I am working on the auto-routing functionality of Codeigniter 4 and I'd like to test it by sending some nasty exploit-type HTTPS requests to make sure it properly resists mischief. E.g., request a uri with ..
in the path to see if we might execute some arbitrary PHP file on the server. I've tried a url like https://example.com/subdir/../nested-directory
but the double period segments get immediately evaluated prior to the request being sent by whatever client I use. Both Firefox and curl requests evaluated this prior to the server request being sent and in the apache log I just see request for GET /nested-directory HTTP/1.1
.
I also tried telnet:
telnet example.com 443
GET /subdir/nested-directory HTTP/1.1 Host:example.com
But this yields a 400 error and this response:
Your browser sent a request that this server could not understand. Reason: You're speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to access this URL, please.
Can anyone suggest a tool or approach where I can formulate a list of uris to test and rip through them all, writing the resulting output to somewhere where I can inspect it?