The situation is as follows — the FFUF has found several dozen/several hundred "hidden" resources. You can manually copy addresses to your browser to check each one for interesting results or automate the whole process a bit. I recommend this second approach and i will add a ready-made script, which part of the work will do for us.
- The first step to creating a useful single liner is to use the "verbose" mode in FFUFie. It will return the results to us along with a full link to the resource:
./ffuf -w /dictionary.txt -u https://juice-shop.herokuapp.com/FUZZ -v
2. In turn, we will use the command "grep", which will extract only those lines that contain the url:
./ffuf -w /usr/share/wordlists/dirb/small.txt -u https://juice-shop.herokuapp.com/FUZZ -v -fl 34|grep '| URL |'
3. The next step is to extract the url itself from the results you received by using the "awk" command:
./ffuf -w /usr/share/wordlists/dirb/small.txt -u https://juice-shop.herokuapp.com/FUZZ -v -fl 34|grep '| | URL | awk -F '|' '{ print $3 }'
4. Now the results obtained should be redirected to the file and use the program "eyewitness". He will visit for us each of the found resources and save a "screenshot" of what he looks like. Thus, we will only be left to review the received images in order to find interesting information:
The finished oneliner is as follows:
./ffuf -w /usr/share/wordlists/dirb/small.txt -u https://juice-shop.herokuapp.com/FUZZ -v -fl 34|grep '| | URL | awk -F '|' '{ print $3 }' >> urls.txt && eyewitness -f urls.txt -d screenshots