Web Fundamentals from TryHackMe
Task 1 - Introduction and Objectives
eh, generic intro stuff
Task 2 - How do we load websites?
What request verb is used to retrieve page content?
GET
What port do web servers normally listen on?
80
What’s responsible for making websites look fancy?
CSS
Task 3 - More HTTP - Verbs and request formats
What verb would be used for a login?
POST
What verb would be used to see your bank balance once you’re logged in?
GET
Does the body of a GET request matter? Yea/Nay
Nay
What’s the status code for “I’m a teapot”?
418
What status code will you get if you need to authenticate to access some content, and you’re unauthenticated?
401
Task 4 - Cookies, tasty!
intro to cookies
Task 5 - Mini CTF
not going to post the flags here, instead the commands i used to obtain them (basically what a write-up is)
What’s the GET flag?
curl $MACHINE_IP/ctf/get
What’s the POST flag?
curl -X POST -d "flag_please" $MACHINE_IP/ctf/post
-X
for the request type and-d
for the data to be sent in POST reqsWhat’s the “Get a cookie” flag?
curl -c outcookie.txt $MACHINE_IP/ctf/getcookie
-c
for saving the cookies received
then check outcookie.txt
for the flag
What’s the “Set a cookie” flag?
curl -b "flagpls=flagpls" $MACHINE_IP/ctf/sendcookie
-b
for setting the cookies to be used