Scribd
Upload
49 views5 pages

Curl Guides

Uploaded by

bangtamboy35
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
49 views5 pages

Curl Guides

Uploaded by

bangtamboy35
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

1.

Basic curl Syntax for HTTP Requests

The basic syntax of curl is:

curl [options] [URL]

You can specify the type of HTTP request (GET, POST, PUT, etc.) using the appropriate flags,
and you can set headers or send data within the request.

2. Making an HTTP GET Request

The GET request is the default method curl uses if no method is explicitly specified.

curl http://testphp.vulnweb.com/

To see the headers and response, add the -v (verbose) option:

curl -v http://testphp.vulnweb.com/

curl -vvv http://testphp.vulnweb.com/

• -v: Shows both the request sent and the response received, including headers.

3. Setting Headers with -H Option

a. Register an account on http://testphp.vulnweb.com/login.php


b. Sniff all message using charles proxy and analize the message format
c. Using curl to register, login, and request data

To specify custom headers in your HTTP request (like Content-Type, Authorization, etc.),
use the -H option:

curl -H "Content-Type: application/json" -H "Authorization: Bearer <token>"


http://testphp.vulnweb.com/

4. Sending POST Data

For POST requests, use the -X option to specify the request type, and -d (data) to send the
payload:

curl -X POST -H "Content-Type: application/json" -d '{"key":"value"}'


http://testphp.vulnweb.com/login.php

Here:

• -X POST: Specifies that this is a POST request.

• -d '{"key":"value"}': The JSON payload being sent in the request body.


5. Sending Form Data

To send data as application/x-www-form-urlencoded (typical for HTML form submissions),


you can pass form data directly:

curl -d "username=user&password=pass" http://testphp.vulnweb.com/login.php

Alternatively, you can use the --form option for file uploads:

curl --form "file=@filename" http://testphp.vulnweb.com//upload

6. Handling Different Content Types

curl can handle different content types such as:

• application/json

• text/html

• application/x-www-form-urlencoded

Make sure you specify the correct Content-Type header with -H if necessary.

7. HTTP Methods

Below are the commonly used HTTP methods in curl:

• GET: Retrieve data from the server.

curl -X GET http://testphp.vulnweb.com/

• POST: Send data to the server.

curl -X POST -d "param=value" http://testphp.vulnweb.com/

• PUT: Update data on the server.

curl -X PUT -d '{"name":"John"}' http://rest.vulnweb.com/

• DELETE: Delete data from the server.

curl -X DELETE http://testphp.vulnweb.com//resource/1

8. Saving Response to a File

You can save the HTTP response body to a file using the -o (output) option:

curl -o response.txt http://testphp.vulnweb.com/

To download a file with its original name, use -O (uppercase letter O):
curl -O http://testphp.vulnweb.com//file.zip

9. Inspecting Response Headers with -I (HEAD Request)

To only fetch the response headers (without the body):

curl -I http://testphp.vulnweb.com/

This will return the HTTP status and headers like Content-Type, Content-Length, etc.

10. Analyzing the Entire HTTP Transaction

To display both the request and the response, including headers, you can use:

curl -v http://testphp.vulnweb.com/

For more detailed analysis:

curl -v -X POST -H "Content-Type: application/json" -d '{"name":"test"}'


http://testphp.vulnweb.com//api

This will show:

• Request method (POST)

• Request headers (e.g., Content-Type: application/json)

• Request body (JSON data sent)

• Response headers and body

11. Advanced Usage: Timing, Debugging, and Tracing

• Measure Response Time: Use the -w (write-out) option to get the time metrics of a
request.

curl -w "@curl-format.txt" -o /dev/null -s http://testphp.vulnweb.com/

Where curl-format.txt might contain something like:

txt

time_namelookup: %{time_namelookup}\n

time_connect: %{time_connect}\n

time_starttransfer: %{time_starttransfer}\n
time_total: %{time_total}\n

• Debugging SSL Connections: If you're having SSL issues, use:

curl -v --insecure http://testphp.vulnweb.com/

o --insecure: Skips SSL certificate verification.

• Trace Debugging: Use --trace to debug complex transactions.

curl --trace tracefile.txt http://testphp.vulnweb.com/

12. Basic Authentication

You can specify basic HTTP authentication credentials with the -u option:

curl -u username:password http://testphp.vulnweb.com//protected

13. Handling Redirects

If the URL you request results in a redirect (HTTP 3xx), use the -L option to follow it:

curl -L http://testphp.vulnweb.com/

Summary of Useful curl Options

Option Description

-X Specify the request method (GET, POST, PUT, DELETE, etc.)

-H Add a custom header to the request

-d Send data with the request (usually used with POST, PUT)

-o Write output to a file

-O Download file with the original name

-I Fetch only the headers

-L Follow redirects

-v Enable verbose mode (see request and response headers)

-u Specify basic authentication credentials


Option Description

--form Send form data, used for file uploads

You might also like