Black Pearl Walkthrough

BLACK PEARL IS A LINUX BASED VULNERABLE MACHINE.

So as usual our first step is to run the Nmap scan.

Command: nmap -T5 -p- -A <target ip>

As we can see here that 3 ports are open, Port 53 seems interesting, so let’s do some dns recon.

Command: dnsrecon -r 127.0.0.0/24 -n <target ip> -d blah

-r is for range

-d is for domain(we don’t have it right now so we put anything in -d)

Result:

Here we can see the DNS pointer record (blackpearl.com)

So let’s add this in your /etc/hosts

So now let’s go to browser and search for:

Here we can see a php webpage, Let’s do directory Fuzzing.

Command to install ffuf: sudo apt install ffuf

Command for directory fuzzing: ffuf -w </path/to/the wordlist>:FUZZ -u <target ip>/FUZZ

Result of ffuf:

IF YOU LIKE THIS BLOG THEN KINDLY LET ME KNOW IN THE COMMENTS BELOW,

YOU CAN ALSO FOLLOW ME BY CLICKING HERE.

Recent Posts