HTB Academy: Information Gathering - Web Edition Module. (Part II, Question 5)

Skills Assessment

To complete this skills assessment, you will need to apply various techniques learned in this module, including:

• Using whois
• Analyzing robots.txt
• Performing subdomain brute-forcing
• Crawling and analyzing results
• Demonstrate your proficiency by effectively utilizing these techniques. Remember to add subdomains to your hosts file as you discover them.

Question 5: What is the API key the inlanefreight.htb developers will be changing to?

vHosts needed for these questions: inlanefreight.htb

Answer

Step 1: Add TARGET_IP and vhost to hosts

sudo nano /etc/hosts
<TARGET_IP>   inlanefreight.htb

Step 2: Find subdomains with gobuster

gobuster vhost -u http://inlanefreight.htb:$PORT -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt --append-domain

Step 3: Add new domain to hosts

sudo nano /etc/hosts
<TARGET_IP>  web1337.inlanefreight.htb

Step 4: Use gobuster with new subdomain and add result to hosts

gobuster vhost -u http://web1337.inlanefreight.htb:$PORT -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt --append-domain

Result

Found: dev.web1337.inlanefreight.htb:PORT Status: 200

Step 5: Install scrapy and ReconSpider

pip3 install scrapy

wget -O ReconSpider.zip https://academy.hackthebox.com/storage/modules/144/ReconSpider.v1.2.zip

unzip ReconSpider.zip

python3 ReconSpider.py http://dev.web1337.inlanefreight.htb:$PORT 

Step 6: Analyze the results

cat results.json

Extracted Comments

{
    "emails": [
        "1337testing@inlanefreight.htb"
    ],
    "links": [
        "http://dev.web1337.inlanefreight.htb:58951/index-808.html",
        "http://dev.web1337.inlanefreight.htb:58951/index-829.html",
...
...
 ],
    "external_files": [],
    "js_files": [],
    "form_fields": [],
    "images": [],
    "videos": [],
    "audio": [],
    "comments": [
"<!-- Remember to change the API key to ba****************************** -->"
}

Great! Happy Hunting

Go to Module