Skip to content

HTTP Lab Tasks

This weeks lab tasks focus on dealing with HTTP, (and HTML)

We will look at making different types of request, and seeing how this will effect the server.

We will also look at the various ways of storing state, and how some of these common methods can be manipulated.

We can start the server using docker compose

/245-Labs/Week5_Requests$ docker-compose up

Once the server is up, you can visit the web page at http://127.0.0.1:5000

Making Requests

For the first set of tasks play with requests using different methods. See which values you can change, and how you can modify the request headers.

Requests in the Browser

First take a look at what we can see using the browser.

Try the various requests pages.

Easytask

Use the browser to make some GET and POST requests. See what information is sent in the headers, and how the request data is dealt with.

Can we combine GET and POST requests

Task

Using the inspector tool, see what parts of the request you can manipulate.

Requests using Requests

We can also manipulate requests using the python requests library

For example to make a Get Request with a username of "demo"

import requests

URL = "http://127.0.0.1:5000"
data = {"username": "demo"}

r = requests.get(URL, params=data)

#Print the result
print(r.text)

Task

Try making some requests using the Python Request Library.

You may want to investigate using the JSON endpoint, to make parsing the data returned easier

Requests using Burp

Task

Finally, take a look at manipulating the request parameters using Burp. How does it compare to Requests and the Inspector tool.

Sessions and Cookies

For our second set of demos we will look at session management. There are some demos in the "SESSION" that show some ways that developers attempt to maintain state in applications.

Crappy Session Management

  • Hidden Form Values
  • Hidden Attributes (GET)
  • Manual Cookies

Task

Take a look at the Session based challenges. You should be able to complete them using just the browser.

Task

While we can use the browser for this, automation and other tools can be good.

  • Repeat the tasks using Burp
  • Repeat the tasks using programming (for example python)

Session Cookies

I am using flask for the web app. It does session cookies slightly differently to things like PHP. However, the principle is the same.

Task

Take a look at interacting with session cookies.

Notice how you can read the data that is returned, However, trying to change the values will lead to a session error.

Directory Enumeration

Task

Try using GoBuster / Dirbuster / Ffuf to enumerate the we service.

You should find all the paths in the "Common" wordlist.

Back to top