cURL is an important command line tool used to send requests to a web server.
It can be easily be installed on a Ubuntu system by typing
sudo apt-get install curl
Google can help you, if you are on something else. Grab hold of someone living if google can't.
Sending a simple get request
Writing the output to a file
curl -o filename.html www.example.com
Username and password (HTTP Simple Auth)
curl -u user:password http://example.org/
Send a post request
curl --data name=example http://example.com
Adding a Referer
Adding a User Agent
curl --user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" http://example.com
Specifying methods (GET/POST/PUT/DELETE/PATCH)
curl -X METHOD http://example.com
curl --header "key: value" http://example.com
The URL for some steps might be URL/id (where id is the id key)
- Send a get request to URL. The output will be a json object with data as a unique hash.
- Send the hash you get as the output of previous step as a "SESSION" header. The output will be a json object with some key value pairs.
- Change the value of user_id in the hash to "0". (HINT: PUT)
- Delete the object of that id after user_id is changed to zero. (HINT: DELETE)
- Send an empty post request to URL.
After Challenge Update
Since this blog post was initially written for a Byld Scripting Challenge, here is the link to the repo with the challenge server code. You can easily host it and try out the challenge if you like (or play around with cURL). There are two FLAGs to be retrieved in this challenge - one by completing the steps above, and another by looking at the code and finding the right things :)