Use curl to determine whether the website is open insecure HTTP method, file upload/delete

Others 2021-01-23 16:24:47 views: null

Use curl to determine whether the website opens the insecure HTTP method

Use the curl command to test:

curl -v -X OPTIONS http://www.xxx.com/

Insert picture description here

View response Allow: GET, HEAD, POST, PUT, DELETE, OPTIONS

Generally we think that it is not safe to use put, delete, trace and other methods
————————————————————————————————
Create a website Page, use curl command to judge whether it can be uploaded

curl -v -T 1.html http://www.xxxx.com/1.html

Insert picture description here

403 server refused to connect

————————————————————————————————
Find an existing page, such as 2.html

curl -X DELETE http://www.xxx.com/2.html

Find a page for deletion test.
If the deletion is successful, the attack is effective.

Guess you like

Origin blog.csdn.net/zHx981/article/details/112347908

Use curl to determine whether the website is open insecure HTTP method, file upload/delete

Determine whether a file is an image file to upload

PHP file to determine whether the method of picture

Determine whether it is an image file

Write shell scripts to determine whether to use the word dictionary file

How to determine whether to open a window

jquery method to determine whether it is IE

python determine whether a file exists

Linux file to determine whether there is a command of

ElementPlus file upload, determine whether the file is a picture in the pre-upload hook

Curl usage: HTTP request, file download, FTP upload and download

use! To determine whether data is present

Use Stack to determine whether it is a palindrome

js download a file, the file to determine whether to return

Determine whether the shell file directory or file exists

java to determine whether the file is an image file

[PHP] CURL file upload

curl command to test whether the server supports HTTP

java upload file deletion method and delete files

Python determine whether a file exists, and delete files api (which determine files not think this can make compatible jenkins strong working directory that problem)

Appium test method - to determine whether there is pop ads

jQuery method to determine whether there is a scroll bar

[JS] Method to determine whether a string is a url

shell script - to determine whether there is a folder or file

python determine whether the characters in the file, there is no add

JAVA determine whether a file exists OSS

C ++ How to determine whether a file exists

How to determine whether the file handle iterator?

Determine whether there is a specified key in the file and modify the value if there is

How does jquery determine whether a file exists

Recommended

Ranking

A quick primer on numpy basics

Two sister tease python project

Java | Multiple keywords in the replacement content are returned to the front end in red style

C ++: references

The string leetcood 1018 is a binary prefix divisible by 5

Flutter 布局组件

Java combat spingboot-redis

PMP pre-exam sprint and wrong questions sorting

ActiveMq C# Message Features: Delayed and Timed Message Delivery

DSP28377S_ copy a program from the RAM to FLASH portion DETAILS

Daily

More

2024-05-16(23)

2024-05-15(5)

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)