Vault

@barango said:
Is there any reason why gobuster wont find any pages?

Yes there is

i got ssh session trying lateral movement

@gudj4qu3r said:
@s1gh any hints how did you got shell without any spoiler?

Kinda hard giving a hint without spoiling. But continue enumerating.
You should be able to find an interesting page.

gobuster works just fine, you just have to search for the right thing.

Guys, after this machine is reset, please give it about 10-15 minutes for it to come back and be ready for your torture. Anything you do before that will be pointless and will just delay the boot time further.

where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can try “directory-list-2.3-medium.txt”.

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can get more here

I think you can install all that with “apt install seclists” as well if you don’t want to clone it from git

@s1gh said:

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can try “directory-list-2.3-medium.txt”.

@Rantrel said:

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can get more here
GitHub - danielmiessler/SecLists: SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

I think you can install all that with “apt install seclists” as well if you don’t want to clone it from git

Thank you both, i will look into this.

I don’t even see a user.txt so I assume I have to get from where I am to somewhere else before I can even get user? Is that right?

@s1gh said:

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can try “directory-list-2.3-medium.txt”.

is it worked for you?

when it comes to stock lists, common.txt should be all you need.

Is the login page a rabbit hole? and should I be brute forcing it?

@codo said:
Is the login page a rabbit hole? and should I be brute forcing it?

Maybe and no. Continue your enumeration.

Tip: If you’re using gobuster enable the following file extensions:php,txt,html with the -x flag.

And as @0x29A said, common.txt from seclists is enough

I have a shell. Does anyone have any hints for finding/getting to the user.txt?

Thx Skunkfoot and fjv, i got shell now

@fjv I actually tried it with the extensions + directory 2.3 medium. I will try again with common.txt

Nope nothing… Maybe I oversee something, but I have no clue how to continue

@NicoF2000 said:
Nope nothing… Maybe I oversee something, but I have no clue how to continue

Hmm, I am in the same boat as you.
The only 200 that came back was for index.php…