Mohit Blog
Try Hack Me | Web Fundamentals |HTTP in Detail | By Mohit Damke

Try Hack Me | Web Fundamentals |HTTP in Detail | By Mohit Damke

HTTP in detail | Web Fundamentals Walkthrough of Try Hack Me

Mohit Damke's photo
Mohit Damke
ยท

4 min read

HTTP in detail

  • What is HTTP(S)?

    HTTP (Hypertext Transfer Protocol) is a protocol that enables communication between web browsers and servers. It's used for requesting and delivering web content like pages and images.

    HTTPS (Hypertext Transfer Protocol Secure) is a secure version of HTTP. It encrypts the data exchanged between browsers and servers, ensuring that sensitive information remains private and protected. It's commonly used for secure online activities like shopping and banking.

QUESTIONS !!

Q : What does HTTP stand for?

~ HyperText Transfer Protocol

Q : What does the S in HTTPS stand for?

~ secure

Q : On the mock webpage on the right there is an issue, once you've found it, click on it. What is the challenge flag?

~ THM{INVALID_HTTP_CERT}

  • Requests And Responses

    Requests: Clients (like web browsers) ask servers for web content by sending requests. Requests include information about what they want.

    Responses: Servers reply to clients with the requested content or an error message, along with details about the content.

    This process enables the internet to work as we know it, with browsers displaying web pages, images, and more.

  • Request

  • Response

QUESTIONS !!

Q : What HTTP protocol is being used in the above example?

~ HTTP/1.1

Q : What response header tells the browser how much data to expect?

~ Content-Length

  • HTTP Methods

HTTP methods are actions that clients use to interact with servers:

  • GET: Request data.

  • POST: Send data for processing.

  • PUT: Update or create a resource.

  • DELETE: Remove a resource.

Each method serves a specific purpose in web communication.

QUESTIONS !!

Q : What method would be used to create a new user account?

~ POST

Q : What method would be used to update your email address?

~ PUT

Q : What method would be used to remove a picture you've uploaded to your account?

~ DELETE

Q : What method would be used to view a news article?

~ GET

  • HTTP Status Codes

    QUESTIONS !!

    Q : What response code might you receive if you've created a new user or blog post article?

    ~ 201

    Q : What response code might you receive if you've tried to access a page that doesn't exist?

    ~ 404

    Q : What response code might you receive if the web server cannot access its database and the application crashes?

    ~ 503

    Q : What response code might you receive if you try to edit your profile without logging in first?

    ~ 401

  • Headers

    Headers in the context of HTTP are additional pieces of information sent along with an HTTP request or response. They provide metadata about the data being transmitted. Headers help both clients and servers understand how to handle the communication. Some common types of headers include:

    • Request Headers: Sent by the client to provide information about the request. For instance, the "User-Agent" header indicates the client's software, and the "Authorization" header might contain authentication credentials.

    • Response Headers: Sent by the server to convey information about the response. The "Content-Type" header specifies the type of data in the response, and "Location" might indicate where a redirect is pointing.

    • Entity Headers: Accompany data within the message body. "Content-Length" indicates the size of the body, and "Content-Encoding" describes how the body is encoded.

Headers play a crucial role in communication, guiding how requests and responses are processed.

QUESTIONS !!

Q : What header tells the web server what browser is being used?

~ User-Agent

Q : What header tells the browser what type of data is being returned?

~ Content-Type

Q : What header tells the web server which website is being requested?

~ Host

  • Cookies

    Cookies are tiny data pieces sent by websites to your browser, stored on your device. They remember user info and site interactions for better browsing, like login details and preferences.

    QUESTIONS !!

    Q : Which header is used to save cookies to your computer?

    ~ Set-Cookie

  • Making Requests

    QUESTIONS !!

    Q : Make a GET request to /room

    ~ THM{YOU'RE_IN_THE_ROOM}

    Q : Make a GET request to /blog and using the gear icon set the id parameter to 1 in the URL field

    ~ THM{YOU_FOUND_THE_BLOG}

    Q : Make a DELETE request to /user/1

    ~ THM{USER_IS_DELETED}

    Q : Make a PUT request to /user/2 with the username parameter set to admin

    ~ THM{USER_HAS_UPDATED}

    Q : POST the username of thm and a password of letmein to /login

    ~ THM{HTTP_REQUEST_MASTER}

    Your attention to this matter is greatly appreciated.

  • Anticipating our future interactions, we eagerly await the opportunity to share new write-ups and insightful walkthroughs with you.

  • To maintain a connection and receive updates

    We invite you to follow/connect with us through the following channels:

httphttpswebsiteWebsite designhacking
ย