search

maurosoria / dirsearch

Web path scanner
11.76k stars 2.29k forks source link

Max sub-directories for recursion #1091

Open 0xhunster opened 2 years ago

0xhunster commented 2 years ago

when I set --max-recursion-depth 1 or -R 1 it works fine :) 

python3 ~/tools/dirsearch/dirsearch.py -e* --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.162 Safari/537.36" -i 200 --exit-on-error --full-url --deep-recursive --max-recursion-depth 1 -o outs.txt --format plain -w list -t 40 -u https://www.plesk.com/

  _|. _ _  _  _  _ _|_    v0.4.2.4
 (_||| _) (/_(_|| (_| )

Extensions: php, jsp, asp, aspx, do, action, cgi, html, htm, js, json, tar.gz, bak | HTTP method: GET | Threads: 40
Wordlist size: 925

Output File: /tmp/akash.txt

Target: https://www.plesk.com/

[10:07:05] Starting:
[10:07:08] 200 -  395B  - https://www.plesk.com/wp-admin/css/wp-admin.css
Added to the queue: wp-admin/
[10:07:08] 200 -  490B  - https://www.plesk.com/wp-admin/css/wp-admin-rtl.css
[10:07:08] 200 -    6KB - https://www.plesk.com/wp-admin/css/install.css
[10:07:08] 200 -  546B  - https://www.plesk.com/wp-admin/images/align-center.png
[10:07:08] 200 -  554B  - https://www.plesk.com/wp-admin/images/align-left.png
[10:07:08] 200 -  243B  - https://www.plesk.com/wp-admin/images/arrows.png
[10:07:08] 200 -    2B  - https://www.plesk.com/wp-admin/edit-form-advanced.php
[10:07:09] 200 -    4KB - https://www.plesk.com/wp-admin/images/imgedit-icons.png
[10:07:09] 200 -  360B  - https://www.plesk.com/wp-admin/images/marker.png
[10:07:13] 200 -    5KB - https://www.plesk.com/wp-admin/maint/repair.php
[10:07:13] 200 -    4KB - https://www.plesk.com/wp-admin/js/password-strength-meter.js
[10:07:16] 200 -    1KB - https://www.plesk.com/wp-admin/upgrade.php
[10:07:20] Starting: wp-admin/

Task Completed

but when I set --max-recursion-depth 2 or -R 2 didn't works it anymore.

lol@0xhunster:/tmp$ python3 ~/tools/dirsearch/dirsearch.py -e* --user-agent="Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.162 Safari/537.36" -i 200 --exit-on-error --full-url --deep-recursive --max-recursion-depth 2 -o akash.txt --format plain -w list -t 40 -u https://www.plesk.com/

  _|. _ _  _  _  _ _|_    v0.4.2.4
 (_||| _) (/_(_|| (_| )

Extensions: php, jsp, asp, aspx, do, action, cgi, html, htm, js, json, tar.gz, bak | HTTP method: GET | Threads: 40
Wordlist size: 925

Output File: /tmp/akash.txt

Target: https://www.plesk.com/

[10:12:36] Starting:
[10:12:38] 200 -  611B  - https://www.plesk.com/wp-admin/css/farbtastic.css
Added to the queue: wp-admin/, wp-admin/css/
[10:12:38] 200 -  490B  - https://www.plesk.com/wp-admin/css/wp-admin-rtl.css
[10:12:38] 200 -   24KB - https://www.plesk.com/wp-admin/css/media.css
[10:12:38] 200 -  546B  - https://www.plesk.com/wp-admin/images/align-center.png
Added to the queue: wp-admin/images/
[10:12:39] 200 -  417B  - https://www.plesk.com/wp-admin/images/align-none.png
[10:12:39] 200 -  395B  - https://www.plesk.com/wp-admin/css/wp-admin.css
[10:12:41] 200 -  539B  - https://www.plesk.com/wp-admin/images/yes.png
[10:12:41] 200 -    0B  - https://www.plesk.com/wp-admin/includes/bookmark.php
Added to the queue: wp-admin/includes/
[10:12:41] 200 -    0B  - https://www.plesk.com/wp-admin/includes/class-ftp.php
[10:12:41] 200 -    0B  - https://www.plesk.com/wp-admin/includes/class-wp-filesystem-base.php
[10:12:42] 200 -    3KB - https://www.plesk.com/wp-admin/js/custom-background.js
Added to the queue: wp-admin/js/
[10:12:42] 200 -    0B  - https://www.plesk.com/wp-admin/includes/list-table.php
[10:12:43] 200 -  740B  - https://www.plesk.com/wp-admin/js/xfn.js
[10:12:44] 200 -    5KB - https://www.plesk.com/wp-admin/maint/repair.php
Added to the queue: wp-admin/maint/
[10:12:44] 200 -    5KB - https://www.plesk.com/wp-admin/js/media.js
[10:12:46] 200 -    1KB - https://www.plesk.com/wp-admin/upgrade.php
[10:12:52] Starting: wp-admin/
[10:13:23] Starting: wp-admin/css/
[10:13:56] Starting: wp-admin/images/
[10:14:29] Starting: wp-admin/includes/
[10:15:00] Starting: wp-admin/js/
[10:15:31] Starting: wp-admin/maint/

Task Completed
shelld3v commented 2 years ago

It did work, didn't it?

...
[10:12:52] Starting: wp-admin/
[10:13:23] Starting: wp-admin/css/
[10:13:56] Starting: wp-admin/images/
[10:14:29] Starting: wp-admin/includes/
[10:15:00] Starting: wp-admin/js/
[10:15:31] Starting: wp-admin/maint/
...
0xhunster commented 2 years ago

yes, work. But it should be scanned only 2. but not work.

[10:12:52] Starting: wp-admin/
[10:13:23] Starting: wp-admin/css/
shelld3v commented 2 years ago

Hi @0xhunster, I think you misunderstood the feature, "max recursion depth" is the maximum path depth to perform recursion. For example, if dirsearch finds /api/v2/, the path depth is 2 (/api and /v2), so if you set the maximum recursion depth to 1, it won't brute-force it.

0xhunster commented 2 years ago

oh, ok thanks for clearing this. Any way to scan only 2 recursive then stop. I mean, Added to the queue: jobs work only two times.

[10:12:52] Starting: wp-admin/
[10:13:23] Starting: wp-admin/css/
shelld3v commented 2 years ago

Well, maybe I will add that feature, but I need to know the purpose/usage of this feature first. What are the use cases, who will use it?

0xhunster commented 2 years ago

It's very important because nowadays we are doing a lot of automation. so, when we will do automation with dirsearch with recursion function, then dirseach will work with recursion, but when dirsearch found a directory then added to the queue, but if directory found more than 20. Then it will very time to get the result. So, If we set the jobs queue, it will be got the result in less time. I hope you understand.

shelld3v commented 2 years ago

@0xhunster I think when a hacker scans a target, they must expect to find all the possible paths, missing any path can lead to missing a vulnerability. dirsearch allows you to save the progress and continue later, so no need to ignore the results just for time complexity