Process after directory brute force

i found so many pages after brute forcing url with 301 status code
how do we know if what staus code is suitable to go after or
how do we exploit after finding pages ?
please explain me #community

That’s a bit vague. 301 is a redirect, and if you got so many of them by brute forcing URLs then I would say chances are the server is just redirecting to the main page because those URLs don’t exist.

1 Like

You shouldn’t look for custom status codes, only.

Developer can set different status codes, for example 200, 301, 403, 404, 408, 500 … Even if the status code 403, 404, 500 or other, the server still can return source code in response.

The answer: You should check all pages, status codes may not so important. (The destination must be accessible/return a response.)

Source codes:
<?php
http_response_code(500);
echo “numaN @ Bugcrowd”;
// if you delete line 2, the page will not work

1 Like

Good job

في الأربعاء، ١٧ يونيو، ٢٠٢٠ ٩:١٠ م numaN via Bugcrowd Forum <bugcrowd@discoursemail.com> كتب:

thankyou all of you for making my query so clear
it is so appreciable

thnks a lot :grinning: :grinning: :grinning: :grinning: :grinning: :grinning: