TryHackMe: Web Fundamentals Walkthrough
Learn how the web works!
Task[1]: Intro
Task[2]: How do we load websites?
Read and understand the information and get the answers to the questions.
Task[3]: More HTTP — Verbs and request formats
Read and understand the information to get the answers to question 1–3.
I got the answer to the questions 4 and 5 by visiting the link which was provided in the information part: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status
Task[4]: Cookies, tasty!
Read and understand the information.
Task[5]: Mini CTF
Read and understand the information.
Task:
There’s a web server running on http://MACHINE_IP:8081. Connect to it and get the flags!
- GET request. Make a GET request to the web server with path /ctf/get
- POST request. Make a POST request with the body “flag_please” to /ctf/post
- Get a cookie. Make a GET request to /ctf/getcookie and check the cookie the server gives you
- Set a cookie. Set a cookie with name “flagpls” and value “flagpls” in your devtools and make a GET request to /ctf/sendcookie
We can do the assigned task both by using our browser or using curl command in terminal.
Task 5–1: What’s the GET flag?
Answer:
To make a get request the command used is:
curl http://10.10.19.91:8081/ctf/get
Another way to do this task is that we can directly visit http://10.10.19.91:8081/ctf/get in our browser. By default the browser makes a GET request.
Task 5–2: What’s the POST flag?
Answer:
To make a POST request the command used is:
curl -X POST — data flag_please http://10.10.19.91:8081/ctf/post
- -X flag is used to specify the request type. curl make a GET request by default.
- — data flag is used to send a data along with the request
Task 5–3: What’s the “Get a cookie” flag?
Answer:
Again there are two ways to do this task. One is using browser and the other is using terminal.
Using browser:
Make a request to: http://10.10.19.91:8081/ctf/getcookie
To check the cookies(For firefox browser): Right click on the page>>Inspect Element>> Storage>> Cookies>> Get the flag
Using terminal:
Use the command: curl -c - ‘10.10.19.91:8081/ctf/getcookie’
Task 5–4: What’s the “Set a cookie” flag?
Answer:
curl — cookie ‘name=value’ URL
curl — cookie ‘flagpls=flagpls’ http://10.10.19.91:8081/ctf/sendcookie
— cookie is used to set a cookie.
Thanks for reading!!!