I am having issue with the skills assessment question. “After completing all steps in the assessment, you will be presented with a page that contains a flag in the format of HTB{…}. What is that flag?”
I followed the instruction till i reach the point where i am asked to use the go deeper folder. But i can’t just see where to use it since it is not working with the vhost or the giving IP address. Can anyone help ?
1 Like
Hello im also stuck at the “godeep” folder part, but by any chance have you found out where to go ?
No. I tried all possible combinations. Vhosts directory fuzzing none is working.
1 Like
Hi
Setting the “Host” http header on ffuf did the trick for me.
$ ffuf -u http://fuzzing_fun.htb:PORT/godeep/FUZZ -w -ic -v --recursion -H “Host: hidden.fuzzing_fun.htb” -fc 403
The “-fc” is for filtering out the 403 http resoponse codes, they were too many!
Hi
The first step for me was the most difficult. I was so frustrated!! 
That brought me here.
It’s pretty obvious to do a directory fuzz on the target IP:PORT, but use recursion and include the file extensions used on the module (-e .php,.html,.txt,.bak,.js). That should get you to the next step (/admin/panel.php).
Cheers!
im trying the ffuf command u sent but im getting nothing. Im guessing u also used “common.txt” for the -w “wordlist” ?
Yes, I’m using common.txt. I’m not using the Pwnbox, so I had to download common.txt. Also I had to install the fuzz tooling.
It seems when I add the -H “Host: hidden.fuzzing_fun.htb” flag ffuf just stops immediately
nvm just had to add it to /etc/hosts lol
1 Like
It also happened to me, but for a different reason. After re-executing the above command I got:
:: Progress: [4730/4730] :: Job [1/1] :: 0 req/sec :: Duration: [0:00:00] :: Errors: 4730 ::
Zero requests per second??? Zero duration??? All errors??? My target was down!! 
Just a click on “Reset target” put things back in order.
■■■■ 
Thanks much. I got the flag. But I have a question. How did you come about the hidden vhost?
to find the “hidden” vhost you are supposed to run a gobuster vhost command on the url name they give you.
Thanks. Maybe I did it wrongly the first time
I’m stuck on this can you help me out
Yeah I am stuck as well. I did found the admin.php, however I cannot find the parameter that should be fuzzed. Or am I headed in a wrong direction?
Use burp to forward the request and you will see the parameter you need to fuzz
All I get back is:
Invalid parameter, please ensure accessID is set correctly
I tried both with GET and POST method like accessid=FUZZ then ID=FUZZ etc. But did not get anything back.
The parameter is accessID.
Just FUZZ the accessID=FUZZ with the common.txt and you will get the correct one.
Nothing of this works. Can you give an advice?
ffuf -u “http://94.237.53.113:37601/admin/panel.php?accessID=FUZZ” -w ~/Downloads/seclist/common.txt
ffuf -u http://94.237.53.113:37601/admin/panel.php -X POST -d “accessID=FUZZ” -w ~/Downloads/seclist/common.txt