Last active
December 11, 2015 01:49
-
-
Save khakimov/4526286 to your computer and use it in GitHub Desktop.
alex, alex we got in! so what next? If you’re working with a scope that limits tools you can install or just want to scan something very fast without install anything - just use this script with dir list such as http://zaproxy.googlecode.com/svn/trunk/src/dirbuster/directory-list-2.3-medium.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # echo "usage: $0 dirlist target.com" | |
| # can use with https - just use curl -k ... | |
| for i in $(cat $1) | |
| do | |
| echo "dir: $i \tcount: " `curl $2/$i 2>/dev/null | wc -l` | |
| done | |
| # so, just run it | |
| # sh dirscan.sh dirs.txt https://10.1.1.12:10443 > report.txt | |
| # then you can check how's big error page | |
| # | |
| # dir: sm_bigeek count: 7 | |
| # dir: timetable count: 7 | |
| # dir: menu_news count: 7 | |
| # | |
| # in my case this number is 7 (you can check curl -k https://10.1.1.12:10443/100percentnotfound | wc -l) | |
| # so grep -v will help to remove all lines containing 7 | |
| # | |
| # cat report.txt | grep -v 7 | |
| # dir: index count: 1 | |
| # dir: backup count: 12 | |
| # dir: favicon count: 0 | |
| # dir: graphs count: 12 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment