Skip to content

Generic Requests Module

Munir Njiru edited this page Nov 24, 2015 · 4 revisions

#Generic Requests Module

This module is a similar service to hurl.it. We all love the curl capabilities it has but on internal pentests when dealing with web applications it becomes hard to use the service fully to this potential. Currently this module hasn't reached its full capability on this in terms of flexibility especially in rendering custom headers , Authentication (Basic, Oauth 1.0a, Oauth2 and Digest). These are on the to do list in enhancing the module. The good thing about this however is it can perform requests via 3 different mediums:

  • Curl - If php5-curl extension is installed
  • Stream- via the PHP stream Wrapper
  • Socket - Uses raw TCP/IP sockets

This atleast ensures no paralysis due to lack of modules. The Current Methods Supported are:

  • GET - Requests data from a specified source and usually has headers and body returned.
  • TRACE: This method echoes back to the client whatever string has been sent to the server, and is used mainly for debugging purposes. This method, originally assumed harmless, can be used to mount an attack known as Cross Site Tracing.
  • OPTIONS - This method can be used to determine what other HTTP methods are allowed on the server.
  • HEAD - Similar to GET Request but does not return a body, only returns HEADERS.
  • POST - Used to Send data to a server asking it to accept and store it.

Sample Performing a TRACE Request

  • Load the module by clicking on Web Utils In the Backend
  • Select TRACE in the Method Drop down
  • Input the URL to test in the Web Address textbox under it.
  • Click Make Web Request

Notice whether trace Headers are returned, meaning TRACE is enabled on the server. This can be seen below:

TRACE Request

##OPTIONS Method Sample The steps are similar to above the only difference being that now the method changes to OPTIONS.

Options Request