github:https://github.com/OJ/gobuster
常用命令行选项
-fw
- 使用通配符结果强制处理域。-np
- 隐藏进度输出。-m <mode>
- 使用哪种模式,dir
或者dns
(默认:)dir
。-q
- 禁用横幅/下划线输出。-t <threads>
- 要运行的线程数(默认值:)10
。-u <url/domain>
- 完整URL(包括方案)或基本域名。-v
- 详细输出(显示所有结果)。-w <wordlist>
- 用于暴力强制的wordlist的路径(-
用于stdin)。
dns
模式的命令行选项
-cn
- 显示CNAME记录(不能与'-i'选项一起使用)。-i
- 显示结果的所有IP地址。
dir
模式的命令行选项
-a <user agent string>
- 指定要在请求标头中发送的用户代理字符串。-c <http cookies>
- 使用它来指定您可能需要的任何cookie(模拟身份验证)。-e
- 指定呈现完整URL的扩展模式。-f
- 附加/
目录暴力。-k
- 跳过SSL证书的验证。-l
- 显示响应的长度。-n
- “无状态”模式,禁用结果状态代码的输出。-o <file>
- 指定要将输出写入的文件名。-p <proxy url>
- 指定用于所有请求的代理(方案与URL方案非常匹配)。-r
- 按照重定向。-s <status codes>
- 逗号分隔的状态代码列表集合被视为“正面”(默认值:)200,204,301,302,307
。-x <extensions>
- 要检查的扩展名列表(如果有)。-P <password>
- HTTP授权密码(仅限基本身份验证,如果缺少则提示)。-U <username>
- HTTP授权用户名(仅限基本身份验证)。-to <timeout>
- HTTP超时。示例:10s,100ms,1m(默认值:10s)。
建造
由于此工具是用Go编写的,因此您需要安装Go语言/编译器/等。有关安装和设置的完整详细信息,请访问Go语言网站。安装后,您有两个选择。
编译
gobuster
现在有外部依赖,所以他们需要先被拉入:
gobuster $ go get && go build
这将为您创建gobuster
二进制文件。如果要将其安装在$GOPATH/bin
可以运行的文件夹中:
gobuster $ go install
如果您已经拥有所有依赖项,则可以使用构建脚本:
make
- 为当前Go配置构建(即运行go build
)。make windows
- 为Windows构建32位和64位二进制文件,并将它们写入build
子文件夹。make linux
- 为linux构建32位和64位二进制文件,并将它们写入build
子文件夹。make darwin
- 为darwin构建32位和64位二进制文件,并将它们写入build
子文件夹。make all
- 为所有平台和体系结构构建,并将生成的二进制文件写入build
子文件夹。make clean
- 清除build
子文件夹。make test
- 运行测试。
作为脚本运行
gobuster $ go run main.go <parameters>
通过STDIN进行单词列表
生词能够管道输送到gobuster
通过stdin通过提供-
到-w
选项:
hashcat -a 3 --stdout ?l | gobuster -u https://mysite.com -w -
注意:如果-w
选项与STDIN的管道同时指定,则会显示错误,程序将终止。
例子
dir
模式
命令行可能如下所示:
$ gobuster -u https://mysite.com/path/to/folder -c 'session=123456' -t 50 -w common-files.txt -x .php,.html
默认选项如下所示:
$ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt
=====================================================
Gobuster v2.0.1 OJ Reeves (@TheColonial)
=====================================================
[+] Mode : dir
[+] Url/Domain : https://buffered.io/
[+] Threads : 10
[+] Wordlist : /home/oj/wordlists/shortlist.txt
[+] Status codes : 200,204,301,302,307,403
[+] Timeout : 10s
=====================================================
2018/08/27 11:49:43 Starting gobuster
=====================================================
/categories (Status: 301)
/contact (Status: 301)
/posts (Status: 301)
/index (Status: 200)
=====================================================
2018/08/27 11:49:44 Finished
=====================================================
禁用状态代码的默认选项如下所示:
$ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -n
=====================================================
Gobuster v2.0.1 OJ Reeves (@TheColonial)
=====================================================
[+] Mode : dir
[+] Url/Domain : https://buffered.io/
[+] Threads : 10
[+] Wordlist : /home/oj/wordlists/shortlist.txt
[+] Status codes : 200,204,301,302,307,403
[+] No status : true
[+] Timeout : 10s
=====================================================
2018/08/27 11:50:18 Starting gobuster
=====================================================
/categories
/contact
/index
/posts
=====================================================
2018/08/27 11:50:18 Finished
=====================================================
详细输出如下所示:
$ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -v
=====================================================
Gobuster v2.0.1 OJ Reeves (@TheColonial)
=====================================================
[+] Mode : dir
[+] Url/Domain : https://buffered.io/
[+] Threads : 10
[+] Wordlist : /home/oj/wordlists/shortlist.txt
[+] Status codes : 200,204,301,302,307,403
[+] Verbose : true
[+] Timeout : 10s
=====================================================
2018/08/27 11:50:51 Starting gobuster
=====================================================
Missed: /alsodoesnotexist (Status: 404)
Found: /index (Status: 200)
Missed: /doesnotexist (Status: 404)
Found: /categories (Status: 301)
Found: /posts (Status: 301)
Found: /contact (Status: 301)
=====================================================
2018/08/27 11:50:51 Finished
=====================================================
显示内容长度的示例:
$ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -l
=====================================================
Gobuster v2.0.1 OJ Reeves (@TheColonial)
=====================================================
[+] Mode : dir
[+] Url/Domain : https://buffered.io/
[+] Threads : 10
[+] Wordlist : /home/oj/wordlists/shortlist.txt
[+] Status codes : 200,204,301,302,307,403
[+] Show length : true
[+] Timeout : 10s
=====================================================
2018/08/27 11:51:16 Starting gobuster
=====================================================
/categories (Status: 301) [Size: 178]
/posts (Status: 301) [Size: 178]
/contact (Status: 301) [Size: 178]
/index (Status: 200) [Size: 51759]
=====================================================
2018/08/27 11:51:17 Finished
=====================================================
安静的输出,状态禁用和扩展模式看起来像这样(“grep模式”):
$ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -q -n -e
https://buffered.io/index
https://buffered.io/contact
https://buffered.io/posts
https://buffered.io/categories
dns
模式
命令行可能如下所示:
$ gobuster -m dns -u mysite.com -t 50 -w common-names.txt
正常的样本运行如下:
$ gobuster -m dns -w ~/wordlists/subdomains.txt -u google.com
=====================================================
Gobuster v2.0.1 OJ Reeves (@TheColonial)
=====================================================
[+] Mode : dns
[+] Url/Domain : google.com
[+] Threads : 10
[+] Wordlist : /home/oj/wordlists/subdomains.txt
=====================================================
2018/08/27 11:54:20 Starting gobuster
=====================================================
Found: chrome.google.com
Found: ns1.google.com
Found: admin.google.com
Found: www.google.com
Found: m.google.com
Found: support.google.com
Found: translate.google.com
Found: cse.google.com
Found: news.google.com
Found: music.google.com
Found: mail.google.com
Found: store.google.com
Found: mobile.google.com
Found: search.google.com
Found: wap.google.com
Found: directory.google.com
Found: local.google.com
Found: blog.google.com
=====================================================
2018/08/27 11:54:20 Finished
=====================================================
显示IP示例运行如下:
$ gobuster -m dns -w ~/wordlists/subdomains.txt -u google.com -i
=====================================================
Gobuster v2.0.1 OJ Reeves (@TheColonial)
=====================================================
[+] Mode : dns
[+] Url/Domain : google.com
[+] Threads : 10
[+] Wordlist : /home/oj/wordlists/subdomains.txt
=====================================================
2018/08/27 11:54:54 Starting gobuster
=====================================================
Found: www.google.com [172.217.25.36, 2404:6800:4006:802::2004]
Found: admin.google.com [172.217.25.46, 2404:6800:4006:806::200e]
Found: store.google.com [172.217.167.78, 2404:6800:4006:802::200e]
Found: mobile.google.com [172.217.25.43, 2404:6800:4006:802::200b]
Found: ns1.google.com [216.239.32.10, 2001:4860:4802:32::a]
Found: m.google.com [172.217.25.43, 2404:6800:4006:802::200b]
Found: cse.google.com [172.217.25.46, 2404:6800:4006:80a::200e]
Found: chrome.google.com [172.217.25.46, 2404:6800:4006:802::200e]
Found: search.google.com [172.217.25.46, 2404:6800:4006:802::200e]
Found: local.google.com [172.217.25.46, 2404:6800:4006:80a::200e]
Found: news.google.com [172.217.25.46, 2404:6800:4006:802::200e]
Found: blog.google.com [216.58.199.73, 2404:6800:4006:806::2009]
Found: support.google.com [172.217.25.46, 2404:6800:4006:802::200e]
Found: wap.google.com [172.217.25.46, 2404:6800:4006:802::200e]
Found: directory.google.com [172.217.25.46, 2404:6800:4006:802::200e]
Found: translate.google.com [172.217.25.46, 2404:6800:4006:802::200e]
Found: music.google.com [172.217.25.46, 2404:6800:4006:802::200e]
Found: mail.google.com [172.217.25.37, 2404:6800:4006:802::2005]
=====================================================
2018/08/27 11:54:55 Finished
=====================================================
基域无法解析时的基本域验证警告。如果用户在键入域时发胖,则这是一个警告而不是失败。
$ gobuster -m dns -w ~/wordlists/subdomains.txt -u yp.to -i
=====================================================
Gobuster v2.0.1 OJ Reeves (@TheColonial)
=====================================================
[+] Mode : dns
[+] Url/Domain : yp.to
[+] Threads : 10
[+] Wordlist : /home/oj/wordlists/subdomains.txt
=====================================================
2018/08/27 11:56:43 Starting gobuster
=====================================================
2018/08/27 11:56:53 [-] Unable to validate base domain: yp.to
Found: cr.yp.to [131.193.32.108, 131.193.32.109]
=====================================================
2018/08/27 11:56:53 Finished
=====================================================
还可以正确检测到通配符DNS:
$ gobuster -m dns -w ~/wordlists/subdomains.txt -u 0.0.1.xip.io
=====================================================
Gobuster v2.0.1 OJ Reeves (@TheColonial)
=====================================================
[+] Mode : dns
[+] Url/Domain : 0.0.1.xip.io
[+] Threads : 10
[+] Wordlist : /home/oj/wordlists/subdomains.txt
=====================================================
2018/08/27 12:13:48 Starting gobuster
=====================================================
2018/08/27 12:13:48 [-] Wildcard DNS found. IP address(es): 1.0.0.0
2018/08/27 12:13:48 [!] To force processing of Wildcard DNS, specify the '-fw' switch.
=====================================================
2018/08/27 12:13:48 Finished
=====================================================
如果用户想要强制处理具有通配符条目的域,请使用-fw
:
$ gobuster -m dns -w ~/wordlists/subdomains.txt -u 0.0.1.xip.io -fw
=====================================================
Gobuster v2.0.1 OJ Reeves (@TheColonial)
=====================================================
[+] Mode : dns
[+] Url/Domain : 0.0.1.xip.io
[+] Threads : 10
[+] Wordlist : /home/oj/wordlists/subdomains.txt
=====================================================
2018/08/27 12:13:51 Starting gobuster
=====================================================
2018/08/27 12:13:51 [-] Wildcard DNS found. IP address(es): 1.0.0.0
Found: 127.0.0.1.xip.io
Found: test.127.0.0.1.xip.io
=====================================================
2018/08/27 12:13:53 Finished
=====================================================
标签:google,爆破,gobuster,GOBUSTER,27,2018,DNS,Found,com
From: https://blog.51cto.com/u_14008060/6923901