iGuRu
Now Reading
Konan: Προηγμένο Web Application και Dir Scanner
iGuRu

Konan: Προηγμένο Web Application και Dir Scanner

Το Konan είναι ένα προηγμένο εργαλείο ανοιχτού κώδικα γραμμένο σε python, που έχει σχεδιαστεί για επιθέσεις brute force σε καταλόγους και για να ανακαλύπτει τα ονόματα αρχείων στους διακομιστές των web εφαρμογών.

68747470733a2f2f692e696d6775722e636f6d2f77336251526f572e706e67 - Konan: Προηγμένο Web Application και Dir Scanner

Εγκατάσταση

git clone https://github.com/m4ll0k/Konan.git konan

cd konan && pip install -r requirements.txt

python konan.py

Υποστήριξη

  • Linux
  • Windows
  • MacOSX

Χαρακτηριστικά

FeaturesKonandirsearchdirbgobuster
MultiThreadedyesyesyesyes
Multiple Extensionsyesyesnono
HTTP Proxy Supportyesyesyesyes
Reportingyes (text and json)yes (text and json)yes (text)no
User-Agent randomizationyesyesnono
Ignore word in wordlist using regexpyesnonono
Split extension in wordlistyesnonono
Multiple Methodsyesyesnono
Response Size Processyesyesnono
Provide Sub-Dir for Brute Forceyesyesnono
Provide Dir for Recursively Brute Forceyesyesnono
URL Injection Pointyesnonono

Χρήση

Basic:

  • python konan.py -u/–url http://example.com/

URL: http://testphp.vulnweb.com/

PERCENT – TIME – CODE – METHOD – LENGTH – URL
——————————————————-
0.39% – 01:32:50 – 200 – GET – 4958 – http://testphp.vulnweb.com/index.php
0.43% – 01:32:52 – 200 – GET – 4732 – http://testphp.vulnweb.com/search.php
0.54% – 01:32:57 – 200 – GET – 5523 – http://testphp.vulnweb.com/login.php
0.81% – 01:33:12 – 200 – GET – 4830 – http://testphp.vulnweb.com/logout.php
8.77% – 01:40:02 – 302 – GET – 14 – http://testphp.vulnweb.com/userinfo.php -> login.php

Injection Point:

  • python konan.py -u/–url http://example.com/%%/index.php

URL: http://testphp.vulnweb.com/%%/index.php

PERCENT – TIME – CODE – METHOD – LENGTH – URL
——————————————————-
0.39% – 01:32:50 – 200 – GET – 4958 – http://testphp.vulnweb.com/test/index.php
0.43% – 01:32:52 – 200 – GET – 4732 – http://testphp.vulnweb.com/search/index.php

  • python konan.py -u/–url http://example.com/test%% -w /root/numbers.txt

URL: http://testphp.vulnweb.com/test%%

PERCENT – TIME – CODE – METHOD – LENGTH – URL
——————————————————-
0.39% – 01:32:50 – 200 – GET – 4958 – http://testphp.vulnweb.com/test12
0.43% – 01:32:52 – 200 – GET – 4732 – http://testphp.vulnweb.com/test34

Provide wordlist, default /db/dict.txt:

  • python konan.py -u/–url http://example.com/ -w/–wordlist /root/dict.txt
  • python konan.py -u/–url http://example.com/ -e/–extension php,html -f/–force

URL: http://testphp.vulnweb.com/

PERCENT – TIME – CODE – METHOD – LENGTH – URL
——————————————————-
0.39% – 02:00:21 – 200 – GET – 4958 – http://testphp.vulnweb.com/index.html
0.43% – 02:00:23 – 200 – GET – 4732 – http://testphp.vulnweb.com/search.php
0.54% – 02:00:30 – 200 – GET – 5523 – http://testphp.vulnweb.com/login.php
0.81% – 02:00:46 – 200 – GET – 4830 – http://testphp.vulnweb.com/logout.html
0.87% – 02:00:50 – 200 – GET – 6115 – http://testphp.vulnweb.com/categories.html

Provide status code exclusion:

  • python konan.py -u/–url http://example.com/ -x/–exclude 400,403,401

Provide only status code for output:

  • python konan.py -u/–url http://example.com/ -o/–only 200,301,302

Wordlist lowercase (isATest -> isatest) and uppercase (isAtest -> ISATEST):

  • python konan.py -u/–url http://example.com/ -w/–wordlist /root/dict.txt [-l/–lowercase OR -p/–uppercase]

Wordlist split (test.php -> to -> test):

  • python konan.py -u/–url http://example.com/ -w/–wordlist /root/dict.txt -s/–split

Wordlist Ignore word,letters,number,..etc provided by regexp (\w*.php|\w*.html,^[0-9_-]+):_

  • python konan.py -u/–url http://example.com/ -w/–wordlist -I/–ignore “\?+”

Output without -I/–ignore options:
URL: http://testphp.vulnweb.com/

PERCENT – TIME – CODE – METHOD – LENGTH – URL
——————————————————-
0.39% – 02:06:31 – 200 – GET – 4958 – http://testphp.vulnweb.com/???.php
0.43% – 02:06:32 – 200 – GET – 4732 – http://testphp.vulnweb.com/???????????
0.54% – 02:06:35 – 200 – GET – 5523 – http://testphp.vulnweb.com/admin/

Output with -I/–ignore (in this case \?+) options:
URL: http://testphp.vulnweb.com/

PERCENT – TIME – CODE – METHOD – LENGTH – URL
——————————————————-
0.54% – 02:06:35 – 200 – GET – 5523 – http://testphp.vulnweb.com/admin/

Recursive:

  • python konan.py -u/–url http://example.com/ -E/–recursive

Recursive directory found and directory provided by -D/–dir-rec:

  • python konan.py -u/–url http://example.com/ -E/–recursive -D/–dir-rec “admin,tests,dev,internal”

Brute Force directory provided by -S/–sub-dir:

  • python konan.py -u/–url http://example.com/ -S/–sub-dir “admin,test,internal,dev”

Multiple Methods (check GET,POST,PUT and DELETE for word entry):

  • python konan.py -u/–url http://example.com/ -m/–methods”

Content size process (show response if the response size is “>[number]”,”<[number]”,”=[number]”):

  • python konan.py -u/–url http://example.com/ -C/–length “<1000”

URL: http://testphp.vulnweb.com/

PERCENT – TIME – CODE – METHOD – LENGTH – URL
——————————————————-
0.19% – 02:11:46 – 301 – GET – 184 – http://testphp.vulnweb.com/admin -> http://testphp.vulnweb.com/admin/
1.73% – 02:12:37 – 301 – GET – 184 – http://testphp.vulnweb.com/images -> http://testphp.vulnweb.com/images/

Μπορείτε να κατεβάσετε το πρόγραμμα από εδώ.

Διαβάστε τις Τεχνολογικές Ειδήσεις από όλο τον κόσμο, με την εγκυρότητα του iGuRu.gr

Ακολουθήσετε μας στο Google News

View Comments (0)

Leave a Reply

Your email address will not be published.

 

iGuRu.gr © 2012 - 2021 Keep it Simple Stupid Custom Theme

Scroll To Top