Summary
Hey guys,
could the “Web Requests POST” exercise be buggy?
Obtain a session cookie through a valid login, and then use the cookie with cURL to search for the flag through a JSON POST request to ‘/search.php’
I did it step-by-step and I get the message: “Received content contained invalid JSON!”.
First:
curl -X POST -d “username=admin&password=admin” http://167.71.139.140:31775 -i
→ shows Cookie (“PHPSESSID=is2es8npmicr59glj1tjbt5ahm”)
Then change in Storage tab in the browser the cookie into “PHPSESSID=is2es8npmicr59glj1tjbt5ahm”.
Then: “curl -X POST -d”{“search”:“london”}" -b “PHPSESSID=is2es8npmicr59glj1tjbt5ahm” -H “Content-Type: application/json” http://167.71.139.140:31775/search.php"
—> Result: “Received content contained invalid JSON!”
What am I doing wrong ?
I googled and read the forum and found only old posts, but the Web Request Module got updated.
Do I have to think outside the box and use some commands which wasn’t taught in the module?
Greetings
EDIT: I did it with my own VM instead the pre-made Parrot Linux. Now it worked.
EDIT2: I’ve restored the post in case anyone has problems with it too.
Shall I delete the topic ?