Hack the box - Web requests module detailed Chinese tutorial

Catalog

Network protocol ................................................................................................................... 2

1.1HTTP agreement ...................................................................................................... 2

1.2HTTP workflow ............................................................................................ 3

1.3CURL Introduce ............................................................................................................. 3

2.1HTTPS agreement .................................................................................................... 4

2.2HTTPS workflow .......................................................................................... 4

Headers..................................................................................................................... 4

1.1Http Request.................................................................................................. 4

1.2Http Response................................................................................................ 5

HTTP Request method ........................................................................................................... 5

understand web How applications work , Different web How applications pass http request Request to interact with the back-end server

Network protocol

1.1HTTP agreement

Http Protocol is the application layer protocol , Used to obtain www Resources on the Internet , It is expressed in the form of hypertext , A form of text that contains links and resources ,http The interaction mode is client and server mode , The client sends request request , The server accepts requests to perform operations , Return to the client resource

Defalut port:              80

Tip: We can modify the default port by modifying the configuration file of the server

1.1.1URL

http adopt url To get the resources we need , For example, we visit a website ,url The structure is as follows

http://admin:[email protected]:80/dashboard.php?login=true

1.2HTTP workflow

1.3CURL Introduce

Curl Is a command line next web browser , Support http And many other agreements , Can send multiple web request , It is recommended to use in terminal environment

for example ： curl http://www.baidu.com

Usage: curl [options...] <url>

 -d, --data <data>   HTTP POST data

 -h, --help <category> Get help for commands

 -i, --include       Include protocol response headers in the output

 -o, --output <file> Write to file instead of stdout

 -O, --remote-name   Write output to a file named as the remote file

 -s, --silent        Silent mode

 -u, --user <user:password> Server user and password

 -A, --user-agent <name> Send User-Agent <name> to server

 -v, --verbose       Make the operation more talkative

This is not the full help, this menu is stripped into categories.

Use "--help category" to get an overview of all categories.

Use the user manual `man curl` or the "--help all" flag for all options.

2.1HTTPS agreement

HTTPS Agreement is http The secure version of the protocol , The process of network transmission using this protocol will be more secure , Use HTTPS agreement , In the whole process of network transmission , Data is encrypted , This greatly improves the security of data transmission

2.2HTTPS workflow

Headers

1.1Http Request

Let's take a look at one http request Request header , as follows

Above this request Requested url yes :

who_ Baidu search http://www.baidu.com/baidu?tn=monline_7_dg&ie=utf-8&wd=who

GET                             HTTP Requested method

/baidu?tn                    Resource directory

HTTP/1.1                    HTTP Version of protocol

1.2Http Response

So let's look at one http response Response head , as follows

HTTP/1.1 yes http Protocol version ,200OK It's the status code , Used to tell the client request The result of the request execution

HTTP Request method

GET

POST

PUT

DELETE

CRUD API                   When the server provides us with an interface that can interact with the back-end database , We can use it GET,POST,PUT,DELETE To operate the backend database , One by one corresponds to the basic operation of the database

                                   CREATE  （ newly added ）            POST

                                   DELETE  （ Delete ）            DELETE

                                   UPDATE （ modify ）            PUT

                                   SELECT  （ lookup ）            GET