CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/documentation/modules/auxiliary/scanner/http/dir_scanner.md
Views: 11784

Vulnerable Application

This module scans one or more web servers for interesting directories that can be further explored.

Verification Steps

  1. Do: use auxiliary/scanner/http/dir_scanner

  2. Do: set RHOSTS [IP]

  3. Do: run

Scenarios

msf > use auxiliary/scanner/http/dir_scanner
msf auxiliary(dir_scanner) > set RHOSTS 192.168.1.201
RHOSTS => 192.168.1.201
msf auxiliary(dir_scanner) > run

[*] Using code '404' as not found for 192.168.1.201
[*] Found http://192.168.1.201:80/.../ 403 (192.168.1.201)
[*] Found http://192.168.1.201:80/Joomla/ 200 (192.168.1.201)
[*] Found http://192.168.1.201:80/cgi-bin/ 403 (192.168.1.201)
[*] Found http://192.168.1.201:80/error/ 403 (192.168.1.201)
[*] Found http://192.168.1.201:80/icons/ 200 (192.168.1.201)
[*] Found http://192.168.1.201:80/oscommerce/ 200 (192.168.1.201)
[*] Found http://192.168.1.201:80/phpmyadmin/ 200 (192.168.1.201)
[*] Found http://192.168.1.201:80/security/ 200 (192.168.1.201)
[*] Found http://192.168.1.201:80/webalizer/ 200 (192.168.1.201)
[*] Found http://192.168.1.201:80/webdav/ 200 (192.168.1.201)
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
msf auxiliary(dir_scanner) >

Confirming

The following are other industry tools which can also be used. Note that the targets are not the same as those used in the previous documentation.

dirb

# dirb http://192.168.2.137 /usr/share/metasploit-framework/data/wmap/wmap_dirs.txt 

-----------------
DIRB v2.22    
By The Dark Raver
-----------------

START_TIME: Sat Feb 24 12:56:40 2018
URL_BASE: http://192.168.2.137/
WORDLIST_FILES: /usr/share/metasploit-framework/data/wmap/wmap_dirs.txt

-----------------

GENERATED WORDS: 2351

---- Scanning URL: http://192.168.2.137/ ----
==> DIRECTORY: http://192.168.2.137/.../
==> DIRECTORY: http://192.168.2.137/Joomla/
==> DIRECTORY: http://192.168.2.137/cgi-bin/
==> DIRECTORY: http://192.168.2.137/error/
==> DIRECTORY: http://192.168.2.137/icons/
==> DIRECTORY: http://192.168.2.137/oscommerce/
==> DIRECTORY: http://192.168.2.137/phpmyadmin/
==> DIRECTORY: http://192.168.2.137/security/
==> DIRECTORY: http://192.168.2.137/webalizer/
==> DIRECTORY: http://192.168.2.137/webdav/