https://www.youtube.com/watch?v=lKrbeJ7-J98
HTTP messages are how data is exchanged between a server and a client. There are two types of messages: requests sent by the client to trigger an action on the server, and responses, the answer from the server.
3. Agenda
● What is HTTP?
● HTTP Methods
● Directory and File name
● Parameters and it’s value
● HTTP Version
● HTTP Request Header
● CR&LF Character
● Status Code
● HTTP Response Header
4. What is HTTP ?
Hypertext Transfer Protocol (HTTP) is an application-layer protocol for
transmitting hypermedia documents, such as HTML.
It was designed for communication between web browsers and web servers.
5. Evolution of HTTP
HTTP/0.9 Extremely simple: requests consist of a single line.
GET /mypage.html
HTTP/1.0 Added HTTP Version in request and HTTP headers has been introduced.
A status code line is also sent at the beginning of the response.
HTTP/1.1 Allowing to send a second request before the answer for the first one.
Additional cache control, including language, encoding, or type, has been
introduced.
Host header, the ability to host different domains at the same IP address.
HTTP/2.0 Binary protocol rather than text.It can no longer be read and created manually
HTTP/3.0 Still in draft mode.
8. HTTP request methods are the assets that indicate the specific desired
action to be performed on a given resource
These method names are case sensitive and they must be used in uppercase.
9. Most Common HTTP Methods
GET : used to request data from a specified resource.
POST : used to send data to a server to create/update a resource.
HEAD : almost identical to GET, but without the response body.
OPTIONS : Describes the communication options for the target resource.
DELETE : deletes the specified resource.
PUT : used to send data to a server to create/update a resource.
… … ...
10. HTTP METHODS
OPTIONS GET HEAD POST PUT
DELETE TRACE CONNECT PROPFIND PROPPATCH
MKCOL COPY MOVE LOCK UNLOCK
VERSION-CONTROL REPORT CHECKOUT CHECKIN UNCHECKOUT
MKWORKSPACE UPDATE LABEL MERGE BASELINE-CONTROL
MKACTIVITY ORDERPATCH ACL PATCH SEARCH
ARBITRAR TRACK
11. Exploit of PUT method
https://medium.com/@asfiyashaikh10/exploiting-put-method-d2d0cd7ba662
14. URL Path and file.
Path start with application root directory e.g. /var/www/html, which is not
appear in user side and manage by application server.
Directory path : /var/www/html/blog/2020/03/10/upcoming_meets/
File : meet.php
18. Parameters are in the form of attribute/value pairs.
In GET URL Path and parameter is separated through ? symbole.
Two parameters are separated through & symbol.
19. REST request URL
GET /API/v1/data/getdata/account/123/id/1337
POST /API/v1/data/putdata/account/123/id/1337/name/bhagyashree
http://infosecgirls.in/index.php?page=foo
http://infosecgirls.in/products?category=2&pid=25
http://infosecgirls.in/index.php?mod=profiles&id=193
http://infosecgirls.in/kb/index.php?cat=8&id=41
http://infosecgirls.in/foo
http://infosecgirls.in/products/2/25
http://infosecgirls.in/profiles/193
http://infosecgirls.in/kb/8/41
=
=
=
=
26. CRLF Character
CR and LF are control characters or bytecode that used to mark a line break in a text file.
CR = Carriage Return (r, 0x0D in hexadecimal, 13 in decimal)
LF = Line Feed (n, 0x0A in hexadecimal, 10 in decimal)



27. CRLF Injection
A CRLF injection vulnerability exists if an attacker can inject the CRLF
characters into a web application.

30. HTTP Request Headers
The client and the server pass additional information with an HTTP request
or response.
An HTTP header consists of its case-insensitive name followed by a colon
(:), then by its value. Whitespace before the value is ignored.
Cookie, User-Agent, or Referer precise the context so that the server can
build the answer.
36. Status Code and Reason Phrase
1xx: Informational - Request received, continuing process
2xx: Success - The action was successfully received, understood, and accepted
3xx: Redirection - Further action must be taken in order to complete the request
4xx: Client Error - The request contains bad syntax or cannot be fulfilled
5xx: Server Error - The server failed to fulfill an apparently valid request
37. Status Code
100 : Continue
101 : Switching Protocols
200 : OK
201 : Created
202 : Accepted
203 : Non-Authoritative Info
204 : No Content
205 : Reset Content
206 : Partial Content
300 : Multiple Choices
301 : Moved Permanently
302 : Found
303 : See Other
304 : Not Modified
305 : Use Proxy
307 : Temporary Redirect
414 : Request-URI Too Large
415 : Unsupported Media Type
416 : Requested range not satisfiable
417 : Expectation Failed
500 : Internal Server Error
501 : Not Implemented
502 : Bad Gateway
503 : Service Unavailable
504 : Gateway Time-out
505 :HTTP Version not supported
400 : Bad Request
401 : Unauthorized
402 : Payment Required
403 : Forbidden
404 : Not Found
405 : Method Not Allowed
406 : Not Acceptable
407 : Proxy Authentication Required
408 : Request Time-out
409 : Conflict
410 : Gone
411 : Length Required
412 : Precondition Failed
413 : Request Entity Too Large
41. HTTP Response Headers
The response-header fields allow the server to pass additional information
about the response which cannot be placed in the Status- Line.
These header fields give information about the server and about further
access to the resource identified by the Request-URI.
Response headers, like Age, Location or Server are used to give a more
detailed context of the response.