HTTP (Hyper Text Transfer Protocol) is basically a client-server protocol, wherein the client (web browser) makes a request to the server and in return, the server responds to the request. The response by the server is mostly in the form of HTML formatted pages. HTTP protocol by default uses port 80, but the web server and the client can be configured to use a different port.
HTTP is a stateless protocol which means that the server does not retain the information from each user. HTTP is the backbone of the World Wide Web (www) and for it being stateless simply means that it does not remember each and every client that connects to the internet and it does not matter if a single user sends multiple requests one after another, they all will still be treated as independent requests by the server.
We are currently using HTTP 2, its predecessors were HTTP 1.0 and 1.1, and the major differences between 1.X and 2, at a higher level, are:
- Http 2 is binary and not textual
- Http 2 is multiplexed, it can use a single connection for parallelism, Http one, on the other hand, is based on ordering and blocking.
- Http 2 uses compression in its headers to reduce the overhead.
- Http2 gives servers the capability to “push” responses to client servers proactively.
HTTP works through different methods and these methods are:
HTTP Request Methods
| Method | Description |
| GET | Used to retrieve information from the given URL |
| POST | Used to send data to the server, for example, customer information, file upload, etc. using HTML forms |
| DELETE | Delete a File of the specified URL |
| PUT | Uploads a File of the specified URL |
| TRACE | Trace on the jsp resource returns the content of the resource. |
| HEAD | GET only HTTP headers and no document body |
| OPTIONS | HTTP methods that the server supports |
There is a major difference between GET and POST method which people fail to understand. Once you understand these properly, you can manipulate and increase the security of your web application. The differences are as follows:
| GET | POST |
| Get request can be cached | Post request are never cached |
| Remain in the browser history | Do not remain in the browser history |
| It can be bookmarked | It cannot be bookmarked |
| Get request should never be used when dealing with sensitive data | The post should always be used for sensitive data |
| Get request has a length restriction | post request has no length restriction |
| Get request should be used to retrieve data | |
| It is less secure | It is more secure |
An HTTP client sends an HTTP request to a server in the form of a request message which includes the following format
http://yahoo.com/ GET / HTTP/1.1 Host: yahoo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1
There are several fields in the header, but we will discuss the more important ones:
Host: This field is in the header and it is used to identify individual website by a hostname if they are sharing the same IP address. The client web browser also sets a user-agent string to identify the type and version of the browser.
User-Agent: This field is set correctly to its default values by the web browser, but it can be spoofed by the end user. This is usually done by the malicious user to retrieve contents designed for other types of web browsers.
Cookie: This field stores a temporary value shared between the client and server for session management.
Referer: This is another important field that you would often see when you are redirected from one URL to another. This field contains the address of the previous web page from which a link to the current page was followed. Attackers manipulate the Referer field using an XSS attack and redirect the user to a malicious website.
Accept-Encoding: This field defines the compression scheme supported by the client; gzip and Deflate are the most common ones. There are other parameters too, but they are of little use to penetration testers.
Response
Response: When a request is sent to the server; the server replies in the form of response. Following is an example of a response:
HTTP/1.1 200 OK Date: Sat, 10 Jun 2017 05:17:18 GMT Set-Cookie: autorf=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=in.yahoo.com Content-Type: text/html; charset=UTF-8 Server: ATS Expires: -1 Content-Length: 477864
HTTP Response Code: The Status-Code element is a 3-digit integer where the first digit of the Status-Code defines the class of response and the last two digits do not have any categorization role. There are 5 values for the first digit
| Code | Meaning | Example |
| 1xx | Information | 100: server agrees to handle a client request. |
| 2xx | Success | 200: request succeeded.
204: no client present. |
| 3xx | Redirection | 301: page moved.
304: cached page still available. |
| 4xx | Client error | 403: forbidden page.
404: page not found. |
| 5xx | Server error | 500: internal server error.
503: try again later. |
HTTP Version: A server supporting HTTP version 1.1 will return the following version information
Date: The date and time that the message was originated
Set-Cookie: This field, if defined, will contain a random value that can be used by the server to identify the client and store temporary data
Server: This field is of interest to a penetration tester and will help in the recon phase of a test. It displays useful information about the web server hosting the website.
Content-Length: This field will contain a value indicating the number of bytes in the body of the response. It is used so that the other party can know when the current request/response has finished.
HACK RF RADIO AND NET HUNTER PHONE
USING WIGLE + WIFITE + ALFA ADAPTER
Daily practice and real-time application is key to perfection
Headings
Header one
Header two
Header three
Header four
Header five
Header six
Blockquotes
Single line blockquote:
Multi line blockquote with a cite reference:
Tables
Definition Lists
Unordered Lists (Nested)
Ordered List (Nested)
HTML Tags
These supported tags come from the WordPress.com code FAQ.
Address Tag
1 Infinite LoopCupertino, CA 95014
United States
Anchor Tag (aka. Link)
This is an example of a link.
Abbreviation Tag
The abbreviation srsly stands for “seriously”.
Acronym Tag
The acronym ftw stands for “for the win”.
Big Tag
These tests are a big deal, but this tag is no longer supported in HTML5.
Cite Tag
“Code is poetry.” —Automattic
Code Tag
You will learn later on in these tests that
word-wrap: break-word;will be your best friend.Delete Tag
This tag will let you
strikeout text, but this tag is no longer supported in HTML5 (use the<strike>instead).Emphasize Tag
The emphasize tag should italicize text.
Insert Tag
This tag should denote inserted text.
Keyboard Tag
This scarsly known tag emulates keyboard text, which is usually styled like the
<code>tag.Preformatted Tag
This tag styles large blocks of code.
.post-title { margin: 0 0 5px; font-weight: bold; font-size: 38px; line-height: 1.2; }Quote Tag
–Steve Ballmer
Strong Tag
This tag shows bold text.
Subscript Tag
Getting our science styling on with H2O, which should push the “2” down.
Superscript Tag
Still sticking with science and Albert Einstein’s E = MC2, which should lift the “2” up.
Teletype Tag
This rarely used tag emulates teletype text, which is usually styled like the
<code>tag.Variable Tag
This allows you to denote variables.
There are a few checklist items that should be in each comment.
.bypostauthorclass.This user it trying to be anonymous.
Comments? I love comments!
Video comment.
Image comment.
These tests are amazing!
Author Comment.
Comment Depth 01
Comment Depth 02
Comment Depth 03
Comment Depth 04
Comment Depth 05
Also an author comment.
Comment Depth 06
Comment Depth 07
Comment Depth 08
Comment Depth 09
Comment Depth 10
Also an author comment.
We are totally going to blog about these tests!
We use these tests all the time! Killer stuff!
Thanks for all the comments, everyone!