search

Question 4

hashtag
4. After crawling the inlanefreight.htb domain on the target system, what is the email address you have found? Respond with the full email, e.g., mail@inlanefreight.htb.

  1. Need to enumerate the idenfied vhosts further to see if there are anymore vhosts

    1. web1337.inlanefreight.htb

  2. We can use the below command

gobuster vhost -u http://web1337.inlanefreight.htb:45223 -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt --append-domain -t 1000

  1. We identified the below: dev.web1337.inlanefreight.htb

β”Œβ”€[root@parrot]─[/home/z3tssu/HTB]
└──╼ #gobuster vhost -u http://web1337.inlanefreight.htb:45223 -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt --append-domain -t 1000
===============================================================
Gobuster v3.6
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Url:             http://web1337.inlanefreight.htb:45223
[+] Method:          GET
[+] Threads:         1000
[+] Wordlist:        /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt
[+] User Agent:      gobuster/3.6
[+] Timeout:         10s
[+] Append Domain:   true
===============================================================
Starting gobuster in VHOST enumeration mode
===============================================================
Found: dev.web1337.inlanefreight.htb:45223 Status: 200 [Size: 123]
Progress: 40267 / 114442 (35.19%)^C
[!] Keyboard interrupt detected, terminating.
Progress: 40727 / 114442 (35.59%)
===============================================================
Finished

  1. We should add this vhosts to our hosts file

  1. Lets try and use ReconSpider to crawl

  1. Lets analyze the json results

PreviousQuestionsNextQuestion 5

Last updated