? ? cURL是常用的URL命令列請求工具,常用于Linux系統中,向Web Server發送請求,它的名字就是客戶端(client)的 URL 工具的意思,以下示例,我們以CentOS 7.9為演示環境,來看看cURL的一些常用用法
1. cURL安裝
[root@surpass ~]# yum install -y curl
2. cURL命令語法
curl [options...] <URL>
2.1 URL 格式
? ? 在萬維網上,每一個資訊資源都有統一的且在網上唯一的地址,該地址就叫URL(Uniform Resource Locator,統一資源定位器),它是萬維網的統一資源定位標志,就是指網路地址,URL的格式定義要參考 RFC 1808 ,
? ? URL由三部分組成:資源型別、存放資源的主機域名、資源檔案名,也可認為由4部分組成:協議、主機、埠、路徑,URL的一般語法格式為:
protocol://hostname[:port]/path/[;parameters][?query]#fragment
帶[]的為可選項
- 1.protocol
? ? 指定使用的傳輸協議,以下為部分支持的傳輸協議(常用的是HTTP協議),
| 協議 | 說明 | 格式 |
|---|---|---|
| file | 資源是本地計算機上的檔案 | 格式file:/// |
| ftp | 通過 FTP訪問資源 | 格式 ftp:// |
| http | 通過 HTTP 訪問該資源 | 格式 http:// |
| https | 通過安全的 HTTPS 訪問該資源 | 格式 https:// |
| mailto | 資源為電子郵件地址,通過 SMTP 訪問 | 格式 mailto: |
- 2.hostname
? ? 指存放資源的服務器的域名系統(DNS) 主機名或 IP 地址,有時,也可以在主機名前包含連接到服務器所需的用戶名和密碼(格式:username:password@hostname)
- 3.port
? ? 整數、可選,省略時使用方案的默認埠,各種傳輸協議都有默認的埠號,如http的默認埠為80,如果輸入時省略,則使用默認埠號,有時候出于安全或其他考慮,可以在服務器上對埠進行重定義,即采用非標準埠號,此時,URL中就不能省略埠號這一項,
- 4.path
? ? 由零或多個"/"符號隔開的字串,一般用來表示主機上的一個目錄或檔案地址,
- 5.parameters
? ? 用于指定特殊引數的可選項
- 6.query
? ? 可選,用于給網頁傳遞引數,可有多個引數,用 & 符號隔開,每個引數的名和值用 = 符號隔開,
- 7.fragment
? ? 字串,用于指定網路資源中的片斷,例如一個網頁中有多個名詞解釋,可使用fragment直接定位到某一名詞解釋,
2.2 引數詳解
- 1.-A, --user-agent
? ? -A 引數指定客戶端的用戶代理標頭,即User-Agent,curl 的默認用戶代理字串是curl/[version],
[root@surpass ~]# curl -A "Surpass/v2.0" http://httpbin.org/get
{
"args": {},
"headers": {
"Accept": "*/*",
"Host": "httpbin.org",
"User-Agent": "Surpass/v2.0",
"X-Amzn-Trace-Id": "Root=1-6215aac3-155eacd652f66bfa65f0f6a2"
},
"origin": "58.34.128.34",
"url": "http://httpbin.org/get"
}
- 2.-b, --cookie
? ? -b引數用來向服務器發送 Cookie,
root@surpass ~]# curl -b "name=Surpss" http://httpbin.org/get
{
"args": {},
"headers": {
"Accept": "*/*",
"Cookie": "name=Surpss",
"Host": "httpbin.org",
"User-Agent": "curl/7.29.0",
"X-Amzn-Trace-Id": "Root=1-6215ab74-0d1ad58915275e54624c5b85"
},
"origin": "58.34.128.34",
"url": "http://httpbin.org/get"
}
- 3.-c, --cookie-jar
? ? -c 引數將服務器設定的 Cookie 寫入一個檔案
[root@surpass Surpass]# curl -c /home/Surpass/cookies.txt http://www.baidu.com/
...
[root@surpass Surpass]# cat /home/Surpass/cookies.txt
# Netscape HTTP Cookie File
# http://curl.haxx.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
.baidu.com TRUE / FALSE 1645674025 BDORZ 27315
- 4.-X, --request
? ? -X引數指定 HTTP 請求的方法
[root@surpass Surpass]# curl -X GET http://httpbin.org/get
{
"args": {},
"headers": {
"Accept": "*/*",
"Host": "httpbin.org",
"User-Agent": "curl/7.29.0",
"X-Amzn-Trace-Id": "Root=1-6215ad49-66df43ca728c5acd0f72dc90"
},
"origin": "58.34.128.34",
"url": "http://httpbin.org/get"
}
- 5.-d, --data
? ? -d引數用于發送 POST 請求的資料體
[root@surpass Surpass]# curl -X POST -d "name=Surpass&city=Shanghai" http://httpbin.org/post
{
"args": {},
"data": "",
"files": {},
"form": {
"city": "Shanghai",
"name": "Surpass"
},
"headers": {
"Accept": "*/*",
"Content-Length": "26",
"Content-Type": "application/x-www-form-urlencoded",
"Host": "httpbin.org",
"User-Agent": "curl/7.29.0",
"X-Amzn-Trace-Id": "Root=1-6215adba-49ec43a362fd317d050a8aa4"
},
"json": null,
"origin": "58.34.128.34",
"url": "http://httpbin.org/post"
}
使用-d引數以后,HTTP 請求會自動加上標頭Content-Type : application/x-www-form-urlencoded,并且會自動將請求轉為 POST 方法,因此可以省略-X POST
? ? -d引數可以讀取本地文本檔案的資料,向服務器發送,
[root@surpass Surpass]# cat surpass.txt
name=Surpass&city=Shanghai
[root@surpass Surpass]# curl -X POST -d "@/home/Surpass/surpass.txt" http://httpbin.org/post
{
"args": {},
"data": "",
"files": {},
"form": {
"city": "Shanghai",
"name": "Surpass"
},
"headers": {
"Accept": "*/*",
"Content-Length": "26",
"Content-Type": "application/x-www-form-urlencoded",
"Host": "httpbin.org",
"User-Agent": "curl/7.29.0",
"X-Amzn-Trace-Id": "Root=1-6215ae49-77106731260a6aa23b3fe128"
},
"json": null,
"origin": "58.34.128.34",
"url": "http://httpbin.org/post"
}
- 6.--data-urlencode
? ? --data-urlencode引數等同于-d,發送 POST 請求的資料體,區別在于會自動將發送的資料進行 URL 編碼,
- 7. -e, --referer
? ? -e引數用來設定 HTTP 的標頭Referer,表示請求的來源
curl -e "http://www.baidu.com" http://httpbin.org/get
{
"args": {},
"headers": {
"Accept": "*/*",
"Host": "httpbin.org",
"Referer": "http://www.baidu.com",
"User-Agent": "curl/7.29.0",
"X-Amzn-Trace-Id": "Root=1-6215b029-32ad83970dd3997f16e46bf6"
},
"origin": "58.34.128.34",
"url": "http://httpbin.org/get"
}
- 7. -F, --form
? ? -F引數用來向服務器上傳二進制檔案
[root@surpass Surpass]# curl -F "@file=/home/Surpass/cp.exe" -X POST http://httpbin.org/post
{
"args": {},
"data": "",
"files": {},
"form": {
"@file": "/home/Surpass/cp.exe"
},
"headers": {
"Accept": "*/*",
"Content-Length": "160",
"Content-Type": "multipart/form-data; boundary=----------------------------4dfc834637a8",
"Host": "httpbin.org",
"User-Agent": "curl/7.29.0",
"X-Amzn-Trace-Id": "Root=1-6215b100-241d9f35053c8ca12b5d95d2"
},
"json": null,
"origin": "58.34.128.34",
"url": "http://httpbin.org/post"
}
? ? -F引數可以指定 MIME 型別
curl -F "[email protected];type=image/png" -X POST http://httpbin.org/post
- 8. -G, --get
? ? -G引數用來構造 URL 的查詢字串
[root@surpass Surpass]# curl -G -d "name=Surpass" -d "city=Shanghai" http://httpbin.org/get
{
"args": {
"city": "Shanghai",
"name": "Surpass"
},
"headers": {
"Accept": "*/*",
"Host": "httpbin.org",
"User-Agent": "curl/7.29.0",
"X-Amzn-Trace-Id": "Root=1-6215b222-60aa0b090adea66a01b6d883"
},
"origin": "58.34.128.34",
"url": "http://httpbin.org/get?name=Surpass&city=Shanghai"
}
- 9. -H, --header
? ? -H引數添加 HTTP 請求的標頭,
[root@surpass Surpass]# curl -H "Accept:application/json" -H "Content-Type:application/json" -d '{"name":"Surpass","city":"Shanghai"}' -X POST http://httpbin.org/post
{
"args": {},
"data": "{\"name\":\"Surpass\",\"city\":\"Shanghai\"}",
"files": {},
"form": {},
"headers": {
"Accept": "application/json",
"Content-Length": "36",
"Content-Type": "application/json",
"Host": "httpbin.org",
"User-Agent": "curl/7.29.0",
"X-Amzn-Trace-Id": "Root=1-6215b33a-1eb87b6c4a6d963733fe1b64"
},
"json": {
"city": "Shanghai",
"name": "Surpass"
},
"origin": "58.34.128.34",
"url": "http://httpbin.org/post"
}
- 10. -I, --head
? ? -I引數向服務器發出 HEAD 請求,然會將服務器回傳的 HTTP 標頭列印出來
[root@surpass Surpass]# curl -I http://httpbin.org/bin/get
HTTP/1.1 404 NOT FOUND
Date: Wed, 23 Feb 2022 04:09:58 GMT
Content-Type: text/html
Content-Length: 233
Connection: keep-alive
Server: gunicorn/19.9.0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
- 11. -k, --insecure
? ? -k引數指定跳過 SSL 檢測,
curl -k https://www.baidu.com/
上面命令不會檢查服務器的 SSL 證書是否正確
- 12. -o, --output
? ? -o引數將服務器的回應保存成檔案,等同于wget命令
[root@surpass Surpass]# curl -o /home/Surpass/baidu.html -k https://www.baidu.com/
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 2443 100 2443 0 0 10585 0 --:--:-- --:--:-- --:--:-- 10621
- 13. -u, --user
? ? -u引數用來設定服務器認證的用戶名和密碼
[root@surpass Surpass]# curl -X POST -u "Surpass:123456" http://httpbin.org/post
{
"args": {},
"data": "",
"files": {},
"form": {},
"headers": {
"Accept": "*/*",
"Authorization": "Basic U3VycGFzczoxMjM0NTY=",
"Host": "httpbin.org",
"User-Agent": "curl/7.29.0",
"X-Amzn-Trace-Id": "Root=1-6215b50b-235bcd7559c3b10526661841"
},
"json": null,
"origin": "58.34.128.34",
"url": "http://httpbin.org/post"
}
上面命令設定用戶名為Surpass,密碼為123456,然后將其轉為 HTTP 標頭Authorization: "Basic U3VycGFzczoxMjM0NTY=
- 14. --limit-rate
? ? --limit-rate用來限制 HTTP 請求和回應的帶寬,模擬慢網速的環境
[root@surpass Surpass]# curl -X POST -u "Surpass:123456" --limit-rate 20k http://httpbin.org/post
{
"args": {},
"data": "",
"files": {},
"form": {},
"headers": {
"Accept": "*/*",
"Authorization": "Basic U3VycGFzczoxMjM0NTY=",
"Host": "httpbin.org",
"User-Agent": "curl/7.29.0",
"X-Amzn-Trace-Id": "Root=1-6215b608-37ebfcef62e94fd92413f270"
},
"json": null,
"origin": "58.34.128.34",
"url": "http://httpbin.org/post"
}
- 15. -O, --remote-name
? ? -O引數將服務器回應保存成檔案,并將 URL 的最后部分當作檔案名
[root@surpass Surpass]# curl -O http://www.downcc.com/soft/265486.html
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 311 0 311 0 0 3963 0 --:--:-- --:--:-- --:--:-- 3987
[root@surpass Surpass]# ll
total 164
-rw-r--r-- 1 root root 311 Feb 22 23:23 265486.html
- 16. -L, --location
? ? -L引數會讓 HTTP 請求跟隨服務器的重定向,curl 默認不跟隨重定向
[root@surpass Surpass]# curl -I http://www.baidu.cn/
HTTP/1.1 302 Found
Location: http://www.baidu.com/
Date: Wed, 23 Feb 2022 06:14:23 GMT
Content-Type: text/plain; charset=utf-8
[root@surpass Surpass]# curl -I -L http://www.baidu.cn/
HTTP/1.1 302 Found
Location: http://www.baidu.com/
Date: Wed, 23 Feb 2022 06:14:31 GMT
Content-Type: text/plain; charset=utf-8
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Connection: keep-alive
Content-Length: 277
Content-Type: text/html
Date: Wed, 23 Feb 2022 06:14:31 GMT
Etag: "575e1f60-115"
Last-Modified: Mon, 13 Jun 2016 02:50:08 GMT
Pragma: no-cache
Server: bfe/1.0.8.18
原文地址:https://www.jianshu.com/p/5e2b5fa943b2
本文同步在微信訂閱號上發布,如各位小伙伴們喜歡我的文章,也可以關注我的微信訂閱號:woaitest,或掃描下面的二維碼添加關注:
作者: Surpassme
來源: http://www.jianshu.com/u/28161b7c9995/
http://www.cnblogs.com/surpassme/
宣告:本文著作權歸作者所有,歡迎轉載,但未經作者同意必須保留此段宣告,且在文章頁面明顯位置給出 原文鏈接 ,否則保留追究法律責任的權利,如有問題,可發送郵件 聯系,讓我們尊重原創者著作權,共同營造良好的IT朋友圈,
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/499985.html
標籤:其他
上一篇:NC反彈shell的幾種方法