Soham Lende conducted an experiment to brute force FakeBank's website using GoBuster to find hidden directories and pages. GoBuster is a tool that can brute force URIs, DNS subdomains, virtual hosts, and open S3 and Google Cloud buckets. The experiment uncovered a vulnerable "/bank-transfer" URL that allowed an illegitimate bank transfer with the code "BANK-HACKED", demonstrating the success of using GoBuster to brute force the website.
Soham Lende conducted an experiment to brute force FakeBank's website using GoBuster to find hidden directories and pages. GoBuster is a tool that can brute force URIs, DNS subdomains, virtual hosts, and open S3 and Google Cloud buckets. The experiment uncovered a vulnerable "/bank-transfer" URL that allowed an illegitimate bank transfer with the code "BANK-HACKED", demonstrating the success of using GoBuster to brute force the website.
Soham Lende conducted an experiment to brute force FakeBank's website using GoBuster to find hidden directories and pages. GoBuster is a tool that can brute force URIs, DNS subdomains, virtual hosts, and open S3 and Google Cloud buckets. The experiment uncovered a vulnerable "/bank-transfer" URL that allowed an illegitimate bank transfer with the code "BANK-HACKED", demonstrating the success of using GoBuster to brute force the website.
Soham Lende conducted an experiment to brute force FakeBank's website using GoBuster to find hidden directories and pages. GoBuster is a tool that can brute force URIs, DNS subdomains, virtual hosts, and open S3 and Google Cloud buckets. The experiment uncovered a vulnerable "/bank-transfer" URL that allowed an illegitimate bank transfer with the code "BANK-HACKED", demonstrating the success of using GoBuster to brute force the website.
Aim :- To brute-force FakeBank's website to find hidden directories and pages using GoBuster Theory: A brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords and passphrases until the correct one is found. Gobuster is a tool used to brute-force: ● URIs (directories and files) in web sites. ● DNS subdomains (with wildcard support). ● Virtual Host names on target web servers. ● Open Amazon S3 buckets ● Open Google Cloud buckets ● TFTP servers
We are using the Go buster tool for doing brute force attacks on the website pages. Using that we find that there are these pages in the website: After getting the urls for the domain we find that there is a vulnerable url which is unauthenticated. So we use the url “/bank-transfer” to do a illegitimate bank transfer which gives us the code for try hack me answers as “BANK-HACKED”
After processing the transfer, the successfully completed page occurs
Conclusion: Hence, To brute-force FakeBank's website to find hidden directories and pages using GoBuster has done successfully.
