Web Fundamentals

Date: 02, December, 2020

Author: Dhilip Sanjay S

Click Here to go to the TryHackMe room.

---

HTTP VERBS

• There are 9 HTTP Verbs:

  • GET

  • POST

  • PUT

  • UPDATE

  • DELETE

  • TRACE

  • PATCH

  • CONNECT

  • OPTIONS

Status codes

• 418 - I'm a teapot

---

Solutions

1. What's the GET flag?

• Answer: thm{162520bec925bd7979e9ae65a725f99f}

• Steps to reproduce:

curl 10.10.45.155:8081/ctf/get

---

2. What's the POST flag?

• Answer: thm{3517c902e22def9c6e09b99a9040ba09}

• Steps to reproduce:

curl -X POST 10.10.45.155:8081/ctf/post --data "flag_please"

Options used along with CURL:

• -X FLAG

• --data "some text"

---

3. What's the "Get a cookie" flag?

• Answer: thm{91b1ac2606f36b935f465558213d7ebd}

• Steps to reproduce:

  • Visit http://machine-ip:8081/ctf/getcookie

  • Press Ctrl+Shift+I (or) F12 in browser.

  • In chrome, go to Application Tab and select Cookies under Storage section to view the cookies.

  • In Firefox, click on Storage tab to view the cookies.

---

4. What's the "Set a cookie" flag?

• Answer: thm{c10b5cb7546f359d19c747db2d0f47b3}

• Steps to reproduce:

  • In firefox, lick on Storage tab and then click + symbol to add the cookie with name and value as flagpls.

  • In chrome, use console to add cookie.

  document.cookie = "flagpls = flagpls"

  • Visit http://machine-ip:8081/ctf/sendcookie