Grok HTTP MCP Server
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Grok HTTP MCP Serverfetch http://challenge.ctf/login"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Grok HTTP MCP Server
基于 Cloudflare Workers 的 MCP 服务器,为 Grok 提供底层 HTTP 能力,适用于 Web/CTF 场景:任意请求、Cookie 会话持久化、重定向追踪与结构化响应。
功能特性
http_request— 发送任意 HTTP 方法,完全控制 URL、Header、Body、Cookiehttp_session— 管理命名 Cookie 容器(default、victim、attacker等)会话持久化 — 通过 Durable Objects 跨多次 tool call 保持 Cookie
双传输协议 — Streamable HTTP(
/mcp)与旧版 SSE(/sse)默认无鉴权 — 便于 CTF/测试快速接入(见下方安全说明)
Related MCP server: http-mcp
快速开始
npm install
npx wrangler login
npm run dev健康检查:http://127.0.0.1:8787/health
部署:
npm run deploy部署完成后会显示 Worker 地址(例如 https://grok2web.<account>.workers.dev)。
Grok 自定义连接器
点击 New Connector → Custom(新建连接器 → 自定义)
填入以下 URL 之一:
推荐:
https://<your-worker>.workers.dev/mcpSSE 兼容:
https://<your-worker>.workers.dev/sse
填写名称(如
Grok HTTP MCP)并保存
Grok 会自动发现 http_request 和 http_session 两个工具。
工具说明
http_request
{
"method": "POST",
"url": "https://target.example/login",
"headers": { "Content-Type": "application/x-www-form-urlencoded" },
"body": "user=admin&pass=test",
"http_session_id": "default",
"follow_redirects": true,
"timeout_ms": 30000
}返回字段包括:status、headers、cookies_set、cookies_jar、body、redirect_chain、timing_ms。
http_session
action | 说明 |
| 列出所有会话及 Cookie 数量 |
| 创建命名空 Cookie 容器 |
| 清空指定会话的 Cookie |
| 读取全部 Cookie(含 domain/path 元数据) |
| 手动注入 Cookie |
| 删除命名会话(不可删除 |
CTF 示例流程
步骤 1 — 设置 Cookie:
{
"method": "GET",
"url": "https://httpbin.org/cookies/set?session=abc123"
}步骤 2 — 验证持久化:
{
"method": "GET",
"url": "https://httpbin.org/cookies"
}第二次请求会自动携带 session=abc123。
并行会话(多角色攻击链):
{ "action": "create", "session_id": "victim" }之后在 http_request 中使用 "http_session_id": "victim"。
本地测试
npm run verify # MCP + Cookie 持久化测试
npx @modelcontextprotocol/inspector连接 http://127.0.0.1:8787/mcp,在 UI 中调用工具。
安全说明
当前部署无鉴权。任何知道 URL 的人均可通过 Worker 发送 HTTP 请求。仅建议用于 CTF 实验和测试环境;生产使用前请添加 API Key 或 OAuth。
项目结构
src/
├── index.ts # /mcp、/sse、/health 路由
├── mcp-agent.ts # GrokHttpMCP(McpAgent + DO 状态)
├── tools/
│ ├── http-request.ts
│ └── http-session.ts
└── lib/
├── cookie-jar.ts
├── http-client.ts
├── response-format.ts
└── session-store.ts许可证
本项目采用 GNU General Public License v3.0 或更高版本 授权。
This server cannot be installed
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/LING71671/grok2web'
If you have feedback or need assistance with the MCP directory API, please join our Discord server