Concept¶
we make use of Wfuzz and Gobuster tools to apply Fuzzing. This technique is used to discover hidden paths and resources on a web server using brute force attacks. The goal is to find hidden resources that could be used by malicious attackers to gain unauthorized access to the server.
only when the web slow to responde
Gobuster¶
gobuster dir -u target -w wordlist -t 200
gobuster --add-slash # add a slash for that not exist redirect
gobuster -b 403 # hide the state code 403
gobuster -x php,html # search files php, html
gobuster -s 200 -b '' # show the state 200
Wfuzz¶
In this class, we will see how different Wfuzz parameters can be used to adjust the scope and depth of our recognition in web applications. Some of the parameters we will cover include the '-sl' parameter to filter by a given number of lines, the '-hl' parameter to hide a given number of lines and finally the '-z' parameter to indicate the type of data we want to use for the recognition we want to apply, covering options such as dictionaries, lists and numeric ranges.
wfuzz -c # color
wfuzz -t 200 # 200 tareas en paralelo
wfuzz -w wordlist target/FUZZ # FUZZ puesto donde se necesita hacer el fuzzing usando el wordlist
wfuzz --hc 400 # ocultar code 400>
wfuzz -L # follow el proceso
wfuzz -w wordlist target/FUZZ/ # para filtrar los redirtects
wfuzz --sl=234 # show only the services with 234 lines
wfuzz --hl=234 # ocultar solo the servisio with 234 lineas
wfuzz --hw=3 # coultar por palabras
wfuzz --sw=3 # mostrar solo por palabras 3
wfuzz -z file,PATH # para agregar de otra forma de wordlist # agregar un nuevo payload#
wfuzz -w wordlist target/FUZZ.html # filtar por html archives
wfuzz -w wordlist -z list,html-css-txt-php target/FUZZ.FUZ2Z # filtar por html,css,txt,php archives de cada uno de los servicios encontrados
wfuzz -z range,1-200 'https://WEBPAGE/buy/detalles?product_id=FUZZ' # filtrar por rango
wfuzz -c --hc 403 -w WORDList 'HTTPS://domain'
other tools¶
FUFF: this is one more faster and usage when the web slow response