recon_05 (wfuzz)
Last updated
Was this helpful?
Last updated
Was this helpful?
View the exercise here: PentesterLab: Recon 05
For this challenge, your goal is to find a directory that is not directly accessible.
When accessing a new webserver, it often pays off to brute force directories. To do this, you can use many tools like patator, FFUF, or WFuzz (amongst many others).
You can use wfuzz
, ffuf
, or patator
.
For wfuzz: https://wfuzz.readthedocs.io/en/latest/
In Kali machine:
We'll change the directory to /usr/bin
and then check wfuzz
.
To discover wordlists to use for fuzzing:
We'll use common.txt
and enter it in wfuzz.
Notes:
--
take note of the double dash, this is often the cause of errors
add slash /
at the end of the URL to get exactly 200 rather than 301 responses
From the wfuzz results, we use curl to the directories we've found to get the flag.
We'll see the flag in http://hackycorp.com/startpage/