What is Dirb
DIRB is a command line based tool to brute force any directory based on wordlists. DIRB will make an HTTP request and see the HTTP response code of each request
How it works
It internally has a wordlist file which has by default around 4000 words for brute force attack. There are a lot of updated wordlists available over the internet which can also be used. Dirb searches for the words in its wordlist in every directory or object of a website or a server. It might be an admin panel or a subdirectory that is vulnerable to attack. The key is to find the objects as they are generally hidden.
How to get it?
Note : I used Kali Linux and Dirb comes pre-installed with Kali.
Purpose of Dirb in Security testing:
Purpose of DIRB is to help in professional and web application auditing in security testing. DIRB looks for almost all the web objects that other generic CGI scanners can’t look for. It doesn’t look for vulnerabilities but it looks for the web contents that can be vulnerable.
Step 1 — Open Terminal
Step 2 — Start Dirb
Once we have a terminal open, go ahead and type dirb to get the help screen.
As you can see in this screenshot above, DIRB’s syntax is very simple with multiple options. In its simplest form, we only need to type the command dirb followed by the URLof the website we are testing.
Kali> dirb URL
Step 3 — Dirb for simple hidden object scan
with the Dirb’s default word list file it searches the URL for 4612 Object types. Let’s try it on test site, webscantest.com.
kali > dirb http://webscantest.com
DIRB begins the scan looking for those keywords among the website objects.
The results list with the response code and the size of the file for each ping. Also, dirb starts searching the files of the folder which returns the response code as 200. It searches the entire folders with the wordlist and displays the results.
Finally, when DIRB is done, it reports back the number of found objects (113 in this case). Note that in the help screen above, we can use the -o switch to send the results to an output file to save the results to a text file.
Testing for Special Vulnerable list
We can use DIRB to test for specific vulnerable objects within specific types of web technologies. Each web technology has different vulnerabilities. They are NOT all the same. DIRB can help us look for specific vulnerable objects specific to the particular technology.
In Kali, DIRB has specific wordlists to search for these vulnerable often hidden objects. You can find them at:
kali > cd /usr/share/dirb/wordlists/vuln
Then list the contents of that directory:
kali > ls -l
As you can see above, there is a number of file list for each of the specific vulnerability to test. If your web server is Apache and you want to test it use apache.txt
kali > dirb http://webscantest.com /usr/share/dirb/wordlists/vulns/apache.txt