Wednesday is here and guess what? It’s another THM room, who would have thought?
Yesterday we completed the Metasploit module and today we move on to the Web Hacking section of the path, as I’m quite versed (I would like to think so) this should be a breeze but, that is seldom the case!
In the initial room of the module, as you would expect it goes through concepts such as web applications overview, URL’s and how they are made up (e.g scheme, user, host/domain, port, path, query strings and fragments)
As well as topics such as HTTP requests and responses and various HTTP codes (e.g 200 OK 401, 403, 404) you get the idea!
Lastly, moving on to a practical task which involves making HTTP requests to an API and modifying the data to retrieve the flags.
Until next time & don’t sleepwalk through life!
Orevwa