Feature: Possibility to get headers in a curl format

[g33kyshivam]

Is it possible to have a placeholder for request in the format of curl command line format? A lot of tools support this feature of using a custom header in a curl format.

[bytebutcher]

Hi g33kyshivam, could you give me an example of how this might look like and what you are trying to accomplish?

[g33kyshivam]

So I was trying to make config to Bruteforce parameters using https://github.com/s0md3v/Arjun. Now it's very tedious work to copy all those authorization headers from a request using copy this request as curl and passing it to Arjun. So It it was possible to get only headers in a curl format, it would work fine.

[bytebutcher]

Thanks for your suggestion. I will try to add this feature in the next version. In the meantime you might wanna use a wrapper script which does the transformation for you:

Context Menu Entry:

Name: Arjun
Command: "/path/to/arjun_wrapper_script.sh %U %E"

arjun_wrapper_script.sh

#!/bin/bash
url="${1}"
headers="$(sed ':a;N;$!ba;s/\n/\\n/g' ${2})" # Replace newlines in header-file with a literal "\n"
python3 arjun.py -u "${url}" --headers "${headers}"

[0xAwali]

But There Are A Lot Of Tools Using e.g. -H 'HeaderOne: Value' -H 'HeaderTwo: Value' To Submit Multiple Headers So How Can Overcome On This Problem ?

[bytebutcher]

Hi @0xAwali, currently the best way would be to use a wrapper script as mentioned above. Here is one especially for the usecase you mentioned:

#!/bin/bash
url="${1}"
headers_file="${2}"
header_options=""
while read header; do
        header_options+=" -H '${header}'"
done<"${headers_file}"
some_tool "${url}" ${header_options}

I'll try to add something like this in one of the next versions.

[0xAwali]

Thank You For Helping Me

[0xAwali]

There Is Issue While I Used %E e.g. If I Want Add Multiple Header From Burp Request It Will Deal With GET /path HTTP/1.1 As Header e.g. I Used Your Bash

#!/bin/bash
url="${1}"
headers_file="${2}"
header_options=""
while read header; do
        header_options+=" -H '${header}'"
done<"${headers_file}"
echo "${url}" ${header_options}

Then If I Insert ./bash %U %E Then Click Send To e.g. demo On Request Like That

It Will Deal GET /LoggerPlusPlus HTTP/1.1 As Header And Will Ignore Connection: close Header So Is There Any Explanation Why This Happen ?

[bytebutcher]

Hi @0xAwali , sorry, my last answer was incomplete. There are two problems with the code:

1. the first line of the file is not skipped
2. the last line of the file is not handled correctly due to a missing new-line character within the file

This is an updated version whereby

• the first line of the file is skipped by using tail -n+2 "${headers_file}" (see print-a-file-skipping-the-first-x-lines-in-bash)
• the last line is handled by adding || [ -n "${header}" ] (see shell-script-read-missing-last-line)

#!/bin/bash
url="${1}"
headers_file="${2}"
header_options=""
while read header || [ -n "${header}" ]; do
        header_options+=" -H '${header}'"
done< <(tail -n+2 "${headers_file}")
echo "${url}" ${header_options}

[0xAwali]

Thank You So Much