cURLing

Difficulty:

Objective

Team up with Bow Ninecandle to send web requests from the command line using Curl, learning how to interact directly with web servers and retrieve information like a pro!

Silver

Answering each of the questions achieves Silver.

1) Unlike the defined standards of a curling sheet, embedded devices often have web servers on non-standard ports. Use curl to retrieve the web page on host "curlingfun" port 8080.

curl curlingfun:8080

2) Embedded devices often use self-signed certificates, where your browser will not trust the certificate presented. Use curl to retrieve the TLS-protected web page at https://curlingfun:9090/

curl -k https://curlingfun:9090/

3) Working with APIs and embedded devices often requires making HTTP POST requests. Use curl to send a request to https://curlingfun:9090/ with the parameter "skip" set to the value "alabaster", declaring Alabaster as the team captain.

curl -k -X POST --data 'skip=alabaster' https://curlingfun:9090/

4) Working with APIs and embedded devices often requires maintaining session state by passing a cookie. Use curl to send a request to https://curlingfun:9090/ with a cookie called "end" with the value "3", indicating we're on the third end of the curling match.

curl -k -b 'end=3' https://curlingfun:9090/

5) Working with APIs and embedded devices sometimes requires working with raw HTTP headers. Use curl to view the HTTP headers returned by a request to https://curlingfun:9090/

curl -k -I https://curlingfun:9090

6) Working with APIs and embedded devices sometimes requires working with custom HTTP headers. Use curl to send a request to https://curlingfun:9090/ with an HTTP header called "Stone" and the value "Granite".

curl -k -H "Stone: Granite" https://curlingfun:9090

7) curl will modify your URL unless you tell it not to. For example, use curl to retrieve the following URL containing special characters: https://curlingfun:9090/../../etc/hacks

curl -k https://curlingfun:9090/%2E%2E/%2E%2E/%2E%2E/etc/hacks

or

curl -k --path-as-is https://curlingfun:9090/../../etc/hacks

Gold

Following the instructions outlined in the HARD-MODE.txt achieves Gold.

cat HARD-MODE.txt 

Output

Prefer to skip ahead without guidance? Use curl to craft a request meeting these requirements:

• HTTP POST request to https://curlingfun:9090/
• Parameter "skip" set to "bow"
• Cookie "end" set to "10"
• Header "Hack" set to "12ft"

curl -k -X POST --data 'skip=bow' -b 'end=10' -H "Hack: 12ft" https://curlingfun:9090/ 

Output

Excellent! Now, use curl to access this URL: https://curlingfun:9090/../../etc/button

curl -k -X POST --data 'skip=bow' -b 'end=10' -H "Hack: 12ft" --path-as-is https://curlingfun:9090/../../etc/button 

Output

Great! Finally, use curl to access the page that this URL redirects to: https://curlingfun:9090/GoodSportsmanship

 curl -k  -I https://curlingfun:9090/GoodSportsmanship

Output

HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 (Ubuntu) Date: Tue, 19 Nov 2024 21:34:50 GMT Content-Type: text/html Content-Length: 178 Location: https://curlingfun:9090/SpiritOfCurling.php Connection: keep-alive

curl -k  https://curlingfun:9090/SpiritOfCurling.php

Output

Excellent work, you have solved hard mode! You may close this terminal once HHC grants your achievement.