OSCP/OSCP 공부일지
Rustbuster 소개 (Fuzzer)
takudaddy
2022. 6. 21. 01:25
RustBuster란
"A Comprehensive Web Fuzzer and Content Discovery Tool"
포괄적 웹 퍼저이자 컨텐츠 검색 도구로
서버 Endpoint 및 디렉터리 검색할 때
효과적이다.
https://github.com/phra/rustbuster
설치 방법
(1) rustscan.sh 파일 확인
#!/bin/bash
install_rustbuster() {
echo "Installing latest version of Rustbuster"
latest_version=`curl -s https://github.com/phra/rustbuster/releases | grep "rustbuster-v" | head -n1 | cut -d'/' -f6`
echo "Latest release: $latest_version"
mkdir -p /opt/rustbuster
wget -qP /opt/rustbuster https://github.com/phra/rustbuster/releases/download/$latest_version/rustbuster-$latest_version-x86_64-unknown-linux-gnu
ln -fs /opt/rustbuster/rustbuster-$latest_version-x86_64-unknown-linux-gnu /opt/rustbuster/rustbuster
chmod +x /opt/rustbuster/rustbuster
echo "Done! Try running"
echo "/opt/rustbuster/rustbuster -h"
}
install_rustbuster
(2) 실행 권한 주고 실행하면 설치되고
![](https://blog.kakaocdn.net/dn/bN6aiM/btrFiRpWCu7/AKwKaCFk2gE2gcTdYE1sLk/img.png)
(3) 편하게 쓰고자 환경변수 등록
![](https://blog.kakaocdn.net/dn/bU5iYD/btrFhBupcJ6/wphgzqqaDoz8VsQ4gk81L0/img.png)
(4) 사용법 확인
![](https://blog.kakaocdn.net/dn/cH77Oc/btrFi9Rsgfk/LKel8kwG4U63d9NgqqT6Z1/img.png)
(5) 사용 예
# rustbuster dir --url http://192.168.214.201 --wordlist /usr/share/seclists/Discovery/Web-Content/raft-small-words.txt
![](https://blog.kakaocdn.net/dn/sfdGE/btrFkXoMwCa/zrXkrzbuik7RataZdQ4uVk/img.png)
728x90