From 3b584164fba5d88866d84f1ce2bbe26e473b58b7 Mon Sep 17 00:00:00 2001
From: Thomas Vanbesien <tvanbesi@proton.me>
Date: Fri, 27 Mar 2026 11:33:18 +0100
Subject: Use curl instead of netcat for banner grabbing in cookie tampering
 solution

---
 Cookie tampering/Resources/notes.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'Cookie tampering/Resources/notes.md')

diff --git a/Cookie tampering/Resources/notes.md b/Cookie tampering/Resources/notes.md
index b372042..60ca4a6 100644
--- a/Cookie tampering/Resources/notes.md	
+++ b/Cookie tampering/Resources/notes.md	
@@ -2,14 +2,14 @@
 
 1. Did [banner grabbing](https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server) and noticed an interesting cookie name:
     ```bash
-    ❯ printf 'HEAD / HTTP/1.0\r\n\r\n' | nc 10.0.2.15 80                                         
+    ❯ curl --head http://10.0.2.15                                                          
     HTTP/1.1 200 OK
     Server: nginx/1.4.6 (Ubuntu)
-    Date: Fri, 27 Mar 2026 09:43:20 GMT
+    Date: Fri, 27 Mar 2026 10:31:26 GMT
     Content-Type: text/html
-    Connection: close
+    Connection: keep-alive
     X-Powered-By: PHP/5.5.9-1ubuntu4.29
-    Set-Cookie: I_am_admin=68934a3e9455fa72420237eb05902327; expires=Fri, 27-Mar-2026 10:43:20 GMT; Max-Age=3600
+    Set-Cookie: I_am_admin=68934a3e9455fa72420237eb05902327; expires=Fri, 27-Mar-2026 11:31:26 GMT; Max-Age=3600
     ```
 1. Reverse looked up the md5 value `68934a3e9455fa72420237eb05902327` → `false`
 1. Intuited to send a request to the website with the cookie value set to the md5 hash value `true` to get the flag. Test it with `cookie_poison.bash` or directly in Firefox: **F12** → **Storage** → **Cookies**.
-- 
cgit v1.2.3