Gobuster란?
dirb와 같은 디렉토리 탐색 툴이다.
설치
- 설치환경은 Windows 10, Go버전은
go version go1.17.8 windows/amd64이다. - 다음 명령어로 설치한다.
go install github.com/OJ/gobuster/v3@latest
설치 오류
package net/netip is not in GOROOT라는오류가 발생했다.
go: downloading github.com/OJ/gobuster/v3 v3.5.0
go: downloading github.com/OJ/gobuster v2.0.1+incompatible
go: downloading github.com/fatih/color v1.14.1
go: downloading github.com/spf13/cobra v1.6.1
go: downloading golang.org/x/crypto v0.6.0
go: downloading golang.org/x/term v0.5.0
go: downloading github.com/google/uuid v1.3.0
go: downloading github.com/pin/tftp/v3 v3.0.0
go: downloading github.com/mattn/go-colorable v0.1.13
go: downloading github.com/mattn/go-isatty v0.0.17
go: downloading golang.org/x/sys v0.5.0
go: downloading github.com/inconshreveable/mousetrap v1.1.0
go: downloading github.com/spf13/pflag v1.0.5
go: downloading golang.org/x/net v0.7.0
go\pkg\mod\github.com\!o!j\gobuster\v3@v3.5.0\gobusterdns\gobusterdns.go:10:2: package net/netip is not in GOROOT (C:\Program Files\Go\src\net\netip)
- 확인해보니
net/netip패키지는 Go 1.18에서 도입되었다고 한다. 현재 쓰고 있는 버전이 1.17.8이기 때문에 사용하지 못한 것으로 보인다. - Go를 최신버전으로 다시 설치하자.
go version go1.20.4 windows/amd64로 업데이트 했다.
Usage
- 다양한 모드가 있다. 자주 사용되는 것은 DNS 모드와 Dir모드로 보인다.
gobuster
Usage:
gobuster [command]
Available Commands:
completion Generate the autocompletion script for the specified shell
dir Uses directory/file enumeration mode
dns Uses DNS subdomain enumeration mode
fuzz Uses fuzzing mode. Replaces the keyword FUZZ in the URL, Headers and the request body
gcs Uses gcs bucket enumeration mode
help Help about any command
s3 Uses aws bucket enumeration mode
tftp Uses TFTP enumeration mode
version shows the current version
vhost Uses VHOST enumeration mode (you most probably want to use the IP address as the URL parameter)
Flags:
--delay duration Time each thread waits between requests (e.g. 1500ms)
-h, --help help for gobuster
--no-color Disable color output
--no-error Don't display errors
-z, --no-progress Don't display progress
-o, --output string Output file to write results to (defaults to stdout)
-p, --pattern string File containing replacement patterns
-q, --quiet Don't print the banner and other noise
-t, --threads int Number of concurrent threads (default 10)
-v, --verbose Verbose output (errors)
-w, --wordlist string Path to the wordlist
Use "gobuster [command] --help" for more information about a command.
DNS 모드
Dir모드
- 워드리스트는 따로 제공하지 않는 것으로 보인다.
- 워드리스트는 DirBuster(https://sourceforge.net/projects/dirbuster/)를 설치하면 설치된 폴더에서 얻을 수 있다.
Uses directory/file enumeration mode
Usage:
gobuster dir [flags]
Flags:
-f, --add-slash Append / to each request
--client-cert-p12 string a p12 file to use for options TLS client certificates
--client-cert-p12-password string the password to the p12 file
--client-cert-pem string public key in PEM format for optional TLS client certificates
--client-cert-pem-key string private key in PEM format for optional TLS client certificates (this key needs to have no password)
-c, --cookies string Cookies to use for the requests
-d, --discover-backup Also search for backup files by appending multiple backup extensions
--exclude-length ints exclude the following content length (completely ignores the status). Supply multiple times to exclude multiple sizes.
-e, --expanded Expanded mode, print full URLs
-x, --extensions string File extension(s) to search for
-X, --extensions-file string Read file extension(s) to search from the file
-r, --follow-redirect Follow redirects
-H, --headers stringArray Specify HTTP headers, -H 'Header1: val1' -H 'Header2: val2'
-h, --help help for dir
--hide-length Hide the length of the body in the output
-m, --method string Use the following HTTP method (default "GET")
--no-canonicalize-headers Do not canonicalize HTTP header names. If set header names are sent as is.
-n, --no-status Don't print status codes
-k, --no-tls-validation Skip TLS certificate verification
-P, --password string Password for Basic Auth
--proxy string Proxy to use for requests [http(s)://host:port]
--random-agent Use a random User-Agent string
--retry Should retry on request timeout
--retry-attempts int Times to retry on request timeout (default 3)
-s, --status-codes string Positive status codes (will be overwritten with status-codes-blacklist if set). Can also handle ranges like 200,300-400,404.
-b, --status-codes-blacklist string Negative status codes (will override status-codes if set). Can also handle ranges like 200,300-400,404. (default "404")
--timeout duration HTTP Timeout (default 10s)
-u, --url string The target URL
-a, --useragent string Set the User-Agent string (default "gobuster/3.5")
-U, --username string Username for Basic Auth
Global Flags:
--delay duration Time each thread waits between requests (e.g. 1500ms)
--no-color Disable color output
--no-error Don't display errors
-z, --no-progress Don't display progress
-o, --output string Output file to write results to (defaults to stdout)
-p, --pattern string File containing replacement patterns
-q, --quiet Don't print the banner and other noise
-t, --threads int Number of concurrent threads (default 10)
-v, --verbose Verbose output (errors)
-w, --wordlist string Path to the wordlist
가장 심플하게는 다음과 같이 쓰는 방법이 있겠다.
gobuster dir -u https://mysite.com/path/to/folder -w {워드리스트파일경로}