Created
September 14, 2018 21:03
-
-
Save Ge0rg3/6e28e4d19509781e8c1867b15636f480 to your computer and use it in GitHub Desktop.
A custom version of Dirb for the Canape box on the Hack The Box platform.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ###Custom Dirb Script for Canape | |
| import requests as rq | |
| import sys | |
| url = "http://10.10.10.70/" | |
| homepage = "Welcome to the future home page" | |
| wordlist = "common" | |
| found = [] | |
| with open("/usr/share/wordlists/dirb/"+wordlist+".txt") as f: | |
| dirlist = f.read().splitlines() | |
| dirlength = str(len(dirlist)) | |
| print("Beginning scan on URL "+url+" with "+wordlist+" wordlist. "+dirlength+" words found.\n") | |
| for count, i in enumerate(dirlist, 1): | |
| print(str(count)+" | Attempting: "+i) | |
| try: t = rq.get(url+i).text | |
| except TimeoutError: print("Timed out!") | |
| if homepage in t: continue | |
| if t.upper() == t: | |
| s = t.split(" ") | |
| try: s[1] | |
| except: continue | |
| print("\n==========> Dir found: "+i+"\n") | |
| found.append(i) | |
| print("\n####################\nScan complete!\nWords identified:") | |
| for count, i in enumerate(found, 1): | |
| print(str(count)+": "+i) | |
| print("####################") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment