HTTP - Headers

Description: Get an administrator access to the webpage.
Difficulty: Easy

🔎 Solution

After accessing the website, we are presented with the message "Content is not the only part of an HTTP response!".

As we know, an HTTP response consists of 2 main parts: the header and the body. By inspecting the HTTP response headers from the initial request, we can observe a custom header named Header-RootMe-Admin: none. Notably, this header does not appear in the original HTTP request.

By modifying the request and manually adding this header, then sending the request again, the server responds with the flag.

🚩Flag

HeadersMayBeUseful

🔎 Solution​

🚩Flag​

🔎 Solution

🚩Flag