Headers
47 Solves
Last updated
47 Solves
Last updated
I made a website that only allows my very specific browser to access, I wonder if you can bypass my restrictions :D
When you visit a website, you are actually utilizing HTTP methods to load the web page.
The HTTP protocol sends the website certain information to the website such as your IP address, User-Agent, expected Response-Type, and Content-Type so that you are able to view the website in a format that is understood by your browser.
Cloudflare has an amazing article explaining in-detail what HTTP requests are, and how each HTTP protocol interacts with each other, view this article here.
One such field that you send a website during a GET request is the User-Agent
.
Upon visiting the website, you'll see that your User-Agent is not allowed to view the contents:
The solution is to manipulate your HTTP request headers such that your User-Agent
matches what the server is looking for.
I made a simple Python script using the requests
module to send HTTP requests.
Alternatively, you can change your User-Agent
via Chrome Developer Tools
Congratulations! Here's your flag: CTF101{who_EvEn_arE_y0u??}