Title here
Summary here
014 (Web)
Vamos a ver la web:
Vemos que solo hay una imagen, vamos a ver el código fuente:
<!DOCTYPE html>
<html>
<head>
<meta name="viewport" content="width=device-width, initial-scale=1">
<style>
img {
display: block;
margin-left: auto;
margin-right: auto;
}
</style>
</head>
<body>
<img src="logo.png" alt="HMV" style="width:50%;">
</body>
</html>No vemos nada interesante. Vamos a hacer fuzzing con gobuster por archivos y directorios:
❯ gobuster dir -w /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt -u 'http://momo.hackmyvm.eu/' -x php,html,js,txt
===============================================================
Gobuster v3.6
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Url: http://momo.hackmyvm.eu/
[+] Method: GET
[+] Threads: 10
[+] Wordlist: /usr/share/wordlists/seclists/Discovery/Web-Content/directory-list-2.3-medium.txt
[+] Negative Status codes: 404
[+] User Agent: gobuster/3.6
[+] Extensions: php,html,js,txt
[+] Timeout: 10s
===============================================================
Starting gobuster in directory enumeration mode
===============================================================
/index.html (Status: 200) [Size: 268]
/robots.txt (Status: 200) [Size: 15]Vemos un robots.txt , vamos a ver su contenido:
