So briefly I wanted to describe the new version of DirSnatch. Just as DirChex (tool for automatically requesting a list of URLs from a text thru your proxy) had a modification with the "PUT" tab so has DirSnatch.
RUNDOWN:
DirSnatch will allow you to save two different files. One dumps a web directory list in the full URL format (DirGet tab).
Sooo C:\inetpub\public\index.asp
becomes
http://example.com/public/index.asp
so on and so forth.
The other (DirPut) will dump the web directory with only the directories & sub-directories (still with URL format)so that we can automate the request of testing each directory for a vulnerable PUT permission issue.
Sooo C:\inetpub\public\index.asp
becomes
http://example.com/public/
BENEFIT:
The benefit of the new tab is the following. If you'd like to use Burp Suite or DirChex to test each directory for PUT the format that DirPut lists each directory in is suitable for simply concatenating the URL + "a test file".
MEANING:
When using the DirChex PUT tab you can provide a name of a file you would like to upload to the target Web App's directories, choose the the txt file containing URLs dumped with DirSnatch_v2.1 DirPut and it will do the concatenation and request for you. Voila.
PIC OF NEW VERSION:
Thoughts, comments, suggestions are welcome.
Happy Hacking!
~cktricky
No comments:
Post a Comment