fuzzuli 备份文件扫描

fuzzuli 备份文件扫描
2022-12-27 12:1:18 Author: Ots安全(查看原文) 阅读量:30 收藏

在我多年的应用程序安全测试之旅中，我发现很多重要的备份文件保存在外部可访问的目录中。在命名这些文件时，使用了常用的首选词。（如 backup.zip、db.rar、conf.tar.gz 等）。但是，这些文件中的大多数都是使用应用程序所在的域名命名的。假设我们有一个域名地址fuzzuli.musana.net如果开发人员将重要的备份文件保存在可访问的目录中，可能的文件名将是这样的。

fuzzuli.net.rarfuzzuli.net.zipfuzzuli.net.tar.gz...other file compression extensions...fuzzulinet.rarfuzzulinet.zip...fuzzulimusana.rarfuzzulimusana.7z...musana.fuzzuli.zipmusanafuzzuli.rar...so on...

用法：


┌──(root㉿kali)-[/root/fuzzuli]└─# fuzzuli -h
  __                               _   _ / _|                             | | (_)| |_   _   _   ____  ____  _   _  | |  _|  _| | | | | |_  / |_  / | | | | | | | || |   | |_| |  / /   / /  | |_| | | | | ||_|    \__,_| /___| /___|  \__,_| |_| |_|
musana.net | @musana--------------------------------------------fuzzuli is a fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.
Usage:  fuzzuli [flags]
Flags:GENERAL OPTIONS:   -w int      worker count (default 16)   -f string   input file containing list of host/domain   -pt string  paths. separate with commas to use multiple paths. e.g. /,/db/,/old/ (default "/")   -p          print urls that is sent request   -v          print version   -help       print this   -banner     print banner
WORDLIST OPTIONS:   -mt string  methods. avaible methods: regular, withoutdots, withoutvowels, reverse, mixed, withoutdv, shuffle   -sf string  suffix   -pf string  prefix   -ex string  file extension. default (rar, zip, tar.gz, tar, gz, jar, 7z, bz2, sql, backup, war)   -rp string  replace specified char   -rm string  remove specified char
DOMAIN OPTIONS:   -es string  exclude domain that contains specified string or char. e.g. for OR operand google|bing|yahoo (default "#")   -dl int     match domain length that specified. (default 40)
MATCHER OPTIONS:   -ct string  match response with specified content type   -sc int     match response with specified status code (default 200)   -cl int     match response with specified minimum content length. e.g. >100 (default 100)
HTTP OPTIONS:   -to int     timeout in seconds. (default 10)   -ua string  user agent (default "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0")   -hm string  HTTP Method. (default "HEAD")   -px string  http proxy to use

运行fuzz

指定排除域、最小域长度

┌──(root㉿kali)-[/root/fuzzuli]└─# cat domains.txthttps://play.google.comhttps://code.facebook.comhttps://blog.twitter.comhttps://help.instagram.comhttps://tesla.comhttps://yandex.com
┌──(root㉿kali)-[/root/fuzzuli]└─# fuzzuli -f domains.txt -w 32 -ex .rar,.zip -es "tesla|twitter" -dl 11 -p
  __                               _   _ / _|                             | | (_)| |_   _   _   ____  ____  _   _  | |  _|  _| | | | | |_  / |_  / | | | | | | | || |   | |_| |  / /   / /  | |_| | | | | ||_|    \__,_| /___| /___|  \__,_| |_| |_|
musana.net | @musana--------------------------------------------[*] Scan starting time: 2022-06-22 21:07:58[-] https://yandex.com/yandex.rar[-] https://yandex.com/yandex.zip[-] https://yandex.com/yndx.rar[-] https://yandex.com/yndx.zip[-] https://yandex.com/yandex.com.rar[-] https://yandex.com/yandex.com.zip[-] https://yandex.com/yndx.cm.rar[-] https://yandex.com/yndx.cm.zip[-] https://yandex.com/yandexcom.rar[-] https://yandex.com/yandexcom.zip[-] https://yandex.com/yndxcm.rar[-] https://yandex.com/yndxcm.zip

指定扩展名、输入文件等

┌──(root㉿kali)-[/root/fuzzuli]└─# fuzzuli -f domains.txt -w 32 -ex .rar,.zip -p
  __                               _   _ / _|                             | | (_)| |_   _   _   ____  ____  _   _  | |  _|  _| | | | | |_  / |_  / | | | | | | | || |   | |_| |  / /   / /  | |_| | | | | ||_|    \__,_| /___| /___|  \__,_| |_| |_|
musana.net | @musana--------------------------------------------[*] Scan starting time: 2022-06-22 21:00:34[-] https://code.facebook.com/code.rar[-] https://tesla.com/tesla.rar[-] https://blog.twitter.com/blog.rar[-] https://yandex.com/yandex.rar[-] https://play.google.com/play.rar[-] https://help.instagram.com/help.rar[-] https://play.google.com/play.zip[-] https://help.instagram.com/help.zip[-] https://blog.twitter.com/blog.zip[-] https://play.google.com/ply.rar[-] https://code.facebook.com/code.zip[-] https://yandex.com/yandex.zip[-] https://help.instagram.com/hlp.rar[-] https://tesla.com/tesla.zip[-] https://play.google.com/ply.zip[-] https://help.instagram.com/hlp.zip[-] https://blog.twitter.com/blg.rar[-] https://code.facebook.com/cd.rar[-] https://play.google.com/play.google.rar[-] https://yandex.com/yndx.rar

项目地址：https://github.com/musana/fuzzuli

文章来源: http://mp.weixin.qq.com/s?__biz=MzAxMjYyMzkwOA==&mid=2247496237&idx=3&sn=bb00955a8b633f3c3a4f32ac5be6559b&chksm=9badbb66acda327016403a3ba71021cca4eb043d4bdf09ab0b53ddfabffb7698ea888f217e9e#rd
如有侵权请联系:admin#unsafe.sh