Information Gathering - Web Edition - Skills Assessment

Oh man this one is driving me nuts!.. question 3 on the skills assessment “What is the API key in the hidden admin directory that you have discovered on the target system?”

I have tried what I think is everything - FFUF, Final Recon, GoBuster, ReconSpider and read all of the suggestions on the post here: Web Recon Skill Assessment Question 3 - #64 by d3lvx - Absolutely failing! :sob:

I keep getting the error shown in the screenshot

[-] Error : This domain suffix is not supported.

that I have not seen anyone else mention that seems to be at the root of the issue… any ideas so I can move on with my life and hopefully one day see my family again! :joy:

1 Like

I am half way thru, this is so annoying but here is what you can start with

  1. You mapped ip in /etc/hosts ( You on right path )
  2. Use domain_name instead of ip address, Ex: http://10.0.2.1:45001, Try http://inlanefreight.htb:45001
  3. Use gobuster, try subdomains & vhosts
  4. Map them again in hosts file
  5. Try gobuster again

There are 4 clues in the assessment itself so i managed to get the 3rd one, Good luck :smile:

1 Like

it’s inlanefreight**.com** not .htb for the IANA ID question
you weren’t the only one :tired_face:

Thank you both and apologies for my delay in replying. Really appreciate the support as always! :slightly_smiling_face:

Since it’s a local domain (.htb) don’t spend time on the DNS enumeration. You need gobuster for vhosts or subdomain. Once the tool discovers the subdomain, you need to add it to /etc/hosts so that the IP can resolve to the newly added domain. You repeat this step until you complete all challenges.

1 Like

bro im stuck on question 3 still.

EDIT: gobuster vhost -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -u http://inlanefreight.htb:40134 --append-domain -t 200 worked this time (i was trying dns and had all types of probs) and finally found a subdomain xD

from there i used gobuster dir to find robots.txt, though i could have just tried it in the browser and got same result, the hidden admin dir.

so im using gobuster dir again to try to enum it, but cant seem to find a good wordlist (i guess thats the issue)

any suggestions from anyone would be greatly appreciated. fairly certain i tried everything mentioned above

try to use finalrecon --dir on admin dir, you will get url with API key :smile: