HackTheBox Web Fuzzy Challenge

Challenge By : Arrexel

Challenge Description :  We have gained access to some infrastructure which we believe is connected to the internal network of our target. We need you to help obtain the administrator password for the website they are currently developing.

Points : 20

Author : Rehman S. Beg (HTB Profile : MrReh )

________________________________________

Lets Start the instance and open the page, its looks like normal web page

Lets Start with gobuster command “gobuster dir -u http://docker.hackthebox.eu:30716/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -t 50”

“api” interesting directory lets gobuster to find some extensions

we found action.php lets see what we have on this

So we need to find what parameters there is to set and what value we can put in.

To find we can use Wfuzz command “wfuzz --hh=24 -c -w /usr/share/dirb/wordlists/big.txt http://docker.hackthebox.eu:30713/api/action.php?FUZZ=test”

Now we have found our parameter which is “reset” lets see what this parameter gives us

Now we have to bruteforce the Account Id

Again we will use Wfuzz but for this time we will set chars lenght 27 command “wfuzz --hh=27 -c -w /usr/share/dirb/wordlists/big.txt http://docker.hackthebox.eu:30713/api/action.php?reset=FUZZ”

So we got the account ID lets browse it

FLAG : “HTB{h0t_fuzz3r}”       

Leave a Reply

Your email address will not be published. Required fields are marked *