Time
4 hours 20 minutes
Difficulty
Intermediate
CEU/CPE
5

Video Description

In the previous video was examined packets. We continue the discussion of web communications by taking a look into the core protocols of web app communications: HTTP and HTTPS. HTTP consists of various types of requests with the fundamental ones by Get, Head, Delete, Post, and Put. The TCP port for HTTP is port 80. The secure version of web app communications is HTTPS and it communicates over TCP port 443. It use SSL/TLS certificates granted by a certificate authority to vouch for the site owner's identity. It also encrypts the data going across the connection for additional security.

Video Transcription

00:04
Welcome to cyber ery. I'm Raymond Evans, and I will be your subject matter expert for Cyber Aires. Web application penetration, testing course this video, we will be discussing http and https basics.
00:15
So what will be covered around? Discuss what is a c t p. What is https? Talk about TCP and
00:23
discuss which one is better. Http or Https?
00:26
So what is http, http is a foundation of communication for all the other applications and Web pages. Whenever you're browsing any kind of website regenerating http traffic and with that traffic you're performing all kinds of different requests
00:42
and those requests perform different functions. So we have things like a get request. It retrieves data. So over time you browse to a page you're performing a get requests because you're getting the data and being presented to you. Um,
00:57
in your web browser.
00:59
Ah, head request can be performed as well, and that's used to get metadata about the pages. Certain pieces of software will perform head retrievals to get metadata that it may want.
01:10
There's also a delete request, which these resource is off a server. So if you don't have several locked down properly and you allow people to
01:19
perform requests. You can see Maiken actually delete Resource is off your server,
01:25
and we have Post requests post requests When there's a submission of a Web form, um, or something like a forum. And then we have put requests is used to push Resource is to a Web server. Sometimes this could be a bad thing, because if you don't have a Web server locked down properly, some I can do a push request and
01:45
pushed data onto the Web server
01:47
and actually push something like a piece of malware onto it. Now the mount Where won't execute. However, if you know that exact location that you put that item and you have your social engineering skills up, then you can actually trick somebody who works with those servers
02:04
into possibly browsing to that on the server and executing it.
02:07
You could say that you're somebody from whatever company is running that serving. You could say, Hey, we got this new update that got pushed out to all the servers accept it needs manually executed. Can you please go
02:23
two
02:24
sessions such folder and execute such and such file
02:29
on a lot of times that actually may work due to the fact that humans are the weakest link in any network.
02:37
Http uses Port 80
02:40
which is important to know.
02:42
Http.
02:44
When you're browsing different Web pages,
02:46
different codes or generated now you don't see them up front all the time.
02:52
Sometimes they are only in the packets, but they're there. Things were happening in the background that you don't realize if you's a packet analysis to little stitches,
03:05
why a shark? Then you can actually look at those packets and view the different status codes, so some examples are
03:13
but 100 SAS codes, which are informational and an example of that is the 101 switching protocol.
03:21
And then we have the 200 which our success codes. So if you successfully browse to a Web page and you successfully get that data retrieved, will get 200 code 300 a redirection codes, and they give you different information about redirection. So it's a 301 than that Web page may have been moved
03:40
to, Ah,
03:40
somewhere else, a different girl, and it's going to redirect you every single time.
03:47
Then there's a classic 404 which is a client error code and 44 is a file not found. So
03:57
if there's a Web pages you're looking for and that what beiges and exist anymore, you're gonna get a 404 not found error
04:03
and then 500 server issues. So it's things like the 503 code, which is service unavailable, which means that that server is currently down. There's a lot more coz and just these.
04:15
These are just some examples I decide to includes that way
04:19
you had some kind of idea of the stash codes.
04:24
Um,
04:25
but you should definitely look into these codes further and understand them better. Because if you are using a packet analysis tool of something that happened some kind of event that happened in an organization than
04:39
you will know what's going on based on these status codes.
04:45
So, for example, if a redirection code happens and on individuals being redirected toe Ah, malicious. But Paige,
04:56
you can identify that redirection code in the packets.
05:00
No, I have https.
05:01
What is https?
05:03
Oh, well, https is used for secure communications. It uses port for 43 and it uses S S l and T. L s uses SSL certificates to ensure that
05:16
the communication is secure and those certificates are granted by a certificate authority. But now it used to be that back in the day
05:27
S S L N T L s certificates used to cost a lot of money.
05:30
Now there are companies out there who still pay lots of money for
05:36
certificates from the certificate authority. However, there is a bit of ah, small movement of
05:44
getting free certificate in people's hands on one of those companies is called Let's Encrypt and they're actually giving free
05:53
certificates out to everybody Now. Used to be that if you had
05:59
https on your Web page, people generally thought that your Web page was a trusting good Web page because, hey, you're paying hundreds of dollars for your certificate. There's no way you're gonna be a bad guy. I mean, those guys don't pay that kind of money for secure stuff
06:15
for a user.
06:16
Well, now this is coming back to bite people in the but these free certificates.
06:20
So if you see https, yes, the page is secure so you can trust the communications. However,
06:29
you can't trust the page itself. You may go to a page it says, Hey, give us your credit card. Information it maybe https.
06:35
But that doesn't mean that that page is a page that you should trust. It just means that you're not gonna be hit by a man in the middle attack or
06:44
people aren't gonna be listening to your communications.
06:46
Https uses certificates from a certificate authority
06:50
and how how it works is first as the cell certificates are exchanged and those certificates are identifying. Hey, I am who I say I am
07:00
and
07:02
you can trust me
07:04
after
07:06
that exchange happens
07:08
and both hosts trust each other.
07:11
Then the encryption keys are exchanged. And that's when all the communications are encrypted.
07:16
So that's how https works in a nutshell,
07:19
Http. In https
07:21
both work off of the TCP Protocol. Now there's two different kinds of protocols that you're going to say TCP and UDP. TCP is a connection oriented communication, whereas UDP is a connection lis oriented communication.
07:36
So does that mean Well, TCP does what's known as the three way handshake. So whenever you go to a browse to a page,
07:46
you host one send a TCP syn packet to host too
07:49
host to receives a packet and acknowledges by sending a sin act packet back to host one. So saying, Hey, I see your communication attempt.
08:01
I acknowledge that communication attempt.
08:05
Then host one sends an act packet back to host to saying, Hey, thanks for responding
08:11
and then a TCP connection has been established.
08:13
Now,
08:16
from that point on,
08:18
that communication is used to ensure that all packets are received via communication on. They do that
08:26
with things like the sequence number, which is used throughout communication. Thio identify if a packet may have been dropped.
08:37
However, if you're using something like UDP, that is a connection list or in't it communication and what that means is,
08:43
UDP just throws on the packets at whoever's trying to receive them, and it does not care if there's any kind of packet loss.
08:54
TCP is great for browsing the Web because you're gonna get all your packets.
08:58
UDP is great for streaming of media.
09:03
If we used TCP for streaming of media than the media, would that would be slowed down substantially. One or two packets dropped here or there will not matter for streaming a media.
09:15
But it will matter for TCP because if you're dropping packets for T. C. P.
09:20
And you're trying to browse a Web page. Then you're gonna not get
09:24
content that you want from the Web page, whereas UDP
09:28
no make it a little bit of downgrading that in the quality of your streaming service. So which is better to use a CT? Pierre https? Well,
09:35
https is always better to use a C. T. P s prevents a man in the middle attack. And https prevents eavesdropping from packet analysis tools on a network so all that communication will be encrypted and nobody can pick off your form field data or things like your credit card or sensitive information.
09:54
So https is always better to use efforts. Site has an option to use https.
10:00
Always use that if you have the ability to
10:05
use as a self certificates or in your Web application, do it. It will only make your web application stronger. So was covered. Well, I discussed what HDP What is http, I want to discuss what is https. I talked about what t c ps and the three way handshake and how that works.
10:22
And then I told you which one is better,
10:24
which is https.
10:28
Happy hacking. Everyone

Up Next

Web Application Penetration Testing

In this web application penetration testing course, SME, Raymond Evans, takes you on a wild and fascinating journey into the cyber security discipline of web application pentesting. This is a very hands-on course that will require you to set up your own pentesting environment.

Instructed By

Instructor Profile Image
Raymond Evans
Instructor