Table of Contents
Wget
Wget is a command line utility for downloading things from the internet. It is very simple to use: you feed a URL to the wget
command, and it downloads it. It can download pretty much anything that your web browser can, only faster and with less overhead. Because it runs in the terminal, you can also use it on remote machines to download things where there is no browser or GUI.
However, its simplicity belies its incredible versatility. As the Insurgency Wiki once said, it is “the /i/nsurgent's Swiss army knife”. It can do all sorts of things out of the box or with minor additional scripting, including but not limited to:
- Recursive downloads and unattended/background downloads.
- Save and resume interrupted downloads.
- Download huge images or files that would make your web browser crash.
- Download web pages for local archival or later viewing.
- Download whole web sites and automatically convert the links to work offline as well.
- Downloading through proxies.
- Forum flooding and DDOS attacks.
- It also can be run headless if you so desire.
Since it is a very old (and lightweight) package, it is usually installed by default on most modern *nix distros, or at the very least is available in their default package manager repos.
How to Use Wget
Rename Downloaded Files
To save the file you are downloading under a new name, use the -O
flag:
wget -O newfilename.zip https://domain.com/oldfilename.zip
Download Multiple Files
To provide Wget with a list of files to download, create a TXT file with one target per line, then run Wget with the -i
flag:
wget -i /path/to/txtfile.txt
Download Whole Sites
Use the following flags to have Wget crawl and download an entire site:
wget -mpEk <target url here>
Wget with FTP
Wget supports downloading files from FTP servers, like so:
wget ftp://user:password@host/path
If the FTP server is running on a non-standard port, you can specify it like this:
wget ftp://user:password@host:port/path
Wget with Proxies
To use wget in combination with Tor or Privoxy in their default configurations, use:
wget -e "http_proxy = http://ip:port/" <target url here>
Weaponized Wget
AnonOps has devised several ways to deploy Wget offensively. Some of these methods are outlined below (more methods coming eventually):
Bandwidth Drain Attacks
wget --limit-rate=1 <target url here>
Just restart sometimes. What this does is downloading the target at a very low speed, so the connection stays alive for a loooong time. There's a maximum number of connections that a site can take. Using this method you can effectively drain the bandwidth of many sites solo. It has been confirmed that this even works on a 28k line.
Wget on Windows
In PowerShell, wget
is aliased to Invoke-WebRequest, which provides similar functionality.
There is also a Windows port of Wget as part of the GnuWin project.
Further Documentation
Run wget -h
or man wget
to bring up more information about Wget's available options in your terminal.
Or visit the official site for even more detailed information.
Find this page online at: https://bestpoint.institute/tools/wget