Project

General

Profile

Wiki » History » Version 4

Emanuele, 11/06/2019 03:24 PM

1 1 Emanuele
h1. SRLabs Gobuster
2
3
SRL_Gobuster is a tool used to brute-force and perform web tests:
4
5
* URIs (directories and files) in web sites.
6
7
Compared to the original version it adds the following features:
8
9
* Enhanced _False Positives_ detection.
10
* Integration with _Nikto_ tests wordlist.
11
12
The wordlist we used is a enhanced version of the test list used by _Nikto_.
13
14
h2. Common Command line options
15
16
* `-fw` - force processing of a domain with wildcard results.
17
* `-np` - hide the progress output.
18
* `-q` - disables banner/underline output.
19
* `-t <threads>` - number of threads to run (default: `10`).
20
* `-u <url/domain>` - full URL (including scheme), or base domain name.
21
* `-v` - verbose output (show all results).
22
* `-w <wordlist>` - path to the nikto tests wordlist used for brute forcing.
23
* `-V` - path to the nikto variable file.
24
* `-v` - show verbose output.
25
* `-k` - Skip verification of SSL certificates.
26
* `-a <user agent string>` - specify a user agent string to send in the request header.
27
* `-c <http cookies>` - use this to specify any cookies that you might need (simulating auth).
28
* `-oj <path>` - output file for JSON export.	
29
* `-o <file>` - specify a file name to write the output to.
30
* `-p <proxy url>` - specify a proxy to use for all requests (scheme much match the URL scheme).
31
* `-P <password>` - HTTP Authorization password (Basic Auth only, prompted if missing).
32
* `-U <username>` - HTTP Authorization username (Basic Auth only).
33
* `-to <timeout>` - HTTP timeout. Examples: 10s, 100ms, 1m (default: 10s).	
34
35
36
h2. Building
37
38
Since this tool is written in [Go](https://golang.org/) you need install the Go language/compiler/etc. Full details of installation and set up can be found [on the Go language website](https://golang.org/doc/install). Once installed you have two options.
39
40
h2. Compiling
41
42 2 Emanuele
First of all we need to clone srl_gobuster:
43
44
<pre>
45
git clone https://opensource.srlabs.de:/git/srl_gobuster.git
46
</pre>
47
48 1 Emanuele
_gobuster_ now has external dependencies, and so they need to be pulled in first:
49
50
<pre>
51 3 Emanuele
gobuster $ cd $srl_gobuster_directory
52 4 Emanuele
gobuster $ export GOPATH=$(pwd); go get; go build
53 1 Emanuele
</pre>
54
55
This will create a `gobuster` binary for you. If you want to install it in the `$GOPATH/bin` folder you can run:
56
57
<pre>
58
gobuster $ go install
59
</pre>
60
61
If you have all the dependencies already, you can make use of the build scripts:
62
* `make` - builds for the current Go configuration (ie. runs `go build`).
63
* `make windows` - builds 32 and 64 bit binaries for windows, and writes them to the `build` subfolder.
64
* `make linux` - builds 32 and 64 bit binaries for linux, and writes them to the `build` subfolder.
65
* `make darwin` - builds 32 and 64 bit binaries for darwin, and writes them to the `build` subfolder.
66
* `make all` - builds for all platforms and architectures, and writes the resulting binaries to the `build` subfolder.
67
* `make clean` - clears out the `build` subfolder.
68
* `make test` - runs the tests.
69
70
h2. Running as a script
71
72
<pre>
73
gobuster $ go run main.go <parameters>
74
</pre>
75
76
77
h2. Examples
78
79
Command line might look like this:
80
81
<pre>
82
$ ./srl_gobuster -k -w ./db_test.txt -V db_variables -u https://example.com
83
84
=====================================================
85
Gobuster v.srlabs.2.0.1 (OJ Reeves @TheColonial)
86
Modified in SRLabs by Emanuele Vineti
87
=====================================================
88
[+] Url/Domain   : https://example.com/
89
[+] Threads      : 10
90
[+] Wordlist     : db_test.txt
91
=====================================================
92
2019/11/01 11:59:27  Starting gobuster
93
=====================================================
94
Found: /.sh_history (Status: 200) [Size: 28]
95
Found: /kboard/ (Status: 200) [Size: 5]
96
Found: /users.json (Status: 200) [Size: 3]
97
Progress: 24034 / 24034 (100.00%)
98
=====================================================
99
2019/11/01 12:02:31  Results 
100
=====================================================
101
-----------------------------------------------------
102
- Test Code: 000016
103
- Description: KBoard Forum 0.3.0 and prior have a security problem in forum_edit_post.php, forum_post.php and forum_reply.php
104
-----------------------------------------------------
105
106
[*] uri: "/kboard/", status: "200" len: 5, body: "Test "
107
108
-----------------------------------------------------
109
- Test Code: 007211
110
- Description: This might be interesting...
111
-----------------------------------------------------
112
113
[*] uri: "/users.json", status: "200" len: 3, body: "12 "
114
115
-----------------------------------------------------
116
- Test Code: home_directory
117
- Description: Gobuster classic tests
118
-----------------------------------------------------
119
120
[*] uri: ".sh_history", status: "200" len: 28, body: "curl test.com ping test.com "
121
122
=====================================================
123
2019/11/01 12:02:31 Finished
124
=====================================================
125
</pre>
126
127
Quiet output, with status disabled and expanded mode looks like this ("grep mode"):
128
129
<pre>
130
$ ./srl_gobuster -k -w ./db_test.txt -V db_variables -u https://example.com -q
131
https://example.com/kboard/
132
https://example.com/users.json
133
https://example.com/.sh_history
134
</pre>