Web Recon Skill Assessment Question 3

HTB Content Academy
1

Hello,

I’m currently stuck on the third question of the web recon skill assessment. I have several problems.

First, I tried to add the inlanefreight.htb domain to the /etc/hosts but it doesn’t work (still can’t resolve)
Then, I tried with the given IP to use the finalRecon tool but I have this error " AttributeError: ‘TLDExtract’ object has no attribute 'extract_urllib"
I tried to gobuster for directories but got nothing
I tried nikto

I’m kinda out of option here. I guess I need to find the robots.txt file to find the hidden admin page and take the API key.

Any help is appreciated.

1 Like
2

Same here. I think one of the difficulties lies within getting the target <TARGET_IP>:<TARGET_PORT> into /etc/hosts ive tried:
TARGET:PORT inlanefreight.htb,
TARGET inlanefreight.htb:PORT.

Neither seems to work. I can access the website from the IP address and PORT in a web browser, but using the inlanefreight URL I cannot resolve.

I also get the same errors in FinalRecon. gobuster and ffuf havent found any directories for me.

I am curious if they have changed this recently, because the question reads like we should have already conducted a scan "What is the API key in the hidden admin directory that you have discovered on the target system? "

3

Yeah the question is weird. This course has been recently updated and the web archive questions seem bugged for me too.

image
image886×156 11.1 KB

4

How exactly did you enter the domain in the /etc/hosts file?

5

Like this IP:PORT DOMAIN
etchosts

And I fixed the FinalRecon error it was a privilege issue for the installation of dependencies(I also made a venv).

6

Hey, I added like this

94.237.55.12:53822 inlanefreight.htb

And sitll didn’t managed to resovle the problem

Am I missing something?

7

the port does not belong in the hosts file, only the ip
10.10.10.10 example.com

2 Likes
8

Works man

need to give it a few minutes to let the configuration of the hosts file be ready

Thanks man

9

Found the api key through one of the subdomains.
Tried to put the api key as an answer. But it will not accept it

Welcome to
Welcome to XXXXXX admin site
The admin panel is currently under maintenance, but the API is still accessible with the key XXXXXXXXXXXXXXXXXXXXX

Any ideas?

10

Nope still stuck removed the port but can’t connect to server no robots or admin page found with finarecon or gobuster

11

I haven’t gotten there yet, but I would see if I could follow that api key, or maybe iterate through that specific subdomain.

1 Like
12

add this way at /etc/hosts, give it 2 minutes. WITHOUT THE Port

94.237.55.12 inlanefreight.htb

after 2 minutes, try to use FinalRecon.
Don’t forget to add the port to the url
this way
http://inlanefreight.htb:47845

Good luck

2 Likes
13

Let me know brother, it will be great. On this thing all fucking day

14

I was reading the man page and did “http://inlanefreight.htb -sp [PORT]”, this comment helped a lot, thank you!

1 Like
15

Fucking a man, found the way. After you find the KEY as I found. Use one of the Creepy tools

Try, don’t give up and let me know if you struggle

Good luck

16

this the result I got with FinalRecon for directories with the dirb_common wordlist
ReconResults

17

Try another technique that was shown in the module

18

I also thought it was bugged. However I did eventually find all of them in the last 30 minutes. They just werent located in the most obvious location. Need to dig deeper.

19

I have tried gobuster, whois, reconspider, final recon and dnsenum - getting nothing :slight_smile:

20

image
image709×491 40.7 KB

Hello. I am still sticking. I tried all that is said here and nothing seems to work. I waited for more than 15 min now. Ping is ok, but finalrecon still gives me error message even when i used the -sp flag. Can someone help?