Mandatory

• Deter­mine if there are Spring Boot default end­points
  python3 /opt/dirsearch/dirsearch.py -u http://cozyhosting.htb/ --random-agent -e html,sql,txt,bak,conf,inc -w /usr/share/seclists/Discovery/Web-Content/spring-boot.txt -r

Optional

Use this script to list all end­points for fur­ther research:

require 'find'

# Define the annotations to search for
ANNOTATIONS = {
  'RequestMapping' => :any,
  'GetMapping'     => 'GET',
  'PostMapping'    => 'POST',
  'PutMapping'     => 'PUT',
  'DeleteMapping'  => 'DELETE'
}

# Regex to match the method annotations and their paths
ANNOTATION_REGEX = /@(RequestMapping|GetMapping|PostMapping|PutMapping|DeleteMapping)\(([^)]*)\)/

# Directory where the Java source files are located
SOURCE_DIR = 'src/main/java/'

def extract_endpoints_from_file(file)
  endpoints = []
  
  File.foreach(file).with_index do |line, line_num|
    if line.match(ANNOTATION_REGEX)
      annotation, params = line.match(ANNOTATION_REGEX).captures
      http_method = ANNOTATIONS[annotation]

      # Extract path from annotation parameters
      path = params.match(/"([^"]*)"/) ? params.match(/"([^"]*)"/)[1] : '/'
      endpoints << { method: http_method, path: path, file: file, line: line_num + 1 }
    end
  end
  
  endpoints
end

def scan_project_for_endpoints
  all_endpoints = []
  
  # Recursively find all .java files in the source directory
  Find.find(SOURCE_DIR) do |path|
    if path =~ /.*\.java$/
      all_endpoints.concat(extract_endpoints_from_file(path))
    end
  end
  
  all_endpoints
end

# Run the scan and output the results
endpoints = scan_project_for_endpoints

if endpoints.empty?
  puts "No endpoints found."
else
  puts "Endpoints found:"
  endpoints.each do |endpoint|
    puts "#{endpoint[:method]} #{endpoint[:path]} (in #{endpoint[:file]} at line #{endpoint[:line]})"
  end
end