Difference between revisions of "Ffuf"
Jump to navigation
Jump to search
FBirnegger (talk | contribs) |
FBirnegger (talk | contribs) |
||
Line 48: | Line 48: | ||
=== Recursive (Directory) Fuzzing === | === Recursive (Directory) Fuzzing === | ||
To find directories recursively. | |||
ffuf -w /opt/useful/SecLists/Discovery/Web-Content/directory-list-2.3-small.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ -recursion -recursion-depth 1 -e .php -v | ffuf -w /opt/useful/SecLists/Discovery/Web-Content/directory-list-2.3-small.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ -recursion -recursion-depth 1 -e .php -v |
Revision as of 13:54, 3 January 2023
Summary
This Wiki Entry is about the Tool ffuf (Fuzz Faster You Fool). The article will show different commands for the most useful use-cases and can be utilized as a cheatsheet.
Overview
Ffuf is a web fuzzer written in Go. It Is pre-installed in Kali Linux and sponsored by Offensive Security. The tool can be used for different Fuzzing use-cases and it supports recursive Fuzzing.
Installation
If you are using Kali Linux you can use ffuf straight away because it is pre-installed. If you are using another Linux Distribution you can install the tool with
$sudo apt install ffuf
Cheatsheet
Useful flags
Match & Filter
- -mc : Match response codes
- -mr : Match regex pattern
- -ms : Match reponse size
- -fc : Filter response codes
- -fr : Filter regex pattern
- -fs : Filter reponse size
Input & Output
- -w : Wordlist
- -mode : Operation Mode (Clusterbomb, Pitchfork)
- -request : File with a HTTP request
- -o : Output file
- -of : Output file format
Directory Fuzzing
Page Fuzzing
Subdomain Fuzzing
Vhosts Fuzzing
Parameter Fuzzing
To find parameter names.
GET Requests
ffuf -w parameter-wordlist.txt:FUZZ -u http://SERVER_IP:PORT/admin/admin.php?FUZZ=key -fs xxx
POST Requests
ffuf -w parameter-wordlist.txt:FUZZ -u http://SERVER_IP:PORT/admin/admin.php -X POST -d 'FUZZ=key' -H 'Content-Type: application/x-www-form-urlencoded' -fs xxx
- -X: to determine the HTTP Method
- -d: to determine POST data
- -H: To use HTTP Header field with value; multipe
Recursive (Directory) Fuzzing
To find directories recursively.
ffuf -w /opt/useful/SecLists/Discovery/Web-Content/directory-list-2.3-small.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ -recursion -recursion-depth 1 -e .php -v
- -recursion: to enable recursive Fuzzing
- -recursion-depth: to determine the recursion depth
- -v: to output the full URL for a better overview
Courses
- Sichere Softwareentwicklung (IT-Security 22/23)