-
Notifications
You must be signed in to change notification settings - Fork 23
/
课时73 skipfish.txt
executable file
·125 lines (97 loc) · 5.66 KB
/
课时73 skipfish.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
课时73 skipfish
╋━━━━━━━━━━━━━━━━━━━━━━━━━━━╋
┃skipfish ┃
┃C语言编写 ┃
┃实验性的主动web安全评估工具 ┃
┃递归爬网 ┃
┃基于字典的探测 ┃
┃速度较快 ┃
┃ 多路单线程,全异步网络I/O,消除内存管理和调度开销 ┃
┃ 启东式自动内容识别 ┃
┃误报较低 ┃
╋━━━━━━━━━━━━━━━━━━━━━━━━━━━╋
╋━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╋
┃skipfish ┃
┃skipfish -o test http://1.1.1.1 ┃
┃skipfish -o test @url.txt ┃
┃shipfish -o test -S complet.wl -W a.wl http://1.1.1.1 #字典 ┃
┃-I :只检查包含'string'的URL ┃
┃-X :不检查包含'string'的URL #logout ┃
┃-k :不对指定参数进行Fuzz测试 ┃
┃-D :跨站点爬另外一个域 ┃
┃-l :每秒最大请求数 ┃
┃-m :每IP最大并发连接数 ┃
┃--config : 指定配置文件 ┃
╋━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╋
root@kali:~# skipfish -o test1 http://192.168.1.101/dvwa/
Welcome to skipfish. Here are some useful tips:
1) To abort the scan at any time, press Ctrl-C. A partial report will be written
to the specified location. To view a list of currently scanned URLs, you can
press space at any time during the scan.
2) Watch the number requests per second shown on the main screen. If this figure
drops below 100-200, the scan will likely take a very long time.
3) The scanner does not auto-limit the scope of the scan; on complex sites, you
may need to specify locations to exclude, or limit brute-force steps.
4) There are several new releases of the scanner every month. If you run into
trouble, check for a newer version first, let the author know next.
More info: http://code.google.com/p/skipfish/wiki/KnownIssues
Press any key to continue (or wait 60 seconds)...
skipfish version 2.10b by [email protected]
skipfish version 2.10b by [email protected]
skipfish version 2.10b by [email protected]
- 192.168.1.101 -
- 192.168.1.101 -
Scan statistics:
Scan statistics:: 0:00:37.692
Scan time : 0:00:47.7910 kB in, 0 kB out (0.0 kB/s)
Scan time : 0:00:51.3120 kB in, 0 kB out (0.0 kB/s)
HTTP requests : 2 (0.0/s), 0 kB in, 0 kB out (0.0 kB/s) 0 drops
Compression : 0 kB in, 0 kB out (0.0% gain) etried, 0 drops
HTTP faults : 2 net errors, 0 proto errors, 0 retried, 0 drops
TCP handshakes : 2 total (1.0 req/conn) 0 purged
TCP faults : 0 failures, 1 timeouts, 0 purged
External links : 0 skipped
Reqs pending : 0
Database statistics:
Database statistics:total, 1 done (33.33%)
Pivots : 3 total, 1 done (33.33%) , 0 dict
Pivots : 3 total, 3 done (100.00%) 0 dict
In progress : 0 pending, 0 init, 0 attacks, 0 dict 0 par, 0 val
Missing nodes : 0 spotted dir, 0 file, 0 pinfo, 0 unkn, 0 par, 0 val
Node types : 1 serv, 2 dir, 0 file, 0 pinfo, 0 unkn, 0 par, 0 val
Issues found : 0 info, 2 warn, 0 low, 0 medium, 0 high impact
Dict size : 5 words (5 new), 0 extensions, 0 candidates
Signatures : 77 total
[+] Copying static resources...
[+] Sorting and annotating crawl nodes: 3
[+] Looking for duplicate entries: 3
[+] Counting unique nodes: 3
[+] Saving pivot data for third-party tools...
[+] Writing scan description...
[+] Writing crawl tree: 3
[+] Generating summary views...
[+] Report saved to 'test1/index.html' [0x8c0c8cb0].
[+] This was a great day for science!
root@kali:~# skipfish -o test1 -I /dvwa/ test1 http://192.168.1.101/dvwa/
root@kali:~# vi url.txt
http://192.168.1.1
http://192.168.1.101
root@kali:~# skipfish -o test2 @url.txt
root@kali:~# dpkg -L skipfish | grep wl
/usr/share/skipfish/dictionaries/complete.wl
/usr/share/skipfish/dictionaries/extensions-only.wl
/usr/share/skipfish/dictionaries/minimal.wl
/usr/share/skipfish/dictionaries/medium.wl
root@kali:~# skipfish -o test2 -I /dvwa/ -S /usr/share/skipfish/dictionaries/minimal.wl http://192.168.1.1/dvwa/
root@kali:~# skipfish -o test2 -D www.3g.com -I /dvwa/ -S /usr/share/skipfish/dictionaries/minimal.wl http://192.168.1.1/dvwa/
root@kali:~# skipfish -o test2 -l 10 -I /dvwa/ -S /usr/share/skipfish/dictionaries/minimal.wl http://192.168.1.1/dvwa/
root@kali:~# skipfish -o test2 -m 10 -I /dvwa/ -S /usr/share/skipfish/dictionaries/minimal.wl http://192.168.1.1/dvwa/
╋━━━━━━━━━━━━━━━━━━━━━━━╋
┃skipfish ┃
┃身份认证 ┃
┃skipfish -A user:pass -o test http://1.1.1.1 ┃
┃skipfish -C "name=val" -o test http://1.1.1.1 ┃
╋━━━━━━━━━━━━━━━━━━━━━━━╋
root@kali:~# skipfish -o test -C "PHPSESSID=ec74b3aaf3a8c7761195db3be878ee6d" -C "security=low" -I dvwa http://192.168.1.101/dvwa/
root@kali:~# rm -rf -a
root@kali:~# skipfish -o a --auth-from http://192.168.1.101/dvwa/login.php --auth-form-target http://192.168.1.10/dvwa/login.php --auth-usr-field username --auth-user admin --auth-pass-field password --auth-pass password -I /dvwa/ http://192.168.1.101/dvwa/