import urllib2
import threading
import Queue
import urllib
threads = 50
target_url = "http://testphp.vulnweb.com"
wodlist_file='../wingware/DirBuster/directory-list-2.3-small.txt'
resume = None
user_agent = "Mozilla/5.0 (X11; Linux x86_64; rv:19.0) Gecko/20100101Firefox/19.0"
def build_wordlist(wordlist_file):
fd = open(wordlist_file,"rb")
raw_words=fd.readlines()
fd.close()
found_resume=False
words = Queue.Queue()
for word in raw_words:
word=word.rstrip()
if resume is not None:
if found_resume:
words.put(word)
else:
if word == resume:
found_resume = True
print "Resuming wordlist from: %s" % resume
else:
words.put(word)
return words
def dir_bruter(word_queue,extensions=None):
while not word_queue.empty():
attempt = word_queue.get()
attempt_list = []
if "." not in attempt:
attempt_list.append("/%s/" % attempt)
else:
attempt_list.append("/%s" % attempt)
if extensions:
for extension in extensions:
attempt_list.append("/%s%s" % (attempt,extension))
for brute in attempt_list:
url="%s%s" % (target_url,urllib.quote(brute))
try:
headers={}
headers["User-Agent"] = user_agent
r = urllib2.Request(url,headers=headers)
response = urllib2.urlopen(r)
if len(response.read()):
print "[%d] => %s" % (response.code,url)
except urllib2.URLError,e:
if hasattr(e,'code') and e.code!=404:
print "!!! %d => %s" %(e.code,url)
word_queue = build_wordlist(wodlist_file)
extensions=[".html",".bak",".cs",".xls",".asp",".config"]
for i in range(threads):
t = threading. Thread(target=dir_bruter,args=(word_queue,extensions))
import threading
import Queue
import urllib
threads = 50
target_url = "http://testphp.vulnweb.com"
wodlist_file='../wingware/DirBuster/directory-list-2.3-small.txt'
resume = None
user_agent = "Mozilla/5.0 (X11; Linux x86_64; rv:19.0) Gecko/20100101Firefox/19.0"
def build_wordlist(wordlist_file):
fd = open(wordlist_file,"rb")
raw_words=fd.readlines()
fd.close()
found_resume=False
words = Queue.Queue()
for word in raw_words:
word=word.rstrip()
if resume is not None:
if found_resume:
words.put(word)
else:
if word == resume:
found_resume = True
print "Resuming wordlist from: %s" % resume
else:
words.put(word)
return words
def dir_bruter(word_queue,extensions=None):
while not word_queue.empty():
attempt = word_queue.get()
attempt_list = []
if "." not in attempt:
attempt_list.append("/%s/" % attempt)
else:
attempt_list.append("/%s" % attempt)
if extensions:
for extension in extensions:
attempt_list.append("/%s%s" % (attempt,extension))
for brute in attempt_list:
url="%s%s" % (target_url,urllib.quote(brute))
try:
headers={}
headers["User-Agent"] = user_agent
r = urllib2.Request(url,headers=headers)
response = urllib2.urlopen(r)
if len(response.read()):
print "[%d] => %s" % (response.code,url)
except urllib2.URLError,e:
if hasattr(e,'code') and e.code!=404:
print "!!! %d => %s" %(e.code,url)
word_queue = build_wordlist(wodlist_file)
extensions=[".html",".bak",".cs",".xls",".asp",".config"]
for i in range(threads):
t = threading. Thread(target=dir_bruter,args=(word_queue,extensions))
t.start()
---------------------------------------------------------------------------------------------------------------
wodlist_file显示到字典在https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project 下载 需要翻墙