FFUF value/parameter scanning

Hello everybody, I have a problem with ffuf for scanning all parameters in a web site (Module: “Attacking Web Application with Fuff” ). I ran first this command (for search for all pages .php):

ffuf -w /opt/useful/SecLists/Discovery/Web-Content/directory-list-2.3-small.txt -u http://138.68.182.108:32425/FUZZ -recursion -v -e .php

Later this: ffuf -w /opt/useful/SecLists/Discovery/Web-Content/burp-parameter-names.txt:FUZZ -u http://ip/dir/page.php?FUZZ=key -fs xxx

The problem is this: I get all parameters name with status 403 I filter them and there isn’t a good paramenter, Where did I make mistakes?

I would say if you’re getting 403 on everything, it’s a typo in the URL. See if you can access the page without any params.

Thanks, I tried it and when I search the page it gives me 403 “Forbidden”, now I think that I missed some webpages or directories

Hi, im stuck in the last question of assessment.

Try fuzzing the parameters you identified for working values. One of them should return a flag. What is the content of the flag?

I already got the param “user” but not working my values fuzzing (i think wrong wordlist) can someone help me pls!

Thanks.

GitHub - ffuf/ffuf: Fast web fuzzer written in Go you might need to tweak things.
I remember playing with that module a bit but can’t recall the fix. There are a few ways to use FFUF, read over the section on params.

Hi, did you finally make it? I’m getting frustrated with this. In the first place everytime I fuzz recursively I get 3 results like /index.php , /blog and /forum. From neither of them I can fuzz parameters or values.

Well when I run…

ffuf -w /opt/useful/SecLists/Discovery/Web-Content/burp-parameter-names.txt:FUZZ -u http://178.62.44.230:32059/index.php?FUZZ=key

…I get plenty of parameters. But this is not suposse to be like this, right?

I am stuck…

Any help would be appreciated, please.

make sure you’ve added admin.academy.htb to your hosts file and not just academy.htb

i was stuck here for a bit, but once I fixed that, everything went smoothly

hey did you ever find the right wordlist? tried almost everything and nothing will hit.

hey man im having trouble with what wordlist to use for the last assessment question. any nudge would be appreciated.

check the lists at: /SecLists/Usernames/

it will probably be a small one since they likely aren’t wanting us spending considerable amount of time brute forcing

hey thanks man i was able to find it. my termainal font is jumbled together so i was completely overlooking one of the wordlists in that section lol.