Isona / dirble

Fast directory scanning and scraping tool
GNU General Public License v3.0
613 stars 87 forks source link

Follow initial redirect #6

Open Viss opened 5 years ago

Viss commented 5 years ago

In testing out dirble, I noticed that it will attempt exactly the url that is given, but seems to not understand what to do if, for example, the following scenario is encountered:

./dirble --host abc.com <dirble brutes abc.com, but abc.com 301's absolutely every request>

curl -skv abc.com 301 to https://abc.com

curk-skv https://abc.com 301 to https://www.abc.com

real site resides on https://www.abc.com, but input provided is just abc.com.

wpscan handles this pretty well with a function called 'follow initial redirect'. If something like that could be possible here, it would greatly improve workflow!

Isona commented 5 years ago

Thanks for the suggestion, it sounds like a useful feature idea and I'll look at implementing it soon! However one thing I'm wary of is silently going out of scope, so if I were to implement this, it would probably involve prompting the user before changing the url being scanned, as Dirble is slightly more intrusive than wpscan.

Viss commented 5 years ago

Yup! Should be pretty easy to sort out scope though - if the domain name doesnt change, just the subdomain and http->https, its generally 'the actual site you're looking for' vs a 302 or 301 to another actual site.