HTTP status Code 200 and 304 HTTP status code are three-bit numeric codes that represent the response status of a Web server. By using these numbers, you can simplify the expression of the state. There are dozens of status codes, of which the first number is 1-5. According to these 5 numbers, the status code can be divided into 5 classes. 1 indicates that the request is being processed, 2 the opening request has been successfully processed, 3 begins with redirection, 4 indicates a request error, and 5 starts with a server error. There are two common types of 200 and 304 in sniffing and grasping packets. Both of these status codes are related to the ability to obtain important information. When the client requests the server resource for the first time, the server returns the resource successfully, and the status code is 200. Therefore, packets with a status code of 200 often contain data that the user obtains from the server. After each resource request is completed, it is usually cached on the client and the resource's effective time and modification time are logged. When the customer requests the resource again, the client first looks for the resource from the cache. If the resource exists and is valid, the server is not requested and the corresponding request packet is not generated. If it is not valid, the client requests the server and gets it again. The server will determine the modification time, if not modified, will return the status code 304, telling the client that the resource is still valid, the client will directly use the cached resources. For the 304 response, the penetration staff can analyze the corresponding request package and get the resource path. If the resource does not restrict access, it can request a fetch directly. Otherwise, a cookie hijacking is required to obtain it.
HTTP status Codes 200 and 304