Maybe I’m completely stupid, what kind of “lib_name” is in the distribution folder?
this lib name i meant library name ,i forgot what was the name required - It was scrapy
pip3 install scrapy
from your screenshot is visible that you found first subdomain and ReconSPider will find smth on the other subdomain. Subdomain can be one on top another so look for second subdomain and scrap using recon 
Thanks, I installed it! And after installing the virtual environment and installing the library, did you have any errors??
Have I found all the subdomains or is there a fourth one besides the main one and the developer’s domain?
Sorry for being so meticulous in figuring out how to solve this problem. It's just that I've been struggling with this issue for a week, all subdomains were found quickly, I can't get the API key myself.(((
If you realized that there are no more subdomains to enumerate, you are good to go. My hint is that you should use an scraper on your last subdomain.
Remember: The API keys are just the FLAGS that you have to find, nothing else.
If you are still struggling to search into the admin directory, you may try using the common.txt file for fuzzing.
Good luck.
1 Like
didnt had such error, please try to run recon spider in htb env. - it should go with provided tips 
Is there another alternative solution to finding the API key WITHOUT using the ReconSPider tool?
Maybe I’m using a NON-working distribution from github. please give me a link to "reconspider.py " which is 100% working.
After you have activated your virtual environment
1 . Install the scrapy - pip3 install scrapy
2 . Use the ReconSpider.py given by HTB -
1 Like
The second point confuses me.
2 . Use the ReconSpider.py given by HTB -
Is this tool already installed in the HTB environment or does it need to be installed?
I can’t find him.
You have to install it as per the instructions in the module
I have done all the steps that were recommended to me.
- I do everything on HTB-Attacker
- I’m installing a virtual environment.
- I’m installing the necessary libraries.
- I’m Downloading - ReconSpider.py
- I register ALL the found domains in the hosts file
- I launch Reconsider with the address of the last domain found.
The question is, where should the API key appear in the output anyway.??
I don’t have to enter the key that was found in the secret directory anywhere, do I?
Or am I missing some steps?
Hi guys. I am stuck too at the mail part mostly. dnsenum is not working. I have found one subdomain with gobuster vhost. I also have seen the /robots.txt. And tried using ReconSpider.py but got nothing at the results. Any hint at what I mifgt be missing or something that should work from what I have done?
try the ReconSpider tool with the last subdomain . Im sure you will get the email . Remember to add the address to the /etc/hosts file
This was one of the most fun and headbreaker exercises … I love HTB !
And where do you see the API key in the output, I can put the entire output here, but we all won’T see it together, since it doesn’t exist.
How did you get him to appear?
I have done all the conditions for setting up the environment and running this tool. 
Using the known subdomains for inlanefreight.com (www, ns1, ns2, ns3, blog, support, customer), find any missing subdomains by brute-forcing possible domain names. Provide your answer with the complete subdomain, e.g., www.inlanefreight.com.
I have tried dnsenum, and ffuf tool for this but didn’t find answer.
Any hint please!
@Ayesha111 try using different wordlists with dnsenum
Are there more than one subdomains? I have found one and in that one 4 directories. Am I missing something and if yes, anything that I might
be doing wrong?
yeah! Thank you I got it.
But I have another Question that 'Brute-force vhosts on the target system. What is the full subdomain that is prefixed with “web”? Answer using the full domain, e.g. “x.inlanefreight.htb” ’
I have many subdomains found with prefixed “web” and all of which are false positives. tell me how I can found the exact subdomain?
Yes I was doing something wrong. Everything was much simpler than I thought. If someone is struggling with the Skill assesment the most important hint is vhosts vhosts vhosts, and be sure that you add them (CORRECTLY) to the hosts.
@Ayesha111 use everything the section uses and you will be fine. Remember to add vhost to the hosts file