BOOK THIS SPACE FOR AD
ARTICLE ADWe always say recon, recon, and recon again…
This step is often overlooked or tools are misused.
Reconnaissance is the most important and crucial step during an [ethical] hacking activity.
A good recon process has the goal to know your target deeply, to have a better understanding andto have a big picture of it. It will help to customize attacks and focus on specific vulnerablities.
FUZZING is part of this recon process, and this will all depend of the way you fuzz, and the wordlist you will use!
Yes, without an appropriate wordlist, this will often go nowhere!
I will not detail here about how to fuzz, as the web is full of tutorial about this subject, and many tools can do this (I personally use FFUF most of the time)
Here an nice video from Nahamsec about Fuzzing:
What you need is a good wordlist , a custom one that you will fill over the time and experience, to not miss something… For myself, I often use Jason Haddix’s custom wordlist — that he has shared publicly with us, many thanks to him!
https://gist.github.com/jhaddix/b80ea67d85c13206125806f0828f4d10#file-content_discovery_all-txt
This is a good wordlist, and contains really nice tricks :D — up to you to use it, and to add some of your own tricky stuffs you have in your pocket 😝
I will also advice you to read this very nice thread from him on Twitter about his methodology (and how he hacked several prisons!) — using his wordlist above.
Well, back to LG. Very quickly on one of their domain I have found an “admin.zip” file standing by here :p , which was a backup of their websitecontaining all configs and sensitives contents including admin / database credentials 👊.
https://[redacted].com/admin.zip
After having reported to them, it has been triagged very quickly, the security team is very nice and communicative.
I deeply thank them to have allowed me to publicly disclose this.
Most of time stuffs are in front of us, we just have to look at it more closely.
Yes, never underestimate the power of fuzzing!
Do not hesitate to contact me via Twitter!
See you there :D
Best regards,
Nadir Boulacheb (RubX)