Skip to main content

gobuster: Notes

https://github.com/OJ/gobuster

# gobuster version
3.6
Usage:
  gobuster [command]

Available Commands:
  completion  Generate the autocompletion script for the specified shell
  dir         Uses directory/file enumeration mode
  dns         Uses DNS subdomain enumeration mode
  fuzz        Uses fuzzing mode. Replaces the keyword FUZZ in the URL, Headers and the request body
  gcs         Uses gcs bucket enumeration mode
  help        Help about any command
  s3          Uses aws bucket enumeration mode
  tftp        Uses TFTP enumeration mode
  version     shows the current version
  vhost       Uses VHOST enumeration mode (you most probably want to use the IP address as the URL parameter)

Flags:
      --debug                 Enable debug output
      --delay duration        Time each thread waits between requests (e.g. 1500ms)
  -h, --help                  help for gobuster
      --no-color              Disable color output
      --no-error              Don't display errors
  -z, --no-progress           Don't display progress
  -o, --output string         Output file to write results to (defaults to stdout)
  -p, --pattern string        File containing replacement patterns
  -q, --quiet                 Don't print the banner and other noise
  -t, --threads int           Number of concurrent threads (default 10)
  -v, --verbose               Verbose output (errors)
  -w, --wordlist string       Path to the wordlist. Set to - to use STDIN.
      --wordlist-offset int   Resume from a given position in the wordlist (defaults to 0)

Use "gobuster [command] --help" for more information about a command.

Example: Brute force file extensions php, txt, sh, xxa

root@X220:~# gobuster dir -u http://10.10.169.48/secret -w /usr/share/wordlists/dirb/common.txt -x php,txt,sh,xxa
===============================================================
Gobuster v3.0.1
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@_FireFart_)
===============================================================
[+] Url:            http://10.10.169.48/secret
[+] Threads:        10
[+] Wordlist:       /usr/share/wordlists/dirb/common.txt
[+] Status codes:   200,204,301,302,307,401,403
[+] User Agent:     gobuster/3.0.1
[+] Extensions:     xxa,php,txt,sh
[+] Timeout:        10s
===============================================================
2020/12/03 15:20:40 Starting gobuster
===============================================================
/secret.txt (Status: 200)
===============================================================
2020/12/03 15:24:28 Finished
===============================================================
root@X220:~#

Example: Brute force file extensions php, txt, html

gobuster dir -u http://10.10.196.97 -w /usr/share/seclists/Discovery/Web-Content/big.txt -x php,txt,html

Example: Brute force VHOST

gobuster vhost

Example dns subdomain

# gobuster dns -d team.thm -w /usr/share/wordlists/common.txt --wildcard
===============================================================
Gobuster v3.0.1
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@_FireFart_)
===============================================================
[+] Domain:            team.thm
[+] Threads:           10
[+] Wildcard forced:   true
[+] Timeout:           1s
[+] Wordlist:          /usr/share/wordlists/common.txt
===============================================================
2021/03/06 11:56:51 Starting gobuster
===============================================================
Found: dev.team.thm
===============================================================
2021/03/06 11:58:11 Finished
===============================================================
#

Referrences

Gobuster Tutorial – How to Find Hidden Directories, Sub-Domains, and S3 Buckets

Practice

Offensive Security Introduction

| Day 2

The Cod Caper | Task 3 - Web Enumeration

THM | Jeff

dirb

ffuf

Labels:

Popular posts from this blog

MySQL: Notes

Ways to check MySQL version mysql --version mysql -V dpkg -l 'mysql-sever' mysql -u root -p How to check MySQL version: mysql --version Database folder On Microsoft Windows, by default, MySQL save databases in this folder: %ProgramData%\MySQL\MySQL Server 5.5\data Check databases' size SELECT table_schema AS "Database name", SUM(data_length + index_length) / 1024 / 1024 AS "Size (MB)" FROM information_schema.TABLES GROUP BY table_schema; Export database schema $ mysqldump -u root -p --no-data wordpress1001 > c:\backup\schema-wordpress1001.sql Enter password: **************** Create a dedicated user to backup databases Give credit to: http://www.fromdual.com/privileges-of-mysql-backup-user-for-mysqldump Create dedicated mysql user and grant privileges to run backup $ mysql -u root -p CREATE USER 'backupdb'@'localhost' IDENTIFIED BY 'passwordhere'; GRANT SELECT,SHOW VIEW,RELOAD,REPLICATION CLIENT...
Read more

nmap - The Network Mapper

WARNING : It is ILLEGAL to scan hosts without permission.
Read more

Linux command: grep - Global Regular Expression Print

grep command grep, egrep, fgrep, rgrep - print lines matching a pattern
Read more