When I submit, it sends a POST to verify.asp: I’ll try simple admin / admin and a couple other guesses, but it all just comes back to this page. Welcome.asp and verify.asp both redirect to login.asp. I’ll give feroxbuster a go with the same arguments as before, and it finds interesting feroxbuster -u -x aspx,asp,html -w /usr/share/seclists/Discovery/Web-Content/raft-medium-directories-lowercase.txt The post mentioned knowing the URL, which implies there might be more of a path to it. Just like wfuzz reported, visiting returns a 403 forbidden: Memebers seems like the subdomain the post was referencing. I’ll start it, and quickly kill it, observing that the return for the default case is 717 words, 6911 characters, and re-run using -hh 6911 to filter that wfuzz -u -H "Host: " -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-20000.txt -hh 6911 I’ll use wfuzz to look for other subdomains that return something different from the main site. □ Press to use the Scan Management Menu™ □ Wordlist │ /usr/share/seclists/Discovery/Web-Content/raft-medium-directories-lowercase.txt The site is a fan club for the Street Fighter video feroxbuster -u -x aspx,asp,html -w /usr/share/seclists/Discovery/Web-Content/raft-medium-directories-lowercase.txt Nmap done: 1 IP address (1 host up) scanned in 9.48 secondsīased on the IIS version, the host is likely running Windows Server 2012R2. Service Info: OS: Windows CPE: cpe:/o:microsoft:windows Nmap done: 1 IP address (1 host up) scanned in 13.53 nmap -p 80 -sCV -oA scans/nmap-tcpscripts 10.10.10.72 Nmap scan report for streetfighterclub.htb (10.10.10.72)
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |