Jump to content

curl command, change user-agent


pierre
 Share

Recommended Posts

In one terminal I run:

$ echo -ne "HTTP/1.1 200 OK\r\n\r\n<html><h1>Hi</h1></html>" | nc -l 8080

And in a 2nd terminal I run:

$ curl --user-agent "secure_user_agent" -c "PHPSESSID=8pp2qs7kjmjtq7b8423g3o8jj2" http://localhost:8080/
...
$ echo -ne "HTTP/1.1 200 OK\r\n\r\n<html><h1>Hi</h1></html>" | nc -l 8080
GET / HTTP/1.1
Host: localhost:8080
User-Agent: secure_user_agent
Accept: */*

As you can see, the COOKIE is not being displayed. But if I use:

$ curl --user-agent "secure_user_agent" -b "PHPSESSID=8pp2qs7kjmjtq7b8423g3o8jj2" http://localhost:8080/
...
$ echo -ne "HTTP/1.1 200 OK\r\n\r\n<html><h1>Hi</h1></html>" | nc -l 8080
GET / HTTP/1.1
Host: localhost:8080
User-Agent: secure_user_agent
Accept: */*
Cookie: PHPSESSID=8pp2qs7kjmjtq7b8423g3o8jj2

now the cookie is showing up.

im ASSUMEing that its a cookie problem
Edit: fixed symbols

Edited by fugu
Link to comment
Share on other sites

That is because in the first one you are using -c which is used to specify a the filename for the cookie jar to use but in the second one you are using -b which is to pass individual cookies.

Run man curl to see the difference.

Link to comment
Share on other sites

Are you watching the live data pass threw the wire?

Step one, start a packet capture tool (wireshark, tcpdump, tcpick, etc) capture 2 packets, $request and $response...

!step one (Bigmacs way) open 2 terminals and launch 2 cammands... this will filter out the client request and the server response in separate windows.

Tcpick -i eth0 -bPS -C

Tcpick -i eth0 -bPC -C

with your browser, send off the packet your trying to mimic and then copy down the request and response.

Open a 3rd console,

nc place.ip.address (press enter)

(Paste a copy of the request from step one)

(Press enter twice)

2 new lines represents the end of the request.

If a exact copy of the request is sent off and fails, then this will show that the token must be updated after every transaction...

With these 2 consoles still running, you can now attempt curl commands and watch live results... you may also want to try wget...

maybe there is a token that changes after every request, witch will require some trickery. burp suite is updating this token automatically

Link to comment
Share on other sites

Don't know what you are doing wrong but I just did this and it worked fine for me:

$ curl -b "PHPSESSID=XXXXXt2qhlt5do902adv07"  -A "secure_user_agent" "https://www.hackthis.co.uk/levels/basic+/2"
Link to comment
Share on other sites

Sorry I misunderstand what i was doing.

When I was looking at the level to see if I've achieve, nothing was changed.

But with :

$ curl -b "PHPSESSID=am87lp4uir35jv2dej3pgn1r72" -A "secure_user_agent" "https://www.hackthis.co.uk/levels/basic+/2">> test.html
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 75200 0 75200 0 0 93314 0 --:--:-- --:--:-- --:--:-- 93300

When I open my test.html :

Capture_d_cran_de_2016_03_30_13_42_49.jp

I seems good :)

I still don't know why I can't see the result of my command online but thanks anymore :)

Edited by tot94
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...