Hack cgi-bin path


#1

During execution of dirb I found a cgi-bin folder with status code 302

https://example.com/cgi-bin/

Surprisingly, when I execute dirb on the above again I got another cgi-bin as follows with same 302 status code.

https://example.com/cgi-bin/cgi-bin

What should be my next action item ? Either the site has used some old technologies and moved it to some different location altogether or their might be something that can be hacked further. Please help.


#2

Hi @sabyasachi,

for me it’s difficult to tell without further testing and context.


#3

I am doing pentest on a site example.com and just trying with dirb. Each time I am running dirb it is showing a cgi-bin folder with status code 302.

1st execution.
dirb https://example.com

Result: https://example.com/cgi-bin/ (status code 302).

2nd execution.
dirb https://example.com/cgi-bin/

Result: https://example.com/cgi-bin/cgi-bin/ (status code 302). and so on…
I would also like to test it further but not getting any idea to further execute more tests. It seems that there are nested cgi-bin folder with 302 status code (quite uncommon).


#4

If you want to test it personally, I can provide you the details. Please mail me in that case.


#5

Hi @sabyasachi.

I don’t see the issue really. There is a redirection. Does it only happen when you do /cgi-bin/ or when you do /xx-xx/ too?
Try adding some newline character if you want to check if it’s possible to inject new lines in the response, like https://example.com/cgi-bin/ xxx or https://example.com/cgi-bin/? xxx.

Best.