HTTP/ HTTPS

HTTP and HTTPS services host web services for the servers to host to the end-users. Identify the CMS employed in the web services perform basic testing regarding the CMS and test for web-based attacks, sqli, XXE, SSTI, SSRF, etc..,

Windows Machine

When the machine hosts an IIS Server always check for its version and check for an open publically available exploits

Use *-lowercase words to shorten the brute force time

raft-medium-directories-lowercase.txt from seclists etc..,

Enumeration

IIS Servers are by defualt vulnerable to tilde enumeration
Set to wont fix status by the MSRC Team
Abusing this reduces the directory enumeration time
Tool - IIS-ShortName-Scanner

 java -jar iis_shortname_scanner.jar 2 20 http://url

Linux Machine

Advised to use feroxbuster since it enumerates recursively

feroxbuster -u http://$ip -w /usr/share/wordlists/dirb/big.txt -x php,html,bak,txt,sh  -k

PreviousFinger NextLogin Attacks

Last updated 3 years ago

hashtagWindows Machine

hashtagEnumeration

hashtagLinux Machine

Windows Machine

Enumeration

Linux Machine