Commonly used tools for web novices in the offensive and defensive world-dirsearch-Web path scanner-brute force cracking of directories and files in the web server
Dirsearch is a mature command line tool designed to brute force the directories and files in the web server. The corresponding compressed package can be downloaded from the blogger's resources.
The python code is as follows:
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
# MA 02110-1301, USA.
#
# Author: Mauro Soria
import os
import sys
if sys.version_info < (3, 0):
sys.stdout.write("Sorry, dirsearch requires Python 3.x\n")
sys.exit(1)
from lib.core import ArgumentParser
from lib.controller import Controller
from lib.output import CLIOutput, PrintOutput
class Program(object):
def __init__(self):
self.script_path = os.path.dirname(os.path.realpath(__file__))
self.arguments = ArgumentParser(self.script_path)
if self.arguments.quiet:
self.output = PrintOutput(self.arguments.color)
else:
self.output = CLIOutput(self.arguments.color)
self.controller = Controller(self.script_path, self.arguments, self.output)
if __name__ == "__main__":
main = Program()
Take a few questions as an example (containers opened at hand):
In the path box where the script is located, enter cmd to open the terminal and call the script.
first question:
Enter the scanning parameters and the URL (URL) to be scanned. After scanning, we found a robots.txt
in the subdirectory. You can get a prompt by passing/visiting him in the URL.
Continue to visit to get the flag.
cyberpeace{48bd679fb223b8c69334e753d384d10b}
The second question:
The suffixes of common backup files are given here: .git .svn .swp .svn .~ .bak .bash_history
Scan this URL and get /index.php.bak.
Visit this website to get the file download.
After the download is complete, open it through VSC.
Get the flag.
Cyberpeace{855A1C4B3401294CB6604CCC98BDE334}