# Web 101 ###### tags: `cybersecurity` `web` ## Requests Client sends a request to the server. A HTTP request can be broken down as follow * **verb and path for server** e.g: GET /index.php * **headers** which give the web server additional information about the request. note that **cookies** are sent in request headers * **body** of the request.For POST requests, this is the content that is sent to the server. For GET requests, a body is allowed but will mostly be ignored. Headers will contain information about the user device involved which may prove useful for forensics and analyzing pcaps. There are 9 different HTTP verbs / methods. 1. GET - used to retrieve content 1. POST - used to send data to a web server e.g add comment or login 1. HEAD - asks for a response identical to get but without the body of the response 1. PUT - replace target with provided data 1. DELETE - delete target 1. CONNECT - establish a tunnel to the server identified by the target 1. OPTIONS - describe's communication options for the target 1. TRACE - perform a message loop back test along path to target 1. PATCH - apply partial modifications to a resource Only 1 and 2 are important while starting out. ## Responses Server replies with a response that follows the format of the request but the first line describes the status. * 100-199 : informational * 200-299 : success * 300-399 : redirection * 400-499 : user error (you messed up) * 500-599 : server error (server messed up) **Response headers can tell you about the server that sent them or provide you with cookies.** The response also has a body. For GET Requests, the response body will be web content or info like JSON. For POST Requests, it may be a status message or the same. ## Cookies A cookie is a small piece of data a server sends to a user's web browser. The browser may store the cookie and send it back to the server with requests later. Typically used to tell if two requests came from the same browser. Each browser stores them separately so your chrome cookies aren't available in firefox -- unless you import them. Mainly used for **session management or advertising (tracking cookies)** Cookies are normally sent with every request made to a http server. ### but why cookies? HTTP is stateless meaning that each request is independent and no state is tracked internally. Thus, cookies address this by enabling us to do things like keep track of data like items in a shopping cart, score level and points in a game etc Cookies track who you are , what you've done etc. ### what's in a cookie? cookies have a: * name : identifies the cookie * value : where data is stored * expiry date : when the browser will get rid of the cookie automatically * path : what requests the cookie will be sent with Servers set cookies in the 'Set-Cookie' response header. ### using cookies when you login to a web app, the server assigns you a session token, allowing it to identify your requests from someone else's. Stealing a session token often allows you to impersonate that person. ## what to do with a cookie? You can view and modify cookies with your browser's developer tools [F12] -> storage tab further reading: [cookie article](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies) ### now what by default **curl** performs GET requests to urls passed to it. * the -X flag allows us to specify the request type e.g -X POST * the --data flag allows you to specify the data, data to POST defaults to plain text data * -c or --cookies curl does not store cookies and you have to manually specify any cookies and values you would like to send with your requests. * syntax: curl -c store-here.txt -b read-these https[:]//example[.]com Examples: **curl [url]** : makes a get request **curl -X POST --data 'data here' [url]** : makes a post request with data here as the body of the request **curl -c - [url]** : outputs the cookie returned from the server to stdout, if you specify a file in place of the single dash, the cookie will be written to the file instead. **curl -c - -b 'cookiename:cookievalue' [url]** : will output the resulting cookie from passing a reques to the server with cookiename:cookievalue set