What is the IANA ID of the registrar of the inlanefreight.com domain?
Found with whois
What http server software is powering the inlanefreight.htb site on the target system? Respond with the name of the software, not the version, e.g., Apache.
Found with any recon tool, nginx
What is the API key in the hidden admin directory that you have discovered on the target system?
gobuster vhost -u <http://inlanefreight.htb:59589> -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt --append-domain
Using gobuster vhost, we found http://web1337.inlanefreight.htb:59589 (hidden domain)
http://web1337.inlanefreight.htb:59589/robots.txt contains some URLs:
User-agent: *
Allow: /index.html
Allow: /index-2.html
Allow: /index-3.html
Disallow: /admin_h1dd3n
/admin_h1dd3n contains the API key
After crawling the inlanefreight.htb domain on the target system, what is the email address you have found? Respond with the full email, e.g., [email protected].
Re-run Gobuster with dev1337, gives us the dev.dev1337.inlanefreight.htb
Re-run ReconSpider.py on this URL gives us the email + the API key