Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to use curl to generate http 1.0 request for a file without a leading slash?

Tags:

curl

Below is the request I received from server log. I am worried this may trigger some crash. The server is a simple express dev server.

"GET login.cgi HTTP/1.0"

How do I use curl to duplicate the above exact request?

  • no path
  • login.cgi
  • HTTP 1.0

Thanks!

like image 906
Nicolas S.Xu Avatar asked Jul 29 '17 14:07

Nicolas S.Xu


1 Answers

Not even a leading slash? That's not likely to ever get sent by any HTTP clients.

If you can do with a slash, you can do it with:

curl --http1.0 localhost/login.cgi

If you really insist on not having a leading slash in there, you need to get yourself curl 7.55.0 (or later) and use the --request-target option to override the request target manually, like this:

curl --http1.0 localhost --request-target login.cgi

(and of course you should replace 'localhost' with the host name of your choice)

Without curl

A cruder approach to do the same request is to craft it with printf + nc, like this:

printf "GET login.cgi HTTP/1.0\r\nHost: localhost\r\n\r\n" | nc localhost 80

.... where you of course need to add the set of headers you want to pass on yourself. The Host: there is just an example showing how to do it.

like image 87
Daniel Stenberg Avatar answered Sep 21 '22 08:09

Daniel Stenberg