Hi, i’m stuck in a question “One of the pages you will identify should say ‘You don’t have access!’. What is the full page URL?” i discover the virtual host and the folder but i dont see what is the file i use application as ffuf wfuzz dirbuster gobuster but i cant resolve this; anybody can help me.
from the directory you found use /FUZZextension don’t use the -e option for ffuf
replace extension with whatever extension you’re testing for.
you’ll find what you need that way.
use directory-list-2.3-medium.txt
got it, thanks
I was just about to make a new post regarding this question but figured it out as I was making the post -
After multiple attempts, I wasn’t able to enumerate the page name with the -e switch, even with the correct extension listed. Haven’t figured out why yet. Nonetheless, by manually performing the fuzz on the appropriate resource, I was able to see the page they were referring to. However, this started my biggest challenge, which was entering the answer as they preferred it.
After a successful curl and receiving the described text, I copy/pasted the URL into the answer section only to be met with an incorrect response. Thinking there may be another page, my pursuit continued. Hours later, I clicked on the HINT and realized the format they wanted it in. Argh!!!
try replacing your port number with the word PORT in your answer
Thanks mate, this was very unintuitive i dont want to have to click “Hint”
This is some crazy ■■■■… HTB just likes making life harder. The questions, hints and expected answer format takes way longer than completing the module itself.
You sir, are a lifesaver. Thank you
Here are some tips to help you find it:
- Think like a detective: What clues might the “No Trespassing” page have? Is there a specific error message? Does it mention any file names? Any unusual words or phrases?
- Double-check your tools: Make sure you’re using the right settings and commands for your tools. Sometimes a typo or a missing flag can make all the difference.
- Try a different approach: Maybe the “No Trespassing” page isn’t hidden behind a specific file. Could it be accessed through a different URL parameter or a hidden form?
- Ask for help: Don’t be afraid to reach out to online communities or forums. There are plenty of friendly hackers out there who are happy to lend a hand.
Remember, the key is to be patient, persistent, and creative. Think outside the box, experiment, and don’t give up! Finding that “No Trespassing” page is just a matter of time and a bit of detective work.