InfoSec LAB

Web

Nmap discovered a Web service on the target port 443 The running service is Apache httpd 2.4.46 (OpenSSL/1.1.1j PHP/7.3.27)

Checking the SSL certificate reveals a potential user; roy

Webroot returns 403

Fuzzing

┌──(kali㉿kali)-[~/archive/htb/labs/love]
└─$ ffuf -c -w /usr/share/wordlists/seclists/Discovery/Web-Content/big.txt -u https://$IP/FUZZ -ic
________________________________________________
 
 :: Method           : GET
 :: URL              : https://10.10.10.239/FUZZ
 :: Wordlist         : FUZZ: /usr/share/wordlists/seclists/Discovery/Web-Content/big.txt
 :: Follow redirects : false
 :: Calibration      : false
 :: Timeout          : 10
 :: Threads          : 40
 :: Matcher          : Response status: 200,204,301,302,307,401,403,405,500
________________________________________________
 
[WARN] Caught keyboard interrupt (Ctrl-C)

ffuf hangs

staging.love.htb

Webroot returns 403

Fuzzing

┌──(kali㉿kali)-[~/archive/htb/labs/love]
└─$ ffuf -c -w /usr/share/wordlists/seclists/Discovery/Web-Content/big.txt -u https://staging.love.htb/FUZZ -ic
________________________________________________
 
 :: Method           : GET
 :: URL              : https://staging.love.htb/FUZZ
 :: Wordlist         : FUZZ: /usr/share/wordlists/seclists/Discovery/Web-Content/big.txt
 :: Follow redirects : false
 :: Calibration      : false
 :: Timeout          : 10
 :: Threads          : 40
 :: Matcher          : Response status: 200,204,301,302,307,401,403,405,500
________________________________________________
 
[WARN] Caught keyboard interrupt (Ctrl-C)

ffuf hangs

InfoSec LAB

Explorer

Love_Web_443

Web

Fuzzing

staging.love.htb

Fuzzing

Interactive Graph View

Table of Contents

Backlinks