Black Hat Bash - Bash Scripting for Hackers and Pentesters (Early Access) (Dolev Farhi, Nick Aleks)

Use head to view the created files:

$ head files_wordlist.txt

acme-hyper-branding-0.txt

acme-hyper-branding-0.csv

acme-hyper-branding-0.pdf

acme-hyper-branding-0.jpg

acme-hyper-branding-1.txt

acme-hyper-branding-1.csv

acme-hyper-branding-1.pdf

acme-hyper-branding-1.jpg

acme-hyper-branding-2.txt

acme-hyper-branding-2.csv

As you can see, this command’s output follows the format acme-

hyper-branding-{some_number}.{some_extension}.

Fuzzing with Ffuf

Ffuf (an acronym for Fuzz Faster U Fool) is a versatile and

blazing-fast web fuzzing tool. We’ll use fuff to discover potential

files under the /files endpoint that could contain interesting data.

This ffuf command uses the -c (color) option to highlight the

results in the terminal, -w (wordlist) to specify a custom word list, -

u (URL) option to specify a path, and the full URL to the endpoint to

fuzz. Let's run ffuf against 172.16.10.10 (p-web-01) using the

command shown below:

$ ffuf -c -w files_wordlist.txt -u http://172.16.10.10:8081/files/FUZZ

:: Method : GET

:: URL : http://172.16.10.10:8081/files/FUZZ

:: Wordlist : FUZZ: files_wordlist.txt

:: Follow redirects : false

:: Calibration : false

:: Timeout : 10

:: Threads : 40

:: Matcher : Response status: 200,204,301,302,307,401,403,405,500

________________________________________________

acme-hyper-branding-5.csv [Status: 200, Size: 432, Words: 31, Lines: 9, Duration: 32ms]

:: Progress: [405/405] :: Job [1/1] :: 0 req/sec :: Duration: [0:00:00] :: Errors: 0 ::

Listing 5-7

Fuzzing with ffuf

Note that the word FUZZ at the end of the URL is a placeholder

that tells the tool where to inject the words from the wordlist. In

essence, it will swap the word FUZZ with each line from our file.