Skip to main content

ffuf: Notes

ffuf: Fuzz Faster U Fool [written in Go]

Source code on GitHub: https://github.com/ffuf/ffuf

apt install ffuf

Example

ffuf -w /usr/share/wordlists/dirb/directory-list-2.3-small.txt -u http://10.10.252.114:8001/web/FUZZ -c -v

Example fuzzing extensions

ffuf -w /usr/share/wordlists/dirb/directory-list-2.3-small.txt -u http://team.thm/FUZZ -c -e .txt,.html,.php,.sh,.json,.bak,.old

Example fuzzing subdomain

# ffuf -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -u http://enterprize.thm -H "Host: FUZZ.enterprize.thm" -fs 85

        /'___\  /'___\           /'___\
       /\ \__/ /\ \__/  __  __  /\ \__/
       \ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\
        \ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/
         \ \_\   \ \_\  \ \____/  \ \_\
          \/_/    \/_/   \/___/    \/_/

       v1.1.0
________________________________________________

 :: Method           : GET
 :: URL              : http://enterprize.thm
 :: Wordlist         : FUZZ: /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt
 :: Header           : Host: FUZZ.enterprize.thm
 :: Follow redirects : false
 :: Calibration      : false
 :: Timeout          : 10
 :: Threads          : 40
 :: Matcher          : Response status: 200,204,301,302,307,401,403
 :: Filter           : Response size: 85
________________________________________________

maintest                [Status: 200, Size: 24555, Words: 1438, Lines: 49]
:: Progress: [114532/114532] :: Job [1/1] :: 153 req/sec :: Duration: [0:12:26] :: Errors: 0 ::
#

Yet another example fuzzing subdomains - match number of lines

ffuf -u http://cmess.thm -H "Host: FUZZ.cmess.thm" -w /usr/share/seclists/Discovery/DNS/namelist.txt -c -ml 31

        /'___\  /'___\           /'___\
       /\ \__/ /\ \__/  __  __  /\ \__/
       \ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\
        \ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/
         \ \_\   \ \_\  \ \____/  \ \_\
          \/_/    \/_/   \/___/    \/_/

       v1.2.1
________________________________________________

 :: Method           : GET
 :: URL              : http://cmess.thm
 :: Wordlist         : FUZZ: /usr/share/seclists/Discovery/DNS/namelist.txt
 :: Header           : Host: FUZZ.cmess.thm
 :: Follow redirects : false
 :: Calibration      : false
 :: Timeout          : 10
 :: Threads          : 40
 :: Matcher          : Response lines: 31
________________________________________________

dev                     [Status: 200, Size: 934, Words: 191, Lines: 31]
:: Progress: [1907/1907] :: Job [1/1] :: 152 req/sec :: Duration: [0:00:16] :: Errors: 0 ::
root@X220:/mnt/d/OneDrive/tryhackme/cmess#

# ffuf -u http://undiscovered.thm -H "Host: FUZZ.undiscovered.thm" -w /usr/share/seclists/Discovery/DNS/namelist.txt -c -ml
69

        /'___\  /'___\           /'___\
       /\ \__/ /\ \__/  __  __  /\ \__/
       \ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\
        \ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/
         \ \_\   \ \_\  \ \____/  \ \_\
          \/_/    \/_/   \/___/    \/_/

       v1.3.0 Kali Exclusive <3
________________________________________________

 :: Method           : GET
 :: URL              : http://undiscovered.thm
 :: Wordlist         : FUZZ: /usr/share/seclists/Discovery/DNS/namelist.txt
 :: Header           : Host: FUZZ.undiscovered.thm
 :: Follow redirects : false
 :: Calibration      : false
 :: Timeout          : 10
 :: Threads          : 40
 :: Matcher          : Response lines: 69
________________________________________________

develop                 [Status: 200, Size: 4584, Words: 385, Lines: 69]
gold                    [Status: 200, Size: 4521, Words: 385, Lines: 69]
internet                [Status: 200, Size: 4605, Words: 385, Lines: 69]
mailgate                [Status: 200, Size: 4605, Words: 385, Lines: 69]
manager                 [Status: 200, Size: 4584, Words: 385, Lines: 69]
network                 [Status: 200, Size: 4584, Words: 385, Lines: 69]
start                   [Status: 200, Size: 4542, Words: 385, Lines: 69]
terminal                [Status: 200, Size: 4605, Words: 385, Lines: 69]
:: Progress: [1907/1907] :: Job [1/1] :: 122 req/sec :: Duration: [0:00:17] :: Errors: 0 ::
#

# ffuf -u http://undiscovered.thm/cms/ -H "Host: FUZZ.undiscovered.thm" -w /usr/share/wordlists/dirb/directory-list-2.3-medium.txt -ac

        /'___\  /'___\           /'___\
       /\ \__/ /\ \__/  __  __  /\ \__/
       \ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\
        \ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/
         \ \_\   \ \_\  \ \____/  \ \_\
          \/_/    \/_/   \/___/    \/_/

       v1.3.0 Kali Exclusive <3
________________________________________________

 :: Method           : GET
 :: URL              : http://undiscovered.thm/cms/
 :: Wordlist         : FUZZ: /usr/share/wordlists/dirb/directory-list-2.3-medium.txt
 :: Header           : Host: FUZZ.undiscovered.thm
 :: Follow redirects : false
 :: Calibration      : true
 :: Timeout          : 10
 :: Threads          : 40
 :: Matcher          : Response status: 200,204,301,302,307,401,403,405
 :: Filter           : Response size: 298,319,293,310
 :: Filter           : Response words: 18
 :: Filter           : Response lines: 10
________________________________________________

deliver                 [Status: 200, Size: 1121, Words: 54, Lines: 37]
:: Progress: [90400/220561] :: Job [1/1] :: 159 req/sec :: Duration: [0:09:29] :: Errors: 0 ::

Related articles

dirb

dirbuster

gobuster

seclists

Labels:

Popular posts from this blog

Qubes OS: Fedora 30

Create a new Standalone VM based on fedora-29 VM template Extend root partition: run command on dom0 tuyen@dom0:~ $ qvm-volume extend fedora-30:root 12288MB Set qrexec_timeout to 600 seconds tuyen@dom0:~ $ qvm-pref --set fedora-30 qrexec_timeout 600 $ sudo dnf upgrade --refresh $ sudo dnf install dnf-plugin-sytem-upgrade $ sudo dnf system-upgrade download --release=30 Install fedora-30 template Run the following command on dom0 terminal $ sudo qubes-dom0-update qubes-template-fedora-30 Install Adobe Flash Player Adobe Flash Player will not go away soon. So, let's grab the latest version of Adobe Flash Player , then install using yum or dnf command. Verify if Adobe Flash Player is installed and works by visiting https://helpx.adobe.com/flash-player.html [user@fedora-30 ~]$ sudo dnf install Downloads/flash-player-npapi-32.0.0.238-release.x86_64.rpm Last metadata expiration check: 0:37:03 ago on Fri Aug 30 09:18:10 2019. Dependencies resolved. =========...
Read more

How to charge your device from USB Port

First of all, check BIOS Settings of your laptop or desktop Dell Look for USB PowerShare BIOS Settings: USB PowerShare Lenovo Look for Always On USB Charge in Off Mode BIOS Settings: Enable Always On USB Charge in Off Mode
Read more

Python: Free Online Courses

Ever thinking about which programming language to learn first? You can learn Python for free with these online courses.
Read more