DIRB FAQ
========



Questions:
1) Can I use multiple wordfiles at a time?

2) I Know 3 directories to exist, how can I scan they?

3) I'm newbie in security testing. Is DIRB an easy tool?

4) Can DIRB find or exploit vulnerabilities?

5) Can you include a description of each item found?

6) I'm desperate. I've used all the avaliables CGI scanners against a 
webserver and they don't found anything. DIRB can give me some hope.

7) Can DIRB be used like a classical CGI scanner?

8) What is the NEC?

9) What about a multi-thread version?



####################################################



1) Can I use multiple wordfiles at a time?

YES, the wordfile parameter let you specify multiple files separated by 
coma: ","



2) I Know 3 directories to exist, how can I scan they?

You have 2 options:

- Scan directly each directory. For example:

	$./dirb http://www.site.com/directory1/ wordlist.txt

	$./dirb http://www.site.com/directory2/ wordlist.txt

	$./dirb http://www.site.com/directory3/ wordlist.txt

- Include the name of the 3 directories in a text file (one directory by line)
and use it like a wordfile. DIRB will found the directories and scan into it. 
For example:

	$./dirb http://www.site.com/ wordlist.txt,dirnamefile.txt

Content of dirnamefile.txt:
----------------
directory1
directory2
directory3
----------------



3) I'm newbie in security testing. Is DIRB an easy tool?

NOT. DIRB is a tool for automating the search of (normally hidden) web 
applications. But once you have found it, you need a good knowledge on 
security and penetration testing to get advantage of this information.



4) Can DIRB find or exploit vulnerabilities?

NOT. DIRB look for web objects. To determine if they are vulnerable or not, 
you must use your own intelligence or other kind of tool.



5) Can you include a description of each item found?

NOT. DIRB scan generic contents. I don't know what exist inside each one. 
Maybe some administrator use a file named "test.asp" as his main 
administration menu or simply is a "hello world" script...



6) I'm desperate. I've used all the avaliables CGI scanners against a 
webserver and they don't found anything. DIRB can give me some hope?

YES. DIRB can found something that classic CGI scanners can't found. Maybe 
it's your last chance.



7) Can DIRB be used like a classical CGI scanner?

YES. You only need to define a wordlist with common vulnerable CGI names, and 
feed this wordfile into DIRB. (The default dirb distribution comes
with a wordfile for this usage: "wordlists/vulns/cgis.txt")



8) What is the NEC?

NEC means "Not Existant Code". NEC is the response code that gives a 
webserver for not existant pages or documents. DIRB use this code to locate 
only the correct existant pages and eliminate the rest. By default most 
webservers use NEC = 404 (Page not found) but on some cases the NEC code is 
not 404 and most CGI scanners fail in detecting existing pages.



9) What about a multi-thread version?

I have tested a simplified demo version of dirb running multiple threads and 
the speed ganancy was about 20-40%. This ganancy is not significant and the 
complexity of the code make (by now) not practical to run dirb with threads.



