Created
December 4, 2012 17:53
-
-
Save jcsalterego/4206839 to your computer and use it in GitHub Desktop.
200.sh is the successful downloading the jpg w/o referrer, 403 is forbidden when passing a referer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ curl --verbose 'https://www.tbray.org/ongoing/When/201x/2011/10/20/-big/RUNE3297.jpg' >/dev/null | |
| * About to connect() to www.tbray.org port 443 (#0) | |
| * Trying 64.34.173.225... % Total % Received % Xferd Average Speed Time Time Time Current | |
| Dload Upload Total Spent Left Speed | |
| 0 0 0 0 0 0 0 0 --:--:-- 0:00:04 --:--:-- 0connected | |
| * Connected to www.tbray.org (64.34.173.225) port 443 (#0) | |
| * SSLv3, TLS handshake, Client hello (1): | |
| } [data not shown] | |
| * SSLv3, TLS handshake, Server hello (2): | |
| { [data not shown] | |
| * SSLv3, TLS handshake, CERT (11): | |
| { [data not shown] | |
| * SSLv3, TLS handshake, Server key exchange (12): | |
| { [data not shown] | |
| * SSLv3, TLS handshake, Server finished (14): | |
| { [data not shown] | |
| * SSLv3, TLS handshake, Client key exchange (16): | |
| } [data not shown] | |
| * SSLv3, TLS change cipher, Client hello (1): | |
| } [data not shown] | |
| * SSLv3, TLS handshake, Finished (20): | |
| } [data not shown] | |
| * SSLv3, TLS change cipher, Client hello (1): | |
| { [data not shown] | |
| * SSLv3, TLS handshake, Finished (20): | |
| { [data not shown] | |
| * SSL connection using DHE-RSA-AES256-SHA | |
| * Server certificate: | |
| * subject: serialNumber=lnHUkJQ6tXp7TFkG0Ckw/6ciJQKJzUGM; OU=GT97334008; OU=See www.rapidssl.com/resources/cps (c)12; OU=Domain Control Validated - RapidSSL(R); CN=*.tbray.org | |
| * start date: 2012-11-29 11:28:26 GMT | |
| * expire date: 2013-12-02 09:32:56 GMT | |
| * subjectAltName: www.tbray.org matched | |
| * issuer: C=US; O=GeoTrust, Inc.; CN=RapidSSL CA | |
| * SSL certificate verify ok. | |
| > GET /ongoing/When/201x/2011/10/20/-big/RUNE3297.jpg HTTP/1.1 | |
| > User-Agent: curl/7.21.4 (universal-apple-darwin11.0) libcurl/7.21.4 OpenSSL/0.9.8r zlib/1.2.5 | |
| > Host: www.tbray.org | |
| > Accept: */* | |
| > | |
| 0 0 0 0 0 0 0 0 --:--:-- 0:00:04 --:--:-- 0< HTTP/1.1 200 OK | |
| < Date: Tue, 04 Dec 2012 17:50:32 GMT | |
| < Server: Apache/2.2.16 (Debian) | |
| < Last-Modified: Fri, 21 Oct 2011 03:30:55 GMT | |
| < ETag: "8ea4b3-1fbbf-4afc6b36579c0" | |
| < Accept-Ranges: bytes | |
| < Content-Length: 129983 | |
| < Content-Type: image/jpeg | |
| < | |
| { [data not shown] | |
| 100 126k 100 126k 0 0 25593 0 0:00:05 0:00:05 --:--:-- 192k* Connection #0 to host www.tbray.org left intact | |
| * Closing connection #0 | |
| * SSLv3, TLS alert, Client hello (1): | |
| } [data not shown] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ curl -H 'Referer: https://www.tbray.org/ongoing/When/201x/2011/10/20/-big/RUNE3297.jpg.html' --verbose 'https://www.tbray.org/ongoing/When/201x/2011/10/20/-big/RUNE3297.jpg' >/dev/null | |
| * About to connect() to www.tbray.org port 443 (#0) | |
| * Trying 64.34.173.225... % Total % Received % Xferd Average Speed Time Time Time Current | |
| Dload Upload Total Spent Left Speed | |
| 0 0 0 0 0 0 0 0 --:--:-- 0:00:04 --:--:-- 0connected | |
| * Connected to www.tbray.org (64.34.173.225) port 443 (#0) | |
| * SSLv3, TLS handshake, Client hello (1): | |
| } [data not shown] | |
| * SSLv3, TLS handshake, Server hello (2): | |
| { [data not shown] | |
| * SSLv3, TLS handshake, CERT (11): | |
| { [data not shown] | |
| * SSLv3, TLS handshake, Server key exchange (12): | |
| { [data not shown] | |
| * SSLv3, TLS handshake, Server finished (14): | |
| { [data not shown] | |
| * SSLv3, TLS handshake, Client key exchange (16): | |
| } [data not shown] | |
| * SSLv3, TLS change cipher, Client hello (1): | |
| } [data not shown] | |
| * SSLv3, TLS handshake, Finished (20): | |
| } [data not shown] | |
| * SSLv3, TLS change cipher, Client hello (1): | |
| { [data not shown] | |
| * SSLv3, TLS handshake, Finished (20): | |
| { [data not shown] | |
| * SSL connection using DHE-RSA-AES256-SHA | |
| * Server certificate: | |
| * subject: serialNumber=lnHUkJQ6tXp7TFkG0Ckw/6ciJQKJzUGM; OU=GT97334008; OU=See www.rapidssl.com/resources/cps (c)12; OU=Domain Control Validated - RapidSSL(R); CN=*.tbray.org | |
| * start date: 2012-11-29 11:28:26 GMT | |
| * expire date: 2013-12-02 09:32:56 GMT | |
| * subjectAltName: www.tbray.org matched | |
| * issuer: C=US; O=GeoTrust, Inc.; CN=RapidSSL CA | |
| * SSL certificate verify ok. | |
| > GET /ongoing/When/201x/2011/10/20/-big/RUNE3297.jpg HTTP/1.1 | |
| > User-Agent: curl/7.21.4 (universal-apple-darwin11.0) libcurl/7.21.4 OpenSSL/0.9.8r zlib/1.2.5 | |
| > Host: www.tbray.org | |
| > Accept: */* | |
| > Referer: https://www.tbray.org/ongoing/When/201x/2011/10/20/-big/RUNE3297.jpg.html | |
| > | |
| < HTTP/1.1 403 Forbidden | |
| < Date: Tue, 04 Dec 2012 17:51:48 GMT | |
| < Server: Apache/2.2.16 (Debian) | |
| < Vary: Accept-Encoding | |
| < Content-Length: 328 | |
| < Content-Type: text/html; charset=iso-8859-1 | |
| < | |
| { [data not shown] | |
| 100 328 100 328 0 0 70 0 0:00:04 0:00:04 --:--:-- 1256* Connection #0 to host www.tbray.org left intact | |
| * Closing connection #0 | |
| * SSLv3, TLS alert, Client hello (1): | |
| } [data not shown] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment