1

I checked this How to make an HTTP GET request manually with netcat?, but it didn't really answer my question.

This is for an assignment and I'm stuck.

There's a client (User), web server (Web), and an authentication server (Auth), which holds the usernames/passwords that Web checks with (and sends out packets with such info that can be seen with Wireshark).

Web has a simple username/password form. I want to query Auth a specific username to see the password through Wireshark.

This is the hint given to us on how to send network traffic:

echo -e "GET / HTTP/1.1 \n\n" | nc Web <port #>

I've tried several things, such as:

echo -e "GET / HTTP/john \n\n" | nc Web 80  
(echo "john" ; echo " ";) | nc Web 80  
echo -n -e "john" | nc Web 80

and others. I can't find much relevant resources online for this scenario.

peterh
  • 11,875
  • 18
  • 85
  • 108
Anon Li
  • 561
  • 1
  • 6
  • 18

1 Answers1

0

This is a shell debugging problem.

echo -e 'GET / HTTP/john \n\n' | nc Web 80

is what you want.

"" eats the \ in bash.

peterh
  • 11,875
  • 18
  • 85
  • 108
  • it's supposed to be `\r\n`, like in windows-newlines, also it's supposed to be `\r\n\r\n` which is the magical "end of request headers" string - headers are separated by `\r\n` and the last header has `\r\n\r\n` – hanshenrik Feb 11 '23 at 23:49
  • @hanshenrik Yes, but the root cause of the problem is that you can not backslash in a " in bash. – peterh Feb 14 '23 at 06:56
  • 1
    Perhaps. But a HTTP-specs-compliant request would be ```echo -ne 'GET / HTTP/john\r\n\r\n'``` - edit: forgot `-n`, that's also required to make echo not add a surplus `\n` at the end – hanshenrik Feb 14 '23 at 10:27