Hi Forum,
I am working through retired machine Bank and loosely following the walkthrough for pointers (trying to not use it as much as possible).
So I let burp spider the site by IP address and inspected the results (before doing the hosts entry). It gave me potentially useful information such as:
/etc/apache2
/usr/bin/apache2
/var/www/html/index.html
Basically linux filesystem type results.
Then after adding the hosts entry it gave me:
/assets/js/
/assets/js/plugins/
I was just wondering if there would ever be any use in what burp gave me before the hosts entry and why such a different set of results as well as why after adding the hosts entry I don’t see any of the detail that was there before adding it?
Appreciate your responses…
Thanks
@NeoCortex2000 said:
I was just wondering if there would ever be any use in what burp gave me before the hosts entry
In general, it depends - often it is just useful to note that the server changes response based on the request details.
On this box, I don’t think its any use but it has been a long time since I looked at it so I don’t know for sure.
and why such a different set of results as well
Because web servers generally deliver different content depending on the request headers.
Try visiting:
http://10.10.10.29 and http://bank.htb/
You will see a different response.
The basic request is:
GET / HTTP/1.1
HOST: example.com
The webserver will determine what content to return based on the “HOST” field - this allows you to serve multiple sites off the same IP address.
Excellent response thanks. Makes sense.