6 :50000_1
http://192.168.195.117:50000/
{'/generate', '/verify'}
$ gobuster dir -u http://192.168.195.117:50000/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x php,html,txt -t 90
===============================================================
/verify (Status: 200) [Size: 8]
/generate (Status: 200) [Size: 16]
http://192.168.195.117:50000/generate
{'email@domain'}
http://192.168.195.117:50000/verify
{'code'}
# Using Burp to explore more
GET /verify HTTP/1.1
Host: 192.168.195.117:50000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Upgrade-Insecure-Requests: 1
# response
HTTP/1.0 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 8
Server: Werkzeug/1.0.1 Python/3.6.8
Date: Wed, 08 Sep 2021 21:08:14 GMT
{'code'}
# tried sending code via url-param
GET /verify?code=1*1 HTTP/1.1
# same reponse
# POST maybe?
POST /verify HTTP/1.1
Host: 192.168.195.117:50000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
Content-Length: 10
code=1*100
# response
HTTP/1.0 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 3
Server: Werkzeug/1.0.1 Python/3.6.8
Date: Wed, 08 Sep 2021 21:10:57 GMT
100Last updated