
Log in here to post from your account, or via your social media account:
0 comments
