Skip to content

Web Enumeration

ℹ️ Informations

  • 🌐 Website: HackTheBox
  • 📚 Module: Getting Started
  • 🔗 Link: Web Enumeration

Question

Try running some of the web enumeration techniques you learned in this section on the server above, and use the info you get to get the flag.

📋 Walkthrough

Run nmap scan: 

nmap -sC -sV [IP] -p30892
We can see nmap output: 
PORT      STATE SERVICE VERSION
30892/tcp open  http    Apache httpd 2.4.41 ((Ubuntu))
| http-robots.txt: 1 disallowed entry 
|_/admin-login-page.php
|_http-title: HTB Academy
|_http-server-header: Apache/2.4.41 (Ubuntu)
We can see there's a robots.txt, where there's a entry admin-login-page.php. On this login page, we can see an unremoved comment from source page (CTRL+U). 
<!-- TODO: remove test credentials admin:********* -->
Logging with these credentials let us get the flag

Answer

HTB{*******************************}