Attacking Web Applications with Ffuf

I’m stuck on the last two questions for Skills Assessment.

I was able to get the parameter from GET requests but i cannot diagnose why my PUT requests are not working. I’m not getting any errors, but I’m also not getting anything with a different size.

This is the command I’m running:
ffuf -w /usr/share/SecLists/Discovery/Web-Content/burp-parameter-names.txt:FUZZ -u -X POST -d ‘FUZZ=key’ -H ‘Content-Type: application/x-www-urlencoded’ -ic -c -fs 774

go back a few sections and review your ‘-H’ flag. seems to be a mistake in there. just a detail

1 Like

Forgot to comment. I reached the solution with your help

1 Like

Glad to hear!