Go to http://{Target-IP}:15010

Index page of http://{Target-IP}:15010

Index page of http://{Target-IP}:15010

Register a user and log in.

The user's My Files page

The user's My Files page

You will be redirected to the My Files page where you can upload files.

Uploading a file called userlist.txt resulted in a file called userlist being saved to the /users/{username}/files/ directory.

My Files page with link to uploaded file.

My Files page with link to uploaded file.

When navigating to /users/test/files we are redirected to the My Files page.

What happens if we try with another user, such as test2?

Untitled

We are presented with a "Not found" message.

How about if we try a username which likely exists, such as "admin"?

When trying to access /users/admin/files, we are redirected back to our My Files page.

This unique behaviour means the username likely exists, which means we can try fuzzing the users directory for other users, or try fuzzing admin's files directory for files.