iGuRu
Now Reading
Konan: Advanced Web Application and Dir Scanner
iGuRu

Konan: Advanced Web Application and Dir Scanner

Konan is an advanced open source tool written in python, designed for brute force attacks on directories and to detect filenames on web application servers.

68747470733a2f2f692e696d6775722e636f6d2f77336251526f572e706e67 - Konan: Advanced Web Application and Dir Scanner

Installation

git clone https://github.com/m4ll0k/Konan.git konan

cd konan && pip install -r requirements.txt

python konan.py

Support

  • Linux
  • Windows
  • MacOSX

Character

FeaturesKonandirsearchdirbgobuster
MultiThreadedyesyesyesyes
Multiple ExtensionsyesyesNo.No.
HTTP Proxy Supportyesyesyesyes
Reportingyes (text and json)yes (text and json)yes (text)No.
User-Agent randomizationyesyesNo.No.
Ignore word in wordlist using regexpyesNo.No.No.
Split extension in wordlistyesNo.No.No.
Multiple MethodsyesyesNo.No.
Response Size ProcessyesyesNo.No.
Provide Sub-Dir for Brute ForceyesyesNo.No.
Provide Dir for Recursively Brute ForceyesyesNo.No.
URL Injection PointyesNo.No.No.

Use

Basic:

  • python konan.py -u / –url http://example.com/

URL: http://testphp.vulnweb.com/

PERCENT - TIME - CODE - METHOD - LENGTH - URL
-------------------
0.39% - 01:32:50 - 200 - GET - 4958 - http://testphp.vulnweb.com/index.php
0.43% - 01:32:52 - 200 - GET - 4732 - http://testphp.vulnweb.com/search.php
0.54% - 01:32:57 - 200 - GET - 5523 - http://testphp.vulnweb.com/login.php
0.81% - 01:33:12 - 200 - GET - 4830 - http://testphp.vulnweb.com/logout.php
8.77% - 01:40:02 - 302 - GET - 14 - http://testphp.vulnweb.com/userinfo.php -> login.php

Injection Point:

  • python konan.py -u / –url http://example.com/%%/index.php

URL: http://testphp.vulnweb.com/%%/index.php

PERCENT - TIME - CODE - METHOD - LENGTH - URL
-------------------
0.39% - 01:32:50 - 200 - GET - 4958 - http://testphp.vulnweb.com/test/index.php
0.43% - 01:32:52 - 200 - GET - 4732 - http://testphp.vulnweb.com/search/index.php

  • python konan.py -u / –url http://example.com/test%% -w /root/numbers.txt

URL: http://testphp.vulnweb.com/test%%

PERCENT - TIME - CODE - METHOD - LENGTH - URL
-------------------
0.39% - 01:32:50 - 200 - GET - 4958 - http://testphp.vulnweb.com/test12
0.43% - 01:32:52 - 200 - GET - 4732 - http://testphp.vulnweb.com/test34

Provide wordlist, default /db/dict.txt:

  • python konan.py -u / –url http://example.com/ -w / –wordlist /root/dict.txt
  • python konan.py -u / –url http://example.com/ -e / –extension php, html -f / –force

URL: http://testphp.vulnweb.com/

PERCENT - TIME - CODE - METHOD - LENGTH - URL
-------------------
0.39% - 02:00:21 - 200 - GET - 4958 - http://testphp.vulnweb.com/index.html
0.43% - 02:00:23 - 200 - GET - 4732 - http://testphp.vulnweb.com/search.php
0.54% - 02:00:30 - 200 - GET - 5523 - http://testphp.vulnweb.com/login.php
0.81% - 02:00:46 - 200 - GET - 4830 - http://testphp.vulnweb.com/logout.html
0.87% - 02:00:50 - 200 - GET - 6115 - http://testphp.vulnweb.com/categories.html

Provide status code exclusion:

  • python konan.py -u / –url http://example.com/ -x / –exclude 400,403,401

Provide only status code for output:

  • python konan.py -u / –url http://example.com/ -o / –only 200,301,302

Wordlist lowercase (isATest -> isatest) and uppercase (isAtest -> ISATEST):

  • python konan.py -u / –url http://example.com/ -w / –wordlist /root/dict.txt [-l / –lowercase OR -p / –uppercase]

Wordlist split (test.php -> to -> test):

  • python konan.py -u / –url http://example.com/ -w / –wordlist /root/dict.txt -s / –split

Wordlist Ignore word, letters, number, etc provided by regexp (\ w * .php | \ w * .html, ^ [0-9 _-] +):_

  • python konan.py -u / –url http://example.com/ -w / –wordlist -I / –ignore “\? +”

Output without -I / –ignore options:
URL: http://testphp.vulnweb.com/

PERCENT - TIME - CODE - METHOD - LENGTH - URL
-------------------
0.39% - 02:06:31 - 200 - GET - 4958 - http://testphp.vulnweb.com/???.php
0.43% - 02:06:32 - 200 - GET - 4732 - http: //testphp.vulnweb.com/ ???????????
0.54% - 02:06:35 - 200 - GET - 5523 - http://testphp.vulnweb.com/admin/

Output with -I / –ignore (in this case \? +) Options:
URL: http://testphp.vulnweb.com/

PERCENT - TIME - CODE - METHOD - LENGTH - URL
-------------------
0.54% - 02:06:35 - 200 - GET - 5523 - http://testphp.vulnweb.com/admin/

Recursive:

  • python konan.py -u / –url http://example.com/ -E / –recursive

Recursive directory found and directory provided by -D / –dir-rec:

  • python konan.py -u / –url http://example.com/ -E / –recursive -D / –dir-rec “admin, tests, dev, internal”

Brute Force directory provided by -S / –sub-dir:

  • python konan.py -u / –url http://example.com/ -S / –sub-dir “admin, test, internal, dev”

Multiple Methods (check GET, POST, PUT and DELETE for word entry):

  • python konan.py -u / –url http://example.com/ -m / –methods ”

Content size process (show response if the response size is “> [number]”, ”<[number]”, ”= [number]”):

  • python konan.py -u / –url http://example.com/ -C / –length “<1000”

URL: http://testphp.vulnweb.com/

PERCENT - TIME - CODE - METHOD - LENGTH - URL
-------------------
0.19% - 02:11:46 - 301 - GET - 184 - http://testphp.vulnweb.com/admin -> http://testphp.vulnweb.com/admin/
1.73% - 02:12:37 - 301 - GET - 184 - http://testphp.vulnweb.com/images -> http://testphp.vulnweb.com/images/

You can download the program from here.

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News

View Comments (0)

Leave a Reply

Your email address Will not be published.

 

iGuRu.gr © 2012 - 2021 Keep it Simple Stupid Custom Theme

Scroll To Top