TRYHACKME — FFUF
Task 1 Introduction
#1 :- I have ffuf installed
Answer :- No Answer Needed
#2 :- I have SecLists installed
Answer :- No Answer Needed
Task 2 Basics
#2 :- What is the first file you found with a 200 status code?
Answer :- favicon.ico
Task 3 Finding pages and directories
#3.1 :- What text file did you find?
Answer :- robots.txt
#3.2 :- What two file extensions were found for the index page?
Answer :- php,phps
#3.3 :- What page has a size of 4840?
Answer :- about.php
#3.4 :- How many directories are there?
Answer :- 4
Task 4 Using filters
#4.1 :- After applying the fc filter, how many results were returned?
Answer :- 11
#4.2 :- After applying the mc filter, how many results were returned?
Answer :- 6
#4.3 :- Which valuable file would have been hidden if you used -fc 403 instead of -fr?
Answer :- wp-forum.phps
Task 5 Fuzzing parameters
#5.1 :- What is the parameter you found?
Answer :- id
#5.2 :- What is the highest valid id?
Answer :- 14
#5.3 :- What is Dummy’s password?
Answer :- p@ssword
Task 6 Finding vhosts and subdomains
#6 :- I read the task material
Answer :- No Answer Needed
Task 7 Proxifying ffuf traffic
#7 :- I understand how to make the traffic go through a proxy.
Answer :- No Answer Needed
Task 8 Reviewing the options
#8.1 :- How do you save the output to a markdown file (ffuf.md)?
Answer :- -of md -o ffuf.md
#8.2 :- How do you re-use a raw http request file?
Answer :- -request
#8.3 :- How do you strip comments from a wordlist?
Answer :- -ic
#8.4 :- How would you read a wordlist from STDIN?
Answer :- -w -
#8.5 :- How do you print full URLs and redirect locations?
Answer :- -v
#8.6 :- What option would you use to follow redirects?
Answer :- -r
#8.7 :- How do you enable colorized output?
Answer :- -c
Task 9 About the author
Thank you…:)
