Dirb Dir Bruteforce
来源:互联网 发布:spring mybatis打印sql 编辑:程序博客网 时间:2024/06/12 00:51
- OS :kali Linux
- Tool:dirb
Do-what: brute force web directory using dirb with blasting dictionary and select results using python
Process:
root@kali:/land# dirb http://www.example.com /usr/share/dirb/wordlists/common.txt-----------------DIRB v2.22 By The Dark Raver-----------------URL_BASE: http://www.example.com/WORDLIST_FILES: /usr/share/dirb/wordlists/common.txt-----------------GENERATED WORDS: 4612 ---- Scanning URL: http://www.example.com/ ----+ http://www.example.com/cgi-bin/ (CODE:403|SIZE:291) ==> DIRECTORY: http://www.example.com/index/ + http://www.example.com/index.php (CODE:301|SIZE:0) + http://www.example.com/license (CODE:200|SIZE:19930) ==> DIRECTORY: http://www.example.com/phpmyadmin/ + http://www.example.com/readme (CODE:200|SIZE:6789) + http://www.example.com/server-status (CODE:403|SIZE:296) ==> DIRECTORY: http://www.example.com/wp-admin/ + http://www.example.com/wp-blog-header (CODE:200|SIZE:0) + http://www.example.com/wp-config (CODE:200|SIZE:0) ==> DIRECTORY: http://www.example.com/wp-content/ + http://www.example.com/wp-cron (CODE:200|SIZE:0) ==> DIRECTORY: http://www.example.com/wp-includes/ + http://www.example.com/wp-links-opml (CODE:200|SIZE:239) + http://www.example.com/wp-load (CODE:200|SIZE:0) + http://www.example.com/wp-login (CODE:200|SIZE:2388) + http://www.example.com/wp-mail (CODE:500|SIZE:3063) + http://www.example.com/wp-settings (CODE:500|SIZE:0) + http://www.example.com/wp-signup (CODE:302|SIZE:0) + http://www.example.com/wp-trackback (CODE:200|SIZE:135) + http://www.example.com/xmlrpc (CODE:405|SIZE:42) + http://www.example.com/xmlrpc.php (CODE:405|SIZE:42) ---- Entering directory: http://www.example.com/index/ ----(!) WARNING: NOT_FOUND[] not stable, unable to determine correct URLs {30X}. (Try using FineTunning: '-f')---- Entering directory: http://www.example.com/phpmyadmin/ ----+ http://www.example.com/phpmyadmin/favicon.ico (CODE:200|SIZE:18902) + http://www.example.com/phpmyadmin/index.php (CODE:200|SIZE:7540) ==> DIRECTORY: http://www.example.com/phpmyadmin/js/ + http://www.example.com/phpmyadmin/libraries (CODE:403|SIZE:303) ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/ + http://www.example.com/phpmyadmin/phpinfo.php (CODE:200|SIZE:7540) + http://www.example.com/phpmyadmin/setup (CODE:401|SIZE:482) ==> DIRECTORY: http://www.example.com/phpmyadmin/themes/ ---- Entering directory: http://www.example.com/wp-admin/ ----+ http://www.example.com/wp-admin/about (CODE:302|SIZE:0) + http://www.example.com/wp-admin/admin (CODE:302|SIZE:0) + http://www.example.com/wp-admin/admin.php (CODE:302|SIZE:0) + http://www.example.com/wp-admin/comment (CODE:302|SIZE:0) + http://www.example.com/wp-admin/credits (CODE:302|SIZE:0) ==> DIRECTORY: http://www.example.com/wp-admin/css/ + http://www.example.com/wp-admin/customize (CODE:302|SIZE:0) + http://www.example.com/wp-admin/edit (CODE:302|SIZE:0) + http://www.example.com/wp-admin/export (CODE:302|SIZE:0) ==> DIRECTORY: http://www.example.com/wp-admin/images/ + http://www.example.com/wp-admin/import (CODE:302|SIZE:0) ==> DIRECTORY: http://www.example.com/wp-admin/includes/ + http://www.example.com/wp-admin/index (CODE:302|SIZE:0) + http://www.example.com/wp-admin/index.php (CODE:302|SIZE:0) + http://www.example.com/wp-admin/install (CODE:200|SIZE:1264) ==> DIRECTORY: http://www.example.com/wp-admin/js/ + http://www.example.com/wp-admin/link (CODE:302|SIZE:0) ==> DIRECTORY: http://www.example.com/wp-admin/maint/ + http://www.example.com/wp-admin/media (CODE:302|SIZE:0) + http://www.example.com/wp-admin/menu (CODE:500|SIZE:0) + http://www.example.com/wp-admin/moderation (CODE:302|SIZE:0) ==> DIRECTORY: http://www.example.com/wp-admin/network/ + http://www.example.com/wp-admin/options (CODE:302|SIZE:0) + http://www.example.com/wp-admin/plugins (CODE:302|SIZE:0) + http://www.example.com/wp-admin/post (CODE:302|SIZE:0) + http://www.example.com/wp-admin/profile (CODE:302|SIZE:0) + http://www.example.com/wp-admin/themes (CODE:302|SIZE:0) + http://www.example.com/wp-admin/tools (CODE:302|SIZE:0) + http://www.example.com/wp-admin/update (CODE:302|SIZE:0) + http://www.example.com/wp-admin/upgrade (CODE:200|SIZE:1212) + http://www.example.com/wp-admin/upload (CODE:302|SIZE:0) ==> DIRECTORY: http://www.example.com/wp-admin/user/ + http://www.example.com/wp-admin/users (CODE:302|SIZE:0) + http://www.example.com/wp-admin/widgets (CODE:302|SIZE:0) ---- Entering directory: http://www.example.com/wp-content/ ----+ http://www.example.com/wp-content/index (CODE:200|SIZE:0) + http://www.example.com/wp-content/index.php (CODE:200|SIZE:0) ==> DIRECTORY: http://www.example.com/wp-content/languages/ ==> DIRECTORY: http://www.example.com/wp-content/plugins/ ==> DIRECTORY: http://www.example.com/wp-content/themes/ ==> DIRECTORY: http://www.example.com/wp-content/upgrade/ ==> DIRECTORY: http://www.example.com/wp-content/uploads/ ---- Entering directory: http://www.example.com/wp-includes/ ----(!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway)---- Entering directory: http://www.example.com/phpmyadmin/js/ ----==> DIRECTORY: http://www.example.com/phpmyadmin/js/jquery/ ---- Entering directory: http://www.example.com/phpmyadmin/locale/ ----==> DIRECTORY: http://www.example.com/phpmyadmin/locale/ar/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/be/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/bg/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/ca/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/cs/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/da/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/de/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/el/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/es/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/et/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/fi/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/fr/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/gl/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/hi/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/hr/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/hu/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/id/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/it/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/ja/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/lt/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/nl/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/pl/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/pt_BR/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/ro/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/ru/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/si/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/sk/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/sl/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/sr/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/sv/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/tr/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/uk/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/zh_CN/ ==> DIRECTORY: http://www.example.com/phpmyadmin/locale/zh_TW/ ---- Entering directory: http://www.example.com/phpmyadmin/themes/ ----==> DIRECTORY: http://www.example.com/phpmyadmin/themes/original/ ---- Entering directory: http://www.example.com/wp-admin/css/ ----(!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway)---- Entering directory: http://www.example.com/wp-admin/images/ ----(!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway)---- Entering directory: http://www.example.com/wp-admin/includes/ ----(!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway)---- Entering directory: http://www.example.com/wp-admin/js/ ----(!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway)---- Entering directory: http://www.example.com/wp-admin/maint/ ----(!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway)---- Entering directory: http://www.example.com/wp-admin/network/ ----+ http://www.example.com/wp-admin/network/about (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/admin (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/admin.php (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/credits (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/edit (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/index (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/index.php (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/menu (CODE:500|SIZE:0) + http://www.example.com/wp-admin/network/plugins (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/profile (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/settings (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/setup (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/sites (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/themes (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/update (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/upgrade (CODE:302|SIZE:0) + http://www.example.com/wp-admin/network/users (CODE:302|SIZE:0) ---- Entering directory: http://www.example.com/wp-admin/user/ ----+ http://www.example.com/wp-admin/user/about (CODE:302|SIZE:0) + http://www.example.com/wp-admin/user/admin (CODE:302|SIZE:0) + http://www.example.com/wp-admin/user/admin.php (CODE:302|SIZE:0) + http://www.example.com/wp-admin/user/credits (CODE:302|SIZE:0) + http://www.example.com/wp-admin/user/index (CODE:302|SIZE:0) + http://www.example.com/wp-admin/user/index.php (CODE:302|SIZE:0) + http://www.example.com/wp-admin/user/menu (CODE:500|SIZE:0) + http://www.example.com/wp-admin/user/profile (CODE:302|SIZE:0) ---- Entering directory: http://www.example.com/wp-content/languages/ ----(!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway)---- Entering directory: http://www.example.com/wp-content/plugins/ ----+ http://www.example.com/wp-content/plugins/index (CODE:200|SIZE:0) + http://www.example.com/wp-content/plugins/index.php (CODE:200|SIZE:0) ---- Entering directory: http://www.example.com/wp-content/themes/ ----+ http://www.example.com/wp-content/themes/index (CODE:200|SIZE:0) + http://www.example.com/wp-content/themes/index.php (CODE:200|SIZE:0) ---- Entering directory: http://www.example.com/wp-content/upgrade/ ----(!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway)---- Entering directory: http://www.example.com/wp-content/uploads/ ----(!) WARNING: Directory IS LISTABLE. No need to scan it. (Use mode '-w' if you want to scan it anyway)---- Entering directory: http://www.example.com/phpmyadmin/js/jquery/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/ar/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/be/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/bg/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/ca/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/cs/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/da/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/de/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/el/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/es/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/et/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/fi/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/fr/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/gl/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/hi/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/hr/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/hu/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/id/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/it/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/ja/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/lt/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/nl/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/pl/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/pt_BR/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/ro/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/ru/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/si/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/sk/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/sl/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/sr/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/sv/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/tr/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/uk/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/zh_CN/ -------- Entering directory: http://www.example.com/phpmyadmin/locale/zh_TW/ -------- Entering directory: http://www.example.com/phpmyadmin/themes/original/ ----==> DIRECTORY: http://www.example.com/phpmyadmin/themes/original/css/ ==> DIRECTORY: http://www.example.com/phpmyadmin/themes/original/img/ ==> DIRECTORY: http://www.example.com/phpmyadmin/themes/original/jquery/ ---- Entering directory: http://www.example.com/phpmyadmin/themes/original/css/ -------- Entering directory: http://www.example.com/phpmyadmin/themes/original/img/ -------- Entering directory: http://www.example.com/phpmyadmin/themes/original/jquery/ ----==> DIRECTORY: http://www.example.com/phpmyadmin/themes/original/jquery/images/ ---- Entering directory: http://www.example.com/phpmyadmin/themes/original/jquery/images/ ---------------------DOWNLOADED: 235212 - FOUND: 80
save the console session with “results.txt”, then use python
Select results:
>>> f=open("results.txt").readlines()>>> for line in f:... if line[0:1]=="+":... print line...+ http://www.example.com/cgi-bin/ (CODE:403|SIZE:291)+ http://www.example.com/index.php (CODE:301|SIZE:0)+ http://www.example.com/license (CODE:200|SIZE:19930)+ http://www.example.com/readme (CODE:200|SIZE:6789)+ http://www.example.com/server-status (CODE:403|SIZE:296)+ http://www.example.com/wp-blog-header (CODE:200|SIZE:0)+ http://www.example.com/wp-config (CODE:200|SIZE:0)+ http://www.example.com/wp-cron (CODE:200|SIZE:0)+ http://www.example.com/wp-links-opml (CODE:200|SIZE:239)+ http://www.example.com/wp-load (CODE:200|SIZE:0)+ http://www.example.com/wp-login (CODE:200|SIZE:2388)+ http://www.example.com/wp-mail (CODE:500|SIZE:3063)+ http://www.example.com/wp-settings (CODE:500|SIZE:0)+ http://www.example.com/wp-signup (CODE:302|SIZE:0)+ http://www.example.com/wp-trackback (CODE:200|SIZE:135)+ http://www.example.com/xmlrpc (CODE:405|SIZE:42)+ http://www.example.com/xmlrpc.php (CODE:405|SIZE:42)+ http://www.example.com/phpmyadmin/favicon.ico (CODE:200|SIZE:18902)+ http://www.example.com/phpmyadmin/index.php (CODE:200|SIZE:7540)+ http://www.example.com/phpmyadmin/libraries (CODE:403|SIZE:303)+ http://www.example.com/phpmyadmin/phpinfo.php (CODE:200|SIZE:7540)+ http://www.example.com/phpmyadmin/setup (CODE:401|SIZE:482)+ http://www.example.com/wp-admin/about (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/admin (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/admin.php (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/comment (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/credits (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/customize (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/edit (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/export (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/import (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/index (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/index.php (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/install (CODE:200|SIZE:1264)+ http://www.example.com/wp-admin/link (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/media (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/menu (CODE:500|SIZE:0)+ http://www.example.com/wp-admin/moderation (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/options (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/plugins (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/post (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/profile (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/themes (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/tools (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/update (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/upgrade (CODE:200|SIZE:1212)+ http://www.example.com/wp-admin/upload (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/users (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/widgets (CODE:302|SIZE:0)+ http://www.example.com/wp-content/index (CODE:200|SIZE:0)+ http://www.example.com/wp-content/index.php (CODE:200|SIZE:0)+ http://www.example.com/wp-admin/network/about (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/admin (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/admin.php (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/credits (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/edit (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/index (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/index.php (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/menu (CODE:500|SIZE:0)+ http://www.example.com/wp-admin/network/plugins (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/profile (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/settings (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/setup (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/sites (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/themes (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/update (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/upgrade (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/network/users (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/user/about (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/user/admin (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/user/admin.php (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/user/credits (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/user/index (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/user/index.php (CODE:302|SIZE:0)+ http://www.example.com/wp-admin/user/menu (CODE:500|SIZE:0)+ http://www.example.com/wp-admin/user/profile (CODE:302|SIZE:0)+ http://www.example.com/wp-content/plugins/index (CODE:200|SIZE:0)+ http://www.example.com/wp-content/plugins/index.php (CODE:200|SIZE:0)+ http://www.example.com/wp-content/themes/index (CODE:200|SIZE:0)+ http://www.example.com/wp-content/themes/index.php (CODE:200|SIZE:0)>>>
0 0
- Dirb Dir Bruteforce
- Bruteforce
- dir
- dir
- Dir
- dir
- Codeforces 513C Second price auction (bruteforce)
- dir.bat
- file,dir
- dir structure
- dir命令
- dir函数
- dir函数
- dir.php
- android dir
- python dir()
- DIR 命令
- python dir()
- android studio 常用快捷键
- Qt 之 WAV文件解析
- 贪心算法-背包问题
- 2016.11.4日-第六届Oracle技术嘉年华与你相约北京
- 地图位置搜索
- Dirb Dir Bruteforce
- android极光推送
- phpMyAdmin配置文件现在需要一个短语密码的解决方法
- JS经典算法之冒泡排序算法
- 单元测试1-为什么需要单元测试
- Android手机屏幕适配知识整理
- 如何监测谁用了SQL Server的Tempdb空间?
- 签名认证算法Digest
- 深入理解dvm和jvm