Today's problem is: https://tryhackme.com/room/httpindetail
Challenge Overview: Machine: HTTP in Detail (THM) Path: HTTP Basics -> Requests & Responses -> Methods -> Status Codes -> Headers -> Cookies -> Manual HTTP Manipulation Key Takeaway: Understanding how HTTP works at the protocol level — including request methods, headers, status codes, cookies, and manual request crafting — is essential for both web exploitation and defensive analysis.
The questions in Task 1, i.e., "What is HTTP(S)?" are based on the basics of the HTTP protocol.
What does HTTP stand for?
HyperText Transfer ProtocolHTTP is the core protocol used for transferring web content between clients (browsers) and servers.
What does the S in HTTPS stand for?
secureHTTPS is HTTP over TLS/SSL, providing encryption, integrity, and authenticity.
On the mock webpage on the right there is an issue, once you've found it, click on it. What is the challenge flag?
When clicking the "View Website" button in the AttackBox, the insecure element was the absence of HTTPS. Inspecting the certificate warning and clicking the lock icon revealed the flag:
THM{INVALID_HTTP_CERT}This demonstrates the importance of proper certificate configuration in production environments.
The questions in Task 2, i.e., "Requests And Responses," are based on the request header and protocols.
The example response to be used to answer the questions in this task is stated in the task:
HTTP/1.1 200 OK
Server: nginx/1.15.8
Date: Fri, 09 Apr 2021 13:34:03 GMT
Content-Type: text/html
Content-Length: 98
<html>
<head>
<title>TryHackMe</title>
</head>
<body>
Welcome To TryHackMe.com
</body>
</html>What HTTP protocol is being used in the above example?
The protocol version appears at the beginning of the response line.
HTTP/1.1What response header tells the browser how much data to expect?
This header specifies the size of the response body in bytes.
Content-LengthThe questions in Task 3, i.e., "HTTP methods," are based on the types of requests that can be made to and from a server.
What method would be used to create a new user account?
POSTPOST is used to submit new data to the server.
What method would be used to update your email address?
PUTPUT updates an existing resource.
What method would be used to remove a picture you've uploaded to your account?
DELETEDELETE removes a specified resource.
What method would be used to view a news article?
GETGET retrieves data without modifying it.
The questions in Task 4, i.e., "HTTP Status Codes," are based on the response codes that can be received after sending a request.
What response code might you receive if you've created a new user or blog post article?
201201 indicates successful resource creation.
What response code might you receive if you've tried to access a page that doesn't exist?
404404 indicates the requested resource was not found.
What response code might you receive if the web server cannot access its database and the application crashes?
503503 indicates the service is unavailable, often due to backend issues.
What response code might you receive if you try to edit your profile without logging in first?
401401 indicates authentication is required.
The questions in Task 5, i.e., "Headers," are based on the multiple types of headers present in the responses.
What header tells the web server what browser is being used?
User-AgentWhat header tells the browser what type of data is being returned?
Content-TypeWhat header tells the web server which website is being requested?
HostHeaders are critical in web security testing, as many attacks involve manipulating them.
The questions in Task 6, i.e., "Cookies," are based on the cookies used by the server to keep the track record of a user.
Which header is used to save cookies to your computer?
Set-CookieThe server sends a Set-Cookie header, and the browser stores it for future authenticated requests.
The questions in Task 7, i.e., "Making Requests," are based on the practical usage of how to make requests to a server on the HTTPS protocol.
Make a GET request to the/room page.
Change the URL in the search bar to "http://tryhackme.com/room" and send a GET request.
THM{YOU'RE_IN_THE_ROOM}Make a GET request to /blog page and set the id parameter to 1
Change the URL in the search bar to "http://tryhackme.com/blog?id=1" and send a GET request.
THM{YOU_FOUND_THE_BLOG}Make a DELETE request to the/user/1 page.
Change the URL in the search bar to "http://tryhackme.com/user/1" and send a DELETE request.
THM{USER_IS_DELETED}Make a PUT request to the/user/2 page with the username parameter set to admin.
Change the request header as shown below using Settings icon and URL to "http://tryhackme.com/user/2" and send a PUT request.
PUT /user/2 HTTP/1.1
Host: tryhackme.com
User-Agent: Mozilla/5.0 Firefox/87.0
Content-Length: 14
Content-Type: application/x-www-form-urlencoded
username=adminMake a POST request to /login page with the username of thm and a password of letmein
Change the request header as shown below using Settings icon and URL to "http://tryhackme.com/login" and send a POST request.
POST /login HTTP/1.1
Host: tryhackme.com
User-Agent: Mozilla/5.0 Firefox/87.0
Content-Length: 29
Content-Type: application/x-www-form-urlencoded
username=thm&password=letmein
THM{HTTP_REQUEST_MASTER}Remediations:
- Enforce HTTPS with valid SSL/TLS certificates to prevent interception and certificate-based attacks.
- Restrict allowed HTTP methods on sensitive endpoints to prevent unauthorized resource modification (e.g., disabling PUT and DELETE where unnecessary).
- Use proper authentication and authorization controls to prevent unauthorized access (401/403 enforcement).
- Implement secure cookie attributes (
HttpOnly,Secure,SameSite) to reduce session hijacking risks.
We are done with the machine……….
Let's move to the next, till then Have a good day (night too)