Difficulty: ❄ ❄ ❄ ❄ ❄
Team up with Bow Ninecandle to send web requests from the command line using Curl, learning how to interact directly with web servers and retrieve information like a pro!
Hints
cURL Manual
From: Bow Ninecandle
The official cURL man page has tons of useful information on how to use cURL.
cURL: Don’t squash
From: Bow Ninecandle
Take a look at cURL’s “–path-as-is” option; it controls a default behavior that you may not expect!
Silver trophy
1
2
3
| Welcome to Curling Fun! We will learn some basic curl commands while playing a round of curling.
-----------------------------------------------------------------------------------------------
Are you ready to begin? [y]es: yes
|
1
2
3
4
5
6
7
| 1) Unlike the defined standards of a curling sheet, embedded devices often have web servers on non-standard ports. Use curl to retrieve the web page on host "curlingfun" port 8080.
If you need help, run the 'hint' command.
-----------------------------------------------------------------------------------------------
alabaster@curlingfun:~$ curl http://curlingfun:8080
You have successfully accessed the site on port 8080!
If you need help, please remember to run "hint" for a hint!
|
1
2
3
4
5
6
7
| 2) Embedded devices often use self-signed certificates, where your browser will not trust the certificate presented. Use curl to retrieve the TLS-protected web page at https://curlingfun:9090/
-----------------------------------------------------------------------------------------------
alabaster@curlingfun:~$ curl -k https://curlingfun:9090
You have successfully bypassed the self-signed certificate warning!
Subsequent requests will continue to require "--insecure", or "-k" for short.
If you need help, please remember to run "hint" for a hint!
|
1
2
3
4
| 3) Working with APIs and embedded devices often requires making HTTP POST requests. Use curl to send a request to https://curlingfun:9090/ with the parameter "skip" set to the value "alabaster", declaring Alabaster as the team captain.
-----------------------------------------------------------------------------------------------
alabaster@curlingfun:~$ curl -k https://curlingfun:9090 -d skip=alabaster
You have successfully made a POST request!
|
1
2
3
4
| 4) Working with APIs and embedded devices often requires maintaining session state by passing a cookie. Use curl to send a request to https://curlingfun:9090/ with a cookie called "end" with the value "3", indicating we're on the third end of the curling match.
-----------------------------------------------------------------------------------------------
alabaster@curlingfun:~$ curl -k https://curlingfun:9090 -b end=3
You have successfully set a cookie!
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| 5) Working with APIs and embedded devices sometimes requires working with raw HTTP headers. Use curl to view the HTTP headers returned by a request to https://curlingfun:9090/
-----------------------------------------------------------------------------------------------
alabaster@curlingfun:~$ curl -k https://curlingfun:9090 -i
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 17 Nov 2024 21:32:00 GMT
Content-Type: text/plain;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Custom-Header: You have found the custom header!
You have successfully bypassed the self-signed certificate warning!
Subsequent requests will continue to require "--insecure", or "-k" for short.
If you need help, please remember to run "hint" for a hint!
|
1
2
3
4
| 6) Working with APIs and embedded devices sometimes requires working with custom HTTP headers. Use curl to send a request to https://curlingfun:9090/ with an HTTP header called "Stone" and the value "Granite".
-----------------------------------------------------------------------------------------------
alabaster@curlingfun:~$ curl -k https://curlingfun:9090 -H "Stone:Granite"
You have successfully set a custom HTTP header!
|
1
2
3
4
| 7) curl will modify your URL unless you tell it not to. For example, use curl to retrieve the following URL containing special characters: https://curlingfun:9090/../../etc/hacks
-----------------------------------------------------------------------------------------------
alabaster@curlingfun:~$ curl -k https://curlingfun:9090/../../etc/hacks --path-as-is
You have successfully utilized --path-as-is to send a raw path!
|
1
2
3
| Great work!
Once HHC grants your achievement, you may close this terminal.
|
Gold trophy
The instructions to get start on the gold trophy are in the file HARD-MODE.txt:
1
2
3
4
5
6
7
| alabaster@curlingfun:~$ cat HARD-MODE.txt
Prefer to skip ahead without guidance? Use curl to craft a request meeting these requirements:
- HTTP POST request to https://curlingfun:9090/
- Parameter "skip" set to "bow"
- Cookie "end" set to "10"
- Header "Hack" set to "12ft"
|
1
2
| alabaster@curlingfun:~$ curl -k https://curlingfun:9090 -d skip=bow -b end=10 -H "Hack:12ft"
Excellent! Now, use curl to access this URL: https://curlingfun:9090/../../etc/button
|
1
2
| alabaster@curlingfun:~$ curl -k https://curlingfun:9090/../../etc/button --path-as-is
Great! Finally, use curl to access the page that this URL redirects to: https://curlingfun:9090/GoodSportsmanship
|
1
2
| alabaster@curlingfun:~$ curl -k https://curlingfun:9090/GoodSportsmanship -L
Excellent work, you have solved hard mode! You may close this terminal once HHC grants your achievement.
|