Welcome to cyber ery. I'm Raymond Evans, and I will be your subject matter expert for Cyber Aires. Web application penetration, testing course this video, we will be discussing http and https basics.
So what will be covered around? Discuss what is a c t p. What is https? Talk about TCP and
discuss which one is better. Http or Https?
So what is http, http is a foundation of communication for all the other applications and Web pages. Whenever you're browsing any kind of website regenerating http traffic and with that traffic you're performing all kinds of different requests
and those requests perform different functions. So we have things like a get request. It retrieves data. So over time you browse to a page you're performing a get requests because you're getting the data and being presented to you. Um,
in your web browser.
Ah, head request can be performed as well, and that's used to get metadata about the pages. Certain pieces of software will perform head retrievals to get metadata that it may want.
There's also a delete request, which these resource is off a server. So if you don't have several locked down properly and you allow people to
perform requests. You can see Maiken actually delete Resource is off your server,
and we have Post requests post requests When there's a submission of a Web form, um, or something like a forum. And then we have put requests is used to push Resource is to a Web server. Sometimes this could be a bad thing, because if you don't have a Web server locked down properly, some I can do a push request and
pushed data onto the Web server
and actually push something like a piece of malware onto it. Now the mount Where won't execute. However, if you know that exact location that you put that item and you have your social engineering skills up, then you can actually trick somebody who works with those servers
into possibly browsing to that on the server and executing it.
You could say that you're somebody from whatever company is running that serving. You could say, Hey, we got this new update that got pushed out to all the servers accept it needs manually executed. Can you please go
sessions such folder and execute such and such file
on a lot of times that actually may work due to the fact that humans are the weakest link in any network.
which is important to know.
When you're browsing different Web pages,
different codes or generated now you don't see them up front all the time.
Sometimes they are only in the packets, but they're there. Things were happening in the background that you don't realize if you's a packet analysis to little stitches,
why a shark? Then you can actually look at those packets and view the different status codes, so some examples are
but 100 SAS codes, which are informational and an example of that is the 101 switching protocol.
And then we have the 200 which our success codes. So if you successfully browse to a Web page and you successfully get that data retrieved, will get 200 code 300 a redirection codes, and they give you different information about redirection. So it's a 301 than that Web page may have been moved
somewhere else, a different girl, and it's going to redirect you every single time.
Then there's a classic 404 which is a client error code and 44 is a file not found. So
if there's a Web pages you're looking for and that what beiges and exist anymore, you're gonna get a 404 not found error
and then 500 server issues. So it's things like the 503 code, which is service unavailable, which means that that server is currently down. There's a lot more coz and just these.
These are just some examples I decide to includes that way
you had some kind of idea of the stash codes.
but you should definitely look into these codes further and understand them better. Because if you are using a packet analysis tool of something that happened some kind of event that happened in an organization than
you will know what's going on based on these status codes.
So, for example, if a redirection code happens and on individuals being redirected toe Ah, malicious. But Paige,
you can identify that redirection code in the packets.
Oh, well, https is used for secure communications. It uses port for 43 and it uses S S l and T. L s uses SSL certificates to ensure that
the communication is secure and those certificates are granted by a certificate authority. But now it used to be that back in the day
S S L N T L s certificates used to cost a lot of money.
Now there are companies out there who still pay lots of money for
certificates from the certificate authority. However, there is a bit of ah, small movement of
getting free certificate in people's hands on one of those companies is called Let's Encrypt and they're actually giving free
certificates out to everybody Now. Used to be that if you had
https on your Web page, people generally thought that your Web page was a trusting good Web page because, hey, you're paying hundreds of dollars for your certificate. There's no way you're gonna be a bad guy. I mean, those guys don't pay that kind of money for secure stuff
Well, now this is coming back to bite people in the but these free certificates.
So if you see https, yes, the page is secure so you can trust the communications. However,
you can't trust the page itself. You may go to a page it says, Hey, give us your credit card. Information it maybe https.
But that doesn't mean that that page is a page that you should trust. It just means that you're not gonna be hit by a man in the middle attack or
people aren't gonna be listening to your communications.
Https uses certificates from a certificate authority
and how how it works is first as the cell certificates are exchanged and those certificates are identifying. Hey, I am who I say I am
that exchange happens
and both hosts trust each other.
Then the encryption keys are exchanged. And that's when all the communications are encrypted.
So that's how https works in a nutshell,
both work off of the TCP Protocol. Now there's two different kinds of protocols that you're going to say TCP and UDP. TCP is a connection oriented communication, whereas UDP is a connection lis oriented communication.
So does that mean Well, TCP does what's known as the three way handshake. So whenever you go to a browse to a page,
you host one send a TCP syn packet to host too
host to receives a packet and acknowledges by sending a sin act packet back to host one. So saying, Hey, I see your communication attempt.
I acknowledge that communication attempt.
Then host one sends an act packet back to host to saying, Hey, thanks for responding
and then a TCP connection has been established.
that communication is used to ensure that all packets are received via communication on. They do that
with things like the sequence number, which is used throughout communication. Thio identify if a packet may have been dropped.
However, if you're using something like UDP, that is a connection list or in't it communication and what that means is,
UDP just throws on the packets at whoever's trying to receive them, and it does not care if there's any kind of packet loss.
TCP is great for browsing the Web because you're gonna get all your packets.
UDP is great for streaming of media.
If we used TCP for streaming of media than the media, would that would be slowed down substantially. One or two packets dropped here or there will not matter for streaming a media.
But it will matter for TCP because if you're dropping packets for T. C. P.
And you're trying to browse a Web page. Then you're gonna not get
content that you want from the Web page, whereas UDP
no make it a little bit of downgrading that in the quality of your streaming service. So which is better to use a CT? Pierre https? Well,
https is always better to use a C. T. P s prevents a man in the middle attack. And https prevents eavesdropping from packet analysis tools on a network so all that communication will be encrypted and nobody can pick off your form field data or things like your credit card or sensitive information.
So https is always better to use efforts. Site has an option to use https.
Always use that if you have the ability to
use as a self certificates or in your Web application, do it. It will only make your web application stronger. So was covered. Well, I discussed what HDP What is http, I want to discuss what is https. I talked about what t c ps and the three way handshake and how that works.
And then I told you which one is better,
Happy hacking. Everyone