Recursive Fuzzing — Web Fuzzing Module — HTB Walkthrough
TIER 0 MODULE: WEB FUZZING
SECTION: Recursive Fuzzing
Please open your pwnbox or connect to the vpn in order to complete the tasks.
If you are not registered in HTB Academy, then use this link to register now: https://referral.hackthebox.com/mzxKOJt
1. Recursively fuzz the “recursive_fuzz” path on the target system (ie http://IP:PORT/recursive_fuzz/) to find the flag.
Basically they already have given us a path to fuzz, which is — ip:port/recursive_fuzz.
Start ffuf by opening your terminal and input the following command;
ffuf -w /usr/share/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt -u http://<target-ip:<port>/recursive_fuzz/FUZZ -v -ic -recursionWhere,
-w➡ Flag for defining a wordlist.-u➡ Flag for defining a URL with a FUZZ keyword.-v➡ Flag for displaying the full URLs in response, verbose output.-ic➡ Ignore comments in wordlists. (lines starting with “#”)
After some time, you will notice, it displays level1 with a status code of 301. It will go onwards to level3 i.e. level1/level2/level3, after some time you will notice again a directory threatcon_level2 in which the flag is present.
Note: You will have to wait for a while, meanwhile you may grab a coffee.
Visit that URL,
http://<target-ip>:<port>/recursive_fuzz/level1/level2/level3/threatcon_level2/and you found the flag.
Answer: HTB{d33p3r_d1rector1es_ar3_c00l}
☣️ HAPPY ETHICAL HACKING ☣️
DISCLAIMER: THIS CONTENT DOES NOT BELONG TO ME, I AM JUST WRITING A WALK-THROUGH OF A FREE MODULE OF HACK THE BOX ACADEMY. (WRITING WALKTHROUGHS OF FREE MODULES IS PERMITTED BY HTB ACADEMY)
