PLS Delete, Sorry


Hey guys,

could the “Web Requests POST” exercise be buggy?

Obtain a session cookie through a valid login, and then use the cookie with cURL to search for the flag through a JSON POST request to ‘/search.php’

I did it step-by-step and I get the message: “Received content contained invalid JSON!”.


curl -X POST -d “username=admin&password=admin” -i
→ shows Cookie (“PHPSESSID=is2es8npmicr59glj1tjbt5ahm”)

Then change in Storage tab in the browser the cookie into “PHPSESSID=is2es8npmicr59glj1tjbt5ahm”.

Then: “curl -X POST -d”{“search”:“london”}" -b “PHPSESSID=is2es8npmicr59glj1tjbt5ahm” -H “Content-Type: application/json”"

—> Result: “Received content contained invalid JSON!”

What am I doing wrong ?
I googled and read the forum and found only old posts, but the Web Request Module got updated.

Do I have to think outside the box and use some commands which wasn’t taught in the module?


EDIT: I did it with my own VM instead the pre-made Parrot Linux. Now it worked.

EDIT2: I’ve restored the post in case anyone has problems with it too.

Shall I delete the topic ?

Ensure you are escaping the double quotations within the JSON data.
Ex: ‘{/"search/ ":/“example/”}’ (Replace back-slashes with forward-slashes)

Hopefully this helps in future reference!