Import Debian changes 2.0.1-1
gobuster (2.0.1-1) unstable; urgency=medium
[ Ondřej Nový ]
* d/control: Remove trailing whitespaces
[ Alexander Fischer ]
* New upstream version 2.0.1
* remove patch
* changed uuid library dependency
* removed test file due to missing dependency in debian
gobuster (1.4.1-1) unstable; urgency=medium
* Initial release (Closes: #897628)
Alexander Fischer authored 5 years ago
Sophie Brun committed 5 years ago
0 | TARGET=./build | |
1 | OSES=darwin linux windows | |
2 | ARCHS=amd64 386 | |
3 | ||
4 | current: outputdir | |
5 | @go build -o ./gobuster; \ | |
6 | echo "Done." | |
7 | ||
8 | outputdir: | |
9 | @mkdir -p ${TARGET} | |
10 | ||
11 | windows: outputdir | |
12 | @for GOARCH in ${ARCHS}; do \ | |
13 | echo "Building for windows $${GOARCH} ..." ; \ | |
14 | GOOS=windows GARCH=$${GOARCH} go build -o ${TARGET}/gobuster-$${GOARCH}.exe ; \ | |
15 | done; \ | |
16 | echo "Done." | |
17 | ||
18 | linux: outputdir | |
19 | @for GOARCH in ${ARCHS}; do \ | |
20 | echo "Building for linux $${GOARCH} ..." ; \ | |
21 | GOOS=linux GARCH=$${GOARCH} go build -o ${TARGET}/gobuster-linux-$${GOARCH} ; \ | |
22 | done; \ | |
23 | echo "Done." | |
24 | ||
25 | darwin: outputdir | |
26 | @for GOARCH in ${ARCHS}; do \ | |
27 | echo "Building for darwin $${GOARCH} ..." ; \ | |
28 | GOOS=darwin GARCH=$${GOARCH} go build -o ${TARGET}/gobuster-darwin-$${GOARCH} ; \ | |
29 | done; \ | |
30 | echo "Done." | |
31 | ||
32 | ||
33 | all: darwin linux windows | |
34 | ||
35 | test: | |
36 | @go test -v -race ./... ; \ | |
37 | echo "Done." | |
38 | ||
39 | clean: | |
40 | @rm -rf ${TARGET}/* ; \ | |
41 | echo "Done." |
0 | Gobuster v2.0.0 (OJ Reeves @TheColonial) | |
0 | Gobuster v2.0.1 (OJ Reeves @TheColonial) | |
1 | 1 | ======================================== |
2 | 2 | |
3 | 3 | Gobuster is a tool used to brute-force: |
77 | 77 | ``` |
78 | 78 | gobuster $ go install |
79 | 79 | ``` |
80 | If you have all the dependencies already, you can make use of the build scripts: | |
81 | * `make` - builds for the current Go configuration (ie. runs `go build`). | |
82 | * `make windows` - builds 32 and 64 bit binaries for windows, and writes them to the `build` subfolder. | |
83 | * `make linux` - builds 32 and 64 bit binaries for linux, and writes them to the `build` subfolder. | |
84 | * `make darwin` - builds 32 and 64 bit binaries for darwin, and writes them to the `build` subfolder. | |
85 | * `make all` - builds for all platforms and architectures, and writes the resulting binaries to the `build` subfolder. | |
86 | * `make clean` - clears out the `build` subfolder. | |
87 | * `make test` - runs the tests (requires you to `go get githubcom/h2non/gock` first). | |
80 | 88 | |
81 | 89 | #### Running as a script |
82 | 90 | ``` |
103 | 111 | $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt |
104 | 112 | |
105 | 113 | ===================================================== |
106 | Gobuster v2.0.0 OJ Reeves (@TheColonial) | |
114 | Gobuster v2.0.1 OJ Reeves (@TheColonial) | |
107 | 115 | ===================================================== |
108 | 116 | [+] Mode : dir |
109 | 117 | [+] Url/Domain : https://buffered.io/ |
127 | 135 | $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -n |
128 | 136 | |
129 | 137 | ===================================================== |
130 | Gobuster v2.0.0 OJ Reeves (@TheColonial) | |
138 | Gobuster v2.0.1 OJ Reeves (@TheColonial) | |
131 | 139 | ===================================================== |
132 | 140 | [+] Mode : dir |
133 | 141 | [+] Url/Domain : https://buffered.io/ |
152 | 160 | $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -v |
153 | 161 | |
154 | 162 | ===================================================== |
155 | Gobuster v2.0.0 OJ Reeves (@TheColonial) | |
163 | Gobuster v2.0.1 OJ Reeves (@TheColonial) | |
156 | 164 | ===================================================== |
157 | 165 | [+] Mode : dir |
158 | 166 | [+] Url/Domain : https://buffered.io/ |
179 | 187 | $ gobuster -u https://buffered.io -w ~/wordlists/shortlist.txt -l |
180 | 188 | |
181 | 189 | ===================================================== |
182 | Gobuster v2.0.0 OJ Reeves (@TheColonial) | |
190 | Gobuster v2.0.1 OJ Reeves (@TheColonial) | |
183 | 191 | ===================================================== |
184 | 192 | [+] Mode : dir |
185 | 193 | [+] Url/Domain : https://buffered.io/ |
219 | 227 | $ gobuster -m dns -w ~/wordlists/subdomains.txt -u google.com |
220 | 228 | |
221 | 229 | ===================================================== |
222 | Gobuster v2.0.0 OJ Reeves (@TheColonial) | |
230 | Gobuster v2.0.1 OJ Reeves (@TheColonial) | |
223 | 231 | ===================================================== |
224 | 232 | [+] Mode : dns |
225 | 233 | [+] Url/Domain : google.com |
255 | 263 | $ gobuster -m dns -w ~/wordlists/subdomains.txt -u google.com -i |
256 | 264 | |
257 | 265 | ===================================================== |
258 | Gobuster v2.0.0 OJ Reeves (@TheColonial) | |
266 | Gobuster v2.0.1 OJ Reeves (@TheColonial) | |
259 | 267 | ===================================================== |
260 | 268 | [+] Mode : dns |
261 | 269 | [+] Url/Domain : google.com |
291 | 299 | $ gobuster -m dns -w ~/wordlists/subdomains.txt -u yp.to -i |
292 | 300 | |
293 | 301 | ===================================================== |
294 | Gobuster v2.0.0 OJ Reeves (@TheColonial) | |
302 | Gobuster v2.0.1 OJ Reeves (@TheColonial) | |
295 | 303 | ===================================================== |
296 | 304 | [+] Mode : dns |
297 | 305 | [+] Url/Domain : yp.to |
311 | 319 | $ gobuster -m dns -w ~/wordlists/subdomains.txt -u 0.0.1.xip.io |
312 | 320 | |
313 | 321 | ===================================================== |
314 | Gobuster v2.0.0 OJ Reeves (@TheColonial) | |
322 | Gobuster v2.0.1 OJ Reeves (@TheColonial) | |
315 | 323 | ===================================================== |
316 | 324 | [+] Mode : dns |
317 | 325 | [+] Url/Domain : 0.0.1.xip.io |
331 | 339 | $ gobuster -m dns -w ~/wordlists/subdomains.txt -u 0.0.1.xip.io -fw |
332 | 340 | |
333 | 341 | ===================================================== |
334 | Gobuster v2.0.0 OJ Reeves (@TheColonial) | |
342 | Gobuster v2.0.1 OJ Reeves (@TheColonial) | |
335 | 343 | ===================================================== |
336 | 344 | [+] Mode : dns |
337 | 345 | [+] Url/Domain : 0.0.1.xip.io |
0 | gobuster (2.0.1-1) unstable; urgency=medium | |
1 | ||
2 | [ Ondřej Nový ] | |
3 | * d/control: Remove trailing whitespaces | |
4 | ||
5 | [ Alexander Fischer ] | |
6 | * New upstream version 2.0.1 | |
7 | * remove patch | |
8 | * changed uuid library dependency | |
9 | * removed test file due to missing dependency in debian | |
10 | ||
11 | -- Alexander Fischer <[email protected]> Sun, 03 Feb 2019 14:03:01 +0100 | |
12 | ||
13 | gobuster (1.4.1-1) unstable; urgency=medium | |
14 | ||
15 | * Initial release (Closes: #897628) | |
16 | ||
17 | -- Alexander Fischer <[email protected]> Thu, 03 May 2018 17:55:25 +0200 |
0 | 11 |
0 | Source: gobuster | |
1 | Section: utils | |
2 | Priority: optional | |
3 | Maintainer: Alexander Fischer <[email protected]> | |
4 | Build-Depends: debhelper (>= 11), | |
5 | dh-golang, | |
6 | golang-any, | |
7 | golang-github-hashicorp-go-multierror-dev, | |
8 | golang-github-google-uuid-dev, | |
9 | golang-golang-x-crypto-dev | |
10 | Standards-Version: 4.1.4 | |
11 | Homepage: https://github.com/OJ/gobuster | |
12 | Vcs-Browser: https://salsa.debian.org/debian/gobuster | |
13 | Vcs-Git: https://salsa.debian.org/debian/gobuster.git | |
14 | XS-Go-Import-Path: github.com/OJ/gobuster | |
15 | Testsuite: autopkgtest-pkg-go | |
16 | ||
17 | Package: gobuster | |
18 | Architecture: any | |
19 | Built-Using: ${misc:Built-Using} | |
20 | Depends: ${misc:Depends}, | |
21 | ${shlibs:Depends} | |
22 | Description: Directory/file & DNS busting tool written in Go | |
23 | Gobuster is a tool used to brute-force URIs including directories and | |
24 | files as well as DNS subdomains. |
0 | Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ | |
1 | Upstream-Name: gobuster | |
2 | Source: https://github.com/OJ/gobuster | |
3 | Files-Excluded: | |
4 | Godeps/_workspace | |
5 | ||
6 | Files: * | |
7 | Copyright: 2014 OJ Reeves | |
8 | License: Apache-2.0 | |
9 | ||
10 | Files: debian/* | |
11 | Copyright: 2018 Alexander Fischer <[email protected]> | |
12 | License: Apache-2.0 | |
13 | Comment: Debian packaging is licensed under the same terms as upstream | |
14 | ||
15 | License: Apache-2.0 | |
16 | Licensed under the Apache License, Version 2.0 (the "License"); | |
17 | you may not use this file except in compliance with the License. | |
18 | You may obtain a copy of the License at | |
19 | . | |
20 | http://www.apache.org/licenses/LICENSE-2.0 | |
21 | . | |
22 | Unless required by applicable law or agreed to in writing, software | |
23 | distributed under the License is distributed on an "AS IS" BASIS, | |
24 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
25 | See the License for the specific language governing permissions and | |
26 | limitations under the License. | |
27 | . | |
28 | On Debian systems, the complete text of the Apache version 2.0 license | |
29 | can be found in "/usr/share/common-licenses/Apache-2.0". |
0 | .\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. | |
1 | .TH GOBUSTER "1" "May 2018" "gobuster 1.4.1" "User Commands" | |
2 | .SH NAME | |
3 | gobuster \- Directory/file & DNS busting tool | |
4 | .SH DESCRIPTION | |
5 | .HP | |
6 | \fB\-P\fR string | |
7 | .IP | |
8 | Password for Basic Auth (dir mode only) | |
9 | .HP | |
10 | \fB\-U\fR string | |
11 | .IP | |
12 | Username for Basic Auth (dir mode only) | |
13 | .HP | |
14 | \fB\-a\fR string | |
15 | .IP | |
16 | Set the User\-Agent string (dir mode only) | |
17 | .HP | |
18 | \fB\-c\fR string | |
19 | .IP | |
20 | Cookies to use for the requests (dir mode only) | |
21 | .HP | |
22 | \fB\-cn\fR | |
23 | .IP | |
24 | Show CNAME records (dns mode only, cannot be used with '\-i' option) | |
25 | .TP | |
26 | \fB\-e\fR | |
27 | Expanded mode, print full URLs | |
28 | .TP | |
29 | \fB\-f\fR | |
30 | Append a forward\-slash to each directory request (dir mode only) | |
31 | .HP | |
32 | \fB\-fw\fR | |
33 | .IP | |
34 | Force continued operation when wildcard found | |
35 | .TP | |
36 | \fB\-i\fR | |
37 | Show IP addresses (dns mode only) | |
38 | .TP | |
39 | \fB\-k\fR | |
40 | Skip SSL certificate verification | |
41 | .TP | |
42 | \fB\-l\fR | |
43 | Include the length of the body in the output (dir mode only) | |
44 | .HP | |
45 | \fB\-m\fR string | |
46 | .IP | |
47 | Directory/File mode (dir) or DNS mode (dns) (default "dir") | |
48 | .TP | |
49 | \fB\-n\fR | |
50 | Don't print status codes | |
51 | .HP | |
52 | \fB\-o\fR string | |
53 | .IP | |
54 | Output file to write results to (defaults to stdout) | |
55 | .HP | |
56 | \fB\-p\fR string | |
57 | .IP | |
58 | Proxy to use for requests [http(s)://host:port] (dir mode only) | |
59 | .TP | |
60 | \fB\-q\fR | |
61 | Don't print the banner and other noise | |
62 | .TP | |
63 | \fB\-r\fR | |
64 | Follow redirects | |
65 | .HP | |
66 | \fB\-s\fR string | |
67 | .IP | |
68 | Positive status codes (dir mode only) (default "200,204,301,302,307") | |
69 | .HP | |
70 | \fB\-t\fR int | |
71 | .IP | |
72 | Number of concurrent threads (default 10) | |
73 | .HP | |
74 | \fB\-u\fR string | |
75 | .IP | |
76 | The target URL or Domain | |
77 | .TP | |
78 | \fB\-v\fR | |
79 | Verbose output (errors) | |
80 | .HP | |
81 | \fB\-w\fR string | |
82 | .IP | |
83 | Path to the wordlist | |
84 | .HP | |
85 | \fB\-x\fR string | |
86 | .IP | |
87 | File extension(s) to search for (dir mode only) |
0 | debian/gobuster.1 |
0 | #!/usr/bin/make -f | |
1 | ||
2 | override_dh_auto_install: | |
3 | dh_auto_install -- --no-source | |
4 | %: | |
5 | dh $@ --buildsystem=golang --with=golang | |
6 | ||
7 | override_dh_auto_build: | |
8 | dh_auto_build | |
9 | rm -f obj-*/src/github.com/OJ/gobuster/libgobuster/http_test.go |
0 | 3.0 (quilt) |
0 | version=3 | |
1 | opts=filenamemangle=s/.+\/v?(\d\S*)\.tar\.gz/gobuster-\$1\.tar\.gz/,\ | |
2 | uversionmangle=s/(\d)[_\.\-\+]?(RC|rc|pre|dev|beta|alpha)[.]?(\d*)$/\$1~\$2\$3/ \ | |
3 | https://github.com/OJ/gobuster/tags .*/v?(\d\S*)\.tar\.gz |
3 | 3 | "bytes" |
4 | 4 | "fmt" |
5 | 5 | "log" |
6 | "net" | |
7 | 6 | "strings" |
8 | 7 | |
9 | 8 | "github.com/OJ/gobuster/libgobuster" |
17 | 16 | func (d GobusterDNS) Setup(g *libgobuster.Gobuster) error { |
18 | 17 | // Resolve a subdomain sthat probably shouldn't exist |
19 | 18 | guid := uuid.New() |
20 | wildcardIps, err := net.LookupHost(fmt.Sprintf("%s.%s", guid, g.Opts.URL)) | |
19 | wildcardIps, err := g.DNSLookup(fmt.Sprintf("%s.%s", guid, g.Opts.URL)) | |
21 | 20 | if err == nil { |
22 | 21 | g.IsWildcard = true |
23 | 22 | g.WildcardIps.AddRange(wildcardIps) |
29 | 28 | |
30 | 29 | if !g.Opts.Quiet { |
31 | 30 | // Provide a warning if the base domain doesn't resolve (in case of typo) |
32 | _, err = net.LookupHost(g.Opts.URL) | |
31 | _, err = g.DNSLookup(g.Opts.URL) | |
33 | 32 | if err != nil { |
34 | 33 | // Not an error, just a warning. Eg. `yp.to` doesn't resolve, but `cr.py.to` does! |
35 | 34 | log.Printf("[-] Unable to validate base domain: %s", g.Opts.URL) |
42 | 41 | // Process is the process implementation of gobusterdns |
43 | 42 | func (d GobusterDNS) Process(g *libgobuster.Gobuster, word string) ([]libgobuster.Result, error) { |
44 | 43 | subdomain := fmt.Sprintf("%s.%s", word, g.Opts.URL) |
45 | ips, err := net.LookupHost(subdomain) | |
44 | ips, err := g.DNSLookup(subdomain) | |
46 | 45 | var ret []libgobuster.Result |
47 | 46 | if err == nil { |
48 | 47 | if !g.IsWildcard || !g.WildcardIps.ContainsAny(ips) { |
52 | 51 | if g.Opts.ShowIPs { |
53 | 52 | result.Extra = strings.Join(ips, ", ") |
54 | 53 | } else if g.Opts.ShowCNAME { |
55 | cname, err := net.LookupCNAME(subdomain) | |
54 | cname, err := g.DNSLookupCname(subdomain) | |
56 | 55 | if err == nil { |
57 | 56 | result.Extra = cname |
58 | 57 | } |
4 | 4 | "bytes" |
5 | 5 | "context" |
6 | 6 | "fmt" |
7 | "net" | |
7 | 8 | "os" |
8 | 9 | "strings" |
9 | 10 | "sync" |
11 | 12 | |
12 | 13 | const ( |
13 | 14 | // VERSION contains the current gobuster version |
14 | VERSION = "2.0.0" | |
15 | VERSION = "2.0.1" | |
15 | 16 | ) |
16 | 17 | |
17 | 18 | // SetupFunc is the "setup" function prototype for implementations |
110 | 111 | // GetRequest issues a GET request to the target and returns |
111 | 112 | // the status code, length and an error |
112 | 113 | func (g *Gobuster) GetRequest(url string) (*int, *int64, error) { |
113 | g.incrementRequests() | |
114 | 114 | return g.http.makeRequest(url, g.Opts.Cookies) |
115 | } | |
116 | ||
117 | // DNSLookup looks up a domain via system default DNS servers | |
118 | func (g *Gobuster) DNSLookup(domain string) ([]string, error) { | |
119 | return net.LookupHost(domain) | |
120 | } | |
121 | ||
122 | // DNSLookupCname looks up a CNAME record via system default DNS servers | |
123 | func (g *Gobuster) DNSLookupCname(domain string) (string, error) { | |
124 | return net.LookupCNAME(domain) | |
115 | 125 | } |
116 | 126 | |
117 | 127 | func (g *Gobuster) worker(wordChan <-chan string, wg *sync.WaitGroup) { |
125 | 135 | if !ok { |
126 | 136 | return |
127 | 137 | } |
138 | g.incrementRequests() | |
128 | 139 | // Mode-specific processing |
129 | 140 | res, err := g.plugin.Process(g, word) |
130 | 141 | if err != nil { |
156 | 167 | return nil, fmt.Errorf("failed to get number of lines: %v", err) |
157 | 168 | } |
158 | 169 | |
159 | // mutiply by extensions to get the total number of requests | |
160 | if len(g.Opts.ExtensionsParsed.Set) > 0 { | |
161 | lines = lines + (lines * len(g.Opts.ExtensionsParsed.Set)) | |
162 | } | |
163 | 170 | g.requestsExpected = lines |
164 | 171 | g.requestsIssued = 0 |
165 | 172 |
0 | @echo off | |
1 | ||
2 | SET ARG=%1 | |
3 | SET TARGET=.\build | |
4 | ||
5 | IF "%ARG%"=="test" ( | |
6 | go test -v -race ./... | |
7 | echo Done. | |
8 | GOTO Done | |
9 | ) | |
10 | ||
11 | IF "%ARG%"=="clean" ( | |
12 | del /F /Q %TARGET%\*.* | |
13 | echo Done. | |
14 | GOTO Done | |
15 | ) | |
16 | ||
17 | IF "%ARG%"=="windows" ( | |
18 | CALL :Windows | |
19 | GOTO Done | |
20 | ) | |
21 | ||
22 | IF "%ARG%"=="darwin" ( | |
23 | CALL :Darwin | |
24 | GOTO Done | |
25 | ) | |
26 | ||
27 | IF "%ARG%"=="linux" ( | |
28 | CALL :Linux | |
29 | GOTO Done | |
30 | ) | |
31 | ||
32 | IF "%ARG%"=="all" ( | |
33 | CALL :Darwin | |
34 | CALL :Linux | |
35 | CALL :Windows | |
36 | GOTO Done | |
37 | ) | |
38 | ||
39 | IF "%ARG%"=="" ( | |
40 | go build -o .\gobuster.exe | |
41 | GOTO Done | |
42 | ) | |
43 | ||
44 | GOTO Done | |
45 | ||
46 | :Darwin | |
47 | set GOOS=darwin | |
48 | set GOARCH=amd64 | |
49 | echo Building for %GOOS% %GOARCH% ... | |
50 | go build -o %TARGET%\gobuster-%GOOS%-%GOARCH% | |
51 | set GOARCH=386 | |
52 | echo Building for %GOOS% %GOARCH% ... | |
53 | go build -o %TARGET%\gobuster-%GOOS%-%GOARCH% | |
54 | echo Done. | |
55 | EXIT /B 0 | |
56 | ||
57 | :Linux | |
58 | set GOOS=linux | |
59 | set GOARCH=amd64 | |
60 | echo Building for %GOOS% %GOARCH% ... | |
61 | go build -o %TARGET%\gobuster-%GOOS%-%GOARCH% | |
62 | set GOARCH=386 | |
63 | echo Building for %GOOS% %GOARCH% ... | |
64 | go build -o %TARGET%\gobuster-%GOOS%-%GOARCH% | |
65 | echo Done. | |
66 | EXIT /B 0 | |
67 | ||
68 | :Windows | |
69 | set GOOS=windows | |
70 | set GOARCH=amd64 | |
71 | echo Building for %GOOS% %GOARCH% ... | |
72 | go build -o %TARGET%\gobuster-%GOARCH%.exe | |
73 | set GOARCH=386 | |
74 | echo Building for %GOOS% %GOARCH% ... | |
75 | go build -o %TARGET%\gobuster-%GOARCH%.exe | |
76 | echo Done. | |
77 | EXIT /B 0 | |
78 | ||
79 | :Done |