Hi, could someone give me a hand for this web challenge please? Thanks!
Gobuster will help you, when you find the file you should look for the parameter.
A third party tool on GitHub helped me in the second part
wfuzz with a big wordlist. Remember to try different extensions too!
Mhhh, I tried but just only for directory searching... cool thanks! @samsepi0l & @will135
So the whole challenge is looking for the good wordlists ?
I tried with the wordlists which ippsec always use , but could find just only 3 directories, nothing more...
Yes I found the interesting file, but can't find the parameter. Tried some wordlists...
there are tons of wordlists
How do you find the param?
I found the folders, and the file. Trying to fuzz the parameter...
That's where I am stuck
@Crafty said: So the whole challenge is looking for the good wordlists ?
Basically that's it. But the name of the challenge narrows down a little which wordlists are possible candidates. At least that's how I saw it.
Found the parameter... Now hunting for valid values
hmmm not sure what to do with the file now that I have found it...
I finaly flagged it ! It was a nice training for wfuzz after all .
All you have to do is to find the good wordlists and fuzz multiple time.
am I on the right track by looking at something the has not been set?
@MrNo
Yes, wfuzz it!
Just completed it.
Happy to assist if needed.
Yep, I'm done too!!!
I just found the right parameter but is there more than one by any chance?
@n3m0 said:
nv got the flag...guess its just that one parameter : )
Still stuck trying to fuzz the param, any tips?
@GibParadox saved me from myself
just completed, had a lot of funzz! thx for the challenge @Arrexel ! if anyone feel stuck and need a little nudge PM me
A good challenge, thanks to @prdcsm for hint and thnx to @Arrexel for making it.
Jeeze, def do not overthink the fuzz wordlist. Don't be me with a 10 million line count wordlist. KISS
Challenge complete. Simple challenge yet still taught me a thing or two. Thanks @Arrexel.
If someone was helpful, don't forget to give +1 Respect.
You can do the entire problem with wFuzz. You need to fuzz for a parameter and then for a value.
it is necessary in this challenge not to fuzz unnecessary
Type your comment> @will135 said:
I have been trying the wordlists in SecLists couldn't find anything! point me to something..
Click here to create an account.
Comments
Gobuster will help you, when you find the file you should look for the parameter.
A third party tool on GitHub helped me in the second part
wfuzz with a big wordlist. Remember to try different extensions too!
Mhhh, I tried but just only for directory searching... cool thanks! @samsepi0l & @will135
So the whole challenge is looking for the good wordlists ?
I tried with the wordlists which ippsec always use
, but could find just only 3 directories, nothing more... 
Yes I found the interesting file, but can't find the parameter. Tried some wordlists...
there are tons of wordlists
How do you find the param?
I found the folders, and the file. Trying to fuzz the parameter...
That's where I am stuck
Basically that's it. But the name of the challenge narrows down a little which wordlists are possible candidates. At least that's how I saw it.
Found the parameter... Now hunting for valid values
hmmm not sure what to do with the file now that I have found it...
I finaly flagged it !
.
It was a nice training for wfuzz after all
All you have to do is to find the good wordlists and fuzz multiple time.
am I on the right track by looking at something the has not been set?
@MrNo
Yes, wfuzz it!
Just completed it.
Happy to assist if needed.
Yep, I'm done too!!!
I just found the right parameter but is there more than one by any chance?
@n3m0 said:
nv got the flag...guess its just that one parameter : )
Still stuck trying to fuzz the param, any tips?
@GibParadox saved me from myself
just completed, had a lot of funzz! thx for the challenge @Arrexel !
if anyone feel stuck and need a little nudge PM me
A good challenge, thanks to @prdcsm for hint and thnx to @Arrexel for making it.
Jeeze, def do not overthink the fuzz wordlist. Don't be me with a 10 million line count wordlist. KISS
Challenge complete.
Simple challenge yet still taught me a thing or two. Thanks @Arrexel.
If someone was helpful, don't forget to give +1 Respect.

You can do the entire problem with wFuzz. You need to fuzz for a parameter and then for a value.
it is necessary in this challenge not to fuzz unnecessary
Type your comment> @will135 said:
I have been trying the wordlists in SecLists couldn't find anything! point me to something..
