Scribd
Upload
62 views6 pages

Dirbuster

The document outlines steps taken to hack into a target network and server. First, the target's IP address and network range are identified. Two live IPs on the network are found using nmap. One IP hosts a website with a login page. Directory brute forcing using ffuf discovers additional pages including a signup page. Credentials for a SQL server are then found, allowing access to the server and administrative login credentials for the target system.

Uploaded by

contact
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
62 views6 pages

Dirbuster

The document outlines steps taken to hack into a target network and server. First, the target's IP address and network range are identified. Two live IPs on the network are found using nmap. One IP hosts a website with a login page. Directory brute forcing using ffuf discovers additional pages including a signup page. Credentials for a SQL server are then found, allowing access to the server and administrative login credentials for the target system.

Uploaded by

contact
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Dirbuster

First, we need to get the ip address of our target. For that, let's first check our ip address to get the network
address to scan.

The network address will be 10.104.11.0/24. Let's scan this using fping.

We have .96 and .198 as two new ips. Let's do an nmap scan on them.

1/6
We can see the .96 ip has a web page hosted on it, so that will be the web server. Let's access it.

We can see the landing page, and a login form. But, no other hints were found. So let's do a directory brute
forcing. I am using ffuf to do this.

2/6
We found a few interesting files.

The signup.php looks interesting, since the direct signup link on the homepage did not work. Let's check it out.

We have credentials for the sql server. The ip address listed here is the other ip we found when we scanned the
network. Let's access the sql server.

3/6
We found credentials for admin login from the sql server. Let's now try to log in.

4/6
We successfully logged in.

5/6
6/6

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy