🌐Reconocimiento

Directory enum

ffuf  -u <http://web.com/FUZZ> -w <wordlist> -o <file>

Subdomain enum

ffuf -w <wordlist> -H "Host: FUZZ.web.com" -u http://web.com -fs <size>

Parameter enum

ffuf -w <wordlist> -u http://web.com/script.php?FUZZ=test -fs <size>

Values enum

ffuf -w <wordlist> -u http://web.com/script.php?parameter=FUZZ -fc <code>

gobuster dir -u <IP> -w <wordlist_path> -t 50 -x .php,.txt,.html -o scan-dirs

gobuster dns -d <url> -w <wordlist> -i # Subdominios

gobuster vhost -u <url> -w <wordlist> -r # Virtual hosting

/var/lib/jenkins/config.xml
/var/lib/jenkins/users/users.xml
/var/lib/jenkins/users/user/conf.xml

/manage/script # revshell

dig @<IP> <domain-name> axfr

Última actualización hace 24 días