Web Application Basics: TryHackMe Writeup
Task 1: Introduction
Learning Objectives
By completing this room, you will:
- Understand what a web application is and how it runs in a web browser.
- Break down the components of a URL and see how it helps access web resources.
- Learn how HTTP requests and responses work.
- Get familiar with the different types of HTTP request methods.
- Understand what different HTTP response codes mean.
- Check out how HTTP headers work and why they matter for security.
No answer needed.
Task 2: Web Application Overview
#2.1 Which component on a computer is responsible for hosting and delivering content for web applications?
Answer: web server
#2.2 Which tool is used to access and interact with web applications?
Answer: web browser
#2.3 Which component acts as a protective layer, filtering incoming traffic to block malicious attacks, and ensuring the security of the the web application?
Answer: web application firewall
Task 3: Uniform Resource Locator
#3.1 Which protocol provides encrypted communication to ensure secure data transmission between a web browser and a web server?
Answer: HTTPS
#3.2 What term describes the practice of registering domain names that are misspelt variations of popular websites to exploit user errors and potentially engage in fraudulent activities?
Answer: Typosquatting
#3.3 What part of a URL is used to pass additional information, such as search terms or form inputs, to the web server?
Answer: Query String
Task 4: HTTP Messages
#4.1 Which HTTP message is returned by the web server after processing a client’s request?
Answer: HTTP response
#4.2 What follows the headers in an HTTP message?
Answer: Empty Line
Task 5: HTTP Request: Request Line and Methods
#5.1 Which HTTP protocol version became widely adopted and remains the most commonly used version for web communication, known for introducing features like persistent connections and chunked transfer encoding?
Answer: HTTP/1.1
#5.2 Which HTTP request method describes the communication options for the target resource, allowing clients to determine which HTTP methods are supported by the web server?
Answer: OPTIONS
#5.3 In an HTTP request, which component specifies the specific resource or endpoint on the web server that the client is requesting, typically appearing after the domain name in the URL?
Answer: URL Path
Task 6: HTTP Request: Headers and Body
#6.1 Which HTTP request header specifies the domain name of the web server to which the request is being sent?
Answer: Host
#6.2 What is the default content type for form submissions in an HTTP request where the data is encoded as key=value pairs in a query string format?
Answer: application/x-www-form-urlencoded
#6.3 Which part of an HTTP request contains additional information like host, user agent, and content type, guiding how the web server should process the request?
Answer: Request Headers
Task 7: HTTP Response: Status Line and Status Codes
#7.1 What part of an HTTP response provides the HTTP version, status code, and a brief explanation of the response’s outcome?
Answer: Status Line
#7.2 Which category of HTTP response codes indicates that the web server encountered an internal issue or is unable to fulfil the client’s request?
Answer: Server Error Responses
#7.3 Which HTTP status code indicates that the requested resource could not be found on the web server?
Answer: 404
Task 8: HTTP Response: Headers and Body
#8.1 Which HTTP response header can reveal information about the web server’s software and version, potentially exposing it to security risks if not removed?
Answer: Server
#8.2 Which flag should be added to cookies in the Set-Cookie HTTP response header to ensure they are only transmitted over HTTPS, protecting them from being exposed during unencrypted transmissions?
Answer: Secure
#8.3 Which flag should be added to cookies in the Set-Cookie HTTP response header to prevent them from being accessed via JavaScript, thereby enhancing security against XSS attacks?
Answer: HttpOnly
Task 9: Security Headers
#9.1 In a Content Security Policy (CSP) configuration, which property can be set to define where scripts can be loaded from?
Answer: script-src
#9.2 When configuring the Strict-Transport-Security (HSTS) header to ensure that all subdomains of a site also use HTTPS, which directive should be included to apply the security policy to both the main domain and its subdomains?
Answer: includeSubDomains
#9.3 Which HTTP header directive is used to prevent browsers from interpreting files as a different MIME type than what is specified by the server, thereby mitigating content type sniffing attacks?
Answer: nosniff
Task 10: Practical Task: Making HTTP Requests
#10.1 Make a GET request to /api/users. What is the flag?
Answer: THM{YOU_HAVE_JUST_FOUND_THE_USER_LIST}
#10.2 Make a POST request to /api/user/2 and update the country of Bob from UK to US. What is the flag?
For this question type the url with the correct path and click on the settings icon and add the new values: “country”, and “US” as shown in the images below:
Answer: THM{YOU_HAVE_MODIFIED_THE_USER_DATA}
#10.3 Make a DELETE request to /api/user/1 to delete the user. What is the flag?
Answer: THM{YOU_HAVE_JUST_DELETED_A_USER}
Task 11: Conclusion
That’s it! You have completed all the tasks! We hope you enjoyed learning about the elements that make up web applications. Hopefully, you have learned a bit more about:
- What components are involved in web applications
- The structure of the Uniform Resource Locator (URL)
- What are HTTP messages, requests, headers and responses
- The importance of Security headers
Have a great time on your next learning journey!
No answer needed.
Thank you!
