LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

HTTP in detail — TryHackMe

11 months ago 56
BOOK THIS SPACE FOR AD
ARTICLE AD

kawsar uddin

Learn about how you request content from a web server using the HTTP protocol

Task 1 : What is HTTP(S)?:

What does HTTP stand for?

Answer: HyperText Transfer Protocol

What does the S in HTTPS stand for?

Answer: Secure

On the mock webpage on the right, there is an issue, once you’ve found it, click on it. What is the challenge flag?

Answer: THM{INVALID_HTTP_CERT}

Note:

click on the lock of the URL.

The URL lock
the flag

Task 2: Requests And Responses:

What HTTP protocol is being used in the above example?

Answer: HTTP/1.1

The protocol

What response header tells the browser how much data to expect?

Answer: Content-Length

The content-length

Note:

What is a URL? (Uniform Resource Locator)

If you’ve used the internet, you’ve used a URL before. A URL is predominantly an instruction on how to access a resource on the internet. The below image shows what a URL looks like with all of its features (it does not use all features in every request).

Scheme: This instructs on what protocol to use for accessing the resource such as HTTP, HTTPS, or FTP (File Transfer Protocol).

User: Some services require authentication to log in, you can put a username and password into the URL to log in.

Host: The domain name or IP address of the server you wish to access.

Port: The Port that you are going to connect to, is usually 80 for HTTP and 443 for HTTPS, but this can be hosted on any port between 1–65535.

Path: The file name or location of the resource you are trying to access.

Query String: Extra bits of information that can be sent to the requested path. For example, /blog?id=1 would tell the blog path that you wish to receive the blog article with the id of 1.

Fragment: A fragment is an internal page reference, sometimes called a named anchor. It usually appears at the end of a URL and begins with a hash (#) character followed by an identifier. It refers to a section(any option)within a web page(the web page where the user is staying).

Task 3: HTTP Methods:

What method would be used to create a new user account?

Answer: POST

What method would be used to update your email address?

Answer: PUT

What method would be used to remove a picture you’ve uploaded to your account?

Answer: DELETE

What method would be used to view a news article?

Answer: GET

Note:

HTTP methods are a way for the client to show their intended action when making an HTTP request. There are a lot of HTTP methods but we’ll cover the most common ones, although mostly you’ll deal with the GET and POST methods.

GET Request

This is used for getting information from a web server.

POST Request

This is used for submitting data to the web server and potentially creating new records

PUT Request

This is used for submitting data to a web server to update information

DELETE Request

This is used for deleting information/records from a web server.

TRACE Request

The HTTP TRACE method performs a message loop-back test along the path to the target resource, providing a useful debugging mechanism

Task 4: HTTP Status Codes:

What response code might you receive if you’ve created a new user or blog post article?

Answer: 201

What response code might you receive if you’ve tried to access a page that doesn’t exist?

Answer: 404

What response code might you receive if the web server cannot access its database and the application crashes?

Answer: 503

What response code might you receive if you try to edit your profile without logging in first?

Answer: 401

Note:

Different types of responses :

100–199 — Information Response: These are sent to tell the client the first part of their request has been accepted and they should continue sending the rest of their request. These codes are no longer very common.

200–299 — Success: This range of status codes is used to tell the client their request was successful.

300–399 — Redirection: These are used to redirect the client’s request to another resource. This can be either to a different webpage or a different website altogether.

400–499 — Client Side Errors: Used to inform the client that there was an error with their request.

500–599 — Server Side Errors: This is reserved for errors happening on the server side and usually indicates quite a major problem with the server handling the request.

Common HTTP Status Codes:

200 — OK: The request was completed successfully.

201 — Created: A resource has been created (for example a new user or new blog post).

301 — Permanent Redirect: This redirects the client’s browser to a new webpage or tells search engines that the page has moved somewhere else and to look there instead.

302 — Temporary Redirect: Similar to the above permanent redirect, but as the name suggests, this is only a temporary change and it may change again in the near future.

400 — Bad Request: This tells the browser that something was either wrong or missing in their request. This could sometimes be used if the web server resource that is being requested expected a certain parameter that the client didn’t send.

401 — Not Authorised: You are not currently allowed to view this resource until you have authorized with the web application, most commonly with a username and password.

403 — Forbidden: You do not have permission to view this resource whether you are logged in or not.

405 — Method Not Allowed: The resource does not allow this method request, for example, you send a GET request to the resource /create-account when it was expecting a POST request instead.

404 — Page Not Found: The page/resource you requested does not exist.

500 — Internal Service Error: The server has encountered some kind of error with your request that it doesn’t know how to handle properly.

503 — Service Unavailable: This server cannot handle your request as it’s either overloaded or down for maintenance.

Task 5 :Headers:

What header tells the web server what browser is being used?

Answer: User-Agent

What header tells the browser what type of data is being returned?

Answer: Content-Type

What header tells the web server which website is being requested?

Answer: Host

Note:

Headers are additional bits of data you can send to the web server when making requests.

Although no headers are strictly required when making an HTTP request, you’ll find it difficult to view a website properly.

Common Request Headers

These are headers that are sent from the client (usually your browser) to the server.

Host: Some web servers host multiple websites so by providing the host headers to the server you can tell it which one you require, otherwise you’ll just receive the default website for the server.

User-Agent: This is your browser software and version number, Tell the web server your browser software helps it format the website properly for your browser and also some elements of HTML, JavaScript, and CSS are only available in certain browsers.

Content-Length: When sending data to a web server such as in a form, the content length tells the web server how much data to expect in the web request. This way the server can ensure it isn’t missing any data.

Accept-Encoding: Tells the web server what types of compression methods the browser supports so the data can be made smaller for transmitting over the internet.

Cookie: Data sent to the server to help remember your information (see cookies task for more information).

Common Response Headers

These are the headers that are returned to the client from the server after a request.

Set-Cookie: Information to store which gets sent back to the web server on each request (see cookies task for more information).

Cache-Control: How long to store the content of the response in the browser’s cache before it requests it again

Content-Type: This tells the client what type of data is being returned, i.e., HTML, CSS, JavaScript, Images, PDF, Video, etc. Using the content-type header the browser then knows how to process the data.

Content-Encoding: What method has been used to compress the data to make it smaller when sending it over the internet.

Task 6 : Cookies:

Which header is used to save cookies to your computer?

Answer: Set-Cookie

Note:

You’ve probably heard of cookies before, they’re just a small piece of data that is stored on your computer. Cookies are saved when you receive a “Set-Cookie” header from a web server. Then every further request you make, you’ll send the cookie data back to the web server. Because HTTP is stateless (doesn’t keep track of your previous requests), cookies can be used to remind the web server who you are, some personal settings for the website, or whether you’ve been to the website before. Let’s take a look at this as an example HTTP request:

Cookies can be used for many purposes but are most commonly used for website authentication. The cookie value won’t usually be a clear-text string where you can see the password, but a token (unique secret code that isn’t easily humanly guessable).

Task 7: Making Requests:

Make a GET request to /room

Answer: THM{YOU’RE_IN_THE_ROOM}

The flag

Make a GET request to /blog and using the gear icon set the id parameter to 1 in the URL field

Answer: THM{YOU_FOUND_THE_BLOG}

Press the gear icon

The id
The flag 2

Make a DELETE request to /user/1

Answer: THM{USER_IS_DELETED}

The flag 3

Make a PUT request to /user/2 with the username parameter set to admin

Answer: THM{USER_HAS_UPDATED}

Press the gear icon

The username
The flag 4

POST the username of thm and a password of letmein to /login

Answer: THM{HTTP_REQUEST_MASTER}

Press the gear icon.

The username and password
The flag 5

So, Happy learning happy journey.

To get more interesting and detailed articles follow my blog

LinkedIn

Read Entire Article
  3. HTTP in detail — TryHackMe

Related

JNDI Injection — The Complete Story

JNDI Injection — The Complete Story

21.3 Lab: SSRF via OpenID dynamic client registration | 2024

21.3 Lab: SSRF via OpenID dynamic client registration | 2024

An easy way to find bugs: Enter wrong data

An easy way to find bugs: Enter wrong data

An Email Authentication Bypass, But Marked as N/A in NASA domain

An Email Authentication Bypass, But Marked as N/A in NASA domain

Walk Through of Bepractical.tech lab #2

Walk Through of Bepractical.tech lab #2

How I found a IDOR at Monitor Mozilla ?

How I found a IDOR at Monitor Mozilla ?

Trending

1. Dheeraj Wadhawan
2. Tottenham vs Man City
3. Vazhakku
4. Rahul Dravid
5. Shyam Rangeela
6. OpenAI
7. Varanasi
8. Maldives
9. Zomato share price
10. Barcelona

Popular

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved