InfoSec LAB

Web

Nmap discovered a Web server on the target port 80 The running service is Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)

404

Fuzzing

┌──(kali㉿kali)-[~/archive/htb/labs/ghost]
└─$ ffuf -c -w /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-big.txt -t 200 -u http://$IP/FUZZ -ic
________________________________________________
 :: Method           : GET
 :: URL              : http://10.10.11.24/FUZZ
 :: Wordlist         : FUZZ: /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-big.txt
 :: Follow redirects : false
 :: Calibration      : false
 :: Timeout          : 10
 :: Threads          : 200
 :: Matcher          : Response status: 200-299,301,302,307,401,403,405,500
________________________________________________
[WARN] Caught keyboard interrupt (Ctrl-C)

Nothing found

Virtual Host / Sub-domain Discovery

┌──(kali㉿kali)-[~/archive/htb/labs/ghost]
└─$ ffuf -c -w /usr/share/wordlists/seclists/Discovery/DNS/subdomains-top1million-110000.txt -t 200 -u http://$IP/ -H 'Host: FUZZ.ghost.htb' -ic -mc all -fc 404
________________________________________________
 :: Method           : GET
 :: URL              : http://10.10.11.24/
 :: Wordlist         : FUZZ: /usr/share/wordlists/seclists/Discovery/DNS/subdomains-top1million-110000.txt
 :: Header           : Host: FUZZ.ghost.htb
 :: Follow redirects : false
 :: Calibration      : false
 :: Timeout          : 10
 :: Threads          : 200
 :: Matcher          : Response status: all
 :: Filter           : Response status: 404
________________________________________________
:: Progress: [114437/114437] :: Job [1/1] :: 879 req/sec :: Duration: [0:02:23] :: Errors: 0 ::

Nothing found

InfoSec LAB

Explorer

Ghost_Web_80

Web

Fuzzing

Virtual Host / Sub-domain Discovery

Interactive Graph View

Table of Contents

Backlinks