GOBUSTER

INSTALLATION

#INSTALL FROM PACKAGE
#install the go language
root@oco:~$ sudo apt install golang-go
#install gobuster
root@oco:~$ sudo apt install gobuster
#INSTALL FROM SOURCE
root@oco:~$ sudo git clone https://github.com/OJ/gobuster.git
root@oco:~$ cd gobuster
root@oco:~$ go get && go build
root@oco:~$ go install

BASIC USAGE

root@oco:~$ gobuster --help
 * display gobuster general help
 
root@oco:~$ gobuster {dir} --help
 * display gobuster specific help for each cmd

root@oco:~$ locate common.txt
 
root@oco:~$ gobuster dir -w /usr/share/wordlists/common.txt -u {targetIP}
 * the 'dir' option specifies the directory busting mode of the tool
 * the -w option specifies a wordlist, a collection of common directory 
   names that are typically used for sites
 * the -u option specifies the target's IP address
 
 * this cmd will make several connection attempts to the target using the HTTP GET 
   method (requesting web pages from the webserver) with different URL variations

FUZZING: DIRECTORY & PAGES

root@oco:~$ gobuster dir -u 10.129.219.55 -w directory-list-2.3-small.txt -x php -t 100
 * the -t option specifies the number of threads to use (default 10)

IDENTIFYING LOCATION OF UPLOADED FILES

root@oco:~$ find / -iname big.txt 2>/dev/null
 /usr/share/dirb/wordlists/big.txt
root@oco:~$ cp /usr/share/dirb/wordlists/big.txt .
root@oco:~$ gobuster dir --url http://10.129.141.22/ --wordlist big.txt
 Starting gobuster in directory enumeration mode
 ===============================================================
 /.htaccess            (Status: 403) [Size: 278]
 /.htpasswd            (Status: 403) [Size: 278]
 /_uploaded            (Status: 301) [Size: 318] [--> http://10.129.141.22/_uploaded/]
 /assets               (Status: 301) [Size: 315] [--> http://10.129.141.22/assets/]
 /forms                (Status: 301) [Size: 314] [--> http://10.129.141.22/forms/]
 /login                (Status: 301) [Size: 314] [--> http://10.129.141.22/login/]
 /server-status        (Status: 403) [Size: 278]
 Progress: 20469 / 20470 (100.00%)
 ===============================================================
 Finished
 ===============================================================

PreviousWEB CONTENT DISCOVERYNextDIRB

Last updated