Check if a URL is High-Risk or Vulnerable in C/C++

When building out website access, it’s important to be conscious of the type of paths and URLs that are utilized. Server administration paths are high-risk vulnerabilities that could open the door to remote access attackers, and unfortunately they’re pretty easy to miss. To avoid this situation without manually testing each URL/path, you can use the following API in C/C++ to automatically detect if they are in fact a server administration path.

To begin the process, we will need to install libcurl into our project:

libcurl/7.75.0

Then, we can call the function with the following code:

CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl) {
     curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
     curl_easy_setopt(curl, CURLOPT_URL, "https://api.cloudmersive.com/validate/domain/url/is-admin-path");
     curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
     curl_easy_setopt(curl, CURLOPT_DEFAULT_PROTOCOL, "https");
     struct curl_slist *headers = NULL;
     headers = curl_slist_append(headers, "Content-Type: application/json");
     headers = curl_slist_append(headers, "Apikey: YOUR-API-KEY-HERE");
     curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
     const char *data = "\"<string>\"";
     curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data);
     res = curl_easy_perform(curl);
}
curl_easy_cleanup(curl);

The result of the operation is a clear indicator of whether the input URL or relative path is a server administration path. If you need to retrieve your API key, you can do so by registering for a free account on the Cloudmersive website; this will provide access to 800 monthly calls across our library of APIs.