reNgine-ng is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface.
GNU General Public License v3.0
52
stars
10
forks
source link
fix(scan): rework the alive endpoint and redirection operation #96
With this PR reNgine-ng scans will work really better.
Check the issues for more details about the bug.
Now an endpoint is considered as alive if an HTTP status code exists and is > 0.
This prevent a lot of problems while running scan because in the current state if an endpoint returns 40x or 50x code, it will not be scanned.
This modification also correctly set the is_default state of the root endpoint of the subdomain that is the base of all the active scan (ffuf, nuclei ...)
There's also a problem with 301 and 302 status code.
In reNgine-ng, HTTPx was set to follow redirect by default, this creates bugs of scan not launched because the URL of the redirection is not the same as the scanned URL.
So I've switched the default value to False. To follow redirections, you must use the --follow-redirection parameter in your http_crawl section of your scanEngine configuration.
I've fixed also small bugs that I've found while testing all the scanEngine concerned by this PR:
Removed console.log dump that eat CPU in front because they are huge and contains recursive values
Fix unintended subdomain creation while Nuclei is running
Fix #7 #14
With this PR reNgine-ng scans will work really better. Check the issues for more details about the bug.
Now an endpoint is considered as alive if an HTTP status code exists and is > 0. This prevent a lot of problems while running scan because in the current state if an endpoint returns 40x or 50x code, it will not be scanned. This modification also correctly set the
is_default
state of the root endpoint of the subdomain that is the base of all the active scan (ffuf, nuclei ...)There's also a problem with 301 and 302 status code. In reNgine-ng, HTTPx was set to follow redirect by default, this creates bugs of scan not launched because the URL of the redirection is not the same as the scanned URL. So I've switched the default value to False. To follow redirections, you must use the
--follow-redirection
parameter in your http_crawl section of your scanEngine configuration.I've fixed also small bugs that I've found while testing all the scanEngine concerned by this PR:
Tested in all target and subdomain scan.