HTB registration link: [ Ссылка ]

1. Within the "webfuzzing_hidden_path" path on the target system (ie [ Ссылка ]), fuzz for folders and then files to find the flag.

2. Recursively fuzz the "recursive_fuzz" path on the target system (ie [ Ссылка ]) to find the flag.
3. What flag do you find when successfully fuzzing the GET parameter?

4. What flag do you find when successfully fuzzing the POST parameter?

5. Using GoBuster against inlanefreight.com to fuzz for subdomains using the subdomains-top1million-5000.txt wordlist, which subdomain starts with the prefix "su"? Respond with the full vhost, eg web.inlanefreight.com.

6. What flag do you find when successfully fuzzing the POST parameter?

7. Fuzz the target system using directory-list-2.3-medium.txt, looking for a hidden directory. Once you have found the hidden directory, responsibly determine the validity of the vulnerability by analyzing the tar.gz file in the directory. Answer using the full Content-Length header, eg "Content-Length: 1337"

8. What is the value returned by the endpoint that the api fuzzer has identified?

9. After completing all steps in the assessment, you will be presented with a page that contains a flag in the format of HTB{...}. What is that flag?

свернуть