相关阅读
6个月前
6个月前
视频讲解
本期视频我们将为大家带来内容枚举、暴力破解神器,本工具内置了目录扫描、DNS枚举、服务器虚拟主机名、Amazon S3存储桶等多个检测插件,可以说是体验极佳!
图文讲解
安装教程
您可以通过go直接安装Gobuster
go install github.com/OJ/gobuster/v3@latest安装完成后直接输入gobuster运行
使用教程
目录扫描
我们可以使用gobuster进行目录探测,使用插件dir
字典:/opt/SecLists/Discovery/Web-Content/common.txt
gobuster dir --url 127.0.0.1 --wordlist /opt/SecLists/Discovery/Web-Content/common.txt速度限制
当然值得一提的是,在做漏洞赏金时,我们通常会对请求速度进行限制,可以使用下面的参数
- –threads 线程数
- –delay 请求延迟
gobuster dir --url 127.0.0.1 --wordlist /opt/SecLists/Discovery/Web-Content/common.txt --threads 10 --delay 1s当然,除此之外,偶尔我们还需要设置特定的user-agent及请求头,可以使用下面的参数
- –useragent 指定user-agent
- –headers 指定请求头中的参数与参数值
gobuster dir --url 127.0.0.1 --wordlist /opt/SecLists/Discovery/Web-Content/common.txt --threads 10 --delay 1s --useragent 'PinkDraconian-Intigriti' --headers 'X-Intigriti:PinkDraconian'![图片[1]-【渗透工具系列】内容枚举神器Gobuster-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/12/20221202165610970-1024x420.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
可以通过扫描快速发现目录及存在的文件
![图片[2]-【渗透工具系列】内容枚举神器Gobuster-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/12/20221202165912436-1024x571.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
子域名探测
当然,我们还可以对服务器子域名进行探测
字典:/opt/SecLists/Discovery/DNS/subdomains-top1million-5000.txt
gobuster vhost --url pink.com --wordlist /opt/SecLists/Discovery/DNS/subdomains-top1million-5000.txt --threads 10 --delay 1s --useragent 'PinkDraconian-Intigriti' --headers 'X-Intigriti:PinkDraconian'![图片[3]-【渗透工具系列】内容枚举神器Gobuster-FancyPig's blog](https://static.iculture.cc/wp-content/uploads/2022/12/20221202170041800-1024x569.png?x-oss-process=image/auto-orient,1/format,webp/watermark,image_cHVibGljL2xvZ28ucG5nP3gtb3NzLXByb2Nlc3M9aW1hZ2UvcmVzaXplLFBfMTA,x_10,y_10)
模糊测试/密码暴力破解
除此之外,你还可以使用Gobuster进行模糊测试,或者说用它来进行密码的暴力破解
字典:/opt/SecLists/blob/master/Passwords/darkweb2017-top10000.txt
gobuster vhost --url 'http://127.0.0.1/admin.php?username=admin&password=FUZZ' --wordlist /opt/SecLists/blob/master/Passwords/darkweb2017-top10000.txtDNS枚举
gobuster dns -d google.com -w ~/wordlists/subdomains.txt结果
===============================================================
Gobuster v3.2.0
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Mode : dns
[+] Url/Domain : google.com
[+] Threads : 10
[+] Wordlist : /home/oj/wordlists/subdomains.txt
===============================================================
2019/06/21 11:54:20 Starting gobuster
===============================================================
Found: chrome.google.com
Found: ns1.google.com
Found: admin.google.com
Found: www.google.com
Found: m.google.com
Found: support.google.com
Found: translate.google.com
Found: cse.google.com
Found: news.google.com
Found: music.google.com
Found: mail.google.com
Found: store.google.com
Found: mobile.google.com
Found: search.google.com
Found: wap.google.com
Found: directory.google.com
Found: local.google.com
Found: blog.google.com
===============================================================
2019/06/21 11:54:20 Finished
===============================================================S3存储桶检测
gobuster s3 -w bucket-names.txt© 版权声明
THE END
- 最新
- 最热
只看作者