Curl for Web Hacking and Pentesting

In the previous post we saw the basic uses of curl. Now at this we are going to see some useful and important command as web pentesting view.

1. Get the HTTP response header

We can get header information of a website with '-I' flag

 curl -I http://www.w3.org

2. Sending GET Requests

 curl "http://www.testserver.com/example.php?name=hacke&age=30"

3. Sending POST requests 

 curl -d "name=ajay&submit=Submit" http://www.testserver.com/example.php

4. To follow a redirect location:

 curl -L http://www.testserver.com

5. Sending custom Headers : 

 curl -H "user-agent:Mozilla/5.0 (X11; Linux x86_64) " http://www.testserver.com

 curl -H "Content-Type: text/xml" http://www.testserver.com

 curl -H "Host: www.unknownsite.com" http://www.testserver.com

6. Custom User-Agent Header :

We can send custom user agent header by '-A' flag

 curl -A "Mozilla/5.0 (X11; Linux x86_64)" http://www.testserver.com

 curl -A "Mozilla/5.0 (compatible;  Windows NT 5.0)" http://www.testserver.com

7. Custom Referrer field :

 curl -e http://referersite.com http://www.testserver.com

Or we can also send custom referrer with below command

 curl -H "Referrer: http://referersite.com"  http://www.testserver.com

8. Custom Cookies : 

To send custom cookies use '-b' flag

 curl -b "name=sectree" http://www.testserver.com

To store response cookies in a file use '-c' option. We can also send cookies which is stored in a file.

 curl -b current_cookies.txt -c new_cookies.txt http://www.testserver.com

where the current_cookies.txt are being sent to the web server and new_cookies.txt are response cookies by the server which is stored and written in that file.