shelld3v
commented
3 years ago For example some application with custom 404 pages can only be scanned using a filter on some header (i.e. Content-Length).
Can you explain more about this?
Open notdodo opened 4 years ago
shelld3v
commented
3 years ago For example some application with custom 404 pages can only be scanned using a filter on some header (i.e. Content-Length).
Can you explain more about this?
notdodo
commented
3 years ago Hi!
Sorry it's been a long time and I don't know if I recall this issue correctly or it's not applicable in dirsearch. What I meant was: some site uses a custom page for 404 that respond with a "200 OK" (not a 404 http status) that contains the text "page not found" or some custom header. What I need to do: I know that the a blank "page not found" has a content-length of 300 (for example); using a regex/flag I'd like ignore all pages with this content-length (any other header),
shelld3v
commented
3 years ago I will do this soon for sure. But, I can see that you can use the --exclude-sizes flag. Also, by default, dirsearch does an advanced wildcard testing, so probably 200 with a custom 404 page will be filtered!
notdodo
commented
3 years ago Ok thank you, I think we can close the issue
shelld3v
commented
3 years ago Not yet!
Hi!
It should be possible to include in the search process also the headers of the response. For example some application with custom 404 pages can only be scanned using a filter on some header (i.e. Content-Length).