Much better results through Burp Suite

[XxMrNobodyxX]

I have noticed that I get much better results when using -http-proxy through Burp Suite. Anybody know why this is? My most recent test case HTTPX on it's own was returning no result even while Curl was. I then proxied it through Burp to see what was going on and all of a sudden all the URLs come back with status codes, location etc. Try without Burp again and back to no results.

[ehsandeep]

You can find the actual results after looking at title, burp respond with http error code for the host that doesn't resolve which looks like more results, but those are not actual results, you can see the below example, o1.email.hackerone.com

$ echo o1.email.hackerone.com | httpx -debug

    __    __  __       _  __
   / /_  / /_/ /_____ | |/ /
  / __ \/ __/ __/ __ \|   /
 / / / / /_/ /_/ /_/ /   |
/_/ /_/\__/\__/ .___/_/|_|
             /_/

		projectdiscovery.io

[INF] Current httpx version v1.6.10 (latest)
[WRN] UI Dashboard is disabled, Use -dashboard option to enable
[INF] Dumped HTTP request for https://o1.email.hackerone.com

GET / HTTP/1.1
Host: o1.email.hackerone.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.2.19
Accept-Charset: utf-8
Accept-Encoding: gzip

[INF] Dumped HTTP request for http://o1.email.hackerone.com

GET / HTTP/1.1
Host: o1.email.hackerone.com
User-Agent: Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Accept-Charset: utf-8
Accept-Encoding: gzip

[DBG] Failed 'http://o1.email.hackerone.com': Get "http://o1.email.hackerone.com": cause="no address found for host"

$ echo o1.email.hackerone.com | httpx -proxy http://127.0.0.1:8080 -debug

...
...
[INF] Dumped HTTP request for https://o1.email.hackerone.com

GET / HTTP/1.1
Host: o1.email.hackerone.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.5.23
Accept-Charset: utf-8
Accept-Encoding: gzip

[INF] Dumped HTTP response for https://o1.email.hackerone.com

HTTP/1.1 200 OK
Connection: close
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=utf-8
Pragma: no-cache
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

<html><head><title>Burp Suite Professional</title>
<style type="text/css">
body { background: #dedede; font-family: Arial, sans-serif; color: #404042; -webkit-font-smoothing: antialiased; }
#container { padding: 0 15px; margin: 10px auto; background-color: #ffffff; }
a { word-wrap: break-word; }
a:link, a:visited { color: #e06228; text-decoration: none; }
a:hover, a:active { color: #404042; text-decoration: underline; }
h1 { font-size: 1.6em; line-height: 1.2em; font-weight: normal; color: #404042; }
h2 { font-size: 1.3em; line-height: 1.2em; padding: 0; margin: 0.8em 0 0.3em 0; font-weight: normal; color: #404042;}
.title, .navbar { color: #ffffff; background: #e06228; padding: 10px 15px; margin: 0 -15px 10px -15px; overflow: hidden; }
.title h1 { color: #ffffff; padding: 0; margin: 0; font-size: 1.8em; }
div.navbar {position: absolute; top: 18px; right: 25px;}
div.navbar ul {list-style-type: none; margin: 0; padding: 0;}
div.navbar li {display: inline; margin-left: 20px;}
div.navbar a {color: white; padding: 10px}
div.navbar a:hover, div.navbar a:active {text-decoration: none; background: #404042;}
</style>
</head>
<body>
<div id="container">
<div class="title"><h1>Burp Suite Professional</h1></div>
<h1>Error</h1><p>Unknown&#32;host&#58;&#32;o1&#46;email&#46;hackerone&#46;com</p>
<p>&nbsp;</p>
</div>
</body>
</html>
https://o1.email.hackerone.com

[XxMrNobodyxX]

No I dont think you understand. When I don't proxy through Burp I get no results just blank but when I run it with proxy switch I get status codes 200 to the sites (They are live I have tested in a browser)

[ehsandeep]

@XxMrNobodyxX Can you share example to confirm this?