Today we will learn how to Enumerate a directory or object of a website or server. It might be an admin panel or a subdirectory that is vulnerable to attack. The key is to find these objects, as they may be hidden. This tool is available in Kali LInux, that is DIRB. DIRB is a command line based tool to bruteforce any directory based on a wordlists. DIRB will makes an HTTP request and see the HTTP respond code of each request.
Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you
DIRB main purpose is to help in professional web application auditing. Specially in security related testing. It covers some holes not covered by classic web vulnerability scanners. DIRB looks for specific web objects that other generic CGI scanners can’t look for. It doesn’t search vulnerabilities nor does it look for web contents that can be vulnerables.
DIRB also comes with GUI version that you can find in:
DOWNLOAD DIRB And DIRBUSTER
DIRB TUTORIAL With Kali Linux
Step 1 : Open Terminal
This is the very first important step of doing every activity with linux. Dont bother it, just open and move to next step. :D
Now type “dirb” in terminal. If you first time to see DIRB, you might to look and read the available options and guide to start use DIRB.
Step 3: Know Your Target !!!
Let say, we have a target target.com, then we need to set the specific exploit to target. To do that first you need to know the target. We need help from another tool, “whatweb”. Whatweb will tell us what our target is; like IP, server fingerprinting, etc. Now, type:
As you can see above, the target responded a code 301, that mean it has redirected to another website (wordpress.target.com) and it has an Apache and WordPress. Nice.. We now know what is our target is.
Step 4: Dirb Wordlists Directory
DIRB also has a built in wordlists directory, it is located in /usr/share/dirb/wordlists
$ cd /usr/share/dirb/wordlists/
$ ls -l
Notice that our target running Apache inside. So, we will use apache.txt wordlists to bruteforce the target.
Step 5: Bruteforce The Target Using DIRB
Now, in the terminal type:
$ dirb [Target URL] [Wordlists Path]
$ dirb wordpress.target.com /usr/share/dirb/wordlists/vulns/apache.txt
Now the result is coming. Our target has a forbidden access (403) directory. that is test-cgi. This common directory on Apache is vulnerable to Shellshock exploit.
That is a tutorial How to use DIRB directory enumeration in Kali Linux. The next step is determine the proper exploit or attack to each Directory or files you found.
DIRBUSTER TUTORIAL With Kali Linux
Step 1 : Open Dirbuster
To open up Dirbuster, you can either reach it from Kali Linux Application Menu I’ve mentioned above or just simply call it from Terminal.
Step 2 : Dirbuster Wordlists
Dirbuster wordlists are located in /usr/share/dirbuster/wordlists
Step 3 : Configrue Bruteforce Settung in Dirbuster
- Input Target URL in the Target URL Form. Specify whether using http or https.
- Input Dirbuster Wordlists directory path file. To see the description of each Dirbuster Wordlists, click on “List Info” button. Then click “Browse” to Dirbuster Wordlists directory path, or just enter it manually. Here i used /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt
Press start to launch bruteforce. Then wait until it finished.
Once you find a hidden files or directories, then identify what are those. If you are lucky you might found an admin backdoor to access admin panel configuration. Dirb Vs Dirbuster; you can use wheter Dirb CLI or Dirbuster GUI.