WEB FUZZING Skills Assessment

Hi everyone,

I’ve discovered the following URL during my assessment:

http://94.237.62.76:31376/admin/panel.php?accessID=

I attempted to fuzz the **accessID** parameter using the following command:

`ffuf -u "http://94.237.62.76:31376/admin/panel.php?accessID=FUZZ"` 

Unfortunately, the results are showing everything from common.txt, and I’m not able to pinpoint any useful information or valid responses.

Could someone help me with the following:

  1. What could be going wrong with my fuzzing approach?
  2. Are there specific parameters or techniques I should use to refine the results?
  3. Any tips on how to better analyze the responses to find valid results?

Any guidance or suggestions would be greatly appreciated!

Thanks in advance!

I was stuck on it for quite a while as well, I was able to find it by using burp and filtering by the content length of the request, my advice is to save the output to a file and use grep with the flag -v
to filter the size you see the most which according to the screenshot is 58
so it should look something along the line of:
ffuf command > file.txt
cat file.txt | grep -v “Size: 58”

1 Like

You should use some flags.
By the response you got, we can see the amount of lines and words is repetetive.
Match flags help you get the answer you need

MATCHER OPTIONS:
  -mc                 Match HTTP status codes, or "all" for everything. (default: 200-299,301,302,307,401,403,405,500)
  -ml                 Match amount of lines in response
  -mmode              Matcher set operator. Either of: and, or (default: or)
  -mr                 Match regexp
  -ms                 Match HTTP response size
  -mt                 Match how many milliseconds to the first response byte, either greater or less than. EG: >100 or <100
  -mw                 Match amount of words in response

Filter flags remove what you don’t want to see.

FILTER OPTIONS:
  -fc                 Filter HTTP status codes from response. Comma separated list of codes and ranges
  -fl                 Filter by amount of lines in response. Comma separated list of line counts and ranges
  -fmode              Filter set operator. Either of: and, or (default: or)
  -fr                 Filter regexp
  -fs                 Filter HTTP response size. Comma separated list of sizes and ranges
  -ft                 Filter by number of milliseconds to the first response byte, either greater or less than. EG: >100 or <100
  -fw                 Filter by amount of words in response. Comma separated list of word counts and ranges

In your case use the “-fw 8” to filter any response that contains 8 words.

1 Like