Vault

still on enumeration
it is slow af

the box seems so fragile.
from nmap to directory enumeration i have different results on every scan i run

WTF how do you find out these things? I tried gobuster with medium directory but nothing yet…

@NicoF2000 said:
WTF how do you find out these things? I tried gobuster with medium directory but nothing yet…

Gobuster can’t find everything.

did you run nmap on ALL ports???

Hmm, I’m logged in to the server but can’t find user.txt…

@s1gh any hints how did you got shell without any spoiler?

Is there any reason why gobuster wont find any pages?

@barango said:
Is there any reason why gobuster wont find any pages?

Yes there is

i got ssh session trying lateral movement

@gudj4qu3r said:
@s1gh any hints how did you got shell without any spoiler?

Kinda hard giving a hint without spoiling. But continue enumerating.
You should be able to find an interesting page.

gobuster works just fine, you just have to search for the right thing.

Guys, after this machine is reset, please give it about 10-15 minutes for it to come back and be ready for your torture. Anything you do before that will be pointless and will just delay the boot time further.

where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can try “directory-list-2.3-medium.txt”.

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can get more here

I think you can install all that with “apt install seclists” as well if you don’t want to clone it from git

@s1gh said:

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can try “directory-list-2.3-medium.txt”.

@Rantrel said:

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can get more here
GitHub - danielmiessler/SecLists: SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

I think you can install all that with “apt install seclists” as well if you don’t want to clone it from git

Thank you both, i will look into this.

I don’t even see a user.txt so I assume I have to get from where I am to somewhere else before I can even get user? Is that right?

@s1gh said:

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can try “directory-list-2.3-medium.txt”.

is it worked for you?

when it comes to stock lists, common.txt should be all you need.