API tools faq
paste
Guest User

Untitled

a guest
Jan 4th, 2019
171
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.86 KB | None | 0 0
raw download clone embed print report
  1. curl
  2. -d "{"email":"test@test.com"}"
  3. --header "X-CSRFToken: [triple checked value from the source code of a page I already loaded from my Django app]"
  4. --cookie "csrftoken=[same csrf value as above]"
  5. http://127.0.0.1:8083/registrations/register/
  6.  
  7. curl
  8. -d "{a:1}"
  9. --header "X-CSRFToken:[as above]"
  10. --cookie "csrftoken=[as above];sessionid=[from header inspection in Chrome]"
  11. http://127.0.0.1:8083/registrations/register/
  12.  
  13. curl
  14. -d "{a:1}"
  15. --header "X-CSRFToken:[as above]"
  16. http://127.0.0.1:8083/registrations/register/
  17.  
  18. $ curl -v -c cookies.txt -b cookies.txt host.com/registrations/register/
  19. $ curl -v -c cookies.txt -b cookies.txt -d "email=user@site.com&a=1&csrfmiddlewaretoken=<token from cookies.txt>" host.com/registrations/register/
  20.  
  21. curl
  22. -d "email=test@test.com&a=1"
  23. http://127.0.0.1:8083/registrations/register/
  24.  
  25. curl
  26. -X POST
  27. -d "email=test@test.com&a=1&csrfmiddlewaretoken={inserttoken}"
  28. --cookie "csrftoken=[as above]"
  29. http://127.0.0.1:8083/registrations/register/
  30.  
  31. $ curl -c cookie.txt http://localhost.com:8000/
  32.  
  33. # Netscape HTTP Cookie File
  34. # http://curl.haxx.se/docs/http-cookies.html
  35. # This file was generated by libcurl! Edit at your own risk.
  36. localhost.com FALSE / FALSE 1463117016 csrftoken vGpifQR12BxT07moOohREGmuKp8HjxaE
  37.  
  38. $curl --cookie cookie.txt http://localhost.com:8000/login/ -H "Content-Type: application/json" -H "X-CSRFToken: vGpifQR12BxT07moOohREGmuKp8HjxaE" -X POST -d "{"username":"username","password":"password"}"
  39. {"status": "success", "response_msg": "/"}
  40. $
  41.  
  42. $curl --cookie cookie.txt http://localhost.com:8000/login/ -H "Content-Type: application/json" -H "X-CSRFToken: kVgzzB6MJk1RtlVnyzegEiUs5Fo3VRqF" -X POST -d "{"username":"username","password":"password"}" -c cookie.txt
  43.  
  44. # Netscape HTTP Cookie File
  45. # http://curl.haxx.se/docs/http-cookies.html
  46. # This file was generated by libcurl! Edit at your own risk.
  47.  
  48. localhost.com FALSE / FALSE 1463117016 csrftoken vGpifQR12BxT07moOohREGmuKp8HjxaE
  49. #HttpOnly_localhost.com FALSE / FALSE 1432877016 sessionid cg4ooly1f4kkd0ifb6sm9p
  50.  
  51. $curl --cookie cookie.txt http://localhost.com:8000/home/
  52.  
  53. curl http://127.0.0.1:8000/snippets/
  54. -X POST
  55. -H "Content-Type: application/json"
  56. -H "Accept: text/html,application/json"
  57. -H "X-CSRFToken: the_token_value"
  58. -H "Cookie: csrftoken=the_token_value"
  59. -u your_user_name:your_password
  60. -d '{"title": "first cookie post","code": "print hello world"}'
  61.  
  62. echo -n YourPasswordHere | ./curl-auth-csrf.py -i http://127.0.0.1:8083/registrations/register/ -d 'email=test@test.com&a=1' http://127.0.0.1:8083/registrations/register/
  63.  
  64. curl -v http://www.markjour.com/login/ -H "X-CSRFToken: 123" -b "csrftoken=123" -d "username=admin&password=admin"
  65.  
  66. curl -b csrftoken=1xzVs5EaUTbVN0Cu5tOslfWGfNahhAsB9LvSoWoUfagDFy3UJsDHidUgxwVB0jN http://localhost:8000/ -d '{"somekey": "somevalue"}'
  67.  
  68. # Apostrophe around the token is optional.
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!