recon_09 (header)

View the exercise here: PentesterLab: Recon 09

OBJECTIVE

For this challenge, your goal is to access the headers from responses.

HEADER INSPECTION

When accessing a web server, it often pays off to check the responses' headers. It's common to find information around version and technologies used.

SOLUTION

When we use this default curl command, we don’t get the header.

curl https://hackycorp.com/

Solution #1:

curl https://hackycorp.com/ --dump-header - -o /dev/null

  • --dump-header - shows the HTTP response headers in the terminal

  • -o /dev/nulldiscards the response body (doesn’t save or display it)

Solution #2:

curl https://hackycorp.com/ --dump-header - -o /dev/null -s

  • -s to remove progress bar

Previousrecon_08 (alt name)Nextrecon_10 (visual recon)

Last updated