Skip to main content

Book Search (Port 80)

It seems like there is a portal to search for books through their title or the author's name

Book search portal

Attempts (SQL injection)#

The 2 fields do not seem to be vulnerable to SQL injection. While we play around with the site, let's perform a dirbusting on the site using FFUF.

FFUF on main site#


        /'___\  /'___\           /'___\       /\ \__/ /\ \__/  __  __  /\ \__/       \ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\        \ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/         \ \_\   \ \_\  \ \____/  \ \_\          \/_/    \/_/   \/___/    \/_/
       v1.3.0________________________________________________
 :: Method           : GET :: URL              : http://10.10.10.228/FUZZ :: Wordlist         : FUZZ: /usr/local/scripts/SecLists-master/Discovery/Web-Content/raft-small-words.txt :: Follow redirects : false :: Calibration      : false :: Timeout          : 10 :: Threads          : 40 :: Matcher          : Response status: 200,204,301,302,307,401,403,405________________________________________________
js                      [Status: 301, Size: 333, Words: 22, Lines: 10].html                   [Status: 403, Size: 301, Words: 22, Lines: 10].htm                    [Status: 403, Size: 301, Words: 22, Lines: 10]includes                [Status: 301, Size: 339, Words: 22, Lines: 10]css                     [Status: 301, Size: 334, Words: 22, Lines: 10]db                      [Status: 301, Size: 333, Words: 22, Lines: 10]php                     [Status: 301, Size: 334, Words: 22, Lines: 10]webalizer               [Status: 403, Size: 301, Words: 22, Lines: 10].                       [Status: 200, Size: 2368, Words: 447, Lines: 46]portal                  [Status: 301, Size: 337, Words: 22, Lines: 10]phpmyadmin              [Status: 403, Size: 301, Words: 22, Lines: 10]CSS                     [Status: 301, Size: 334, Words: 22, Lines: 10].htaccess               [Status: 403, Size: 301, Words: 22, Lines: 10]books                   [Status: 301, Size: 336, Words: 22, Lines: 10]Includes                [Status: 301, Size: 339, Words: 22, Lines: 10]JS                      [Status: 301, Size: 333, Words: 22, Lines: 10]Css                     [Status: 301, Size: 334, Words: 22, Lines: 10]Js                      [Status: 301, Size: 333, Words: 22, Lines: 10].htc                    [Status: 403, Size: 301, Words: 22, Lines: 10]DB                      [Status: 301, Size: 333, Words: 22, Lines: 10]PHP                     [Status: 301, Size: 334, Words: 22, Lines: 10]Portal                  [Status: 301, Size: 337, Words: 22, Lines: 10].html_var_DE            [Status: 403, Size: 301, Words: 22, Lines: 10]licenses                [Status: 403, Size: 420, Words: 37, Lines: 12]server-status           [Status: 403, Size: 420, Words: 37, Lines: 12]Books                   [Status: 301, Size: 336, Words: 22, Lines: 10].htpasswd               [Status: 403, Size: 301, Words: 22, Lines: 10]con                     [Status: 403, Size: 301, Words: 22, Lines: 10].html.                  [Status: 403, Size: 301, Words: 22, Lines: 10].html.html              [Status: 403, Size: 301, Words: 22, Lines: 10].htpasswds              [Status: 403, Size: 301, Words: 22, Lines: 10]INCLUDES                [Status: 301, Size: 339, Words: 22, Lines: 10].htm.                   [Status: 403, Size: 301, Words: 22, Lines: 10].htmll                  [Status: 403, Size: 301, Words: 22, Lines: 10].html.old               [Status: 403, Size: 301, Words: 22, Lines: 10].ht                     [Status: 403, Size: 301, Words: 22, Lines: 10].html.bak               [Status: 403, Size: 301, Words: 22, Lines: 10].htm.htm                [Status: 403, Size: 301, Words: 22, Lines: 10]aux                     [Status: 403, Size: 301, Words: 22, Lines: 10].html1                  [Status: 403, Size: 301, Words: 22, Lines: 10].htgroup                [Status: 403, Size: 301, Words: 22, Lines: 10].hta                    [Status: 403, Size: 301, Words: 22, Lines: 10].html.LCK               [Status: 403, Size: 301, Words: 22, Lines: 10].html.printable         [Status: 403, Size: 301, Words: 22, Lines: 10]prn                     [Status: 403, Size: 301, Words: 22, Lines: 10].htm.LCK                [Status: 403, Size: 301, Words: 22, Lines: 10]PORTAL                  [Status: 301, Size: 337, Words: 22, Lines: 10]Php                     [Status: 301, Size: 334, Words: 22, Lines: 10].html.php               [Status: 403, Size: 301, Words: 22, Lines: 10].htaccess.bak           [Status: 403, Size: 301, Words: 22, Lines: 10].htmls                  [Status: 403, Size: 301, Words: 22, Lines: 10].htx                    [Status: 403, Size: 301, Words: 22, Lines: 10]server-info             [Status: 403, Size: 420, Words: 37, Lines: 12].htlm                   [Status: 403, Size: 301, Words: 22, Lines: 10].htm2                   [Status: 403, Size: 301, Words: 22, Lines: 10].htuser                 [Status: 403, Size: 301, Words: 22, Lines: 10].html-                  [Status: 403, Size: 301, Words: 22, Lines: 10]Db  

Results#

It seems like the website is running PHP and we are able to view the contents of the various directories.

The portal endpoint also seems to be rather interesting.