Ffuf

From Embedded Lab Vienna for IoT & Security
Jump to navigation Jump to search

Summary

This Wiki Entry is about the Tool ffuf (Fuzz Faster You Fool). The article will show different commands for the most useful use-cases and can be utilized as a cheatsheet.

Overview

Ffuf is a web fuzzer written in Go. It Is pre-installed in Kali Linux and sponsored by Offensive Security. The tool can be used for different Fuzzing use-cases and it supports recursive Fuzzing.

Installation

If you are using Kali Linux you can use ffuf straight away because it is pre-installed. If you are using another Linux Distribution you can install the tool with

 $sudo apt install ffuf

Cheatsheet

Useful flags

Match & Filter

  • -mc : Match response codes
  • -mr : Match regex pattern
  • -ms : Match reponse size
  • -fc : Filter response codes
  • -fr : Filter regex pattern
  • -fs : Filter reponse size

Input & Output

  • -w : Wordlist
  • -mode : Operation Mode (Clusterbomb, Pitchfork)
  • -request : File with a HTTP request
  • -o : Output file
  • -of : Output file format

Directory Fuzzing

Page Fuzzing

Subdomain Fuzzing

Vhosts Fuzzing

Parameter Fuzzing

To find parameter names.

GET Requests

 ffuf -w parameter-wordlist.txt:FUZZ -u http://SERVER_IP:PORT/admin/admin.php?FUZZ=key -fs xxx

POST Requests

 ffuf -w parameter-wordlist.txt:FUZZ -u http://SERVER_IP:PORT/admin/admin.php -X POST -d 'FUZZ=key' -H 'Content-Type: application/x-www-form-urlencoded' -fs xxx
  • -X: to determine the HTTP Method
  • -d: to determine POST data
  • -H: To use HTTP Header field with value; multipe

Recursive (Directory) Fuzzing

 ffuf -w /opt/useful/SecLists/Discovery/Web-Content/directory-list-2.3-small.txt:FUZZ -u http://SERVER_IP:PORT/FUZZ -recursion -recursion-depth 1 -e .php -v
  • -recursion: to enable recursive Fuzzing
  • -recursion-depth: to determine the recursion depth
  • -v: to output the full URL for a better overview

Courses

  • Sichere Softwareentwicklung (IT-Security 22/23)

References