Skip to content

Commit

Permalink
Deployed 718e4e0 with MkDocs version: 1.6.1
Browse files Browse the repository at this point in the history
  • Loading branch information
Unknown committed Sep 10, 2024
1 parent ffdc4d6 commit fd0c372
Show file tree
Hide file tree
Showing 7 changed files with 552 additions and 245 deletions.
217 changes: 128 additions & 89 deletions 53-dns/index.html
View file

Large diffs are not rendered by default.

200 changes: 131 additions & 69 deletions cpts-labs/index.html
View file

Large diffs are not rendered by default.

180 changes: 143 additions & 37 deletions dig/index.html
View file

Large diffs are not rendered by default.

5 changes: 4 additions & 1 deletion dnsenum/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15730,10 +15730,13 @@ <h2 id="basic-usage">Basic usage</h2>
</span></code></pre></div>
<p>One cool thing about dnsenum is that it can perform dns transfer zone, like [dig]](dig.md). </p>
<p>It performs DNS brute force with /usr/share/dnsenum/dns.txt.</p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-1-1"><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a>dnsenum<span class="w"> </span>--enum<span class="w"> </span>example.com<span class="w"> </span>-f<span class="w"> </span>/usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt<span class="w"> </span>-r
</span><span id="__span-1-2"><a id="__codelineno-1-2" name="__codelineno-1-2" href="#__codelineno-1-2"></a><span class="c1"># -f Indicate the wordlist file</span>
</span></code></pre></div>

<!-- This section adds support for localized revision dates -->

<small>Last update: <span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-timeago"><span class="timeago" datetime="2024-02-04T18:54:56+00:00" locale="en"></span></span><span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_date">2024-02-04</span></small></br>
<small>Last update: <span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-timeago"><span class="timeago" datetime="2024-09-10T19:51:47+00:00" locale="en"></span></span><span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_date">2024-09-10</span></small></br>


<small>Created: June 28, 2023 19:14:21</small>
Expand Down
68 changes: 51 additions & 17 deletions gobuster/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1844,7 +1844,16 @@
<li class="md-nav__item">
<a href="#enumerate-subdomains" class="md-nav__link">
<span class="md-ellipsis">
Enumerate subdomains:
Enumerate subdomains
</span>
</a>

</li>

<li class="md-nav__item">
<a href="#enumerate-virtual-hosts" class="md-nav__link">
<span class="md-ellipsis">
Enumerate Virtual Hosts
</span>
</a>

Expand Down Expand Up @@ -15706,7 +15715,16 @@
<li class="md-nav__item">
<a href="#enumerate-subdomains" class="md-nav__link">
<span class="md-ellipsis">
Enumerate subdomains:
Enumerate subdomains
</span>
</a>

</li>

<li class="md-nav__item">
<a href="#enumerate-virtual-hosts" class="md-nav__link">
<span class="md-ellipsis">
Enumerate Virtual Hosts
</span>
</a>

Expand Down Expand Up @@ -15748,32 +15766,48 @@ <h2 id="installation">Installation</h2>
</span><span id="__span-0-3"><a id="__codelineno-0-3" name="__codelineno-0-3" href="#__codelineno-0-3"></a><span class="c1"># -r: follow redirects</span>
</span><span id="__span-0-4"><a id="__codelineno-0-4" name="__codelineno-0-4" href="#__codelineno-0-4"></a><span class="c1"># -x: add to the path provided by dictionary these extensions</span>
</span></code></pre></div>
<h2 id="enumerate-subdomains">Enumerate subdomains:</h2>
<h2 id="enumerate-subdomains">Enumerate subdomains</h2>
<p>From HackTheBox machine - Three:</p>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-1-1"><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a>gobuster<span class="w"> </span>vhost<span class="w"> </span>-w<span class="w"> </span>/opt/useful/SecLists/Discovery/DNS/subdomains-top1million-5000.txt<span class="w"> </span>-u<span class="w"> </span>http://thetoppers.htb
</span><span id="__span-1-2"><a id="__codelineno-1-2" name="__codelineno-1-2" href="#__codelineno-1-2"></a><span class="c1"># vhost : Uses VHOST for brute-forcing</span>
</span><span id="__span-1-3"><a id="__codelineno-1-3" name="__codelineno-1-3" href="#__codelineno-1-3"></a><span class="c1"># -w : Path to the wordlist</span>
</span><span id="__span-1-4"><a id="__codelineno-1-4" name="__codelineno-1-4" href="#__codelineno-1-4"></a><span class="c1"># -u : Specify the URL</span>
</span></code></pre></div>
<h2 id="enumerate-virtual-hosts">Enumerate Virtual Hosts</h2>
<p>There are a couple of things you need to prepare to brute force <code>Host</code> headers:</p>
<ol>
<li><code>Target Identification</code>: First, identify the target web server's IP address. This can be done through DNS lookups or other reconnaissance techniques.</li>
<li><code>Wordlist Preparation</code>: Prepare a wordlist containing potential virtual host names. You can use a pre-compiled wordlist, such as SecLists, or create a custom one based on your target's industry, naming conventions, or other relevant information.</li>
</ol>
<div class="language-shell-session highlight"><pre><span></span><code><span id="__span-2-1"><a id="__codelineno-2-1" name="__codelineno-2-1" href="#__codelineno-2-1"></a><span class="go">gobuster vhost -u http://$ip -w &lt;wordlist_file&gt; --append-domain</span>
</span><span id="__span-2-2"><a id="__codelineno-2-2" name="__codelineno-2-2" href="#__codelineno-2-2"></a><span class="gp"># </span>The<span class="w"> </span><span class="sb">`</span>-u<span class="sb">`</span><span class="w"> </span>flag<span class="w"> </span>specifies<span class="w"> </span>the<span class="w"> </span>target<span class="w"> </span>URL
</span><span id="__span-2-3"><a id="__codelineno-2-3" name="__codelineno-2-3" href="#__codelineno-2-3"></a><span class="gp"># </span>The<span class="w"> </span><span class="sb">`</span>-w<span class="sb">`</span><span class="w"> </span>flag<span class="w"> </span>specifies<span class="w"> </span>the<span class="w"> </span>wordlist<span class="w"> </span>file<span class="w"> </span>
</span><span id="__span-2-4"><a id="__codelineno-2-4" name="__codelineno-2-4" href="#__codelineno-2-4"></a><span class="gp"># </span>The<span class="w"> </span><span class="sb">`</span>--append-domain<span class="sb">`</span><span class="w"> </span>flag<span class="w"> </span>appends<span class="w"> </span>the<span class="w"> </span>base<span class="w"> </span>domain<span class="w"> </span>to<span class="w"> </span>each<span class="w"> </span>word<span class="w"> </span><span class="k">in</span><span class="w"> </span>the<span class="w"> </span>wordlist.<span class="w"> </span>In<span class="w"> </span>newer<span class="w"> </span>versions<span class="w"> </span>of<span class="w"> </span>Gobuster,<span class="w"> </span>the<span class="w"> </span>--append-domain<span class="w"> </span>flag<span class="w"> </span>is<span class="w"> </span>required<span class="w"> </span>to<span class="w"> </span>append<span class="w"> </span>the<span class="w"> </span>base<span class="w"> </span>domain<span class="w"> </span>to<span class="w"> </span>each<span class="w"> </span>word<span class="w"> </span><span class="k">in</span><span class="w"> </span>the<span class="w"> </span>wordlist<span class="w"> </span>when<span class="w"> </span>performing<span class="w"> </span>virtual<span class="w"> </span>host<span class="w"> </span>discovery.<span class="w"> </span>This<span class="w"> </span>flag<span class="w"> </span>ensures<span class="w"> </span>that<span class="w"> </span>Gobuster<span class="w"> </span>correctly<span class="w"> </span>constructs<span class="w"> </span>the<span class="w"> </span>full<span class="w"> </span>virtual<span class="w"> </span>hostnames,<span class="w"> </span>which<span class="w"> </span>is<span class="w"> </span>essential<span class="w"> </span><span class="k">for</span><span class="w"> </span>the<span class="w"> </span>accurate<span class="w"> </span>enumeration<span class="w"> </span>of<span class="w"> </span>potential<span class="w"> </span>subdomains.<span class="w"> </span>In<span class="w"> </span>older<span class="w"> </span>versions<span class="w"> </span>of<span class="w"> </span>Gobuster,<span class="w"> </span>this<span class="w"> </span>functionality<span class="w"> </span>was<span class="w"> </span>handled<span class="w"> </span>differently,<span class="w"> </span>and<span class="w"> </span>the<span class="w"> </span>--append-domain<span class="w"> </span>flag<span class="w"> </span>was<span class="w"> </span>not<span class="w"> </span>necessary.
</span></code></pre></div>
<ul>
<li>Consider using the <code>-t</code> flag to increase the number of threads for faster scanning.</li>
<li>The <code>-k</code> flag can ignore SSL/TLS certificate errors.</li>
<li>You can use the <code>-o</code> flag to save the output to a file for later analysis.</li>
</ul>
<h2 id="examples-from-real-life">Examples from real life</h2>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-2-1"><a id="__codelineno-2-1" name="__codelineno-2-1" href="#__codelineno-2-1"></a>gobuster<span class="w"> </span>dir<span class="w"> </span>-u<span class="w"> </span>https://friendzone.red/<span class="w"> </span>-w<span class="w"> </span>/usr/share/wordlists/dirbuster/directory-list-2.3-small.txt<span class="w"> </span>-x<span class="w"> </span>txt,php<span class="w"> </span>-t<span class="w"> </span><span class="m">20</span><span class="w"> </span>-k
</span><span id="__span-2-2"><a id="__codelineno-2-2" name="__codelineno-2-2" href="#__codelineno-2-2"></a>
</span><span id="__span-2-3"><a id="__codelineno-2-3" name="__codelineno-2-3" href="#__codelineno-2-3"></a><span class="c1"># dir to search for directories</span>
</span><span id="__span-2-4"><a id="__codelineno-2-4" name="__codelineno-2-4" href="#__codelineno-2-4"></a><span class="c1"># -t number of concurrent threads</span>
</span><span id="__span-2-5"><a id="__codelineno-2-5" name="__codelineno-2-5" href="#__codelineno-2-5"></a><span class="c1"># -k to avoid error message about certificate: invalid certificate: x509: certificate has expired or is not yet valid</span>
</span><span id="__span-2-6"><a id="__codelineno-2-6" name="__codelineno-2-6" href="#__codelineno-2-6"></a><span class="c1"># -x to indicate an extension for the file</span>
</span><span id="__span-2-7"><a id="__codelineno-2-7" name="__codelineno-2-7" href="#__codelineno-2-7"></a><span class="c1"># -w to indicate a dictionary or wordlist</span>
</span><span id="__span-2-8"><a id="__codelineno-2-8" name="__codelineno-2-8" href="#__codelineno-2-8"></a>
</span><span id="__span-2-9"><a id="__codelineno-2-9" name="__codelineno-2-9" href="#__codelineno-2-9"></a>
</span><span id="__span-2-10"><a id="__codelineno-2-10" name="__codelineno-2-10" href="#__codelineno-2-10"></a>
</span><span id="__span-2-11"><a id="__codelineno-2-11" name="__codelineno-2-11" href="#__codelineno-2-11"></a><span class="c1"># -l Display the length of the response</span>
</span><span id="__span-2-12"><a id="__codelineno-2-12" name="__codelineno-2-12" href="#__codelineno-2-12"></a><span class="c1"># -s Show an especific status code</span>
</span><span id="__span-2-13"><a id="__codelineno-2-13" name="__codelineno-2-13" href="#__codelineno-2-13"></a><span class="c1"># -r Follow redirect</span>
<div class="language-bash highlight"><pre><span></span><code><span id="__span-3-1"><a id="__codelineno-3-1" name="__codelineno-3-1" href="#__codelineno-3-1"></a>gobuster<span class="w"> </span>dir<span class="w"> </span>-u<span class="w"> </span>https://friendzone.red/<span class="w"> </span>-w<span class="w"> </span>/usr/share/wordlists/dirbuster/directory-list-2.3-small.txt<span class="w"> </span>-x<span class="w"> </span>txt,php<span class="w"> </span>-t<span class="w"> </span><span class="m">20</span><span class="w"> </span>-k
</span><span id="__span-3-2"><a id="__codelineno-3-2" name="__codelineno-3-2" href="#__codelineno-3-2"></a>
</span><span id="__span-3-3"><a id="__codelineno-3-3" name="__codelineno-3-3" href="#__codelineno-3-3"></a><span class="c1"># dir to search for directories</span>
</span><span id="__span-3-4"><a id="__codelineno-3-4" name="__codelineno-3-4" href="#__codelineno-3-4"></a><span class="c1"># -t number of concurrent threads</span>
</span><span id="__span-3-5"><a id="__codelineno-3-5" name="__codelineno-3-5" href="#__codelineno-3-5"></a><span class="c1"># -k to avoid error message about certificate: invalid certificate: x509: certificate has expired or is not yet valid</span>
</span><span id="__span-3-6"><a id="__codelineno-3-6" name="__codelineno-3-6" href="#__codelineno-3-6"></a><span class="c1"># -x to indicate an extension for the file</span>
</span><span id="__span-3-7"><a id="__codelineno-3-7" name="__codelineno-3-7" href="#__codelineno-3-7"></a><span class="c1"># -w to indicate a dictionary or wordlist</span>
</span><span id="__span-3-8"><a id="__codelineno-3-8" name="__codelineno-3-8" href="#__codelineno-3-8"></a>
</span><span id="__span-3-9"><a id="__codelineno-3-9" name="__codelineno-3-9" href="#__codelineno-3-9"></a>
</span><span id="__span-3-10"><a id="__codelineno-3-10" name="__codelineno-3-10" href="#__codelineno-3-10"></a>
</span><span id="__span-3-11"><a id="__codelineno-3-11" name="__codelineno-3-11" href="#__codelineno-3-11"></a><span class="c1"># -l Display the length of the response</span>
</span><span id="__span-3-12"><a id="__codelineno-3-12" name="__codelineno-3-12" href="#__codelineno-3-12"></a><span class="c1"># -s Show an especific status code</span>
</span><span id="__span-3-13"><a id="__codelineno-3-13" name="__codelineno-3-13" href="#__codelineno-3-13"></a><span class="c1"># -r Follow redirect</span>
</span></code></pre></div>

<!-- This section adds support for localized revision dates -->

<small>Last update: <span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-timeago"><span class="timeago" datetime="2024-06-11T20:27:57+00:00" locale="en"></span></span><span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_date">2024-06-11</span></small></br>
<small>Last update: <span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-timeago"><span class="timeago" datetime="2024-09-10T19:51:47+00:00" locale="en"></span></span><span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_date">2024-09-10</span></small></br>


<small>Created: February 7, 2023 18:30:04</small>
Expand Down
Loading

0 comments on commit fd0c372

Please sign in to comment.