Fuzzy [Web]

2»

Comments

  • wfuzz with a big wordlist.

    I have been trying the wordlists in SecLists couldn't find anything! point me to something..

    In my experiments I used Kali built-in wordlist and all fuzzed well.
    The sense is to choose correct point for Fuzzy.

    tabacci

  • Solvable only with wfuzz.
    Make sure to try different extensions, and know the standard way of passing a parameter and its value to a web application.
    :)

  • @TsukiCTF : I solved this challenge with Burp Pro :wink:

    Ozunu

  • recalled bruteforcing good challenge

  • Flag captured! Learned shit-ton from this challenge! Thanks, @tabacci @GibParadox for your kind assistance. Let's move on. #TRYHARDER

  • Type your comment> @deleite said:

    You can do the entire problem with wFuzz. You need to fuzz for a parameter and then for a value.

    Actually this is wrong. For sake of correctness, you will need to fuzz:
    1. A directory
    2. A filename
    3. A correct extension
    4. A parameter name
    5. A parameter value
    In the end, you will come up with an HTTP GET request , for which you will get the flag. However, given the low score you will get and the high difficulty of figuring out different wordlists which one to select for correct fuzzing, I give this challenge a THUMBS DOWN. :neutral:

    Regards,
    qmi

  • Type your comment> @qmi said:

    Type your comment> @deleite said:

    You can do the entire problem with wFuzz. You need to fuzz for a parameter and then for a value.

    Actually this is wrong. For sake of correctness, you will need to fuzz:
    1. A directory
    2. A filename
    3. A correct extension
    4. A parameter name
    5. A parameter value
    In the end, you will come up with an HTTP GET request , for which you will get the flag. However, given the low score you will get and the high difficulty of figuring out different wordlists which one to select for correct fuzzing, I give this challenge a THUMBS DOWN. :neutral:

    You should know the difference between wrong and/nor different/incomplete.

    First 3 steps you point, are easy with any content discovery tool.

    Deleite

  • Spoiler Removed

  • edited August 2019

    Well, I did solve it using gobuster and wfuzz. Although this is a great way to learn these tools (especially to see that it can all be done by one tool), I didn't really lie the guessing of which wordlist(s) to use.

    @Qftm please do not post writeups of these challenges....

  • Solved it with w***z. It can be tricky to get the final details, so do not hesitate to contact me for hints.

  • Hi guys, I do not know about you, but in my case the instance gets unresponsive after fuzzing it with dozens of values and 5 threads. I guess there may be some banning involved. Just curious.

    Sociaslkas

  • Burp Pro FTW xD

  • So as a nooob. Everyone seems to point to fuzzing the elements to the end, however is the first part of this directory traversal? trying to better comprehend terms.

  • finding the endpoint is easy. but looking for the correct parameter and value is not easy.

    Not Really a Spoiler
    you can check my github repository and observe the tool I used for finding the endpoint.

    Hack The Box

  • lots of tools to do this i simply used D*******r ... no issue with wordlist

  • Pwned, the most difficult is instance stop while enum

    image

  • A fun challenge. This was a good way to learn some different fuzzing tools, as well as their strengths and weaknesses!

  • wfuzz + common wordlist for 1000 words

  • edited November 2019

    Quick little challange, but as people has mentioned, good brush up on wfuzz :)

    -All hail the Potato-

  • Would be interesting to see a challenge like this that incorporates a WAF element. Ideas ideas. Maybe I can come up with one to share sometime.

  • any clue how to get find parameters ?? kinda newbie here

  • Like the name suggests, it's all about fuzzing.
    At one point I thought I was getting trolled because I didn't find anything and started enumerating... but luckily I checked the forums.

    If you are stuck, just try other wordlists. There are no rabbit holes.

    If you are looking for files then it is sometimes a good idea to hard-type the file extension. E.g. try all the common ones:
    wfuzz [...] -u [host]/directory/FUZZ.html
    wfuzz [...] -u [host]/directory/FUZZ.htm
    wfuzz [...] -u [host]/directory/FUZZ.php
    wfuzz [...] -u [host]/directory/FUZZ.asp
    ... etc.

    You don't need giant wordlists. All of the words are rather common.
    Like has been said before, you are looking for directories, files, params, param-values.

  • Wfuzz is your friend. Learned a lot about the tool with this challenge.

  • I enjoyed this one a lot and learned something new about wfuzz. When it comes to wordlists -> Just use the one you are always using, there is nothing exotic in this challenge. (I used one of the lists that ship with Kali) Feel free to PM me if you need a hint.

    Countably

Sign In to comment.