search

ffuf / ffuf

Fast web fuzzer written in Go
MIT License
12.23k stars 1.26k forks source link

Could not parse raw request: could not read request: EOF #772

Open RunRenegade opened 5 months ago

RunRenegade commented 5 months ago

Hi,

Seem to keep coming across the titled error whenever I try to use the raw headers, I believe I have done things correctly.

I have used this method before without issues, so unsure why it is not.

The command used is; ffuf -request request.txt -request-proto http -mode clusterbomb -w top4.txt:FUZZPASS -w users.txt:FUZZUSER

However, I have also had the same error when doing a single fuzz without the mode.

Below is the raw request;


Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 27
Origin: http://localhost
Connection: close
Referer: http://localhost/labs/a0x03.php
Cookie: admin_cookie=5ac5355b84894ede056ab81b324c4675
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1

username=FUZZUSER&password=FUZZPASS```

Any help appreciated.
joohoi commented 5 months ago

You seem to be missing the first line that contains the HTTP method along with the requested resource and HTTP version

On Fri 22. Mar 2024 at 11.44, RunRenegade @.***> wrote:

Hi,

Seem to keep coming across the titled error whenever I try to use the raw headers, I believe I have done things correctly.

I have used this method before without issues, so unsure why it is not.

The command used is; ffuf -request request.txt -request-proto http -mode clusterbomb -w top4.txt:FUZZPASS -w users.txt:FUZZUSER

However, I have also had the same error when doing a single fuzz without the mode.

Below is the raw request;

Host: localhost User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 27 Origin: http://localhost Connection: close Referer: http://localhost/labs/a0x03.php Cookie: admin_cookie=5ac5355b84894ede056ab81b324c4675 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1

username=FUZZUSER&password=FUZZPASS```

Any help appreciated.

— Reply to this email directly, view it on GitHub https://github.com/ffuf/ffuf/issues/772, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABH6DJKEYNIQ37RSSL6SXUDYZP4OFAVCNFSM6AAAAABFC75LT2VHI2DSMVQWIX3LMV43ASLTON2WKOZSGIYDEMBZHAZDEMY . You are receiving this because you are subscribed to this thread.Message ID: @.***>

RunRenegade commented 5 months ago

Thanks for the response, I still appear to be having the error. Though in honesty I tried it it with a different request so perhaps its something else.

I am just copying and pasting from burp, from what I understand I don't need to be changing/conditioning anything apart from adding the FUZZ etc

POST /capstone/auth.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 38
Origin: http://localhost
Connection: close
Referer: http://localhost/capstone/index.php?message=Login%20failed!
Cookie: PHPSESSID=bd480e68c91c5e459755a6b32e92a636
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1

username=coffeeshop&password=FUZZ&auth=login

Thought maybe command would be useful, as perhaps I missed something there.

ffuf -request request.txt -w /usr/share/wordlists/rockyou.txt:FUZZ -request-proto http

And

ffuf -request request.txt -w /usr/share/wordlists/rockyou.txt -request-proto http
bsysop commented 5 months ago

Hi @RunRenegade, Please add a -debug-log debug.log to the ffuf command and paste the results of debug.log in the comments, so it show the error.

RunRenegade commented 4 months ago

Hi @bsysop , here is the result.

2024/04/15 04:51:02 Error while opening default config file: open /home/kali/.ffufrc: no such file or directory

Since seeing this I have gone through and apt update etc as it looked like a file was missing. Just ran a test with ffuf using another request against a different target and seems to work fine now.