Skip to main content

Change User Agent with curl to Get URL Source Code as Different OS & Browser

Using curl we can retrieve the HTML & CSS source code of any specified URL and even the http header info, but some sites serve completely different content or HTML to different OS and browser versions, this is done by detecting their user agent. Because of this, we can spoof the user agent of another browser version and operating system, and this allows web developers to quickly get access to those alternate variations of a sites source code. For the purposes here, we’ll achieve this from the command line by using curl.

The basic syntax for spoofing user agent with the curl command is as follows:
curl -A "UserAgentString" http://url.com
Of course you’ll replace UserAgentString with a legitimate user agent string that matches the browser you wish to mimic.
Let’s look at a few examples with various user agent strings.
One of the most common situations of different source HTML and CSS are for websites with stripped down mobile versions, you could retrieve iPhone-specific source code with:
curl -A "Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5" http://www.apple.com
Some sites do this with other browsers too. This would be Chrome 12 in Mac OS X 10.6.8:

curl -A "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.112 Safari/534.30" http://microsoft.com
Here’s another that spoofs the Mac App Store and Mac OS X 10.6.7 as a user agent and is useful for querying the App Store from a script (more about that on TUAW):
curl -silent -A "iMacAppStore/1.0.1 (Macintosh; U; Intel Mac OS X 10.6.7; en) AppleWebKit/533.20.25" http://ax.search.itunes.apple.com/
Yet another spoofs Windows XP with Firefox 3:
curl -A "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3" http://yahoo.com
You can find user agent strings all over the web, just be sure to include them in quotes if you want to retrieve a sites source as that user agent. If you want to read more about user agents, Wikipedia has a good entry on the topic.
Labels:

Comments

Post a Comment

https://gengwg.blogspot.com/

Popular posts from this blog

CKA Simulator Kubernetes 1.22

  https://killer.sh Pre Setup Once you've gained access to your terminal it might be wise to spend ~1 minute to setup your environment. You could set these: alias k = kubectl                         # will already be pre-configured export do = "--dry-run=client -o yaml"     # k get pod x $do export now = "--force --grace-period 0"   # k delete pod x $now Vim To make vim use 2 spaces for a tab edit ~/.vimrc to contain: set tabstop=2 set expandtab set shiftwidth=2 More setup suggestions are in the tips section .     Question 1 | Contexts Task weight: 1%   You have access to multiple clusters from your main terminal through kubectl contexts. Write all those context names into /opt/course/1/contexts . Next write a command to display the current context into /opt/course/1/context_default_kubectl.sh , the command should use kubectl . Finally write a second command doing the same thing into ...
Post a Comment
Read more

OWASP Top 10 Threats and Mitigations Exam - Single Select

Last updated 4 Aug 11 Course Title: OWASP Top 10 Threats and Mitigation Exam Questions - Single Select 1) Which of the following consequences is most likely to occur due to an injection attack? Spoofing Cross-site request forgery Denial of service   Correct Insecure direct object references 2) Your application is created using a language that does not support a clear distinction between code and data. Which vulnerability is most likely to occur in your application? Injection   Correct Insecure direct object references Failure to restrict URL access Insufficient transport layer protection 3) Which of the following scenarios is most likely to cause an injection attack? Unvalidated input is embedded in an instruction stream.   Correct Unvalidated input can be distinguished from valid instructions. A Web application does not validate a client’s access to a resource. A Web action performs an operation on behalf of the user without checkin...
2 comments
Read more