App can also a loop redirect in some cases, user might not want to follow the redirect by default.
└─$ python3 lfimap.py -U "https://portswigger.net/PWN" -a -v --http-ok 404
[i] Session information is not provided. LFImap might have troubles finding vulnerabilities if testing endpoint requires authentication.
<Response [404]>
[i] Testing GET '' parameter...
[i] Testing misc issues using heuristics...
[i] Testing for XSS...
[-] Previous request caused uncaught exception. Try proxying requests to see exactly what happened
Traceback (most recent call last):
File "/home/kali/Desktop/tools/LFImap/lfimap/lfimap.py", line 785, in <module>
main()
File "/home/kali/Desktop/tools/LFImap/lfimap/lfimap.py", line 656, in main
test_heuristics(url, post)
File "/home/kali/Desktop/tools/LFImap/lfimap/src/attacks/heur.py", line 96, in test_heuristics
res, _ = REQUEST(u, tempHeaders, postTest, proxies, "INFO", "INFO")
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/kali/Desktop/tools/LFImap/lfimap/src/httpreqs/request.py", line 307, in REQUEST
res = requests.request(
^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/requests/api.py", line 59, in request
return session.request(method=method, url=url, **kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 589, in request
resp = self.send(prep, **send_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 725, in send
history = [resp for resp in gen]
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 725, in <listcomp>
history = [resp for resp in gen]
^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 191, in resolve_redirects
raise TooManyRedirects(
requests.exceptions.TooManyRedirects: Exceeded 30 redirects.
App can also a loop redirect in some cases, user might not want to follow the redirect by default.