pierre Posted March 25, 2016 Share Posted March 25, 2016 Hello, I try to change my "user-agent" for a challenge. Problem is that my HTTP request don't fail but however my challenge isn't resolve by the way !!Here is my command :$ curl --user-agent "secure_user_agent" -c "PHPSESSID=8pp2qs7kjmjtq7b8423g3o8jj2" https://www.hackthis.co.uk/levels/basic+/2Do you where is my error ? Quote Link to comment Share on other sites More sharing options...
i8igmac Posted March 25, 2016 Share Posted March 25, 2016 Try Curl A "Mozilla" -h -c "session" link-here Quote Link to comment Share on other sites More sharing options...
fugu Posted March 25, 2016 Share Posted March 25, 2016 (edited) In one terminal I run: $ echo -ne "HTTP/1.1 200 OK\r\n\r\n<html><h1>Hi</h1></html>" | nc -l 8080 And in a 2nd terminal I run: $ curl --user-agent "secure_user_agent" -c "PHPSESSID=8pp2qs7kjmjtq7b8423g3o8jj2" http://localhost:8080/ ... $ echo -ne "HTTP/1.1 200 OK\r\n\r\n<html><h1>Hi</h1></html>" | nc -l 8080 GET / HTTP/1.1 Host: localhost:8080 User-Agent: secure_user_agent Accept: */* As you can see, the COOKIE is not being displayed. But if I use: $ curl --user-agent "secure_user_agent" -b "PHPSESSID=8pp2qs7kjmjtq7b8423g3o8jj2" http://localhost:8080/ ... $ echo -ne "HTTP/1.1 200 OK\r\n\r\n<html><h1>Hi</h1></html>" | nc -l 8080 GET / HTTP/1.1 Host: localhost:8080 User-Agent: secure_user_agent Accept: */* Cookie: PHPSESSID=8pp2qs7kjmjtq7b8423g3o8jj2 now the cookie is showing up.im ASSUMEing that its a cookie problemEdit: fixed symbols Edited March 25, 2016 by fugu Quote Link to comment Share on other sites More sharing options...
digininja Posted March 25, 2016 Share Posted March 25, 2016 That is because in the first one you are using -c which is used to specify a the filename for the cookie jar to use but in the second one you are using -b which is to pass individual cookies. Run man curl to see the difference. Quote Link to comment Share on other sites More sharing options...
pierre Posted March 29, 2016 Author Share Posted March 29, 2016 Thanks for your answer. So here is my new command syntax : $ curl --user-agent "secure_user_agent" -b "PHPSESSID=bdv19903ltjg6hq0cfbhq6t6a7" https://www.hackthis.co.uk/levels/basic+/2 It still can't work !!! Very demoralizing because I achieve this with TamperData but i really want to do it by command line ... Quote Link to comment Share on other sites More sharing options...
i8igmac Posted March 29, 2016 Share Posted March 29, 2016 Are you watching the live data pass threw the wire? Step one, start a packet capture tool (wireshark, tcpdump, tcpick, etc) capture 2 packets, $request and $response... !step one (Bigmacs way) open 2 terminals and launch 2 cammands... this will filter out the client request and the server response in separate windows. Tcpick -i eth0 -bPS -C Tcpick -i eth0 -bPC -C with your browser, send off the packet your trying to mimic and then copy down the request and response. Open a 3rd console, nc place.ip.address (press enter) (Paste a copy of the request from step one) (Press enter twice) 2 new lines represents the end of the request. If a exact copy of the request is sent off and fails, then this will show that the token must be updated after every transaction... With these 2 consoles still running, you can now attempt curl commands and watch live results... you may also want to try wget... maybe there is a token that changes after every request, witch will require some trickery. burp suite is updating this token automatically Quote Link to comment Share on other sites More sharing options...
digininja Posted March 29, 2016 Share Posted March 29, 2016 Don't know what you are doing wrong but I just did this and it worked fine for me: $ curl -b "PHPSESSID=XXXXXt2qhlt5do902adv07" -A "secure_user_agent" "https://www.hackthis.co.uk/levels/basic+/2" Quote Link to comment Share on other sites More sharing options...
pierre Posted March 30, 2016 Author Share Posted March 30, 2016 (edited) Sorry I misunderstand what i was doing. When I was looking at the level to see if I've achieve, nothing was changed. But with : $ curl -b "PHPSESSID=am87lp4uir35jv2dej3pgn1r72" -A "secure_user_agent" "https://www.hackthis.co.uk/levels/basic+/2">> test.html % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed100 75200 0 75200 0 0 93314 0 --:--:-- --:--:-- --:--:-- 93300 When I open my test.html : I seems good :) I still don't know why I can't see the result of my command online but thanks anymore :) Edited March 30, 2016 by tot94 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.