• dirb参数解析

    -----------------
    DIRB v2.22
    By The Dark Raver
    -----------------

    dirb <url_base> [<wordlist_file(s)>] [options]

    ========================= NOTES =========================
    <url_base> : Base URL to scan. (Use -resume for session resuming)
    <wordlist_file(s)> : List of wordfiles. (wordfile1,wordfile2,wordfile3...)

    ======================== HOTKEYS ========================
    'n' -> Go to next directory.
    'q' -> Stop scan. (Saving state for resume)
    'r' -> Remaining scan stats.

    ======================== OPTIONS ========================
    -a <agent_string> : Specify your custom USER_AGENT.
    -b : Use path as is.
    -c <cookie_string> : Set a cookie for the HTTP request.
    -E <certificate> : path to the client certificate.
    -f : Fine tunning of NOT_FOUND (404) detection.
    -H <header_string> : Add a custom header to the HTTP request.
    -i : Use case-insensitive search.
    -l : Print "Location" header when found.
    -N <nf_code>: Ignore responses with this HTTP code.
    -o <output_file> : Save output to disk.
    -p <proxy[:port]> : Use this proxy. (Default port is 1080)
    -P <proxy_username:proxy_password> : Proxy Authentication.
    -r : Don't search recursively.
    -R : Interactive recursion. (Asks for each directory)
    -S : Silent Mode. Don't show tested words. (For dumb terminals)
    -t : Don't force an ending '/' on URLs.
    -u <username:password> : HTTP Authentication.
    -v : Show also NOT_FOUND pages.
    -w : Don't stop on WARNING messages.
    -X <extensions> / -x <exts_file> : Append each word with this extensions.
    -z <millisecs> : Add a milliseconds delay to not cause excessive Flood.

    ======================== EXAMPLES =======================
    dirb http://url/directory/ (Simple Test)
    dirb http://url/ -X .html (Test files with '.html' extension)
    dirb http://url/ /usr/share/dirb/wordlists/vulns/apache.txt (Test with apache.txt wordlist)
    dirb https://secure_url/ (Simple Test with SSL)

    选择来介绍几个常用的参数

    -a 设置ua

    -c 设置cookie带cookie扫描

    -N 忽略某些响应码

    -o 输出结果

    -p 使用代理

    -X 在每个测试目录上附加后缀

    -z 设置毫秒延迟

    一、正常扫描

    dirb 目标 字典路径

    二、设置 ua 和 cookie

    dirb 目标 字典路径 -a "ua"  -c "cookie"

    三、使用代理和输出结果

    dirb dirb 目标 字典路径 -p ip:port -o result.txt

    dirb dirb 目标 字典路径 -o result.txt

    在看看result.txt文本

    四、设置附加后缀

    dirb dirb 目标 字典路径 -X test(这样每个被测试的字典都附加了test)

    五、设置毫秒延迟

    如果目标存在一些安全程序爬扫描太快被屏蔽的话可以设置-z参数单位是毫秒

    dirb dirb 目标 字典路径 -z 1000 (1秒)

    现在只能1秒访问一次了
  • 相关阅读:
    Sketch Missing Fonts 页面样式混乱研究
    SFDC_01(google map)
    SFDC_02(google map)
    SFDC_04(system.debug();)
    umbraco简体中文语言包for4.5及以下版本
    7.22武汉日全食自拍留念
    IIS7(windows 2008)恐怖问题,大家谨慎,血的教训啊~~~~
    【视频】自己录制的Umbraco入门3——如何构建网站导航,推荐给玩CMS的朋友
    分享,个人代码知识管理程序
    【视频】自己录制的Umbraco入门2如果构建网页,推荐给玩CMS的朋友
  • 原文地址:https://www.cnblogs.com/yyxianren/p/11520489.html
Copyright © 2020-2023  润新知