Curl android user agent

ИТ База знаний

Курс по Asterisk

Полезно

— Узнать IP — адрес компьютера в интернете

— Онлайн генератор устойчивых паролей

— Онлайн калькулятор подсетей

— Калькулятор инсталляции IP — АТС Asterisk

— Руководство администратора FreePBX на русском языке

— Руководство администратора Cisco UCM/CME на русском языке

— Руководство администратора по Linux/Unix

Навигация

Серверные решения

Телефония

FreePBX и Asterisk

Настройка программных телефонов

Корпоративные сети

Протоколы и стандарты

Как установить или изменить User-Agent с помощью curl

2 минуты чтения

Строка User-Agent (UA) — это информация, включенная в заголовок HTTP, действующая от имени пользователя. Когда вы подключаетесь к веб-сайту из браузера, UA сообщает веб-сайту, из какого браузера поступает запрос, его номер версии и операционную систему.

Онлайн курс по Linux

Мы собрали концентрат самых востребованных знаний, которые позволят тебе начать карьеру администратора Linux, расширить текущие знания и сделать уверенный шаг к DevOps

Сервер может по-разному реагировать на определенных пользовательских агентов. Следовательно, вам может потребоваться изменить строку UA.

В этом руководстве вы узнаете, как установить или изменить пользовательский агент с помощью curl.

Curl User Agent

Когда вы используете curl для отправки HTTP-запроса, он отправляет информацию пользовательского агента в формате curl/version.number .

Последняя стабильная версия на момент написания — 7.72. 0. Следовательно, строка UA в HTTP-запросе будет: curl/7.72.0 .

Есть несколько способов установить или изменить пользовательский агент с помощью команды curl .

Изменить User-Agent с помощью curl

Чтобы изменить пользовательский агент curl на другой браузер, добавьте параметр -A с нужной строкой пользовательского агента:

Чтобы отправить запрос на веб-страницу example.com путем эмуляции пользовательского агента Firefox 81, вы должны запустить:

Вы также можете использовать параметр —user-agent со следующим синтаксисом команды:

В качестве альтернативы запустите параметр командной строки -H , который принимает один параметр дополнительного заголовка для включения в запрос curl:

Теперь вы должны знать, как изменить пользовательский агент с помощью curl и установить в нем нужный браузер. Это позволяет обойти возможные блокировки или изменения содержимого, которые могут появиться из-за использования curl.

Мини — курс по виртуализации

Знакомство с VMware vSphere 7 и технологией виртуализации в авторском мини — курсе от Михаила Якобсена

Источник

Change User Agent with curl to Get URL Source Code as Different OS & Browser

Using curl we can retrieve the HTML & CSS source code of any specified URL and even the http header info, but some sites serve completely different content or HTML to different OS and browser versions, this is done by detecting their user agent. Because of this, we can spoof the user agent of another browser version and operating system, and this allows web developers to quickly get access to those alternate variations of a sites source code. For the purposes here, we’ll achieve this from the command line by using curl.

The basic syntax for spoofing user agent with the curl command is as follows:

curl -A «UserAgentString» http://url.com

Of course you’ll replace UserAgentString with a legitimate user agent string that matches the browser you wish to mimic.

Let’s look at a few examples with various user agent strings.

One of the most common situations of different source HTML and CSS are for websites with stripped down mobile versions, you could retrieve iPhone-specific source code with:

curl -A «Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5» http://www.apple.com

Some sites do this with other browsers too. This would be Chrome 12 in Mac OS X 10.6.8:

curl -A «Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.112 Safari/534.30» http://microsoft.com

Here’s another that spoofs the Mac App Store and Mac OS X 10.6.7 as a user agent and is useful for querying the App Store from a script (more about that on TUAW):

curl -silent -A «iMacAppStore/1.0.1 (Macintosh; U; Intel Mac OS X 10.6.7; en) AppleWebKit/533.20.25» http://ax.search.itunes.apple.com/

Yet another spoofs Windows XP with Firefox 3:

curl -A «Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3» http://yahoo.com

You can find user agent strings all over the web, just be sure to include them in quotes if you want to retrieve a sites source as that user agent. If you want to read more about user agents, Wikipedia has a good entry on the topic.

Note: This is intentionally done through the command line and aimed at those who like to work from the Terminal, but there are easy ways to do this through standard graphical applications and web browsers like Safari, Chrome, and Firefox. Safari is probably the simplest, because you can set different user agents directly from the Developer menu:

This screenshot was taken from an article about getting Facebook Video Chat calls to work in OS X Lion, which is accomplished by changing the browser user agent to a version that Facebook has deemed compatible.

Источник

How to Set or Change User Agent with curl

Home » SysAdmin » How to Set or Change User Agent with curl

A User-Agent (UA) string is information included in the HTTP header, acting on behalf of a user. When you connect to a website from a browser, the UA informs the website from which browser the request is coming from, its version number and operating system.

A server may respond differently to specific user agents. Therefore, you might find yourself needing to change the UA string.

In this tutorial, learn how to set or change the user agent with curl .

Curl User Agent

When you use curl to send a HTTP request, it sends the user agent information in the “curl/version.number” format.

The latest stable version at the time of writing is 7.72. 0. Therefore, the UA string in the HTTP request would be: “curl/7.72.0″.

There are several ways to set or change the user agent with the curl command.

Change User Agent with curl

To change the curl user agent to a different browser, add the -A option with the wanted user agent string:

To send a request to the webpage example.com by emulating the Firefox 81 user agent, you would run:

Note: For a full list of options, see user agent strings for different browsers on a Linux system.

You can also use the —user-agent option with the following command syntax:

Alternatively, run the command line option -H that takes a single parameter of an extra header to include in the curl request:

Note: Need to ignore SSL certificate checks for your latest project? Check out how to make curl ignore certificate errors.

You should now know how to change the user agent with curl and set it to the wanted browser. Doing so allows you to overpass possible blocks or content changes that may appear due to using curl.

Источник

Работа с cURL на android

Зачем это нужно

Мы хотим общение с API сервером написать на C++, а дальше использовать написанную библиотеку во всех наших приложения под различными платформами. Конечно мы хотим, чтобы работало под android.

Libcurl — это библиотека интерфейса API для передачи, которую разработчики могут встроить в свои программы; cURL действует как автономная обёртка для библиотеки libcurl. libcurl используется, чтобы обеспечить возможность передачи файлов (адресуемых с помощью URL) многочисленным приложениям (как открытым, так и коммерческим). (wikipedia)

Для iOS можно скачать готовый пример подключения и использования cURL с сайта разработчика. И с iOS всё просто.

Под android мне на просторах google не удалось найти ни одного исходника, где бы производилось успешное обращение к этой кросс-платформенной библиотеке. (Может я плохо искал).

И вообще говоря под android заставить работать cURL оказалось немного сложнее чем хотелось бы.

Что нам понадобится:

Получение библиотеки cURL для android

Если пойти на сайт cURL и зайти в загрузки, то там можно найти скомпиленный бинарник (Android 7.31.0 binary SSL) который видимо можно запускать как консольную утилиту из под девайса. Но он совершенно бесполезен, если мы хотим работать с библиотекой из своего приложения.
Хорошо погуглив можно найти туториал, как собрать нужную для ndk *.a библиотеку, с которой можно уже работать из приложения.

Есть про портирование cURL под android и на хабре. В результате мы получим желанный *.a файл библиотеки. Сам я его не собирал. Я его честно скачал.

Дальше

Java часть часть

Создадим MainActivity с одной кнопкой и полем для ввода адреса сайта, с которого будем получать информацию.

Напишем класс Native.java, в котором будет производиться обращение к С++ коду.

Нужно не забыть добавить в AndroidManifest разрешение на интернет

Источник

Ethical hacking and penetration testing

InfoSec, IT, Kali Linux, BlackArch

How to use User Agent to attack websites

What Is a Browser’s User Agent?

The User Agent is a string of text that identifies the browser and operating system for the web server. User Agent is passed in the HTTP header when the browser makes a request to the web server.

You can view the transmitted HTTP headers, including User Agent, in the Webmaster Developer Tools. For example, in Google Chrome to do this, press F12, go to the Network tab and in the General window, find Request Headers:

Or you can make it even easier – go to the page of one of the many services that show your User Agent: https://suip.biz/?act=my-user-agent

User Agent example:

The string is not very clear – it is clear that this is Chrome and that its version is 86.

The plot thickens: Chrome is pretending to be both Mozilla and Safari. To understand why, we’ll have to examine the history of user agents and browsers.

How can the User Agent be used to attack websites? I know at least 3 options:

• SQL Injection via User Agent
• XSS with User Agent
• Spoofing User Agent to deceive the server

This guide will show you how to change the User Agent and inject through the User Agent to pretend to be another device or perform attacks on the site.

The User Agent String Mess

Mosaic was one of the first browsers. Its user agent string was NCSA_Mosaic/2.0. Later, Mozilla came along (later renamed Netscape), and its user agent was Mozilla/1.0. Mozilla was a more advanced browser than Mosaic – in particular, it supported frames. Web servers checked to see that the user agent contained the word Mozilla and sent pages containing frames to Mozilla browsers. To other browsers, web servers sent the old pages without frames.

Eventually, Microsoft’s Internet Explorer came along and it supported frames, too. However, IE didn’t receive web pages with frames, because web servers just sent those to Mozilla browsers. To fix this problem, Microsoft added the word Mozilla to their user agent and threw in additional information (the word “compatible” and a reference to IE.) Web servers were happy to see the word Mozilla and sent IE the modern web pages. Other browsers that came later did the same thing.

Eventually, some servers looked for the word Gecko – Firefox’s rendering engine – and served Gecko browsers different pages than older browsers. KHTML – originally developed for Konquerer on Linux’s KDE desktop – added the words “like Gecko” so they’d get the modern pages designed for Gecko, too. WebKit was based on KHTML – when it was developed, they added the word WebKit and kept the original “KHTML, like Gecko” line for compatibility purposes. In this way, browser developers kept adding words to their user agents over time.

Web servers don’t really care what the exact user agent string is – they just check to see if it contains a specific word (source).

XSS via User Agent

XSS vulnerabilities can be:

• Stored (Persistent)
• Reflected (Non-persisten)

All XSS shown below are non-persistent, that is, they are only shown to the user who exploits them, and therefore are not dangerous. Such vulnerabilities are usually not even accepted by Bounty programs (some large companies give a reward for vulnerabilities found, if you report them, this is called Bug Bounty).

We’ll start with the simplest way to change User Agent – right in a web browser. Of course, there are many browser extensions for this, but you can spoof the User Agent even without them.

Google chrome

The Chrome user agent switcher is part of the developer tools. Open them by clicking the Menu button and choosing More Tools → Developer Tools. You can also use the F12 key on your keyboard.

Find “Console” in the lower half of the window – if it is missing, then press the ESC button:

Click the menu button to the right of the Console tab at the bottom of the developer toolbar and select “Network conditions”.

In the “Network conditions” tab, uncheck the “Select automatically” box next to “User agent”. Then you can select the user agent from the list or copy and paste the user agent into the box.

This setting is temporary. It only works when the Developer Tools panel is open and only for the current tab.

A sample user agent for Linux is missing for some reason. If you want sites to think that you are using Linux, then enter something like the following:

Mozilla Firefox

To access the about:config page, type about:config into Firefox’s address bar and press Enter. You’ll see a warning–be careful when you change settings here, you could mess up Firefox’s settings.

Type useragent into the filter box. We’re looking for the general.useragent.overridepreference, but it probably won’t exist on your system.

To create the preference, right-click on the about:config page, point to New, and select String.

Name the preference general.useragent.override .

Enter your desired user agent as the value of the preference. You’ll have to look up your desired user agent on the web and enter it exactly. For example, the following user agent is used by Googlebot, Google’s web crawler:

For Linux, you can take this line:

This setting applies to every open tab and persists until you change it, even if you close and reopen Firefox.

To revert Firefox to the default user agent, right-click the “general.useragent.override” preference and select Reset.

If for whatleaks.com you enter User Agent as a string

We will get an alert popup window.

There is no XSS injection on amiunique.org/fp, but the JavaScript code has broken.

In principle, one could not go far for examples, I myself on SuIP.biz had exactly the same problem (https://suip.biz/?act=my-user-agent), but I fixed it. In fact, the user can really change on the fly the page they want to see. If no one else sees this page, then there is no problem. It’s another matter if the User Agent values are saved and then can be executed as JavaScript code, that is, if the User Agent values are saved and then shown to someone else, for example, the site owner (say, when analyzing statistics) or other users (for example, the popular or recent User Agent widget).

How to do SQL injection via User Agent

Have you thought about it too? If programmers forget that the User Agent should not be trusted like absolutely everything else coming from users, then tags and special characters may not be filtered there? We have already seen an example of this – on all the above sites, special characters in the

Источник