Directory Enumeration | Shahul Hameed

 Download Paths:

1. https://github.com/danielmiessler/SecLists

2. https://github.com/trickest/wordlists


GoBuster:

Installation : sudo apt install gobuster

Help: gobuster -h

Run : gobuster dir -u http://testphp.vulnweb.com -w /usr/share/wordlists/dirbuster/directory-medium-2.3.txt

If you want to list directories and its content based upon certain extensions like .txt, .css, .js etc. for that you can use the -x flag

gobuster dir -u http://testphp.vulnweb.com -w /usr/share/wordlists/dirbuster/directory-medium-2.3.txt -x .txt,html,css,js

Dirb

dirb http://testphp.vulnweb.com /usr/share/wordlists/dirb/common.txt

Dirbuster

Dirbuster

Now we’ll use Dirbuster — A GUI version of dirb to enumerate the directories.

Go to the Application icon -> Web Application Analysis -> Web crawlers and Directory Bruteforce -> Dirbuster

Now enter the target information and the wordlist file step wise as shown in the image below.

After the information has been filled, click on Start button to start the attack. The window will look like this.

Let’s switch to List view and Tree view to view the results.

List view of the enumerated directories

The above image is of the list view of the directories that have been found in the webserver. We can right-click on the interested file and will get several options like Open in Browser etc.

Let’s explore the tree view.

Tree view of the enumerated directories

Like the list view, we can right-click and can get several options like View Response which will show us the HTTP Response of the website.

These were the 3 easy and most used methods of enumerating directories on a vulnerable web application. This is all for today. See you at the next one :)





Comments

Post a Comment

Popular posts from this blog

Burp Suite – Automated Vulnerabilities Findings

Image
  Burp Suite – Automated Vulnerabilities Findings Step 1:  Intercept with burp suite, which contains parameter values. Step 2: Forward the request to the Intruder option in Burp Suite. Step 3:  Set up the automated scan by right-clicking, selecting "Scan Defined Insertion Points" and opening the "Scan launcher". Step 4:  Wait until the scan is finished, and then check for the results with vulnerabilities. Step 5: Manual Validation
Read more

Havij - Advanced Automated SQL Injection

Image
Tool Name: Havij (Educational Purpose Only) Description: Havij is an automated SQL injection tool designed for penetration testers to identify and exploit SQL injection vulnerabilities in web applications. It streamlines the testing process, allowing security professionals to efficiently assess the security of a website's database interactions. Download URL:  https://www.darknet.org.uk/2010/09/havij-advanced-automated-sql-injection-tool/ Step 1:  Enter the application target link in the Havij tool and click analyze . Step 2: Get the application details from the Info Section. Step 3: Get the application database's from the  Tables  section. Step 4: Get the application database records with columns details. Successfully logged in the application as shown in the below screenshots.
Read more

SQL Basics | Shahul Hameed

Image
  SQL _Queries   Resource: https://balanced-quince-db1.notion.site/SQL-7347f5956fe347f887b4132c716cd236#17bc403a1add453db519621da47c1de3 Database queries CREATE DATABASE LOGICFIRST; -- creates a new database -- TO DELETE A DATABASE DROP DATABASE LOGICFIRST; DROP SCHEMA LOGICFIRST; -- same as above. u can use DATABASE Or SCHEMA DROP SCHEMA IF EXISTS LOGICFIRST; -- prevents error if db not found   SHOW DATABASES; -- shows all the databases SHOW SCHEMAS; -- same as above. shows schemas/db   USE SYS; -- uses this database for all further commands SHOW TABLES;-- shows all tables in the database being used Table - Create,Delete,Alter primary key - uniquely identifies a row in a table //creating a table CREATE TABLE student(                id INT PRIMARY KEY,     name VARCHAR(30),     gpa DECIMAL(3,2) ); -- ----or----- CREATE ...
Read more