Closed weujieytt closed 2 years ago
joohoi
commented
2 years ago It should work. The default recursion strategy of ffuf differs from feroxbuster in a way that it doesn't try to recurse 200 responses, but only 30X ones. You can achieve the same results with -recursion-strategy greedy in ffuf.
From the help text:
-recursion-strategy Recursion strategy: "default" for a redirect based, and "greedy" to recurse on all matches (default: default)
weujieytt
commented
2 years ago 它应该工作。ffuf 的默认递归策略与 feroxbuster 的不同之处在于,它不尝试递归响应,而只尝试递归响应。您可以使用ffuf获得相同的结果。
200``30X``-recursion-strategy greedy从帮助文本中:
-recursion-strategy Recursion strategy: "default" for a redirect based, and "greedy" to recurse on all matches (default: default)
Thanks for the answer. I successfully used the recursive scan. however, I have a question .. can I specify the status code matched by greedy? Is it redundant to do a recursive scan when the first level directory is 404?
joohoi
commented
2 years ago can I specify the status code matched by greedy?
The greedy mode currently matches whatever are the global matchers you have set up, based on any criteria; status code, content-length, number of lines, words or timing, if not filtered out by your custom filtering setup.
Is it redundant to do a recursive scan when the first level directory is 404?
In almost all cases, yes.
weujieytt
commented
2 years ago The greedy mode currently matches whatever are the global matchers you have set up, based on any criteria; status code, content-length, number of lines, words or timing, if not filtered out by your custom filtering setup.
I can't understand. I just don't want to do recursive scan 404 pages , If use -fc 404 just don't show 404 pages, ffuf will still scan 404 pages. Like -recursion-strategy code 200,403,301 ?
joohoi
commented
2 years ago That you can accomplish with -mc 200,301,403 -recursion-strategy greedy
weujieytt
commented
2 years ago 您可以通过以下方式完成
-mc 200,301,403 -recursion-strategy greedy
Thank you very much for your reply, But I don't need to match the output. I need to match the response status when using the greedy policy. If the first level of recursion is 404 or Context-Length: 0 then stop the recursion for that directory. For example: https://host/FUZZ returns 404 then stop the recursive scan of https://host/FUZZ/FUZZ
weujieytt
commented
2 years ago That you can accomplish with
-mc 200,301,403 -recursion-strategy greedy您可以通过以下方式完成
-mc 200,301,403 -recursion-strategy greedyThank you very much for your reply, But I don't need to match the output. I need to match the response status when using the greedy policy. If the first level of recursion is 404 or Context-Length: 0 then stop the recursion for that directory. For example: https://host/FUZZ returns 404 then stop the recursive scan of https://host/FUZZ/FUZZ
Maybe it will speed up the time a lot when scan the urllist
weujieytt
commented
2 years ago @joohoi
joohoi
commented
2 years ago Hi, there's currently no option to explicitly stop the recursion for a specific target. These are highly specific and opinionated needs, and the design philosophy with ffuf has always been to keep it as simple as possible, and to include as little magic under the hood.
Because of this I don't see it very probable that this will end up being a feature in ffuf at least in the near future.
weujieytt
commented
2 years ago Thanks for your reply
一样的目录,不通的递归扫描结果;左边是ffuf,右边是feroxbuster ;