一、curl命令作用
curl命令是一個利用URL規則在命令行下工作的文件傳輸工具。它支持文件的上傳和下載,所以是綜合傳輸工具,但按傳統,習慣稱curl為下載工具。作為一款強力工具,curl支持包括HTTP、HTTPS、ftp等眾多協議,還支持POST、cookies、認證、從指定偏移處下載部分文件、用戶代理字符串、限速、文件大小、進度條等特征。做網頁處理流程和數據檢索自動化,curl可以祝一臂之力。
幫助文檔:
Usage: curl [options...] <url> Options: (H) means HTTP/HTTPS only, (F) means FTP only --anyauth Pick "any" authentication method (H) -a, --append Append to target file when uploading (F/SFTP) --basic Use HTTP Basic Authentication (H) --cacert FILE CA certificate to verify peer against (SSL) --capath DIR CA directory to verify peer against (SSL) -E, --cert CERT[:PASSWD] Client certificate file and password (SSL) --cert-type TYPE Certificate file type (DER/PEM/ENG) (SSL) --ciphers LIST SSL ciphers to use (SSL) --compressed Request compressed response (using deflate or gzip) -K, --config FILE Specify which config file to read --connect-timeout SECONDS Maximum time allowed for connection -C, --continue-at OFFSET Resumed transfer offset -b, --cookie STRING/FILE String or file to read cookies from (H) -c, --cookie-jar FILE Write cookies to this file after operation (H) --create-dirs Create necessary local directory hierarchy --crlf Convert LF to CRLF in upload --crlfile FILE Get a CRL list in PEM format from the given file -d, --data DATA HTTP POST data (H) --data-ascii DATA HTTP POST ASCII data (H) --data-binary DATA HTTP POST binary data (H) --data-urlencode DATA HTTP POST data url encoded (H) --delegation STRING GSS-API delegation permission --digest Use HTTP Digest Authentication (H) --disable-eprt Inhibit using EPRT or LPRT (F) --disable-epsv Inhibit using EPSV (F) -D, --dump-header FILE Write the headers to this file --egd-file FILE EGD socket path for random data (SSL) --engine ENGINGE Crypto engine (SSL). "--engine list" for list -f, --fail Fail silently (no output at all) on HTTP errors (H) -F, --form CONTENT Specify HTTP multipart POST data (H) --form-string STRING Specify HTTP multipart POST data (H) --ftp-account DATA Account data string (F) --ftp-alternative-to-user COMMAND String to replace "USER [name]" (F) --ftp-create-dirs Create the remote dirs if not present (F) --ftp-method [MULTICWD/NOCWD/SINGLECWD] Control CWD usage (F) --ftp-pasv Use PASV/EPSV instead of PORT (F) -P, --ftp-port ADR Use PORT with given address instead of PASV (F) --ftp-skip-pasv-ip Skip the IP address for PASV (F) --ftp-pret Send PRET before PASV (for drftpd) (F) --ftp-ssl-ccc Send CCC after authenticating (F) --ftp-ssl-ccc-mode ACTIVE/PASSIVE Set CCC mode (F) --ftp-ssl-control Require SSL/TLS for ftp login, clear for transfer (F) -G, --get Send the -d data with a HTTP GET (H) -g, --globoff Disable URL sequences and ranges using {} and [] -H, --header LINE Custom header to pass to server (H) -I, --head Show document info only -h, --help This help text --hostpubmd5 MD5 Hex encoded MD5 string of the host public key. (SSH) -0, --http1.0 Use HTTP 1.0 (H) --ignore-content-length Ignore the HTTP Content-Length header -i, --include Include protocol headers in the output (H/F) -k, --insecure Allow connections to SSL sites without certs (H) --interface INTERFACE Specify network interface/address to use -4, --ipv4 Resolve name to IPv4 address -6, --ipv6 Resolve name to IPv6 address -j, --junk-session-cookies Ignore session cookies read from file (H) --keepalive-time SECONDS Interval between keepalive probes --key KEY Private key file name (SSL/SSH) --key-type TYPE Private key file type (DER/PEM/ENG) (SSL) --krb LEVEL Enable Kerberos with specified security level (F) --libcurl FILE Dump libcurl equivalent code of this command line --limit-rate RATE Limit transfer speed to this rate -l, --list-only List only names of an FTP directory (F) --local-port RANGE Force use of these local port numbers -L, --location Follow redirects (H) --location-trusted like --location and send auth to other hosts (H) -M, --manual Display the full manual --mail-from FROM Mail from this address --mail-rcpt TO Mail to this receiver(s) --mail-auth AUTH Originator address of the original email --max-filesize BYTES Maximum file size to download (H/F) --max-redirs NUM Maximum number of redirects allowed (H) -m, --max-time SECONDS Maximum time allowed for the transfer --metalink Process given URLs as metalink XML file --negotiate Use HTTP Negotiate Authentication (H) -n, --netrc Must read .netrc for user name and password --netrc-optional Use either .netrc or URL; overrides -n --netrc-file FILE Set up the netrc filename to use -N, --no-buffer Disable buffering of the output stream --no-keepalive Disable keepalive use on the connection --no-sessionid Disable SSL session-ID reusing (SSL) --noproxy List of hosts which do not use proxy --ntlm Use HTTP NTLM authentication (H) -o, --output FILE Write output to <file> instead of stdout --pass PASS Pass phrase for the private key (SSL/SSH) --post301 Do not switch to GET after following a 301 redirect (H) --post302 Do not switch to GET after following a 302 redirect (H) --post303 Do not switch to GET after following a 303 redirect (H) -#, --progress-bar Display transfer progress as a progress bar --proto PROTOCOLS Enable/disable specified protocols --proto-redir PROTOCOLS Enable/disable specified protocols on redirect -x, --proxy [PROTOCOL://]HOST[:PORT] Use proxy on given port --proxy-anyauth Pick "any" proxy authentication method (H) --proxy-basic Use Basic authentication on the proxy (H) --proxy-digest Use Digest authentication on the proxy (H) --proxy-negotiate Use Negotiate authentication on the proxy (H) --proxy-ntlm Use NTLM authentication on the proxy (H) -U, --proxy-user USER[:PASSWORD] Proxy user and password --proxy1.0 HOST[:PORT] Use HTTP/1.0 proxy on given port -p, --proxytunnel Operate through a HTTP proxy tunnel (using CONNECT) --pubkey KEY Public key file name (SSH) -Q, --quote CMD Send command(s) to server before transfer (F/SFTP) --random-file FILE File for reading random data from (SSL) -r, --range RANGE Retrieve only the bytes within a range --raw Do HTTP "raw", without any transfer decoding (H) -e, --referer Referer URL (H) -J, --remote-header-name Use the header-provided filename (H) -O, --remote-name Write output to a file named as the remote file --remote-name-all Use the remote file name for all URLs -R, --remote-time Set the remote file's time on the local output -X, --request COMMAND Specify request command to use --resolve HOST:PORT:ADDRESS Force resolve of HOST:PORT to ADDRESS --retry NUM Retry request NUM times if transient problems occur --retry-delay SECONDS When retrying, wait this many seconds between each --retry-max-time SECONDS Retry only within this period -S, --show-error Show error. With -s, make curl show errors when they occur -s, --silent Silent mode. Don't output anything --socks4 HOST[:PORT] SOCKS4 proxy on given host + port --socks4a HOST[:PORT] SOCKS4a proxy on given host + port --socks5 HOST[:PORT] SOCKS5 proxy on given host + port --socks5-hostname HOST[:PORT] SOCKS5 proxy, pass host name to proxy --socks5-gssapi-service NAME SOCKS5 proxy service name for gssapi --socks5-gssapi-nec Compatibility with NEC SOCKS5 server -Y, --speed-limit RATE Stop transfers below speed-limit for 'speed-time' secs -y, --speed-time SECONDS Time for trig speed-limit abort. Defaults to 30 --ssl Try SSL/TLS (FTP, IMAP, POP3, SMTP) --ssl-reqd Require SSL/TLS (FTP, IMAP, POP3, SMTP) -2, --sslv2 Use SSLv2 (SSL) -3, --sslv3 Use SSLv3 (SSL) --ssl-allow-beast Allow security flaw to improve interop (SSL) --stderr FILE Where to redirect stderr. - means stdout --tcp-nodelay Use the TCP_NODELAY option -t, --telnet-option OPT=VAL Set telnet option --tftp-blksize VALUE Set TFTP BLKSIZE option (must be >512) -z, --time-cond TIME Transfer based on a time condition -1, --tlsv1 Use => TLSv1 (SSL) --tlsv1.0 Use TLSv1.0 (SSL) --tlsv1.1 Use TLSv1.1 (SSL) --tlsv1.2 Use TLSv1.2 (SSL) --trace FILE Write a debug trace to the given file --trace-ascii FILE Like --trace but without the hex output --trace-time Add time stamps to trace/verbose output --tr-encoding Request compressed transfer encoding (H) -T, --upload-file FILE Transfer FILE to destination --url URL URL to work with -B, --use-ascii Use ASCII/text transfer -u, --user USER[:PASSWORD] Server user and password --tlsuser USER TLS username --tlspassword STRING TLS password --tlsauthtype STRING TLS authentication type (default SRP) --unix-socket FILE Connect through this UNIX domain socket -A, --user-agent STRING User-Agent to send to server (H) -v, --verbose Make the operation more talkative -V, --version Show version number and quit -w, --write-out FORMAT What to output after completion --xattr Store metadata in extended file attributes -q If used as the first parameter disables .curlrc
常用參數
curl命令參數很多,這里只列出常用、特別是在shell腳本中經常用到過的那些。
-a/--append 上傳文件時,附加到目標文件
-A:隨意指定自己這次訪問所宣稱的自己的瀏覽器信息
-b/--cookie <name=string/file> cookie字符串或文件讀取位置,使用option來把上次的cookie信息追加到http request里面去。
-c/--cookie-jar <file> 操作結束后把cookie寫入到這個文件中
-C/--continue-at <offset> 斷點續轉
-d/--data <data> HTTP POST方式傳送數據
| --data-ascii <data> | 以ascii的方式post數據 |
| --data-binary <data> | 以二進制的方式post數據 |
| --negotiate | 使用HTTP身份驗證 |
| --digest | 使用數字身份驗證 |
| --disable-eprt | 禁止使用EPRT或LPRT |
| --disable-epsv | 禁止使用EPSV |
-D/--dump-header <file> 把header信息寫入到該文件中
--egd-file <file> 為隨機數據(SSL)設置EGD socket路徑
--tcp-nodelay 使用TCP_NODELAY選項
-e/--referer <URL> 指定引用地址
-F/--form <name=content> 模擬http表單提交數據
--form-string <name=string> 模擬http表單提交數據
-G/--get 以get的方式來發送數據
-H/--header <header> 指定請求頭參數
--ignore-content-length 忽略的HTTP頭信息的長度
-i/--include 輸出時包括protocol頭信息
-I/--head 僅返回頭部信息,使用HEAD請求
-k/--insecure 允許不使用證書到SSL站點
-K/--config 指定的配置文件讀取
-l/--list-only 列出ftp目錄下的文件名稱
--limit-rate <rate> 設置傳輸速度
--local-port<NUM> 強制使用本地端口號
-m/--max-time <seconds> 指定處理的最大時長
--max-redirs <num> 設置最大讀取的目錄數
--max-filesize <bytes> 設置最大下載的文件總量
-o/--output <file> 指定輸出文件名稱
-O/--remote-name 把輸出寫到該文件中,保留遠程文件的文件名
-v/--verbose 小寫的v參數,用於打印更多信息,包括發送的請求信息,這在調試腳本是特別有用。
-s/--slient 減少輸出的信息,比如進度
--connect-timeout <seconds> 指定嘗試連接的最大時長
-x/--proxy <proxyhost[:port]> 指定代理服務器地址和端口,端口默認為1080
-u/--user <user[:password]>設置服務器的用戶和密碼
-r/--range <range>檢索來自HTTP/1.1或FTP服務器字節范圍
--range-file 讀取(SSL)的隨機文件
-R/--remote-time 在本地生成文件時,保留遠程文件時間
--retry <num> 指定重試次數
--retry-delay <seconds> 傳輸出現問題時,設置重試間隔時間
--retry-max-time <seconds> 傳輸出現問題時,設置最大重試時間
-s/--silent 靜默模式。不輸出任何東西
-S/--show-error 顯示錯誤
--socks4 <host[:port]> 用socks4代理給定主機和端口
--socks5 <host[:port]> 用socks5代理給定主機和端口
--stderr <file>
-x/--proxy <host[:port]> 在給定的端口上使用HTTP代理
-X/--request <command> 指定什么命令。curl默認的HTTP動詞是GET,使用-X參數可以支持其他動詞。
-T/--upload-file <file> 指定上傳文件路徑
二、使用實例
1、抓取cokkie信息到一個文件中
curl -c cookie0.txt -d "username=****&password=***" http://www.kuaipan.cn/accounts/login/
2、get方法獲取信息
curl -G -I -o xsrf.txt -b cookie1.txt -c cookie2.txt http://web.kuaipan.cn/n/drive/home.tmpl/upload
curl http://www.xxxx.com/show?userId=111
curl -X GET "http://www.xxxx.com/show?userId=111"
POST請求
以application/x-www-url-encoded 方式發送數據(-d/--data):
curl -d "username=sunnyxd&password=12345" URL
curl -X POST -d "module_name=${module_name}" URL --user jenkins:abc
3、文件下載
可以用來執行下載、發送各種HTTP請求,指定HTTP頭部等操作。如果系統沒有curl可以使用yum install curl安裝,也可以下載安裝。curl是將下載文件輸出到stdout,將進度信息輸出到stderr,不顯示進度信息使用--silent選項。
curl URL --silent
這條命令是將下載文件輸出到終端,所有下載的數據都被寫入到stdout。 使用選項-O將下載的數據寫入到文件,必須使用文件的絕對地址:
curl http://man.linuxde.net/text.iso --silent -O
$ curl -o Template_App_MySQL-2.2.0.xml https://zabbix.org/mw/images/d/d4/Template_App_MySQL-2.2.0.xml
4、斷點續傳
5、使用curl設置參照頁字符串
6、用curl設置用戶代理字符串
7、curl的帶寬控制和下載配額
8、用curl進行認證
9、只打印響應頭部信息
10、抓取頁面
例1:抓取頁面保存到test.html:
curl -o test.html URL 或者curl URL > test.html
-O 下載特定文件,url需要指定到一個具體的文件 -C - 斷點續傳,- 自動推斷出正確的續傳位置,或者直接指定相應的字節偏移 -f 顯示抓取錯誤信息 -x ip:port 使用代理 -s 不顯示進度信息 -e/--referer 偽造來源地址 --limit-rate 50k 限制下載速度 --max-filesize bytes 指定可下載的最大文件大小例2:獲取指定內容
http://127.0.0.1/NginxStatus頁面顯示如下:
Active connections: 54
server accepts handled requests
60085 60085 175930
Reading: 0 Writing: 1 Waiting: 53
# curl http://127.0.0.1/NginxStatus | grep Active 獲取到包含有 Active 字樣的內容:
Active connections: 54
# curl http://127.0.0.1/NginxStatus |grep Active |awk '{print $3 }' 這樣獲取到內容中第三列的內容。
即純數值 :54
#用於提取status中的active數值也可用: /usr/bin/curl http://$ip/nginx_status 2>/dev/null | sed -n '1p' | awk '{print $NF}'
#用於提取status中的accepts數值: /usr/bin/curl http://$ip/nginx_status 2>/dev/null | sed -n '3p' | awk '{print $1}'
#用於提取status中的reading數值: /usr/bin/curl http://$ip/nginx_status 2>/dev/null | sed -n '4p' | awk '{print $2}'
實例:
1、獲取公網ip
curl ip.cn
2、執行指定ip的批處理任務
curl http://127.0.0.1:8151/job/total
curl -H "Content-Type:application/json" -X POST ST https://webapi.ming.com/common/public_info | j | jq -r
3、安裝Arthas:
curl -L https://alibaba.github.io/arthas/install.sh | sh
參考資料: