Windous下Wfuzz的安装

0x00

前言
wfuzz这个工具在kali下是默认安装的~ 可是由于虚拟机用kali总是有种卡卡的感觉,就想着在windous下也装一个。
其实之前我尝试安装过几次,因为没学过python,就一直没有装成功。。还是因为自己菜
终于!!!趁着今天下午没事,在 你好表哥 的帮助下~ 终于把这个史诗级的难题给solve了



关于wfuzz的安装这里介绍两种方法

  1. 基于python2.7环境安装
  2. exe版 免python环境,打开即用!! 早知道有这个版本,我TM还费那么大劲去配置那些看着就脑壳疼的环境干嘛!


0x01  基于python2.7环境安装wufzz

首先你要有python2.7+pip的环境,这里环境的安装就不多介绍了~ 直接进入正题

下载wfuzz

cmd进入文件根目录 cd wfuzz-2.3.4

setup.py install

pip install -r requirements.txt

pip install wfuzz

① setup.py是安装程序
② requirements.txt 文件是python项目中必须包含一个文件用于记录所有依赖包及其精确的版本号用以新环境部署。这里是安装依赖包
安装wfuzz


到这里wfuzz就安装成功了,如何去验证是否安装成功呢?

在cmd下输入wfuzz

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
C:\Users\unixcs\Desktop\wfuzz-2.3.4>wfuzz
********************************************************
* Wfuzz 2.4 - The Web Fuzzer                           *
*                                                      *
* Version up to 1.4c coded by:                         *
* Christian Martorella (cmartorella@edge-security.com) *
* Carlos del ojo (deepbit@gmail.com)                   *
*                                                      *
* Version 1.4d to 2.4 coded by:                        *
* Xavier Mendez (xmendez@edge-security.com)            *
********************************************************

Usage:  wfuzz [options] -z payload,params <url>

        FUZZ, ..., FUZnZ  wherever you put these keywords wfuzz will replace them with the values of the specified payload.
        FUZZ{baseline_value} FUZZ will be replaced by baseline_value. It will be the first request performed and could be used as a base for filtering.


Examples:
        wfuzz -c -z file,users.txt -z file,pass.txt --sc 200 http://www.site.com/log.asp?user=FUZZ&pass=FUZ2Z
        wfuzz -c -z range,1-10 --hc=BBB http://www.site.com/FUZZ{something not there}
        wfuzz --script=robots -z list,robots.txt http://www.webscantest.com/FUZZ

Type wfuzz -h for further information or --help for advanced usage.


0x02  exe版本的安装

  • 打开
    wfuzz运行路径
  • 运行
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
wfuzz.exe -w 1.txt www.baidu.com/FUZZ
********************************************************
* Wfuzz 2.1 - The Web Bruteforcer                      *
********************************************************

Target: http://www.baidu.com/FUZZ
Total requests: 4

==================================================================
ID      Response   Lines      Word         Chars          Request
==================================================================

00000:  C=302      7 L        18 W          222 Ch        "2"
00001:  C=302      7 L        18 W          222 Ch        "3"
00002:  C=302      7 L        18 W          222 Ch        "4"
00003:  C=302      7 L        18 W          222 Ch        "1"

Total time: 0.296999
Processed Requests: 4
Filtered Requests: 0
Requests/sec.: 13.46801
发布于 
tags:
  • { Tools }