| Members Only

Dirb is a web content scanner, its principal features are scanning and attacking folder that is hidden within websites, Dirb makes this possible using dictionary based attacks against the servers mostly HTTP requests.

Dirb comes with default wordlists to ease the process of the attacks, the main purpose of Dirb is for use in web application auditing, it helps the professional’s to test the security parameters included to protect websites, Dirb occasionally coves some holes that are not covered by the classic tools used to scan website vulnerabilities, the reason is that Dirb looks for specific objects located on the website. it doesn’t look for general vulnerabilities, its purpose is to look for web content that can be vulnerable.

How Dirb works:

Dirb has an internal wordlist file that by default has around 4000 words for brute force attacks. There are also a lot more updated wordlists available over the internet that can be used as well. Dirb makes a search of the words in its wordlist in each directory or object of a server or a website. It might be an admin panel or a subdirectory that is vulnerable to attack. The most fundamental thing is to find the objects as they are hidden.

How to acquire it?

Download Dirb via Sourceforge: https://sourceforge.net/projects/dirb/

Using Dirb:

First, you need to download Dirb.

To uncompress the compressed Dirb file, you can use the next command:

sudo tar -xvzf dirb222.tar.gz

The Dirb folder is now uncompressed, and you can see it with ls command:

Go to the dirb directory and make executable configure with next command:

chmod u+x configure

Run configure and then type make:

Dirb is now installed, and you can use it with next command:

./dirb URL

Testing for Special Vulnerable list:

Dirb can be used to test for specific vulnerable objects within particular types of web technologies. Every web technology has its unique vulnerabilities. They are NOT all the same. Dirb can help one search for specific vulnerable objects specific to the particular technology. Also, we should mention that these tests are often performed over the TCP ports that handled the web services, these ports are:

  • TCP/80 – HTTP#
  • TCP/443 – HTTPs, SSL

Also by the time of an attack, these ports must be opened to host the web services so the firewalls cannot do much about it to prevent attacks directed to these ports.

Dirb has specific wordlists to search for these vulnerable often hidden objects. You can find them at:

cd  wordlists/vulns

Then list the contents of that directory:

ls -l

There are some files listed for each of the specific vulnerabilities to test. If your web server is Apache and you want to test it use apache.txt

To run

./dirb http://webscantest.com  wordlists/vulns/apache.txt