forked from v0re/dirb
-
Notifications
You must be signed in to change notification settings - Fork 0
/
README.txt
executable file
·123 lines (68 loc) · 3.18 KB
/
README.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
########################
DIRB - URL Bruteforcer
########################
[email protected] (http://dirb.sf.net)
What is DIRB?
------------
DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web
Objects. It basically works by launching a dictionary based attack against
a web server and analizing the response.
DIRB comes with a set of preconfigured attack wordlists for easy usage but
you can use your custom wordlists. Also DIRB sometimes can be used as a
classic CGI scanner, but remember is a content scanner not a vulnerability
scanner.
DIRB main purpose is to help in professional web application auditing.
Specially in security related testing. It covers some holes not covered by
classic web vulnerability scanners. DIRB looks for specific web objects that
other generic CGI scanners can't look for. It doesn't search vulnerabilities
nor does it look for web contents that can be vulnerables.
Maybe the last try for an unlucky security analyst... :)
What is NOT?
------------
DIRB is NOT a Web Spider. It doesn't follow HTML links (by now). It searches
content by rules and dictionary based attacks.
DIRB is NOT a Web Downloader. It doesn't download Web Pages (by now), only
test they existence for later manual analysis.
DIRB is NOT a Web Vulnerability Scanner. It does not look for bugs. But it's
designed for helping in web vulnerability assessment.
Installation
------------
DIRB is based on libcurl so you need to install this library where autoconf
can locate it. Once libcurl is installed properly you must only do:
$ ./configure
$ make
Usage
-----
DIRB takes 2 main parameters, the base URL for testing and a list of wordlist
files used for the attack. Example:
$ ./dirb.exe http://www.test.org/ common.txt
The URL must be a valid standard URL and the wordlists are simple text files
with a word by line. It is also possible to scan subdirectories directly:
$ ./dirb.exe http://www.test.org/html/ common.txt
For SSL simply include the HTTPS url:
$ ./dirb.exe https://www.test.org/ common.txt -i
You can use multiple wordfiles at a time this way (separated by comma):
$ ./dirb.exe https://www.test.org/ common.txt,spanish.txt,names.txt
You can append different extensions to the probed words, by using the -x or
the -X option:
$ ./dirb.exe https://www.test.org/ common.txt -X .html,.asp,.jsp,,
$ ./dirb.exe https://www.test.org/ common.txt -x extensions.txt
Examples
--------
+ Scan a webserver for common directories/files: (without using file
extensions)
$ ./src/dirb.exe http://www.test.org/ wordlists/common.txt
+ Scan a webserver for common directories/files: (search for PHP and HTML
files)
$ ./src/dirb.exe http://www.test.org/ wordlists/common.txt -X .php,.html
+ When a file is found, try different variations: (~, .old, etc...)
$ ./src/dirb.exe http://www.test.org/ wordlists/common.txt -X .php,.html -M ~,.tmp,.old,.backup,.test
Bugs
----
There are a lot :)
Please notify them to: [email protected]
Credits
-------
Project manager: The Dark Raver
Contributors: Sage, Jfs, Warezzman, The Dark Raver, Sha0, Hubert Seiwert, Pablo Catalina
Beta-testers, Ideas: Necronoid, Fatuo, IaM, Laramies, Mandingo