12 Jan 2023
HTTP is the set of rules used for communicating with webservers for transmitting webpage data, whether it’s HTML, images, videos, etc.
HTTPS is the encrypted version. Prevents people from seeing the data your sending/receiving, and provides assurances that you’re talking to the correct server, not an imposter.
Answer questions and find the flaw in the page to get the flag.
URL - Uniform Resource Locator.
URLs are predominately instructions on how to access a resource on the internet. Sample of a complete URL with all it’s features:
http://user:password@tryhackme.com:80/view-room?id=1#task3
scheme://user@host.domain:port/path?query#fragment
Can make a request to a web server with just GET / HTTP/1.1, but a richer experience comes from extra data being sent through headers of requests.
Example:
GET / HTTP/1.1
Host: tryhackme.com
User-Agent: Mozilla/5.0 Firefox/87.0
Referer: https://tryhackme.com
Line 1: Requesting through GET method, requesting home page with / and saying to use HTTP version 1.1
Line 2: Tell webserver we want website tryhackme.com
Line 3: Tell web server we are using Firefox browser version 87
Line 4: Tell web server the page that referred us to the web server
Line 5: End with a blank line to indicate the request is finished
Example:
HTTP/1.1 200 OK
Server: nginx/1.15.8
Date: Fri, 09 Apr 2021 13:34:03 GMT
Content-Type: text/html
Content-Length: 98
<html>
<head>
<title>TryHackMe</title>
</head>
<body>
Welcome to TryHackMe.com
</body>
<html>
Line 1: Server uses HTTP 1.1, Status Code 200 OK says request has completed successfully
Line 2: Web server software and version
Line 3: Current date, time, and timezone of the web server
Line 4: Tells client what sort of information is coming (i.e. HTML, images, videos, pdf, XML, etc.)
Line 5: Tells the client how long the response is to confirm no missing data
Line 6: Blank line to confirm end of HTTP response
Lines 7-14: The information that was requested
Answer questions about the examples above.