zoukankan      html  css  js  c++  java

  • dirb参数解析

    -----------------
    DIRB v2.22
    By The Dark Raver
    -----------------

    dirb <url_base> [<wordlist_file(s)>] [options]

    ========================= NOTES =========================
    <url_base> : Base URL to scan. (Use -resume for session resuming)
    <wordlist_file(s)> : List of wordfiles. (wordfile1,wordfile2,wordfile3...)

    ======================== HOTKEYS ========================
    'n' -> Go to next directory.
    'q' -> Stop scan. (Saving state for resume)
    'r' -> Remaining scan stats.

    ======================== OPTIONS ========================
    -a <agent_string> : Specify your custom USER_AGENT.
    -b : Use path as is.
    -c <cookie_string> : Set a cookie for the HTTP request.
    -E <certificate> : path to the client certificate.
    -f : Fine tunning of NOT_FOUND (404) detection.
    -H <header_string> : Add a custom header to the HTTP request.
    -i : Use case-insensitive search.
    -l : Print "Location" header when found.
    -N <nf_code>: Ignore responses with this HTTP code.
    -o <output_file> : Save output to disk.
    -p <proxy[:port]> : Use this proxy. (Default port is 1080)
    -P <proxy_username:proxy_password> : Proxy Authentication.
    -r : Don't search recursively.
    -R : Interactive recursion. (Asks for each directory)
    -S : Silent Mode. Don't show tested words. (For dumb terminals)
    -t : Don't force an ending '/' on URLs.
    -u <username:password> : HTTP Authentication.
    -v : Show also NOT_FOUND pages.
    -w : Don't stop on WARNING messages.
    -X <extensions> / -x <exts_file> : Append each word with this extensions.
    -z <millisecs> : Add a milliseconds delay to not cause excessive Flood.

    ======================== EXAMPLES =======================
    dirb http://url/directory/ (Simple Test)
    dirb http://url/ -X .html (Test files with '.html' extension)
    dirb http://url/ /usr/share/dirb/wordlists/vulns/apache.txt (Test with apache.txt wordlist)
    dirb https://secure_url/ (Simple Test with SSL)

    选择来介绍几个常用的参数

    -a 设置ua

    -c 设置cookie带cookie扫描

    -N 忽略某些响应码

    -o 输出结果

    -p 使用代理

    -X 在每个测试目录上附加后缀

    -z 设置毫秒延迟

    一、正常扫描

    dirb 目标 字典路径

    二、设置 ua 和 cookie

    dirb 目标 字典路径 -a "ua"  -c "cookie"

    三、使用代理和输出结果

    dirb dirb 目标 字典路径 -p ip:port -o result.txt

    dirb dirb 目标 字典路径 -o result.txt

    在看看result.txt文本

    四、设置附加后缀

    dirb dirb 目标 字典路径 -X test(这样每个被测试的字典都附加了test)

    五、设置毫秒延迟

    如果目标存在一些安全程序爬扫描太快被屏蔽的话可以设置-z参数单位是毫秒

    dirb dirb 目标 字典路径 -z 1000 (1秒)

    现在只能1秒访问一次了
  • 相关阅读:
    dom4j解析带命名空间的xml文件
    Spring使用facotry-method创建单例Bean总结<转>
    代码审查工具StyleCop
    ReSharper 配置及用法(二)
    ReSharper 配置及用法(一)
    linqPad快速学习LINQ(含视频)
    评估期已过。有关如何升级的测试版软件的信息
    SQL批量更新数据库中所有用户数据表中字段类型为tinyint为int
    SQL SERVER获取数据库中所有表名 XTYPE类型
    sqlserver中创建链接服务器
  • 原文地址:https://www.cnblogs.com/yyxianren/p/11520489.html
Copyright © 2011-2022 走看看