Hi guys, I need some help to solve and answer the last question of the Skills Assessment of INFORMATION GATHERING - WEB EDITION. I trying anything and don’t found the correct answer, I tried with ffuf and gobuster subdomain enum, with the next syntax:
With ffuf I found some subdomians but, none one of this subdomains is the answer. I don’t know if I using the wrong wordlist or even the patter I guess is wrong too. I’m so exahust to try found the correct answer without success. If anyone know where I failed pls telling me.
I’m looking a subdomain, for more context, this is the question which I want to respond:
“Perform active subdomain enumeration against the target githubapp.com. Which subdomain has the word ‘elephants’ in the name?”
As I said, I perfomed a subdomain enumaration with gobuster and ffuf, with the next syntax that I showed earlier. But the subdomians that I found with this enumeration, none one is the answer and don’t seen any subdomain with the word “elephants” on their name. Even I performed vhost enum, but the result is the same that the subdomain enumeration. I don’t have idea what I doing wrong, if is the syntax or is the word list. Really need a some help with this, I’m stuck for 2 days with this question.
Hey! I had trouble with this one as well, I think I ended up using a passive approach because the active one didn’t work even with Sublist3r. DM me if you have trouble with it.
Did anyone get the third question? I’m use dig and I got the CNAME. When I dig that I get an IP address that takes me to a page that doesn’t function. Anyone that has finished the module do you have any hints?
hey man thanks for this!! I literally tried everything from the module/hints and even some outside tools that i have from github. Nothing seemed to work except this.
I will share my experience!
The module is very interesting and practical.
There was a difficult moment on “Active Subdomain Enumeration”
But then everything went smoothly (thanks a lot - onthesauce)
I was waiting for big problems on “Skills Assessment”, but it turned out to be much clearer than expected!!!)
I’m having issues with the DNS section. It says to find which IP address maps to paydiant.com? I’ve tried everything and all I can find are two addresses that appear to be email addresses. MX1 and MX2. They have their own IP addresses but neither of them are the answer. Any help would be greatly appreciated.
Hey, I had the same problem just now, it seems that the site is down. I’ve found the IP by using online tools allowing you to search for old records for a given domain name.
It seems that PAYDIANT.com is down or something. So I had to search all over the internet for the answer of the first question.
I used this link: Subdomain Finder scan of Paydiant.com - C99.nl
Go down until you reach the part of IP and Count and try the ips there.
One of those is the answer.