Scraper rules log multiple times

[xnl-h4ck3r]

Hi When using a scraper rule, it reports the same finding multiple times.

For example, I created a single rule that looks for text Index of / When I ran against a target with this rule, I got the following output:

[Status: 200, Size: 390, Words: 132, Lines: 9, Duration: 5ms]
    * FUZZ: images/
| SCR |
    * Directory Listing: Index of /
    * Directory Listing: Index of /
    * Directory Listing: Index of /
    * Directory Listing: Index of /

The text Index of / appeared in the response twice, but I was expecting to see one entry under |SCR| ideally, but maybe 2 because of the number of occurrences, but not 4.

The rule I have is this:

{
        "active": true,
        "groupname": "dirls",
        "rules": [
                {
                    "name": "Directory Listing",
                    "rule": "(Directory listing for |Index of \\/|\\[To Parent Directory\\]|Directory: \\/)",
                    "target": "all",
                    "type": "regexp",
                    "onlymatched": true,
                    "action": [
                        "output"
                    ]
                }
        ]
}

Regards Xnl

[joohoi]

This happens because your regex yields both, an actual match as well as match to a regex matcher group.

If you don't want to get the matcher group result as well, you need to adjust the regex to accommodate that. If the regex was correct, the result would be printed twice (if there are two occurrences).

More information about the regex syntax can be found here: https://pkg.go.dev/regexp/syntax

[xnl-h4ck3r]

Ah ok. I realised I didn't need the brackets around the options... I always thought you had to in regex! Thanks for your help :)

[joohoi]

Thinking more of it, I can't figure any examples of use cases where ffuf should store multiple identical results to the same scraper rule, so even though technically the issue here was the regex itself, I think I'll do a small patch to make ffuf print out just one of them.