search

fyoorer / ShadowClone

Unleash the power of cloud
Apache License 2.0
734 stars 98 forks source link

FFUF Example Usage? #7

Closed vysecurity closed 1 year ago

vysecurity commented 2 years ago

Hi there,

Do you have an FFUF example usage? I kept getting errors parsing params for example:

python3 shadowclone.py -i input.txt -o output.txt -s 1 -c "cat {INPUT} | xargs -I @ -c '/go/bin/ffuf -u @ -w wordlist.txt -mc 200'"

melmel27 commented 2 years ago

hello @vysecurity do you have a complete installation guide? i followed the guide and it keeps giving the error file does not exist. I think there might be something wrong with the Dockerfile

fyoorer commented 2 years ago

You can find ffuf example command in the Wiki-> Examples page to get an idea. Providing multiple wordlists is not supported yet.

python shadowclone.py -i <WORDLIST FILE> --split 300 -o <OUTPUT FILE> -c "/go/bin/ffuf -u https://www.example.com/FUZZ -w {INPUT} -s -ac"
marz-hunter commented 2 years ago

@fyoorer

ffuf output is very strange. i tried https://reddit.com which has etc/passwd but the tool instead returns something which is not in the wordlist


root@screcx:~/ShadowClone# cat test
admin
/etc/passwd
robots.txt
etc/passwd

root@screcx:~/ShadowClone# python3.8 shadowclone.py -i test --split 1 -o ffuf -c "/go/bin/ffuf -mc 200 -u https://www.reddit.com/FUZZ -w {INPUT} -s -ac"         
2022-07-14 10:12:48,135 [INFO] Splitting input file into chunks of 1 lines
2022-07-14 10:12:48,139 [INFO] Uploading chunks to storage
2022-07-14 10:12:48,200 [INFO] lithops.config -- Lithops v2.5.8
2022-07-14 10:12:48,208 [INFO] lithops.storage.backends.aws_s3.aws_s3 -- S3 client created - Region: ap-northeast-1
2022-07-14 10:12:49,114 [INFO] lithops.serverless.backends.aws_lambda.aws_lambda -- AWS Lambda client created - Region: ap-northeast-1
2022-07-14 10:12:49,116 [INFO] lithops.invokers -- ExecutorID e915e8-0 | JobID M000 - Selected Runtime: lithops_v2-5-8_mnur/new - 1024MB
2022-07-14 10:12:50,250 [INFO] lithops.invokers -- ExecutorID e915e8-0 | JobID M000 - Starting function invocation: execute_command() - Total: 4 activations
2022-07-14 10:12:50,256 [INFO] lithops.invokers -- ExecutorID e915e8-0 | JobID M000 - View execution logs at /tmp/lithops/logs/e915e8-0-M000.log
2022-07-14 10:12:50,257 [INFO] lithops.wait -- ExecutorID e915e8-0 - Getting results from functions

  100%|██████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 4/4

2022-07-14 10:12:55,377 [INFO] lithops.executors -- ExecutorID e915e8-0 - Cleaning temporary data
FMaSiQrY

.htaccessLALNdEXr

MxaDlJqh