Curling

Objective

Team up with Bow Ninecandle to send web requests from the command line using Curl, learning how to interact directly with web servers and retrieve information like a pro!

Solution

Easy mode

Assignment 1

  1. Unlike the defined standards of a curling sheet, embedded devices often have web servers on non-standard ports. Use curl to retrieve the web page on host “curlingfun” port 8080. If you need help, run the ‘hint’ command.
curl http:/curlingfun:8080

Curling 1 Curling 1

Assignment 2

  1. Embedded devices often use self-signed certificates, where your browser will not trust the certificate presented. Use curl to retrieve the TLS-protected web page at https://curlingfun:9090/
curl --insecure https://curlingfun:9090

Curling 2 Curling 2

Assignment 3

  1. Working with APIs and embedded devices often requires making HTTP POST requests. Use curl to send a request to https://curlingfun:9090/ with the parameter “skip” set to the value “alabaster”, declaring Alabaster as the team captain.
curl --insecure https://curlingfun:9090 -X POST -d "skip=alabaster"

Curling 3 Curling 3

Assignment 4

  1. Working with APIs and embedded devices often requires maintaining session state by passing a cookie. Use curl to send a request to https://curlingfun:9090/ with a cookie called “end” with the value “3”, indicating we’re on the third end of the curling match.
curl --insecure --cookie "end=3" https://curlingfun:9090/

Curling 4 Curling 4

Assignment 5

  1. Working with APIs and embedded devices sometimes requires working with raw HTTP headers. Use curl to view the HTTP headers returned by a request to https://curlingfun:9090/
curl --insecure --head https://curlingfun:9090/

Curling 5 Curling 5

Assignment 6

  1. Working with APIs and embedded devices sometimes requires working with custom HTTP headers. Use curl to send a request to https://curlingfun:9090/ with an HTTP header called “Stone” and the value “Granite”.
curl --insecure --header "Stone: Granite" https://curlingfun:9090/

Curling 6 Curling 6

Assignment 7

  1. curl will modify your URL unless you tell it not to. For example, use curl to retrieve the following URL containing special characters: https://curlingfun:9090/../../etc/hacks
curl --insecure --path-as-is "https://curlingfun:9090/../../etc/hacks"

Curling 7 Curling 7

Last assignment

Curling 8 Curling 8

Hard mode

Hard mode hints and assignment is placed in a text file (HARD-MODE.txt) on disk:

ls
HARD-MODE.txt  HELP

Assignment 1

Content is of HARD-MODE.txt is:

Prefer to skip ahead without guidance? Use curl to craft a request meeting these requirements:

  • HTTP POST request to https://curlingfun:9090/
  • Parameter “skip” set to “bow”
  • Cookie “end” set to “10”
  • Header “Hack” set to “12ft”

Curling 9 Curling 9

Command to solve this assignment:

curl --insecure https://curlingfun:9090/ -X POST -d "skip=bow" --cookie "end=10" --header "Hack: 12ft"

Curling 10 Curling 10

Assignment 2

Excellent! Now, use curl to access this URL: https://curlingfun:9090/../../etc/button

Command to solve this assignment:

curl --insecure https://curlingfun:9090/../../etc/button -X POST -d "skip=bow" --cookie "end=10" --header "Hack: 12ft" --path-as-is

Curling 11 Curling 11

Assignment 3

Command to solve this assignment:

curl --insecure https://curlingfun:9090/GoodSportsmanship -X POST -d "skip=bow" --cookie "end=10" --header "Hack: 12ft" --path-as-is -L

Curling 12 Curling 12