[Web Exploitation] HTTP(S) :-

<aside> 💡 Needed for communication between webserver and client, an intermediary protocol.

</aside>

<aside> 💡 HTTP = TCP request + specific headers to identify protocols

</aside>

Cookies :-

<aside> 💡 Since HTTPS is a stateless request (can’t identify between if you sent the request or someone else did) we need cookies to identify users and their access levels (eg: normal users, admin, etc.).

</aside>

<aside> 💡 Cookies stored on local machine - is a tiny piece of data - their name and values are arbitrary.

</aside>

<aside> 💡 Made up of 11 components but we need to know only 2(name-value).

</aside>

<aside> 💡 We can take the cookie value and decode them to a non-arbitrary JavaScript object like JSON.

</aside>

<aside> 💡 After decoding it and changing the values/parameters to a higher level or as per the attacker we can encode it again and pass the cookie value and perform a refresh on the page.

</aside>

can use Cyber Chef as a tool to decode/encode cookies and use the magic recipe they have if you don't know what encoding type they have used.

Questions :-

2-5 questions are alright easy but 6,7 faced problems as monitor.html was not opening on the login page after changing cookie value.