Monday 3 February 2014

Hostname Resolution Burp Suite


While working on Web App Pen-testing, came across situation where application was hosted like :

http://Public IP/ApplicationName/

After logging in to application, few links had Internal IP address in it,

Ex. http://Internal IP/ApplicationName/TestPage.aspx

As it was Internal IP address of server, we need to replace it with Public IP and then only link works perfectly fine.


Fortunately We can use Burps "Hostname Resolution" to overcome this situation while testing web apps.

Hostname Resolution



















Now every time burp receives any request with IP : 192.168.0.155 IT will simply replace it with 101.10.10.178    ;)

I know its simple trick, But for documentation purpose!.......It will be here..... :)

No comments:

Post a Comment