Open v01dlight opened 3 years ago
I commented out line 177 sed -i.bak 's/.$//' $postrequest
which seemed to be the culprit for cutting the last character off every line, but I'm still getting way different response sizes than I see in Burp. Not sure if the issue is solved.
I'm attempting to spray an OWA instance I know should contain some hits, but after letting a spray job run overnight it had gone through a decent chunk of the password list and found nothing which I thought was odd since this was against a userlist of 600+. I noticed that the spray-logs.txt file had a very large number in front of each attempt, which didn't match up with what I'd expect the byte size of a failed attempt to be. I double checked the post request file to make sure I didn't mess something up, and noticed that the IP in the host header was missing some digits. At first I thought I must have screwed it up when I pasted that data in from Burp, but then I realized every line had some characters chopped off the end. I set up a new spray to replicate the issue and verified that once the tool starts running, it is editing the supplied post request file in a way that mangles the attack. I redacted the actual IP and domain I was testing against, but you can see below that the post request looks correct before I start, and when checked after the attack is running it is missing the last character of every line.