Lets see what web site is running on port 80
Wow, that page is ugly and hard to read. How else can we view it? Lets use wget to download the page locally then take a look at it
Lets take a look at that index2.php page
Hmm it looks like there are several email addresses in there. Lets try to parse them out so we can see it clearer
Great, we can see that we have emails for the system admin and other users. Lets see if we can further refine that list to just display the emails with no names or titles.
Thats looking good. Lets output the results of our cut to a new txt file for the email id's
Great, now lets cut this file and eliminate everything after the @ sign so we can get some user names
Next I opened this file with Kate and added the user names so the initial is first (example banterb I added bbanter)
Now we have some user names we can use to attempt a brute force attack on our target.
No comments:
Post a Comment