Web
Nmap discovered a Web server on the target port 80
The running service is Microsoft IIS httpd 10.0
Webroot
It appears to be an indexer, possibly hosted by Jetty suggested from the image
Feature
Attempting to test out the feature immediately results in failure without any request being sent out
The error message above seems to suggest that there is an internal issue within the web app with a really old backend SQL server; Microsoft SQL server 2005 - 9.00.4053.00 (intel X86)
Another interesting thing is that the whole error message above is just an image file; jeeves.PNG
Fuzzing
┌──(kali㉿kali)-[~/archive/htb/labs/jeeves]
└─$ ffuf -c -w /usr/share/wordlists/seclists/discovery/web-content/directory-list-2.3-medium.txt -u http://$IP/FUZZ -ic -e .txt,.html
________________________________________________
:: Method : GET
:: URL : http://10.10.10.63/FUZZ
:: Wordlist : FUZZ: /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt
:: Extensions : .txt .html
:: Follow redirects : false
:: Calibration : false
:: Timeout : 10
:: Threads : 40
:: Matcher : Response status: 200-299,301,302,307,401,403,405,500
________________________________________________
index.html [status: 200, Size: 503, Words: 38, Lines: 17, Duration: 283ms]
error.html [status: 200, Size: 50, Words: 4, Lines: 2, Duration: 102ms]
:: Progress: [661641/661641] :: Job [1/1] :: 361 req/sec :: Duration: [0:28:15] :: Errors: 0 ::Nothing found