HTTP 17
Bookmarked!This challenge covers how to send specific HTTP requests
This lab focuses on sending a GET request with a specific parameter that includes a NULL Byte, an essential concept in web security. The objective is to craft a URL-encoded request to the endpoint /pentesterlab
, ensuring that the key
parameter is set to please
followed by a NULL Byte. This challenge highlights the importance of URL-encoding special characters to avoid misinterpretation by the server.
The video guide demonstrates how to perform this task using both a web browser and the command-line tool curl
. Initially, the request is constructed in the browser, emphasizing the necessity of using the HTTP protocol to avoid automatic redirection to HTTPS. The NULL Byte is represented as %00
in the URL. Subsequently, the same request is replicated in the terminal using curl
, showcasing the versatility and reusability of scripts in different environments.