fuzzuli 备份文件扫描
2022-12-27 12:1:18 Author: Ots安全(查看原文) 阅读量:30 收藏

在我多年的应用程序安全测试之旅中,我发现很多重要的备份文件保存在外部可访问的目录中。在命名这些文件时,使用了常用的首选词。(如 backup.zip、db.rar、conf.tar.gz 等)。但是,这些文件中的大多数都是使用应用程序所在的域名命名的。假设我们有一个域名地址fuzzuli.musana.net如果开发人员将重要的备份文件保存在可访问的目录中,可能的文件名将是这样的。

fuzzuli.net.rarfuzzuli.net.zipfuzzuli.net.tar.gz...other file compression extensions...fuzzulinet.rarfuzzulinet.zip...fuzzulimusana.rarfuzzulimusana.7z...musana.fuzzuli.zipmusanafuzzuli.rar...so on...

用法:


┌──(root㉿kali)-[/root/fuzzuli]└─# fuzzuli -h
__ _ _ / _| | | (_)| |_ _ _ ____ ____ _ _ | | _| _| | | | | |_ / |_ / | | | | | | | || | | |_| | / / / / | |_| | | | | ||_| \__,_| /___| /___| \__,_| |_| |_|
musana.net | @musana--------------------------------------------fuzzuli is a fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
Usage: fuzzuli [flags]
Flags:GENERAL OPTIONS: -w int worker count (default 16) -f string input file containing list of host/domain -pt string paths. separate with commas to use multiple paths. e.g. /,/db/,/old/ (default "/") -p print urls that is sent request -v print version -help print this -banner print banner
WORDLIST OPTIONS: -mt string methods. avaible methods: regular, withoutdots, withoutvowels, reverse, mixed, withoutdv, shuffle -sf string suffix -pf string prefix -ex string file extension. default (rar, zip, tar.gz, tar, gz, jar, 7z, bz2, sql, backup, war) -rp string replace specified char -rm string remove specified char
DOMAIN OPTIONS: -es string exclude domain that contains specified string or char. e.g. for OR operand google|bing|yahoo (default "#") -dl int match domain length that specified. (default 40)
MATCHER OPTIONS: -ct string match response with specified content type -sc int match response with specified status code (default 200) -cl int match response with specified minimum content length. e.g. >100 (default 100)
HTTP OPTIONS: -to int timeout in seconds. (default 10) -ua string user agent (default "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0") -hm string HTTP Method. (default "HEAD") -px string http proxy to use

运行fuzz

指定排除域、最小域长度

┌──(root㉿kali)-[/root/fuzzuli]└─# cat domains.txthttps://play.google.comhttps://code.facebook.comhttps://blog.twitter.comhttps://help.instagram.comhttps://tesla.comhttps://yandex.com
┌──(root㉿kali)-[/root/fuzzuli]└─# fuzzuli -f domains.txt -w 32 -ex .rar,.zip -es "tesla|twitter" -dl 11 -p
__ _ _ / _| | | (_)| |_ _ _ ____ ____ _ _ | | _| _| | | | | |_ / |_ / | | | | | | | || | | |_| | / / / / | |_| | | | | ||_| \__,_| /___| /___| \__,_| |_| |_|
musana.net | @musana--------------------------------------------[*] Scan starting time: 2022-06-22 21:07:58[-] https://yandex.com/yandex.rar[-] https://yandex.com/yandex.zip[-] https://yandex.com/yndx.rar[-] https://yandex.com/yndx.zip[-] https://yandex.com/yandex.com.rar[-] https://yandex.com/yandex.com.zip[-] https://yandex.com/yndx.cm.rar[-] https://yandex.com/yndx.cm.zip[-] https://yandex.com/yandexcom.rar[-] https://yandex.com/yandexcom.zip[-] https://yandex.com/yndxcm.rar[-] https://yandex.com/yndxcm.zip

指定扩展名、输入文件等

┌──(root㉿kali)-[/root/fuzzuli]└─# fuzzuli -f domains.txt -w 32 -ex .rar,.zip -p
__ _ _ / _| | | (_)| |_ _ _ ____ ____ _ _ | | _| _| | | | | |_ / |_ / | | | | | | | || | | |_| | / / / / | |_| | | | | ||_| \__,_| /___| /___| \__,_| |_| |_|
musana.net | @musana--------------------------------------------[*] Scan starting time: 2022-06-22 21:00:34[-] https://code.facebook.com/code.rar[-] https://tesla.com/tesla.rar[-] https://blog.twitter.com/blog.rar[-] https://yandex.com/yandex.rar[-] https://play.google.com/play.rar[-] https://help.instagram.com/help.rar[-] https://play.google.com/play.zip[-] https://help.instagram.com/help.zip[-] https://blog.twitter.com/blog.zip[-] https://play.google.com/ply.rar[-] https://code.facebook.com/code.zip[-] https://yandex.com/yandex.zip[-] https://help.instagram.com/hlp.rar[-] https://tesla.com/tesla.zip[-] https://play.google.com/ply.zip[-] https://help.instagram.com/hlp.zip[-] https://blog.twitter.com/blg.rar[-] https://code.facebook.com/cd.rar[-] https://play.google.com/play.google.rar[-] https://yandex.com/yndx.rar

项目地址:https://github.com/musana/fuzzuli



文章来源: http://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247496237&idx=3&sn=bb00955a8b633f3c3a4f32ac5be6559b&chksm=9badbb66acda327016403a3ba71021cca4eb043d4bdf09ab0b53ddfabffb7698ea888f217e9e#rd
如有侵权请联系:admin#unsafe.sh