Shulou(Shulou.com)05/31 Report--

Editor to share with you what kind of tool Gobuster is. I hope you will get something after reading this article. Let's discuss it together.

Tool introduction

Gobuster is a tool developed based on the Go programming language, which can be used by researchers to carry out brute force attacks on directories, files, DNS and VHost objects. The tool has just released the latest version of Gobuster v3.0.1.

Objects that can be blasted by Gobuster include:

1. URI (directory or file) in the destination site

2. DNS subdomain name (wildcards are supported)

3. Virtual hostname (VHost) of the target Web server

Tool advantage

1. Instead of using bloated Java GUI, the tool is implemented on the FTW console.

2. It can be executed directly in the command line tool

3. Recursive blasting will not be performed.

4. Allow testers to blow up target folders and multiple extensions at the same time

5. Cross-platform support

6. The running speed is faster than that of the interpreted script.

7. No runtime environment is required

8. Concurrency support

What's New in Gobuster v3.0.1

1. New command line options have been introduced

2. Performance optimization and more stable network connection

3. Add VHost name blasting support

4. Custom HTTP headers can be provided.

Tool optional mode

Dir: traditional catalogue blasting mode

Dns: burst mode of DNS subdomain

Vhost: virtual host burst mode

Built-in help menu

Gobuster help: output complete help information

Gobuster help: outputs help information for the specified module

Dns mode help

Usage:

Gobuster dns [flags]

Flags:

D,-- domain string The target domain

H,-- help help for dns

R,-resolver string Use custom DNS server (format server.com or server.com:port)

C,-- showcname Show CNAME records (cannot be used with'- i' option)

I,-- showips Show IP addresses

-- timeout duration DNS resolver timeout (default 1s)

-- wildcard Force continued operation when wildcard found

Global Flags:

Z,-- noprogress Don't display progress

O,-- output string Output file to write results to (defaults to stdout)

Q,-- quiet Don't print the banner and other noise

T,-- threads int Number of concurrent threads (default 10)

-- delay duration Time each thread waits between requests (e.g. 1500ms)

V,-verbose Verbose output (errors)

W,-- wordlist string Path to the wordlist

Dir mode option

Usage:

Gobuster dir [flags]

Flags:

F,-- addslash Append / to each request

C,-- cookies string Cookies to use for the requests

E,-- expanded Expanded mode, print full URLs

X,-- extensions string File extension (s) to search for

R,-- followredirect Follow redirects

H,-- headers stringArray Specify HTTP headers,-H 'Header1: val1'-H' Header2: val2'

H,-- help help for dir

L,-- includelength Include the length of the body in the output

K,-- insecuressl Skip SSL certificate verification

N,-- nostatus Don't print status codes

P,-- password string Password for Basic Auth

P,-- proxy string Proxy to use for requests [http (s): / / host:port]

S,-- statuscodes string Positive statuscodes (will be overwritten with statuscodesblacklist if set) (default "200204301302307401403")

B,-- statuscodesblacklist string Negative statuscodes (will override statuscodes if set)

-- timeout duration HTTP Timeout (default 10s)

U,-- url string The target URL

A,-useragent string Set the User-Agent string (default "gobuster/3.0.1")

U,-- username string Username for Basic Auth

-- wildcard Force continued operation when wildcard found

Global Flags:

Z,-- noprogress Don't display progress

O,-- output string Output file to write results to (defaults to stdout)

Q,-- quiet Don't print the banner and other noise

T,-- threads int Number of concurrent threads (default 10)

-- delay duration Time each thread waits between requests (e.g. 1500ms)

V,-verbose Verbose output (errors)

W,-- wordlist string Path to the wordlist

Vhost mode option

Usage:

Gobuster vhost [flags]

Flags:

C,-- cookies string Cookies to use for the requests

R,-- followredirect Follow redirects

H,-- headers stringArray Specify HTTP headers,-H 'Header1: val1'-H' Header2: val2'

H,-- help help for vhost

K,-- insecuressl Skip SSL certificate verification

P,-- password string Password for Basic Auth

P,-- proxy string Proxy to use for requests [http (s): / / host:port]

-- timeout duration HTTP Timeout (default 10s)

U,-- url string The target URL

A,-useragent string Set the User-Agent string (default "gobuster/3.0.1")

U,-- username string Username for Basic Auth

Global Flags:

Z,-- noprogress Don't display progress

O,-- output string Output file to write results to (defaults to stdout)

Q,-- quiet Don't print the banner and other noise

T,-- threads int Number of concurrent threads (default 10)

-- delay duration Time each thread waits between requests (e.g. 1500ms)

V,-verbose Verbose output (errors)

W,-- wordlist string Path to the wordlist

Tool installation code release

We have released the source code of the project to the GitHub home page of Gobuster, and there is no need for users to build the project code on their own.

Use "go get"

If you have set up the Go environment, you can download and install Gobuster directly using the following command:

Go get github.com/OJ/gobuster source code construction

Because the tool is developed in the GE language, users first need to install the GE language environment, compiler and so on. For specific configuration information about the Go environment, please refer to the [official website] of the Go language.

Compile

Gobuster now introduces external dependent components, so we need to configure dependent components first:

Go get & & go build

This command will create a gobuster code that can be installed in the $GOPATH/bin directory by running the following command:

Go install

Once all the dependent components are configured, we can use the code to build the script:

Make-use the current Go configuration to build tools, such as "go build"

Make windows-build a 32-bit or 64-bit Windows program and write it to the build subdirectory

Make linux-build a 32-bit or 64-bit Linux program and write it to the build subdirectory

Make darwin-build a 32-bit or 64-bit Darwin program and write it to the build subdirectory

Make all-build a cross-platform program and write it to the build subdirectory

Make clean-clean up the build subdirectory

Make test-run the test

Dictionary and STDIN

Dictionary files can be embedded directly into gobuster through stdin:

Hashcat-a 3-- stdout? l | gobuster dir-u https://mysite.com-w-use the sample dir mode

Run on the command line:

Gobuster dir-u https://mysite.com/path/to/folder-c 'session=123456'-t 50-w common-files.txt-x.php, .html

The default options are as follows:

Gobuster dir-u https://buffered.io-w / wordlists/shortlist.txt===Gobuster v3.0.1by OJ Reeves (@ TheColonial) & Christian Mehlmauer (@ _ FireFart_) = = [+] Mode: dir [+] Url/Domain: https://buffered.io/[+] Threads: 10 [+] Wordlist: / home/oj/wordlists/shortlist.txt [+] Status codes: 200204301302307401403 [+] User Agent: gobuster/3.0.1 [+] Timeout : 10s===2019/06/21 11:49:43 Starting gobuster===/categories (Status: 301) / contact (Status: 301) / posts (Status: 301) / index (Status: 200) = = 11:49:44 Finished=== on 2019-06-21

Disable the default option for status codes:

Gobuster dir-u https://buffered.io-w / wordlists/shortlist.txt-n===Gobuster v3.0.1by OJ Reeves (@ TheColonial) & Christian Mehlmauer (@ _ FireFart_) = = [+] Mode: dir [+] Url/Domain: https://buffered.io/[+] Threads: 10 [+] Wordlist: / home/oj/wordlists/shortlist.txt [+] Status codes: 200204301302307401403 [+] User Agent: gobuster/3.0.1 [+ ] No status: true [+] Timeout: 10s===2019/06/21 11:50:18 Starting gobuster===/categories/contact/index/posts===2019/06/21 11:50:18 Finished===

Verbose output:

Gobuster dir-u https://buffered.io-w / wordlists/shortlist.txt-v===Gobuster v3.0.1by OJ Reeves (@ TheColonial) & Christian Mehlmauer (@ _ FireFart_) = = [+] Mode: dir [+] Url/Domain: https://buffered.io/[+] Threads: 10 [+] Wordlist: / home/oj/wordlists/shortlist.txt [+] Status codes: 200204301302307401403 [+] User Agent: gobuster/3.0.1 [+ ] Verbose: true [+] Timeout: 10s===2019/06/21 11:50:51 Starting gobuster===Missed: / alsodoesnotexist (Status: 404) Found: / index (Status: 200) Missed: / doesnotexist (Status: 404) Found: / categories (Status: 301) Found: / posts (Status: 301) Found: / contact (Status: 301) = = 2019-06-21 11:50:51 Finished===

Display content length:

Gobuster dir-u https://buffered.io-w / wordlists/shortlist.txt-l===Gobuster v3.0.1by OJ Reeves (@ TheColonial) & Christian Mehlmauer (@ _ FireFart_) = = [+] Mode: dir [+] Url/Domain: https://buffered.io/[+] Threads: 10 [+] Wordlist: / home/oj/wordlists/shortlist.txt [+] Status codes: 200204301302307401403 [+] User Agent: gobuster/3.0.1 [+ ] Show length: true [+] Timeout: 10s===2019/06/21 11:51:16 Starting gobuster===/categories (Status: 301) [Size: 178] / posts (Status: 301) [Size: 178] / contact (Status: 301) [Size: 178] / index (Status: 51759) [Size: 51759] = = 11:51:17 Finished===dns mode on 2019-06-21

Run on the command line:

Gobuster dns-d mysite.com-t 50-w common-names.txt

Run the sample:

Gobuster dns-d google.com-w / wordlists/subdomains.txt===Gobuster v3.0.1by OJ Reeves (@ TheColonial) & Christian Mehlmauer (@ _ FireFart_) = = [+] Mode: dns [+] Url/Domain: google.com [+] Threads: 10 [+] Wordlist: / home/oj/wordlists/subdomains.txt===2019/06/21 11:54:20 Starting gobuster===Found: chrome.google.comFound: ns1.google.comFound: admin.google.comFound: www.google. ComFound: m.google.comFound: support.google.comFound: translate.google.comFound: cse.google.comFound: news.google.comFound: music.google.comFound: mail.google.comFound: store.google.comFound: mobile.google.comFound: search.google.comFound: wap.google.comFound: directory.google.comFound: local.google.comFound: blog.google.com===2019/06/21 11:54:20 Finished===

IP sample run:

Gobuster dns-d google.com-w / wordlists/subdomains.txt-i===Gobuster v3.0.1by OJ Reeves (@ TheColonial) & Christian Mehlmauer (@ _ FireFart_) = = [+] Mode: dns [+] Url/Domain: google.com [+] Threads: 10 [+] Wordlist: / home/oj/wordlists/subdomains.txt===2019/06/21 11:54:54 Starting gobuster===Found: www.google.com [172.217.25.36 2404:6800:4006:802::2004] Found: admin.google.com [172.217.25.46, 2404:6800:4006:806::200e] Found: store.google.com [172.217.167.78, 2404:6800:4006:802::200e] Found: mobile.google.com [172.217.25.43, 2404:6800:4006:802::200b] Found: ns1.google.com [216.239.32.10 2001:4860:4802:32::a] Found: m.google.com [172.217.25.43, 2404:6800:4006:802::200b] Found: cse.google.com [172.217.25.46, 2404:6800:4006:80a::200e] Found: chrome.google.com [172.217.25.46, 2404:6800:4006:802::200e] Found: search.google.com [172.217.25.46 2404:6800:4006:802::200e] Found: local.google.com [172.217.25.46, 2404:6800:4006:80a::200e] Found: news.google.com [172.217.25.46, 2404:6800:4006:802::200e] Found: blog.google.com [216.58.199.73, 2404:6800:4006:806::2009] Found: support.google.com [172.217.25.46 2404:6800:4006:802::200e] Found: wap.google.com [172.217.25.46, 2404:6800:4006:802::200e] Found: directory.google.com [172.217.25.46, 2404:6800:4006:802::200e] Found: translate.google.com [172.217.25.46, 2404:6800:4006:802::200e] Found: music.google.com [172.217.25.46 2404 Found: mail.google.com [172.217.25.37, 2404 Finished=== 18800 4006 Finished===

DNS wildcard detection:

Gobuster dns-d 0.0.1.xip.io-w / wordlists/subdomains.txt===Gobuster v3.0.1by OJ Reeves (@ TheColonial) & Christian Mehlmauer (@ _ FireFart_) = = [+] Mode: dns [+] Url/Domain: 0.0.1.xip.io [+] Threads: 10 [+] Wordlist: / home/oj/wordlists/subdomains.txt===2019/06/21 12:13:48 Starting gobuster===2019/06/21 12:13:48 [-] Wildcard DNS found. IP address (es): 1.0.0.02019 + + 06 + To force processing of Wildcard DNS, specify the'--wildcard' switch.===2019/06/21 12:13:48 Finished===vhost mode

Run on the command line:

Gobuster vhost-u https://mysite.com-w common-vhosts.txt

Results of regular sample operation:

Gobuster vhost-u https://mysite.com-w common-vhosts.txt===Gobuster v3.0.1by OJ Reeves (@ TheColonial) & Christian Mehlmauer (@ _ FireFart_) = = [+] Url: https://mysite.com[+] Threads: 10 [+] Wordlist: common-vhosts.txt [+] User Agent: gobuster/3.0.1 [+] Timeout: 10s===2019/06/21 08:36:00 Starting gobuster===Found: www.mysite.comFound: piwik .mysite.comFound: mail.mysite.com===2019/06/21 08:36:05 Finished=== finished reading this article I believe you have a certain understanding of "what a tool Gobuster is". If you want to know more about it, you are welcome to follow the industry information channel. Thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.