This challenge covers how to send specific HTTP requests

< 1 Hr.
HTTP Badge


In this challenge, your objective is to send a GET request to /pentesterlab/../pentesterlab. By default, curl will canonicalize the path, simplifying it to /pentesterlab. However, there is an option to prevent this behavior, which is useful when testing applications with multiple layers of reverse proxies. The challenge demonstrates how to use curl's --path-as-is and --request-target options to achieve this.

To solve this challenge, initially use curl and then write a snippet of code in your favorite language. This approach will allow you to build a collection of reusable scripts for future use. The video tutorial walks you through the steps, including running curl with the necessary options and debugging the request to understand how curl handles path canonicalization.

Want to learn more? Get started with PentesterLab Pro! GO PRO