CtrlK

Pentest Notes / Enumeration / Tools

cURL

FlagDescriptionExample
-oStores output; name should be given-o page.html
-OStores output; name is the one used by webserver-
-sSilent; no status showed-
-kSkip SSL certificate check while using HTTPS-
-Ionly response headers-
-iboth response headers and body-
-Lfollow redirects-
-AUser agent-A 'Mozilla/5.0'
-uUsername and password for login forms-u admin:password
-HHeaders in the request-H ‘Authorization: Basic somebase64string’
-XMethod-X POST GET by default
-dData to be sent-d ‘username=admin@password=admin’
-bCookie-b ‘sessionid=somevalue’
-TUploads files to server, same as HTTP PUT-T [filename.txt] [http://target/upload]

Common headers:

Content-Type:
Cookie:
Authorization:

Authentication:

Instead of adding username and password using -u flag:
curl username:password@{MACHINE_IP]

Cookies:

Cookies can also be mentioned in the header:
Eg: cookie is sessionid=somevalue
curl -b 'sessionid=somevalue' http://MACHINE_IP:port or
curl -H ‘Cookie: sessionid=somevalue’ http://MACHINE_IP:port

Note: In WINDOWS: only double quotes must be used and quotes inside data must be escaped: "

Content types:

json: application/json
form: application/x-www-form-urlencoded