Talking Web

level 1

Send an HTTP request using curl

/$ curl localhost

level 2

Send an HTTP request using nc

nc takes URL and port in order to functin.

/$ nc localhost 80
GET / HTTP/1.1

We can send HTTP request using the GET method.

level 3

Send an HTTP request using python

import requests

response = requests.get("http://localhost")
print(response.text)

level 4

Set the host header in an HTTP request using curl

The host header allows user to access a site out of multiple sites hosted on the same server.

In order to set the host-header, we need to use the H flag.

/$ curl -v -H 'Host: 3c22a6070842664437f7deb701d0ba73' localhost

level 5

Set the host header in an HTTP request using nc.

/$ nc localhost 80
GET / HTTP/1.1
Host: 955346154465080a0f6f80ad1abab644

level 6

Set the host header in an HTTP request using python

import requests

response = requests.get("http://localhost", headers = {"Host": "d98cadd7add61f28f2f8ab4ff2866426"})
print(response.text)

level 7

Set the path in an HTTP request using curl

/$ curl -v localhost/6b24f3f2803e65ee8a4c7718e3746e9b

level 8

Set the path in an HTTP request using nc

/$ nc localhost 80
GET /6fa55c0a2c6a06641a0d3b0c7bb52aae HTTP/1.1

level 9

Set the path in an HTTP request using python

import requests

response = requests.get("http://localhost/f9e1c5fbc5583f0adc79a10ca148515c")
print(response.text)

level 10

URL encode a path in an HTTP request using curl

/$ curl -v localhost/57663ceb%20cd9c94ed%2F6168ae2b%20da2eccda

level 11

URL encode a path in an HTTP request using nc

/$ nc localhost 80
GET /b12c4f12%2067266589%2Fd666cda6%20d2af6f45 HTTP/1.1

level 12

URL encode a path in an HTTP request using python

import requests

response = requests.get("http://localhost/84c49128%208a299390%2F93d9bfa2%20d858b128")
print(response.text)

level 13

Specify an argument in an HTTP request using curl

/$ curl 'localhost?a=0700717794063c8870f6587ffe9d1f2e'

level 14

Specify an argument in an HTTP request using nc

/$ nc localhost 80
GET /?a=9cb477c13d0f3467762b96e34723b429 HTTP/1.1

level 15

Specify an argument in an HTTP request using python

import requests

response = requests.get("http://localhost", params = {"a": "98b2272feef1197ca5db52112f53171a"})
print(response.text)

level 16

Specify multiple arguments in an HTTP request using curl

/$ curl -v 'localhost?a=183a900965dbaa297b87b8da347b5000&b=755bccd7%20431ba7ab%26e4271ad1%23165b5805'

level 17

Specify multiple arguments in an HTTP request using nc

/$ nc localhost 80
GET /?a=0d5d14b5c59f30f71f8a4ad183e5594b&b=14ee11ce 7bcd30bb&945e070f#8c4ca511 HTTP/1.1

encode space, &, #

/$ nc localhost 80
GET /?a=0d5d14b5c59f30f71f8a4ad183e5594b&b=14ee11ce%207bcd30bb%26945e070f%238c4ca511 HTTP/1.1

level 18

Specify multiple arguments in an HTTP request using python

import requests

response = requests.get("http://localhost", params = {"a": "976a35e36b74e0ec9d51e06642819868", "b": "5c6d5670 264acf16&9a8327b8#a1e2f498"})
print(response.text)

level 19

Include form data in an HTTP request using curl

/$ curl localhost -H "Content-Type: application/x-www-form-urlencoded" -d "a=2f326bd3fccd73a0779f0b2d508973b7"

level 20

Include form data in an HTTP request using nc

/$ nc localhost 80
POST / HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 34

a=efd41ca8a70736bfca72237e98562264

level 21

Include form data in an HTTP request using python

import requests

response = requests.post("http://localhost", data = {"a": "48a3ea3467441c043b6bbdaaa892f581"})
print(response.text)

level 22

Include form data with multiple fields in an HTTP request using curl

/$ curl localhost -H "Content-Type: application/x-www-form-urlencoded" -d "a=49d18424ea2da90ef911b176280d2b4f&b=e554316c%20d26a8c93%2637806597%2308446ae2"

level 23

Include form data with multiple fields in an HTTP request using nc

/$ nc localhost 80
POST / HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 78

a=ac3b1a1c63b69fad533e8978f6a5dff6&b=b573a00d%202ba9bc8a%26a6695f81%233c49eb83

level 24

Include form data with multiple fields in an HTTP request using python

import requests

response = requests.post("http://localhost", data = {"a": "d9ca68fd4ebb26ce7bc66ca673af28bd", "b": "3f36fa3c 5d887603&0ca6cc86#9b3ebe7e"})
print(response.text)

level 25

Include json data in an HTTP request using curl

/$ curl -v localhost -H "Content-Type: application/json" -d '{"a": "4ca4028161b46e326dccbd61fd9ca126"}'

level 26

Include json data in an HTTP request using nc

/$ nc localhost 80
POST / HTTP/1.1
Content-Type: application/json
Content-Length: 41

{"a": "2871410238346d3ef1efa9557c63d396"}

level 27

Include json data in an HTTP request using python

import requests

response = requests.post("http://localhost", json = {"a": "4f8799edeeeae6280d2476ff44ec855b"})
print(response.text)

level 28

Include complex json data in an HTTP request using curl

/$ curl -v -H "Content-Type: application/json" localhost -d '{"a": "134feb33f6406e92577a3da1af09d6e1", "b":  {"c": "731530a0", "d": ["aa22dd29", "33a13f37 c90ae96c&fc4db4e3#43ed5bf2"]}}'

level 29

Include complex json data in an HTTP request using nc

/$ nec localhost 80
POST / HTTP/1.1
Content-Type: application/json
Content-Length: 123

{"a": "3c3fc4d92ea768d2f90a1564901c7151", "b": {"c": "88960a48", "d": ["f8b92795", "59ce8454 77e5423c&e259ebfd#c90f1078"]}}

level 30

Include complex json data in an HTTP request using python

import requests

response = requests.post("http://localhost", json = {"a": "c49c2036612db43b827928a815ab4aa3", "b": {'c': '18990378', 'd': ['15a23d60', '5d838d26 b09c0f1b&b57e6ead#7e7021f8']}})
print(response.text)

level 31

Follow an HTTP redirect from HTTP response using curl

/$ curl -v localhost/fe865645cf9d9429f8d3a64bd3624bde

level 32

Follow an HTTP redirect from HTTP response using nc

/$ nc localhost 80
GET /04f17f0a0c09c5f51d7b4b41227fc991 HTTP/1.1

level 33

Follow an HTTP redirect from HTTP response using python

import requests

response = requests.post("http://localhost")
print(response.text)

level 34

Include a cookie from HTTP response using curl

/$ curl -v -H 'Cookie: cookie=6ba66cf208e8af50138db065514ec00c' localhost

/$ curl -L --cookie /tmp/cookie localhost

level 35

Include a cookie from HTTP response using nc

/$ nc localhost 80
GET / HTTP/1.1
Cookie: cookie=fd64267b1b2798fc6498188109e91cf7

level 36

Include a cookie from HTTP response using python

import requests

response = requests.post("http://localhost")
print(response.text)

level37

Make multiple requests in response to stateful HTTP responses using curl

/$ curl -v -H 'Cookie: session=eyJzdGF0ZSI6MX0.ZIdjyA.Il0n0-3Dc92AGqznlmke0NUGbSM' localhost

/$ curl -v -H 'Cookie: session=eyJzdGF0ZSI6Mn0.ZIdj-g.xNEcHHpWLkuTjDyiyMlOkpJlhHc' localhost

/$ curl -v -H 'Cookie: session=eyJzdGF0ZSI6M30.ZIdkLw.GAPUeUh0rrxafcjsCri18TI506o' localhost

 curl -L --cookie /tmp/cookie localhost

level 38

Make multiple requests in response to stateful HTTP responses using nc

/$ nc localhost 80
GET / HTTP/1.1
Cookie: session=eyJzdGF0ZSI6MX0.ZIdFvA.sHWWKoF8bM1fkGxOrTHbPJrHnXk

/$ nc localhost 80
GET / HTTP/1.1
Cookie: session=eyJzdGF0ZSI6Mn0.ZIdGGw.vET_YPzKaN7NNySdDm80v_VRahM

Request.txt

/$ nc localhost 80
GET / HTTP/1.1
Cookie: session=eyJzdGF0ZSI6M30.ZIdGTg.7DxhB2c_HvhkfSS5ADGrIgK-eq4

level 39

Make multiple requests in response to stateful HTTP responses using python

import requests

response = requests.post("http://localhost")
print(response.text)

Last updated 1 year ago

hashtaglevel 1

hashtaglevel 2

hashtaglevel 3

hashtaglevel 4

hashtaglevel 5

hashtaglevel 6

hashtaglevel 7

hashtaglevel 8

hashtaglevel 9

hashtaglevel 10

hashtaglevel 11

hashtaglevel 12

hashtaglevel 13

hashtaglevel 14

hashtaglevel 15

hashtaglevel 16

hashtaglevel 17

hashtaglevel 18

hashtaglevel 19

hashtaglevel 20

hashtaglevel 21

hashtaglevel 22

hashtaglevel 23

hashtaglevel 24

hashtaglevel 25

hashtaglevel 26

hashtaglevel 27

hashtaglevel 28

hashtaglevel 29

hashtaglevel 30

hashtaglevel 31

hashtaglevel 32

hashtaglevel 33

hashtaglevel 34

hashtaglevel 35

hashtaglevel 36

hashtaglevel37

hashtaglevel 38

hashtaglevel 39