search

Moopinger / smugglefuzz

A rapid HTTP downgrade smuggling scanner written in Go.
MIT License
248 stars 14 forks source link

smugglefuzz stops scanning all URLs when one URL gives error #8

Open Nishantbhagat57 opened 5 months ago

Nishantbhagat57 commented 5 months ago 
nishant57@v2202405199255271385:~/BB/dorker/xsspayloads$ smugglefuzz scan -f /home/nishant57/BB/httprobe_urls.txt --confirm -s /home/nishant57/BB/smugglefuzz.txt

 _____                   _     _____             
|   __|_____ _ _ ___ ___| |___|   __|_ _ ___ ___ 
|__   |     | | | . | . | | -_|   __| | |- _|- _|
|_____|_|_|_|___|_  |_  |_|___|__|  |___|___|___|
                |___|___|  v0.2.2 @moopinger

Error parsing URL: H2C not implemented. If needed see the "experimental-h2c" branch

httprobe_urls.txt example file:

http://actionlog.example.com
http://reval.example.com
http://user-api.example.com
https://00307-proxy-dev-westus2.example.com

If one URL gives error I don't think it's a good idea to stop scanning all other URLs.

Moopinger commented 5 months ago

Good catch thanks! Will have a fix for this out this week. (v0.2.3) thanks