Check out hack the box RIGHT NOW:
HTB – https://bit.ly/3HazRYJ
Academy – https://bit.ly/3obTJ6o
Bug Bounty Path – https://bit.ly/3KVQsSq
Welcome to Episode 8 of Linux for hackers. In this episode NetworkChuck shows how to manage web services using curl in Linux!!
🔥🔥Join the NetworkChuck membership: https://ntck.co/Premium
**Sponsored by Hack The Box
0:00 ⏩ Intro
0:57 ⏩ Use Hack The Box for their awesome Linux Lab
2:27 ⏩ setting up a one Command Website
5:48 ⏩ changing the Directories
6:50 ⏩ opening a new terminal!
10:20 ⏩ Change the port
11:52 ⏩ Talk to your website using your command line
12:05 ⏩ Using Curl (there is so much!!)
16:20 ⏩ looking at the request header
19:00 ⏩ Outro
I’m gonna show you how to do two cool things in this video. First, we’re gonna spin up a website in Lennox with one command. We’re gonna hit enter website, web server running right here on your Lennox box. This is super helpful in so many situations and we’re gonna do it in Python. Second, I’m gonna show you how to talk to websites using the command line, because that’s our favorite place to be right now, right there. Instead of using a browser, we use our command line to browse that website. It’ll be using tools like curl and w get essential things that every it person needs to know, especially hackers. And especially you. So get your coffee ready. Let’s do this.
Welcome to Lennox for hackers and everyone, because everyone needs to learn Lennox, episode eight. I’m gonna refill my coffee real quick, and then we’ll get started. And just like every episode, I’m gonna give you access to a free Linux lab right now, here in your browser. Thanks to our sponsor hack the box academy hack. The box academy is what you need to use. If you want to become a hacker. If you’re starting from zero, like, I don’t know what the junk I’m doing. They got you covered. And as your hacking skills increase, you can move on to more advanced courses going into the basic tool sets and learning things like network enumeration with inmap cracking passwords with hashtag and even crazier things like hacking WordPress, DNS enumeration, using Python, which sounds awesome. Web attack, which, Ugh, spider’s freaking me out. I don’t like that at all.
Uh, hate spiders. Anyone else? Hate spiders comment below. Ah, now what’s also cool is they have job roll paths. Let’s check it out, dude. That’s pretty cool. In partnership with hacker one, you can go down the path of becoming a bug bounty hunter. Let’s take a peek inside there real quick. Dang. Look at that 20 modules full of hacking. Goodness all to help you becoming a bug bounty hunter. Woo. And then again, if you’re just getting started junior penetration tester. So what are you waiting for? Check that link below and get signed up right now because we’re gonna be using their free Linux fundamentals course to access a lab and our browser, a Linux lab, but our browser it’s so cool. So yeah. Get logged in. If you already have an account, get signed up. If you don’t and once you’re logged in, go ahead and click on modules on the left click on all modules and scroll down until you find Linux fundamentals.
Go ahead and start or continue. And then finally, to get started with our lab. Go ahead and scroll down just a little bit almost to the bottom where we have my workstation. Go ahead and click on start instance to start your Linux lab here in your browser. Let that B boy boot up. Take a little sip of coffee. And once you see your workstation go and click on interact to open that sucker into a separate window or a separate tab. And now we’re ready. All right. Let’s work on that first cool thing. Let’s set up a website with one command here in Lennox. Now you’re probably wondering why, why do we need to do this now? First? It’s just cool to do like right. It is second. It’ll be a very useful tool to have when you’re hacking or doing other it stuff. Let me show you.
So like always let’s open up our favorite place in the whole world, the Lennox command line, our bash shell. Open that guy up. Oh yeah. And by the way, you can do this in your own lab. You don’t need to use hack the box academy. If you already have a Linux VM with Cali or parrot, or you have Linux has your main OS that’ll work. But here we go with our bash shell open, make mine just a little bit bigger here. Whoa, too big. We’re gonna spin up a website with one command using Python, check this out. And if you’ll know what Python is. I got a Python course right around here, somewhere. Check it out. Here we go. Type in Python space, dash M space and then HTTP dot server. And that’s stinking it. I check this out. We’re gonna hit enter website, web server running right here on your Lenux box.
Isn’t that crazy? What you don’t believe me? Let’s go visit the website right now. So let’s go ahead and fire up. Firefox fire up Firefox. That felt redundant. There is right there. And here in this web browser, we’re gonna navigate to local host, which basically means this computer you’re on right now. This server we’re saying, Hey, go here. Because that’s where the website is locally hosting it right here. Okay. But we’re not done yet local host. And if we look at our terminal here, our website’s not running on the typical website port. See right now it’s running on port to 8,000. The normal website port would be what HTTP port 80 or most websites are now on four or three for SSL. But anyways, 8,000 is a non-standard port. So we need to specify that here in our browser. So we’ll do a colon right after local host and type in 8,000 and watch what happens here.
It’s kind of cool. What couple things happen first? Our terminal freaked out. It’s like, whoa, whoa. Some one’s here cuz we are, we are here. But the logging of this is so cool. And we’ll talk about that here in a second. But back in our browser, what’s happening. We’ve got a directory, like just like a, a, a listing of files here. There’s our desktop folder and documents and downs like, well what’s happening. And if we, we can click on these, go ahead and do it right now, go into documents. And there’s nothing there. Go to desktop. There’ll be so some stuff there. Look at all that and tell you what, try this right here in our desktop. We have my credentials do TXC click on that. Now this right here is a file on your desktop, but we’re now accessing that through a web server, which if you’re tracking with me here gives us another way to transfer files beyond the usual ways we use.
If you’re wanting to get files from your Linux server, you can transfer files in a number over as S H over FTP. You can use Netcat, but if those ways aren’t available, you can quickly spin up a server, a website on Linux and access those files like you’re browsing a website. And of course at that port that you’re using like 8,000 isn’t available to you. We can stop our server doing control C here and our terminal at the up arrow to bring that command back once more. And we can specify another port beyond the one that it defaults to, which is 8,000. We can say, I don’t know, 7,600 for some reason. And bam web server website running on port 6, 7600. Let’s try it out. Local host, colon port 7,600 bam. Now, just so you know, the reason it’s listing a directory of files it’s because it doesn’t have an index HTML file to look at, which is what websites kind of use to bring up pages.
So real quick, just for fun, let’s do something to change that. So let’s stop our web server control C type in LS to see where we’re at. Let’s go ahead and make a new directory. The command will be M K D I R, and we’ll call this website and then we’ll change directories into that directory CD website. Let’s go ahead and make a little test file here. We’ll do nano index HTML and just end this file. Say hello. Hi, welcome to my website. And then for nano to save and get outta there, do control X, hit why and enter to save. So now let’s go into up arrow a few times to launch our same Python. One liner here, go and launch that. And now when we go out to, or we’ll just refresh our page in the browser, boom, our website now important to note here is that when you run that Python server, that one liner command, it will launch in whatever directory you’re currently in.
That’s why I brought up this one index to HTML file we had. And it’s the reason it’s not giving us a list of files like we had before, because that’s one directory up and we we’re not there anymore. Now bonus time, I’ll do control C to close that web browser once more, actually, you know what? I wanna keep that open. I’m gonna keep it running. I’m gonna open up another terminal and do another web server here. I know things getting crazy and I’m not gonna use Python this time. I’m gonna use PHP cuz you got options here. So I’ll type in PHP and we’ll type in dash capital S and we’ll say 1 27, 0 zero.one. Now what is that? What is that address? It’s an IP address. This is your first time seeing this that’s our loop back address. This is a special IP address that will always loop back or refer to your Nick or your network interface card inside your computer.
Now this is a virtual machine and same thing. This virtual Nick, whenever you reference 1 27, 0 0 1, we’ll always go back to your machine and also doing 1 27 0 1 is another way of saying local host local host is kind like the DNS for 1 27, 0 0 1. That’s why you’ll see those welcome mats. Some people’s houses. If they’re a nerd, it’ll say there’s no place like 1, 2 7 0 1. It’s a loop back. It always loops back to your home, your, your computer, your home. So I love those very nerdy. Anyways. I digress. So to finish this up, all we gotta do now is specify our port. We’ll do a colon and say, I don’t know, 80, 85 at enter and boom. Now we have two websites running our computer. So we have the one that’s running on 7,600 Mr. Python, still up and running. Now, if we go to local host, port 80, 85, it is running, but we don’t have anything it’s referencing to, to pull up.
What do you see? We add one more website. Let’s do it. Let’s go crazy. Open up another terminal. We can use NTM, a node package manager to launch a website. We’ll use a command. Oddly enough. NPX not gonna explain that right here. And then type in HTTP dash server, do a dash P to reference a port and we’ll say 80, 86. Just one more after the other one, bam. Another web server. Let’s go there up and running. It’s so cool. So yeah. Right now we have three web servers running on our Linux machine here. Three separate websites personally. I prefer a Python cause I freaking love Python, but whatever you want to use, and sometimes you may not have Python available to you. You never know. So you gotta gotta be ready. Gotta be ready to pull out any tool you can. Now we’re gonna spin off one more website.
I know like we have three. Why we, why do we need four? Trust me, trust me. We’re gonna spin up an Apache web server, a very, very popular web server that you’ll see across the internet. And more often than not, you already have Apache installed on your machine. And that does apply to you if you’re using the hack, the box free lab here. So let’s launch yet another terminal. It’s getting kind of busy here. It’s a okay. And all we have to do is simply start the Apache service. So I’ll do system CTL. And actually I wanna stop there. Do you remember how to start and stop services? We already cover this in the series. Now, if you’re just jumping into this video and going, I don’t know Chuck, well then go back, go back and watch it. But if you already know how do it right now, anyways, here we go.
System CTL start and then we’ll do our service name. I know it to be APA. Ah, Apache two and go, oh it wants some pseudo access. Let’s go. Um, open our credentials on our desktop here. The, my credentials TXT file on our desktop. I’m gonna snag that password. Just copy that sucker. Ah, gotta highlight the whole thing. That’s how it works. Copy it. Paste that here. And we still get an error. Now, if you recall back on our episode where we talked about systems C L and how Lin services work, you could probably troubleshoot this yourself, but I know why it’s not working. Apache by default wants to use port 80, but port 80 is already being used by hack the box academy and how we’re getting this option in our browser here. So we need to go real quick and change the default port from port 80 to something else like maybe port 80.
Well, why am I doing port 80, 80? Which is really simple. We just need to edit one file. Not as simple as like one line command line things, but we’ll do it real quick. I’m gonna type in pseudo and then nano or text editor. I’m gonna edit this file. It’s in its ATC or cetera or Etsy. However you wanna say it. How do you say comment below and then Apache two and we’ll do ports.co N F. That’s the file we’re gonna be editing, hit enter. And then we’ll use our directional arrows to get down to where it says, listen, listen, we’re not doing 80 today. We’re gonna do port 80 80. So just go ahead and change it to look like that. Now the reason it says listen is because the web servers are gonna go, Hey, if you wanna come and talk to me, if you want to get things from me, request things from me.
We’ll talk about that here in a bit. I’m listening, but I’m only listening. I’m port 80 80. If you try to come at me on port 80, 84, I’m not gonna hear you 80, 80 only. So let’s go ahead and do that. Hit control X Y enter to save. And now let’s do that. Stay in command. Once more system CTL start Apache two, and we need that ding password again and pace that sucker. And now it should be running airs. So if we open up yet another tab in our browser and we go to local host, port 80, 80, woo, look that it’s an Apache two default page. Now we got four websites running on our one server. Go tell your mom should be proud of you. Woo. Did you think you’d build four websites today? Ah, coffee break for you and for me now that we have our websites up and running, what do you say?
We talk to ’em, let’s talk to our websites, but not in the traditional way, not with our browser. Cause that that’s what losers do. That’s what most of the world does. We’re special. We we’re different. We’re gonna use our favorite place in the world to talk to our websites. We’re gonna use our command line. So open up yet another terminal it’s getting busy. Anyone else getting crowded, claustrophobic it’s okay. New command time. This command will be used so much in your career type in curl or C URL. Curl stands for client URL. And you really can’t put this command in a box because it’s used for so many stinking things. I follow the career eight on Twitter and curl runs pretty much everywhere, including this Garin watch right here, it comes. Pre-installed in pretty much everything and it can be used for a ton of things.
One of my main use cases is downloading files and you can do it with a bunch of protocols HTTP, which is what I use most of the time. And of course, HTTPS there’s FTP FTPs and STP, but we’re not just gonna be downloading things as from websites with curl. We’re gonna actually communicate with those websites. Test them, send them things, try to trip ’em up and hack ’em curl is an extremely powerful tool. Let’s test out a few things real quick. What do you say? We talked to that first website. We created the one in Python. Now, do you remember what port that was? Cause I almost forgot. There he is right there. Port 7,600. So actually I’m gonna, I’m gonna make sure this terminal is open on the side. We’re gonna type in curl. It’s already typed in space and then just the address of our website.
So I’ll do local host port 7,600 and go now, right there. Instead of using a browser, we use our command line to browse that website, which I mean it’s gotta like, so what I think that’s cool. That’s it’s neat. Right? And you can pretty much do that with any website, like real quick. Let’s try the Apache website. We just spun up. Remember that was port 80, 80. So I’ll curl local host change my port to 80, 80. It’s about to get busy, ready, look at all this. But it’s that entire concept of that website? The homepage, but it’s all in, in like HTML, right? It’s all in code because you’re essentially downloading the code, the source code of that website when you run curl, which is pretty stink and cool. Now I’m gonna clear my page real quick. Now curl is I’m covering curl like the beginning, like we’re opening up the front cover of the book and reading like the little, the first part of the first paragraph.
And that’s all we’re doing right now. There’s so much to curl, but I’ll show you a few more things. Instead of just having the output of that website, just blowing up at us on the screen. We can also save the website to a file. Let’s try it out real quick type in curl once more. We’ll do a dash lowercase. Oh, let’s type a file name. Let’s just say cool website. And then after that we’ll specify our web address, local post and then we’re 80, 80 for our Apache website. Ready? Set, head enter and go. Bam. So we just downloaded something with curl. If we type in LS to see what happened there it is right there. Cool website. And what do you say? We look into it real quick now, quick quiz. How do we look at the file without opening it in a text editor like nano or VIM?
If you recall, we can use the cat command cat to concat need it. Cat cool website, bam. There it all is. Now I’m gonna show you one more thing with curl and it’s, it’s powerful. You can use curl to analyze the way a website will talk to its client and vice versa. The, the messages, the code they use to make things work. Let me show you real quick. So it’s clear. Our page wants more and we’ll do our command curl this time. We’ll do a dash uppercase or capital I, and then our website, local host. And we’ll do APA. You once more, 80, 80, and hit enter. It’s gonna be less wordy this time. Check it out. Bam. Now there’s so much happening right here and it would take a bit to explain. So we’re not gonna cover everything to know that this right here is a header and more specifically a, uh, response header.
And gosh, that the way I wrote header looks so bad. Let me erase that and fix it. There we go. Now this might be kind of fuzzy if this is very new to you, but think about it like a letter. When you send someone a letter, if you’ve ever done that in your entire life, have you sent a letter before? Cause I know some of the audience might be younger. Um, well you sent a letter, of course, inside letter, you have the contents, the actual message. You wanna give somebody and on the outside, on the envelope, you have the mailing details, the address where it’s going, where it’s from, that that stuff on the outside is what we’re talking about. When we talk about the headers, it’s the information about who’s sending and what kind of data they’re sending so we can see, Hey, we have information about the server.
It’s an Apache server. We got content link. We got content type. So many things that you can look at, troubleshoot manipulate. If you’re hacking and you’re gonna use this all the time, you can check on the health of the message, like 200, okay. Is the best message in the world when you’re dealing with websites. That means, yes, it’s good. It’s here. Here you go, friend. You’re happy. Now we’re seeing the response header or the header that we receive back from the server when we send something to him. But let’s see. That’s something that we sent cuz this it’s a conversation here. What do you say? We take a look at the request header. Let’s try it out real quick. Now we’re gonna use something. That’s gonna make the screen very messy. Don’t worry about it. We clear our screen real quick. We’re gonna do curl.
And one more switch. Last thing I’m gonna show you on curl. I’m gonna do dash or tick V for a ver O meaning this guy’s gonna be very chatty head enter and yeah, it’s a stinking lot, but let’s go ahead and scroll up to the very, very top almost there. Oh my goodness. Stinking forever. I’m going slow. Cause I don’t wanna miss it. Ah, here we are at the very top. So just under where we actually inputted our command, we have the headers here is our request header. Now, as you’re using curl notice on the left, we have these arrows, when it arrows like that, that’s always going to indicate a request header when it’s like this, when it’s pointing the other direction, that’s a response header. So just, it’s a little fun fact there. But notice our request here is a get request because we’re trying to get something.
There are other types of requests we could, instead of getting something, we to send something, we say it’d be a post request. And we’re trying to update data, which you know, as you can imagine, if you’re hacking, adding something to something Hmm, gonna be handy someday. And there’s many others like put and update, we’re not gonna go into it here. Just know there’s other methods we can use. But by default, most of the time when you’re going out into a website, your web browser, which is the client is sending a get request saying, Hey, get me that stinking webpage. I wanna see some cats playing piano. And if everything is cool that website’s gonna come back with a response header. Normally it’s gonna be 200. Okay. It’s gonna tell you about what it’s sending. And then just below that, the contents of that response, all the good stuff.
Now, one more tool I’m gonna show you. And this one’s really quick. It’s one I use sometimes, but it essentially does the same exact thing as curl for one function. I use it for it’s called w GI go and type it in w GI and let’s type in local host. And we’ll use our Python server again, 76. It, and when you hit that, bam, it downloads the file. It downloads that code of that first page that we’re receiving notice. It told us right here, it pulled down index HTML. And if we type in LS, there it is right there. And also notice that we got some handy HTP headers going in requests sent a waiting response. Ooh, it’s 200. Okay. Now speaking of which 200, okay. Is the one of the healthier ones we like to see? What’s the code that we never want to see who one of those will be 4 0 4, not found.
So if you’re requesting a website or a web address that doesn’t exist on that server, it’s gonna go, dude, are you lost it? Ain’t here. Okay. Web servers, they are an essential part of our technical lives. If you’re an it, you live and breathe. If you’re a hacker even more so in this video we covered had to spin up a quick server, a quick website in Lennox doing that gives us options. It allows us to transfer files and it allows us to do some just cool things and a handy tool that you will take with you in the future to do some cool stuff. And we also saw how we could have a conversation with our websites using the command line, which is our love language is how we like to operate. Right? We can download files, send files, look at the source code of webpages.
And like I mentioned before, we just scratched the surface. There’s so much more to it and you’re gonna learn more about it. You can dive deep right now if you want. And as you move forward in your hacking journey or you’re it journey, whatever you’re doing right now, you’ll pick it up. Don’t worry because it’s always just one Google search away. Who anyways, that’s about it for episode eight. Thanks again, to our sponsor, hack the box academy for making this freely available on YouTube and for the wicked awesome free lab. Right? And if you wanna keep going down that hacking journey, they’ve got what you need. And also have you hacked the YouTube algorithm today. Make sure you do hit that light button notification. Bill comment. Subscribe. We gotta hack YouTube today. Ethically of course. Yeah. That’s pretty much it I’ll catch you guys next time.