Web
Nmap discovered a Web server on the target port 443
The running service is Apache httpd 2.4.46 ((Win64) OpenSSL/1.1.1j PHP/7.3.27)
Webroot
It appears to be identical to the Web server on the target port 80, regarding Heed, a note-taking application
Same technology stack
and the same “Download” section and footer
/releases/
The /releases directory here also hosts the Heed software archive
Fuzzing
┌──(kali㉿kali)-[~/archive/htb/labs/atom]
└─$ ffuf -c -w /usr/share/wordlists/seclists/discovery/web-content/directory-list-lowercase-2.3-medium.txt -t 200 -u https://$IP/FUZZ -ic -ic -e .txt,.html,.php
________________________________________________
:: Method : GET
:: URL : https://10.10.10.237/FUZZ
:: Wordlist : FUZZ: /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-lowercase-2.3-medium.txt
:: Extensions : .txt .html .php
:: Follow redirects : false
:: Calibration : false
:: Timeout : 10
:: Threads : 200
:: Matcher : Response status: 200-299,301,302,307,401,403,405,500
________________________________________________
images [status: 301, Size: 338, Words: 22, Lines: 10, Duration: 40ms]
.html [status: 403, Size: 302, Words: 22, Lines: 10, Duration: 44ms]
index.html [status: 200, Size: 7581, Words: 2135, Lines: 192, Duration: 45ms]
releases [status: 301, Size: 340, Words: 22, Lines: 10, Duration: 24ms]
licenses [status: 403, Size: 421, Words: 37, Lines: 12, Duration: 24ms]
:: Progress: [830520/830520] :: Job [1/1] :: 177 req/sec :: Duration: [0:09:33] :: Errors: 8 ::