MC874 commented 2 years ago

Introduction

Add ability to scan CDN address using http format: GET / HTTP/1.1. Can be usefull when scanning CloudFront Addresses with bug-domain reserved as proxy: bug:80 instead of using scheme:// restriction.

Background

The behind idea for this is: cdn-ssl with defined custom payloads; are unable to replicate 101 codes for CloudFront target CDN:

bugscanner-go scan cdn-ssl --proxy bug.com --port 80 --target cloudfront.net --payloads "GET / HTTP/1.1[crlf]Host: cloudfront.net[crlf]Connection: Upgrade[crlf]Upgrade: websocket[crlf][crlf]"

Implementation

Could be integrated as a new module cdn-proxy or merged to cdn-ssl with script revision. If it's still possible trough cdn-ssl with some little work-around; please kindly to let me know :)

aztecrabbit commented 2 months ago

bugscanner-go scan proxy is what you want right? i already added that

demianrey commented 2 months ago

bugscanner-go scan proxy is what you want right? i already added that

I already updated to the latest branch and the scan proxy option does not appear, what is happening? Regards

aztecrabbit commented 2 months ago

I already updated to the latest branch and the scan proxy option does not appear, what is happening? Regards

use this command to update

GOPROXY=direct go install -v github.com/aztecrabbit/bugscanner-go@HEAD

demianrey commented 2 months ago

I already updated to the latest branch and the scan proxy option does not appear, what is happening? Regards

use this command to update

GOPROXY=direct go install -v github.com/aztecrabbit/bugscanner-go@HEAD

Thanks 👍

aztecrabbit / bugscanner-go

[Enhancement] cdn-proxy #3

Introduction

Background

Implementation