I am doing the skills assessment in Information Gathering - Web Edition. I am stuck on “What is the API key in the hidden admin directory that you have discovered on the target system?” So far, I have found the subdomain d**.w******.inlanefreight.htb using ffuf and I have used ffuf for finding directories, and no luck so far for finding directories. The wordlist I used is directory-list-2.3-medium.txt and there were no findings. I also tried robots.txt, but that didn’t exist. What can I try next?
Each time you get a subdomain consider adding it to your /etc/hosts … Remember to check for disallowed directories with robots.txt while you are at it
1 Like
Did you used a “.” before the file name?
If it’s a Linux system, hidden content marked with “.”
Examples:
.aws
.git
.gitignore
i found the disallowed directory in robots.txt, but not sure how to access it now… i was breezing thru the other sections but this one has me stumped
i used gobuster dir on the webxxx subdomain, and found robots.txt, which gave me the name of the hidden dir. but now im trying to access it somehow
Have you solved? So, I’m stuck here too
I am solved!
i solved question3 but need 4&5 still
1 Like
Put the subdomain dev.wexxxxx into the /etc/hosts after you have dioscovered it, later use ReconSpider.py with this subdomain.
1 Like