Scribd
Upload
109 views

Dirbuster

This document provides an overview of using the DirBuster tool in Kali Linux to brute force directories and files on web servers. It describes DirBuster's default mode, GET request method, pure brute force numeric mode, single sweep non-recursive mode, targeted start, blank extensions, searching by file type, changing the dictionary list, following redirects, attacking through a proxy, adding file extensions, and evading detection measures. The document demonstrates DirBuster's various modes and options through examples and screenshots of the tool in use.

Uploaded by

nitsuga71
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
109 views

Dirbuster

This document provides an overview of using the DirBuster tool in Kali Linux to brute force directories and files on web servers. It describes DirBuster's default mode, GET request method, pure brute force numeric mode, single sweep non-recursive mode, targeted start, blank extensions, searching by file type, changing the dictionary list, following redirects, attacking through a proxy, adding file extensions, and evading detection measures. The document demonstrates DirBuster's various modes and options through examples and screenshots of the tool in use.

Uploaded by

nitsuga71
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 28

Contents

Introduction ........................................................................................... 3
What is DirBuster? ................................................................................. 3
Default Mode ......................................................................................... 3
Get Request Method .............................................................................. 4
Pure Brute Force (Numeric) ................................................................... 6
Single Sweep (Non-recursive) ................................................................ 8
Targeted Start....................................................................................... 10
Blank Extensions .................................................................................. 11
Search by File Type (.txt) ...................................................................... 12
Changing the DIR List ........................................................................... 14
Following Redirects .............................................................................. 15
Attack through Proxy ........................................................................... 17
Adding File Extensions ......................................................................... 20
Evading Detective Measures ................................................................ 24

Page 2 of 27
Introduction
we are focusing on the transient directory using Kali Linux tool Dibuster and trying to find hidden files and
directories within a web server.

What is DirBuster?
DirBuster is an application within the Kali arsenal that is designed to brute force web and application
servers. The tool can brute force directories and files. The application lets users take advantage of multi-
thread functionality to get things moving faster. In this article, we will give you an overview of the tool
and its basic functions.

Default Mode
We start DirBuster and only input http://testphp.vulnweb.com/ in the target URL field. Leave the rest of
the options as they are. DirBuster will now auto switch between HEAD and GET requests to perform a list
based brute force attack.

Let’s hit Start. DirBuster gets to work and starts brute forcing and we see various files and directories
popping up in the result window.

Page 3 of 27
Get Request Method
We will now set DirBuster to only use the GET request method. To make things go a little faster, the thread
count is set to 200 and the "Go Faster" checkbox is checked.

Page 4 of 27
In the Results – Tree View we can see findings.

Page 5 of 27
Pure Brute Force (Numeric)
The way DirBuster performs this step allows a lot of control over the attack process. In this set we will be
using only numerals to perform a pure brute force attack. This is done by selecting "Pure Brute Force" in
the scanning type option and selecting "0-9" in the charset drop-down menu. By default, the minimum
and maximum character limits are set.

Page 6 of 27
In the Results – Tree View we can see findings.

Page 7 of 27
Single Sweep (Non-recursive)
We will now perform a single sweep brute force where the dictionary words are used only
once. To achieve this, we will unselect the "Be Recursive" checkbox.

Page 8 of 27
In the Results – ListView we can see findings.

Page 9 of 27
Targeted Start
Further exploring the control options provided by DirBuster, we will set it up to start looking at the
"admin" directory. In the "Dir to start with" field, type "/admin" and hit start.

Page 10 of 27
In the Results – Tree View we can see findings.

Blank Extensions
DirBuster can also look into directories with a blank extension. This could potentially uncover data that
might be otherwise left untouched. All we do is check the "Use Blank Extension" checkbox.

Page 11 of 27
We can see the processing happen and DirBuster testing to find directories with blank extensions.

Search by File Type (.txt)


We will be setting the file extension type to .txt, DirBuster will look specifically for files with a .txt
extension. Type ".txt" in the File extension field and hit "Start."

Page 12 of 27
We can see the processing happen and DirBuster testing to find directories with a .txt extension.

Page 13 of 27
Changing the DIR List
We will now be changing the directory list in DirBuster. Options > Advanced Options > DirBuster Options
> Dir list to use. Here is where we can browse and change the list to “directory-list-2.3-medium.txt”, found
at /usr/share/dirbuster/wordlists/ in Kali.

We can see the word list is now set.

Page 14 of 27
Following Redirects
DirBuster by default is not set to follow redirects during the attack, but we can enable this option under
Options > Follow Redirects.

Page 15 of 27
We can see the results in the scan information as the test progresses.

Page 16 of 27
Results in the Tree View.

Attack through Proxy


DirBuster can also attack using a proxy. In this scenario, we try to open a webpage at 192.168.1.108 but
are denied access.

We set the IP in DirBuster as the attack target.

Page 17 of 27
Before we start the attack, we set up the proxy option under Options > Advance Options > Http Options.
Here we check the "Run through a proxy" checkbox, input the IP 192.168.1.108 in the Host field, and set
the port to 3129

Page 18 of 27
We can see the test showing results.

Page 19 of 27
Adding File Extensions
Some file extensions are not set to be searched for in DirBuster, mostly image formats. We can add
these to be searched for by navigating to Options > Advanced Options > HTML Parsing Options.

Page 20 of 27
We will delete jpeg in this instance and click OK.

Page 21 of 27
In the File Extension filed we will type in “jpeg” to explicitly tell DirBuster to look for .jpeg format files.

Page 22 of 27
We can see in the testing process, DirBuster is looking for and finding jpeg files.

Page 23 of 27
Evading Detective Measures
Exceeding the warranted requests per second during an attack is a sure shot way to get flagged by any
kind of detective measures put into place. DirBuster lets us control the requests per second to bypass this
defense. Options > Advanced Options > Scan Options is where we can enable this setting.

We are setting Connection Time Out to 500, checking the Limit number of requests per second and
setting that field to 20.

Page 24 of 27
Once the test initiated, we will see the results. The scan was stopped to show the initial findings.

Page 25 of 27
Once the scan is complete the actual findings can be seen.

Page 26 of 27
We hope you enjoy using this tool. It is a great tool that’s a must in a pen tester’s arsenal.

Page 27 of 27
JOIN OUR
TRAINING PROGRAMS
H ERE
CLICK BEGINNER

Bug Bounty Network Security


Ethical Hacking Essentials

Network Pentest
Wireless Pentest

ADVANCED

Burp Suite Pro Web Pro Computer


Services-API Infrastructure VAPT Forensics

Advanced CTF
Android Pentest Metasploit

EXPERT

Red Team Operation

Privilege Escalation
APT’s - MITRE Attack Tactics
Windows
Active Directory Attack
Linux
MSSQL Security Assessment

www.ignitetechnologies.in

You might also like