WFUZZ:
wfuzz is a web application tool which helps in brute force.
it is so hard to explain about the uses of wfuzz. it can be useful in many ways.
if you use Kali Linux it already comes in it.
in any other Linux distributions, you will have to download it.
you can download it: click here
in this part, we will talk about its basics.
how to find dirs in website using WFUZZ?
you can simply see the help menu of wfuzz by this command:
wfuzz --help
suppose, I have hosted a website on my LOCAL apache server. the website has some directories that are not shown. the wfuzz has wordlists for different-different use.
we will use user/share/wfuzz/wordlists/general/common.txt
type this command in your terminal:
wfuzz -c -w user/share/wfuzz/worldlists/general/common.txt --hc 404 -u http://<webisite-ip>:<port>/FUZZ
here, we are using -c to get output in colors(it is useful). -z is to tell the path of wordlist. then, the –hc means hide code. it means it will hide the result that will give 404 response code. we can add more response codes by using comma{,}. you can enter the port no. if some other port is using apache service. we use FUZZ at the place where it should brute force. it is hard to explain. so, try it by yourself and see how it works.
it will try every word from the common.txt and will give you the output of valid dirs.
how to brute force admin panel using WFUZZ?
mostly people use wfuzz to get username and password of a web application.
suppose, I have a website which is hosted on my LOCAL apache server. if we want to access the website, we will have to login first with user and password.
now I have a wordlist which contains users and passwords both. type this command to brute force the admin panel or login panel:
wfuzz -c -w /user/share/wfuzz/wordlist/general/admin-panels.txt --hs incorrect -d "user=FUZZ&pass=FUZZ" -u http://<website-ip>/<path to admin panal>
this command will start brute forcing the admin panel.
–hs is similar to –hc but there is a minor difference between them that –hc is for a response code but –hs is for response text. it means if we have assigned the –hs value to invalid, it will ignore the result that will contain invalid in itself.
-d is to get a post request and to tell where to FUZZ. in case, you have the user, you can type it at the place of FUZZ.
thanks for visiting