Fuzzing with Ffuf – Part 2

by | Jul 24, 2022 | Blog, cybersecurity, Penetration Testing | 0 comments

gray and white long fur cat
Attacking Web Apps: Fuzzing with Ffuf – Part 2
24
July, 2022
Days 36 – 37
Fuzzing with Ffuf- Part 2
100 Days of Hacking
In this article we’ll continue using Ffuf to attack a web application. We are still grinding along HTB’s Bug Bounty Job Role Path, Attacking Web Application with Ffuf. In part 2 we’ll be completing the assessment which is laid out as follows.

We’ve been given an online academy’s IP address without any further information about the site. Thus, this is essentially a black box scenario. As normal and always, our first step is to locate all pages and domains linked to the IP to perform a proper enumeration.

We are to fuzz the pages that we identify during enumeration searching for any parameters that can be interacted with; if any active parameters are found, we must try and retrieve any data from them.

 

Attacking Web Applications with FFuf – Part 2

 

Day 36 – 37

Web Fuzzing Assessment

Run a sub-domain/vhost fuzzing scan on ‘*.academy.htb’ for the IP shown above. What are all the sub-domains you can identify? (Only write the sub-domain name)

flat screen computer monitor displaying white and black screen
Before you run your page fuzzing scan, you should first run an extension fuzzing scan. What are the different extensions accepted by the domains?
flat screen computer monitor displaying white and black screen
flat screen computer monitor displaying white and black screen
One of the pages you will identify should say ‘You don’t have access!’. What is the full page URL?
In the page from the previous question, you should be able to find multiple parameters that are accepted by the page. What are they?
Try fuzzing the parameters you identified for working values. One of them should return a flag. What is the content of the flag?

Our assessment was a success. By tackling it we familiarized ourselves with enumerating web applications for hidden pages, directories, and parameters and fuzzing parameter values.

 

I hope this article has served as a source of enligtenment as opposed to a source of confusion. If there’s something you’d like a bit more insight into and think I may be of some help, please don’t hesitate to reach out.

As always, thanks for reading. Hack On, Ladz & Gentz!

 

“Beyond the regular rules…one must use subtler origins.” – Cao Cao
0 0 votes
Article Rating
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Share This