search

OJ / gobuster

Directory/File, DNS and VHost busting tool written in Go
Apache License 2.0
9.34k stars 1.16k forks source link

vhost not working correctly #450

Closed NickTheSecurityDude closed 10 months ago

NickTheSecurityDude commented 10 months ago

vhost not working correctly

On htb machine "stacked", portfolio is a valid page, however gobuster sees it as a redirect:

┌──(kali㉿kali)-[~/htb/machines/stacked]
└─$ gobuster vhost -u http://stacked.htb -w /opt/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -o gobuster.vhost.out

┌──(kali㉿kali)-[~/htb/machines/stacked]
└─$ cat gobuster.vhost.out|grep "portfolio"
Found: portfolio Status: 302 [Size: 278] [--> http://stacked.htb/]
Found: www.portfolio Status: 302 [Size: 282] [--> http://stacked.htb/]

Testing for that vhost in burp or curl it returns a 200 with a much larger size:

┌──(kali㉿kali)-[~/htb/machines/stacked]
└─$ curl -s -w "%{http_code} %{size_download}"  -o /dev/null --header "Host: portfolio.stacked.htb" http://stacked.htb
200 30268 
┌──(kali㉿kali)-[~/htb/machines/stacked]
└─$ gobuster version
3.6

I used the same command used here: https://youtu.be/aWXfEDIYZu8?feature=shared&t=246. It did work in the video, which was likely and earlier version of gobuster.

firefart commented 10 months ago

you need to use --append-domain , otherwise only the plain word from the wordlist is tried