Bank: Burpsuite results before and after hosts entry

Hi Forum,

I am working through retired machine Bank and loosely following the walkthrough for pointers (trying to not use it as much as possible).

So I let burp spider the site by IP address and inspected the results (before doing the hosts entry). It gave me potentially useful information such as:
/etc/apache2
/usr/bin/apache2
/var/www/html/index.html

Basically linux filesystem type results.

Then after adding the hosts entry it gave me:
/assets/js/
/assets/js/plugins/

I was just wondering if there would ever be any use in what burp gave me before the hosts entry and why such a different set of results as well as why after adding the hosts entry I don't see any of the detail that was there before adding it?

Appreciate your responses...
Thanks

Comments

  • @NeoCortex2000 said:

    I was just wondering if there would ever be any use in what burp gave me before the hosts entry

    In general, it depends - often it is just useful to note that the server changes response based on the request details.

    On this box, I don't think its any use but it has been a long time since I looked at it so I don't know for sure.

    and why such a different set of results as well

    Because web servers generally deliver different content depending on the request headers.

    Try visiting:

    http://10.10.10.29 and http://bank.htb/

    You will see a different response.

    The basic request is:
    GET / HTTP/1.1
    HOST: example.com

    The webserver will determine what content to return based on the "HOST" field - this allows you to serve multiple sites off the same IP address.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Excellent response thanks. Makes sense.

Sign In to comment.