I used dirbuster, gobuster, sparta, nikto, nmap on the shocker machine. while using dirbuster I used medium and big list with all type of extensions present in extensions file of dirbuster. kindly give me hint for the entry point on shocker machine.
if you did what you said you did, you must already have what you need, don’t assume any thing and try to shock it .
i tried it, but no luck.
let me try it again
so far i am running this cmd…dirb http://10.10.10.56 /usr/share/wordlists/dirb/big.txt -x /usr/share/wordlists/dirb/extensions_common.txt
It is still running, i hope this is the right direction as this is a taking a verylong time!!
First of all, figure out which exploit you’ll need.
After that, undertand that exploit: what’s the vulnerable app, why, which are the common extensions, where is often located?
After that, try to find that location, and then lauch dirb/nikto/dirbuster/whatever you use against that location, and then, shock it!!