3000

adot@pwnbox:~/oscp/htb/linux/node$ gobuster dir -w ~/opt/wordlists/directories1.txt -x txt,php,asp -u http://10.10.10.58:3000/ --exclude-length 3861 -t100 
===============================================================
Gobuster v3.6
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Url:                     http://10.10.10.58:3000/
[+] Method:                  GET
[+] Threads:                 100
[+] Wordlist:                /home/adot/opt/wordlists/directories1.txt
[+] Negative Status codes:   404
[+] Exclude Length:          3861
[+] User Agent:              gobuster/3.6
[+] Extensions:              txt,php,asp
[+] Timeout:                 10s
===============================================================
Starting gobuster in directory enumeration mode
===============================================================
/uploads              (Status: 301) [Size: 173] [--> /uploads/]
/assets               (Status: 301) [Size: 171] [--> /assets/]
/vendor               (Status: 301) [Size: 171] [--> /vendor/]
Progress: 343409 / 882248 (38.92%)[ERROR] context deadline exceeded (Client.Timeout or context cancellation while reading body)
Progress: 882244 / 882248 (100.00%)
===============================================================
Finished
===============================================================

Everything gets redirected in the browser. Some kind of filter put in place

http://10.10.10.58:3000/partials/admin.html10.10.10.58

Admin verification script

myP14ceAdm1nAcc0uNT:manchester

less myplace.backup
cat myplace.backup| base64 -d > myplace
file
fcrackzip -D -p ~/rockyou.txt myplace

/var/www/myplace/app.js

PreviousEumeration NextFoothold

Last updated 1 year ago

Was this helpful?