-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrez8.txt
51 lines (36 loc) · 1.52 KB
/
rez8.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Directory Enumeration
Findings from URL Fuzzing:
• Found directories include:
• http://mtp.ge/controlpanel
• http://mtp.ge/cpanel
• http://mtp.ge/webmail
• http://mtp.ge/.htaccess (403 Forbidden)
• http://mtp.ge/.user.ini (403 Forbidden)
• http://mtp.ge/php.ini (403 Forbidden)
• http://mtp.ge/css (Directory listing enabled)
• http://mtp.ge/js (Directory listing enabled)
Actions:
• Use dirb or gobuster to enumerate directories further:
• Check sensitive files manually (e.g., .htaccess, .user.ini, php.ini) to determine if they can be accessed indirectly through misconfigurations.
gobuster dir -u https://mtp.ge -w /Users/air/Documents/*EmailFromMik/Website/wordlist.txt -x php,txt,html,ini
'/Users/air/Documents/*EmailFromMik/Website/wordlist.txt'
smtp-user-enum -m VRFY -d mtp.ge -w -f [email protected] -l mail.mtp.ge -V --timeout-init 30 --timeout-enum 15 --retry-init 5 --retry-enum 6 --reconnect 4 mail.mtp.ge 25
Findings from URL Fuzzing:
• Found directories include:
• http://mtp.ge/controlpanel
• http://mtp.ge/cpanel
• http://mtp.ge/webmail
• http://mtp.ge/.htaccess (403 Forbidden)
• http://mtp.ge/.user.ini (403 Forbidden)
• http://mtp.ge/php.ini (403 Forbidden)
• http://mtp.ge/css (Directory listing enabled)
• http://mtp.ge/js (Directory listing enabled)
5. DNS and Subdomain Enumeration
Findings:
• Nameservers:
• ns1.hosting.magticom.ge
• ns2.hosting.magticom.ge
• Subdomains:
• Identified through enumeration:
• webmail.mtp.ge
• cpanel.mtp.ge