Closed pptx704 closed 2 months ago
For some reason, every endpoint is being counted as a valid vhost that returns 403 status. Gobuster version is 3.6
vhost
403
3.6
To recreate-
vhost-list.txt
ajfhjakshduh39y98ih3oi
./gobuster vhost -u https://wazuh.com -t 1024 -w vhost-list.txt --append-domain
=============================================================== Gobuster v3.6 by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart) =============================================================== [+] Url: https://wazuh.com [+] Method: GET [+] Threads: 1024 [+] Wordlist: common-vhosts.txt [+] User Agent: gobuster/3.6 [+] Timeout: 10s [+] Append Domain: true =============================================================== Starting gobuster in VHOST enumeration mode =============================================================== Found: ajfhjakshduh39y98ih3oi.wazuh.com Status: 403 [Size: 915] Progress: 1 / 2 (50.00%) =============================================================== Finished ===============================================================
However, running curl ajfhjakshduh39y98ih3oi.wazuh.com would return curl: (6) Could not resolve host: ajfhjakshduh39y98ih3oi.wazuh.com
curl ajfhjakshduh39y98ih3oi.wazuh.com
curl: (6) Could not resolve host: ajfhjakshduh39y98ih3oi.wazuh.com
the dns name does not need to exist in vhost mode. The correct command would be curl -H “Host: xxxxx” ip. This is not a bug
For some reason, every endpoint is being counted as a valid
vhost
that returns403
status. Gobuster version is3.6
To recreate-
vhost-list.txt
with any random text (i.e.ajfhjakshduh39y98ih3oi
) in it./gobuster vhost -u https://wazuh.com -t 1024 -w vhost-list.txt --append-domain
However, running
curl ajfhjakshduh39y98ih3oi.wazuh.com
would returncurl: (6) Could not resolve host: ajfhjakshduh39y98ih3oi.wazuh.com