Closed TannicArcher closed 7 months ago
dalfox url https://series40.kiev.ua -w 1000 --report --deep-domxss --remote-payloads=portswigger sxss
_..._
.' .::::. __ : :::::::: | \ / \ | | | / \ V / : :::::::: | o ) o || | | ( o )) ( '. '::::::' |__/|n||__||| _//n\ '-.::''
ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.
π― Target https://series40.kiev.ua π Method GET π₯ Worker 1000 π¦ BAV true β Mining true (Gf-Patterns) π¬ Mining-DOM true (mining from DOM) β± Timeout 10 π€ FollowRedirect false π° Started at 2023-11-01 20:44:40.265366132 +0200 EET m=+0.065129883
[*] π¦ Start scan [SID:Single] / URL: https://series40.kiev.ua β ¦ [SA: β PA: β BAV: β ] Waiting for analysis πpanic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x60 pc=0x5db734]
goroutine 28 [running]: net/url.(URL).Query(0xc000dcbde0) /usr/local/go/src/net/url/url.go:1130 +0x14 github.com/hahwul/dalfox/v2/pkg/scanning.ParameterAnalysis.func6(0xc0000aa038, 0xc000dec8b0) /Users/ichei/Projects/release/dalfox/pkg/scanning/parameterAnlaysis.go:193 +0xaa github.com/PuerkitoBio/goquery.(Selection).Each(0xc000c36d50, 0xc000fbb318) /Users/ichei/go/pkg/mod/github.com/!puerkito!bio/goquery@v1.8.1/iteration.go:10 +0x46 github.com/hahwul/dalfox/v2/pkg/scanning.ParameterAnalysis({, }, {{0x1c032e8, 0x0, 0x0}, {0x0, 0x0}, {0x1c032e8, 0x0, 0x0}, ...}, ...) /Users/ichei/Projects/release/dalfox/pkg/scanning/parameterAnlaysis.go:189 +0xea9 github.com/hahwul/dalfox/v2/pkg/scanning.Scan.func3() /Users/ichei/Projects/release/dalfox/pkg/scanning/scan.go:154 +0xdf created by github.com/hahwul/dalfox/v2/pkg/scanning.Scan /Users/ichei/Projects/release/dalfox/pkg/scanning/scan.go:152 +0x10e5 Installed from snapcraft System Xubutu 23.04
Hi @TannicArcher First of all, thank you for reporting the issue! Let me check :D
dalfox url https://series40.kiev.ua -w 1000 --report --deep-domxss --remote-payloads=portswigger sxss
.' .::::. __ : :::::::: | \ / \ | | | / \ V / : :::::::: | o ) o || | | ( o )) ( '. '::::::' |__/|n||__||| _//n\ '-.::''
ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.
π― Target https://series40.kiev.ua π Method GET π₯ Worker 1000 π¦ BAV true β Mining true (Gf-Patterns) π¬ Mining-DOM true (mining from DOM) β± Timeout 10 π€ FollowRedirect false π° Started at 2023-11-01 20:44:40.265366132 +0200 EET m=+0.065129883
goroutine 28 [running]: net/url.(URL).Query(0xc000dcbde0) /usr/local/go/src/net/url/url.go:1130 +0x14 github.com/hahwul/dalfox/v2/pkg/scanning.ParameterAnalysis.func6(0xc0000aa038, 0xc000dec8b0) /Users/ichei/Projects/release/dalfox/pkg/scanning/parameterAnlaysis.go:193 +0xaa github.com/PuerkitoBio/goquery.(Selection).Each(0xc000c36d50, 0xc000fbb318) /Users/ichei/go/pkg/mod/github.com/!puerkito!bio/goquery@v1.8.1/iteration.go:10 +0x46 github.com/hahwul/dalfox/v2/pkg/scanning.ParameterAnalysis({, }, {{0x1c032e8, 0x0, 0x0}, {0x0, 0x0}, {0x1c032e8, 0x0, 0x0}, ...}, ...) /Users/ichei/Projects/release/dalfox/pkg/scanning/parameterAnlaysis.go:189 +0xea9 github.com/hahwul/dalfox/v2/pkg/scanning.Scan.func3() /Users/ichei/Projects/release/dalfox/pkg/scanning/scan.go:154 +0xdf created by github.com/hahwul/dalfox/v2/pkg/scanning.Scan /Users/ichei/Projects/release/dalfox/pkg/scanning/scan.go:152 +0x10e5 Installed from snapcraft System Xubutu 23.04