curl – Page 2 – WindowsTechs.com

How to properly use cURL –data-binary to send a request payload

Posted on January 8, 2024 by Maestro

This question is out of pure curiosity. I know I can send multipart formposts using curl’s –form/-F option. However, I was curious to see if the same can be done with the –data-binary option? For example, if I run the following script to… Continue reading How to properly use cURL –data-binary to send a request payload→

Issue uploading a file with cURL to WebSecurityAcademy Lab on PortSwigger.com

Posted on January 4, 2024 by Maestro

I want to solve an apprentice-level lab on PortSwigger.com focused on file upload vulnerabilities; the lab is called Remote code execution via web shell upload. The labs on PortSwigger.com encourage the use of Burp. However, while Burp is … Continue reading Issue uploading a file with cURL to WebSecurityAcademy Lab on PortSwigger.com→

This Week in Security: Curl Reveal, Rapid Reset DDoS, and Libcue

Posted on October 13, 2023 by Jonathan Bennett

Curl gave us all a big warning that a severe security problem had been found in that code-base. Given the staggering number of Curl installs around the world, we held …read more Continue reading This Week in Security: Curl Reveal, Rapid Reset DDoS, and Libcue→

Critical Security Vulnerabilities in Curl Patched, Users Advised to Upgrade

Posted on October 12, 2023 by Waqas

By Waqas
The company has issued security patches for two vulnerabilities.
This is a post from HackRead.com Read the original post: Critical Security Vulnerabilities in Curl Patched, Users Advised to Upgrade
Continue reading Critical Security Vulnerabilities in Curl Patched, Users Advised to Upgrade→

Long-awaited curl vulnerability flops

Posted on October 11, 2023 by Christian Vasquez

The flaw in the widely used open source software package was expected to be the next great catastrophe in computer security.

The post Long-awaited curl vulnerability flops appeared first on CyberScoop.

Continue reading Long-awaited curl vulnerability flops→

Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk

Posted on October 11, 2023 by Ryan Naraine

Flaw poses a direct threat to the SOCKS5 proxy handshake process in cURL and can be exploited remotely in some non-standard configurations.
The post Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk appeared first on SecurityWeek.
Continue reading Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk→

Patches Prepared for ‘Probably Worst’ cURL Vulnerability

Posted on October 9, 2023 by Ionut Arghire

A high-severity vulnerability in the data transfer project cURL will be addressed with libcurl and curl updates this week.
The post Patches Prepared for ‘Probably Worst’ cURL Vulnerability appeared first on SecurityWeek.
Continue reading Patches Prepared for ‘Probably Worst’ cURL Vulnerability→

Dumping database from cURL API

Posted on August 26, 2023 by Kafası Güzel Penguen

Hello there is a API that I have but I need that file’s database can you help me?
Here is how the API works.
$apiUrl = "http://example.com/index.php?id=" . $id;
$curl = curl_init($apiUrl); curl_setopt($curl, CURLOPT_RETURNTRANSFE… Continue reading Dumping database from cURL API→

Post Exploitation in Oracle web logic server 10.35 (Oracle Linux Server 3.8)

Posted on July 24, 2023 by Abu Bakar

Web Server : Oracle WebLogic 10.35
Machine : Oracle Linux Server 3.8
I was able to partially exploit this CVE. I can execute any command on server using HTTP request and redirecting its output to a file i.e
cat /etc/passwd > /tmp/succes… Continue reading Post Exploitation in Oracle web logic server 10.35 (Oracle Linux Server 3.8)→

Remote Code Execution on an Oscilloscope

Posted on July 17, 2023 by Bryan Cockfield

There are a huge number of products available in the modern world that come with network connectivity now, when perhaps they might be better off with out it. Kitchen appliances …read more Continue reading Remote Code Execution on an Oscilloscope→