Ffuf keeps making network drop out - Web Fuzzing Skills Assessment

Currently, I’m taking the Bug Bounty Hunter course on the Academy and am getting some issues at the web fuzzing skills assessment.

I think it’s highly likely that they are ISP issues, which I called my provider about, but I thought I’d post the issue here to see if anyone can offer some advice.

On the first question “Run a sub-domain/vhost fuzzing scan on ‘*.academy.htb’ for the IP shown above. What are all the sub-domains you can identify? (Only write the sub-domain name)”, I run the scan and I get to around 400 requests and the scan slows to a crawl. This has happened multiple times.

I never had any issues on the earlier modules that required fuzzing and am not sure why this is happening now.

The output of the command is normal -

┌──(kali㉿kali)-[~/HTB/assessments/web-fuzzing]
└─$ ffuf -w /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-small.txt:FUZZ -u http://FUZZ.academy.htb:50393 -rate 100

        /'___\  /'___\           /'___\       
       /\ \__/ /\ \__/  __  __  /\ \__/       
       \ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\      
        \ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/      
         \ \_\   \ \_\  \ \____/  \ \_\       
          \/_/    \/_/   \/___/    \/_/       

       v2.1.0-dev
________________________________________________

 :: Method           : GET
 :: URL              : http://FUZZ.academy.htb:50393
 :: Wordlist         : FUZZ: /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-small.txt
 :: Follow redirects : false
 :: Calibration      : false
 :: Timeout          : 10
 :: Threads          : 40
 :: Matcher          : Response status: 200-299,301,302,307,401,403,405,500
________________________________________________

It runs fine and pretty quickly until I get to around the 400 requests mark and just drops out.

When the issue occurs, I lose all connection: the academy VPN drops, I can’t ping google or any other website, and I run the sudo service networking restart to restart networking. It generally takes a few minutes for my connectivity to come back.

I’ve triple checked everything is set up correctly: got the right academy VPN file, ensured my billing is squared, added the IP address to /etc/hosts, checked HTB Status to ensure no outages, and still no luck.

Thins I’ve tried

• Downloaded a fresh VPN File
• Factory reset my router
• Run ffuf with the -rate 100 argument to limit requests
• Run all connections on my host machine through a VPN connection
• Reset the target machine (multiple times)
• Called my ISP to ensure there are no restrictions or flags on my service

I could use the virtual instance provided on the website and it would probably work but I like to do it on my VM as I keep detailed notes in a directory on there.

Any help or advice would be greatly appreciated

Would you be open with other tools?.

IMO gobuster vhost is the best solution for sub-dmain enumration with a VM that the DNS interprted localy.

gobuster vhost \
-w /usr/share/wordlists.txt \
-u 10.10.11.20 \
 --append-domain --domain host.htb

Thanks for the reply,

I’m sorry, forgot to mention that I did try gobuster and run into a similar issue, but that may be because I’m not too familiar with the tool.

Will try your suggestion and post a reply, thanks again.

So I finished the assessment on the virtual instance and had no issues at all.

I booted up my VM and updated the /etc/hosts file as I always do as my target had been respawned.

Ran ffuf and gobuster too as you suggested on the target and had no issues at all, really weird.

Feel like it was something really simple that I was missing, or there were issues with my connection, I’ll probably never know.

Either way, assessment passed and lots learned!

At least I’m a little more familiar with gobuster now

Cheers for your help.

You made me smile!
Glad to read that and CONGRATULATIONS!