Finally DirChex becomes Debian friendly !
I often though, why in my backTrack distribution I cannot find DirCheck ? After all it’s very useful hack tool. Today I can easily install it, just download the Debian package here, and install it !
Ok for people who don’t know what I’m talking about:
DirSnatch will allow you to save two different files. One dumps a web directory list in the full URL format (DirGet tab).
so on and so forth.
The other (DirPut) will dump the web directory with only the directories & sub-directories (still with URL format)so that we can automate the request of testing each directory for a vulnerable PUT permission issue.
The benefit of the new tab is the following. If you’d like to use Burp Suite or DirChex to test each directory for PUT the format that DirPut lists each directory in is suitable for simply concatenating the URL + “a test file”.
When using the DirChex PUT tab you can provide a name of a file you would like to upload to the target Web App’s directories, choose the the txt file containing URLs dumped with DirSnatch_v2.1 DirPut and it will do the concatenation and request for you. Voila.