Curl Telnet

Posted on |



CURL is a tool to transfer data from or to a server, using one of the many supported protocols (HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or FILE). This tool is designed to work without user interaction, making it excellent for automation. MacOS High Sierraではtelnetコマンドが消えたらしい. MacOS High Sierraで消されたftpとtelnetを復活させる - Qiita. が、ポート開放できるかの開放にtelnetコマンドはよく使うのでないのは困る。 もちろんbrewでインストールするのもありだけど他人のPCとかだとなぁと思ってたらなんとcurlでも叩け. Checking ports without telnet. GitHub Gist: instantly share code, notes, and snippets.

  1. Curl Telnet Command In Linux
  2. Curl Telnet Https
  3. Curl Telnet Command
  4. Using Curl To Check Port
  5. Curl Command Line Options
  • This message:[ Message body ] [ More options ]
  • Related messages:[ Next message ][ Previous message ][ Next in thread ] [ Replies ]
From: Philippe Baudry <Philippe.Baudry_at_evidian.com>
Date: Tue, 20 Dec 2005 12:19:09 +0100

hi

curl allows telnet functionnality

syntax is curl telnet://<remote>

curl doesn t manage the user password, and it is to user to catch the
prompt and send the user identification.
why?

interest of curl is i think a complete protocal connect management from
just a command line, as it does for http, ftp,..

with telnet, this advantage is not implemented, and a simple script
including telnet command seems to do the same

i have done some test, and can t find a solution , from a script
including curl telnet, to pass automaticaly the user/id to continue the
telnet connexion

so should be possible to have an improvement of telnet in curl including
the management of user identificatin while connection (even if it is
not in the protocol and can t be treated directly)
as

curl telnet://<remote> -u <user/pass>

curl will do the telnet connexion, will cath the return prompt, send the
user/id , test the results, etc , to return finaly the command result

it should be nice for me, because i should have a telnet command
inheriting of curl benefits( (proxy management, ...)

in it is not, how can i from a shell script including curl telnet
syntax, provide the user/id in continue

Curl telnet with proxy

thanks for an answer

Curl TelnetCurl telnet timeout

Received on 2005-12-20

  • This message: [ Message body ]
  • Next message: Samuel Díaz García: 'Re: curl and telnet'
  • Previous message: Philippe Baudry: 'Philippe.Baudry@evidian.com'
  • Next in thread: Samuel Díaz García: 'Re: curl and telnet'
  • Reply: Samuel Díaz García: 'Re: curl and telnet'
  • Reply: Daniel Stenberg: 'Re: curl and telnet'
  • Reply: Jake Peavy: 'Re: curl and telnet'
Curl telnet udp
  • Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

If you’re using the HTTP protocol for surfing Internet, you usually use only using two of its methods i.e. GET and POST. However HTTP has a number of other methods like OPTIONS, TRACE, CONNECT, PUT and DELETE which are very risky if all these HTTP Methods are open in your web server.

According to RFC 2616, there are 8 HTTP methods for HTTP 1.1, specifically OPTIONS, GET, HEAD, POST, PUT, DELETE, TRACE, and CONNECT, and this set can be extended.

Curl telnet timeout
  • The OPTIONS method is used to request available methods on a server, while the GET method is used to retrieve the information that is requested.
  • The GET method is one of the most common ways to retrieve web resources.
  • The HEAD method is similar to the GET method, but is used to retrieve only header information.
  • The POST method is used to send a request with the entity enclosed in a body; the response to this request is determined by the server.
  • The PUT method is used to store the enclosed entity on a server.
  • The DELETE method is used to remove the resources from the server.
  • The TRACE method is employed to return the request that was received by the final recipient from the client so that it can diagnose the communication.
  • The CONNECT method creates a tunnel with a proxy.

There are also extended HTTP methods such as web-based distribution authoring and versioning (DAV). WEBDAV can be used by clients to publish web contents and involves a number of other HTTP methods such as PROPFIND, MOVE, COPY, LOCK, UNLOCK, and MKCOL.

As we all knows, to test methods for HTTP websites, there are alot of tools are there like NC, Curl, Nmap, BurpSuite, Telnet etc but for SSL websites, this won’t work at all.

Today we’ll discuss the best 3 methods through which you can easily test methods/services for SSL based websites.

  1. With OpenSSL
  2. With CURL
  3. With NMAP

Also Read: Detection and Exploitation of OpenSSL Heartbleed Vulnerability using NMAP and METASPLOIT

1. Test with OpenSSL –

The OpenSSL command line tool can be used for several purposes like creating certificates, viewing certificates and testing https services/connectivity etc.

The following command can be used to test connectivity to an https service.

Curl Telnet Command In Linux

Command: openssl s_client -connect example.com:443

Basically s_client attribute is used to debug SSL Servers.

Reference Link –https://ping.force.com/Support/PingIdentityArticle?id=kA3400000008RYSCA2

This will open an SSL connection to example.com with port 443 and print the SSL certificate used by the service. After connecting you can manually send http requests. This is similar to using telnet to connect to an http service and manually sending an http, i.e GET, OPTIONS or TRACE request.

OPTIONS / HTTP/1.1
Host: example.com

Press Enter Twice:

2. Test with CURL –

Curl Telnet Https

CURL is the another useful utility through which you can test all methods for both http and https websites. The curl installed by default in Debian supports HTTPS since a great while back.

For HTTP –

Command: curl -i -X OPTIONS http://example.com/

For HTTPS –

Command: curl –insecure -i -X OPTIONS https://example.com/

Reference Link –https://curl.haxx.se/

You may also use -v instead of -i to see more output.

3. Test with NMAP –

Another method of checking which HTTP methods are enabled is using an NMAP script called http-methods.nse, which can be obtained from https://nmap.org/nsedoc/scripts/http-methods.html. This script is useful when multiple targets or ports need to be checked.

Command: nmap –script http-methods -p443 –script-args http-methods.url-path=’/page’ example.com

Reference Link – https://nmap.org/nsedoc/scripts/http-methods.html

Also Read:5 Books Considered the “Best Nmap Books Ever Written”

Curl Telnet Command

Apache implements all relevant HTTP methods for static content (actual files served directly by Apache). For dynamic content, Apache does not care what the HTTP method is (unless it is explicitly restricted with a <Limit> directive), and passes the request to the appropriate handler as it is.

Upcoming Protocol HTTP/2 –

HTTP/2 is the first major upgrade to the HTTP protocol in over 15 years. Websites have changed dramatically, with the number of external image, CSS, and JavaScript assets growing by the year.

  • HTTP/1.1 wasn’t designed for this kind of complexity.
    HTTP/2 is optimized for the modern website, improving performance without complicated hacks like domain sharing and file concatenation.

Using Curl To Check Port

To check whether your site/server supports HTTP/2 or not, visit https://tools.keycdn.com/http2-test

Curl Command Line Options

For HTTP Testing, you could use a proxy, like Burp Suite or Zap, and follow the below steps:

  • a) Set up your browser to pass through the chosen proxy.
  • b) Make a normal HTTP request (e.g. GET /index.php HTTP/1.1) and intercept it.
  • c) Forward that request to Repeater Tab and then change the GET method to OPTIONS and click the GO button which shows at top left corner.
  • d) Analyze the HTTP response on other side.

If the HTTP response contains 200 OK, then it means that particular OPTIONS method is enabled on that web server.