search

ronin-rb / ronin-vulns

Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
https://ronin-rb.dev
GNU Lesser General Public License v3.0
59 stars 16 forks source link

Unhandled error use case #37

Closed jasnow closed 1 year ago

jasnow commented 1 year ago

When you run this command with the "http://" :

You get


Oops! Looks like you have found a bug. Please report it!
https://github.com/ronin-rb/ronin-vulns/issues/new

    ronin-vulns scan: /usr/local/rvm/gems/ruby-3.2.1@ruby3.2-railsedge/gems/ronin-support-1.0.0/lib/ronin/support/network/http.rb:515:in `connect_uri': url must be a URI::HTTP, Addressable::URI, or a String: #<URI::Generic 18.218.5.125> (ArgumentError)

    raise(ArgumentError,"url must be a URI::HTTP, Addressable::URI, or a String: #{url.inspect}")
                       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
``
postmodern commented 1 year ago

I added validations and an error message if you give the commands a non-http:// or https:// URL. It's debatable whether the commands should automatically convert an IP or hostname into http://#{value} or https://#{value}.

Will be released in 0.1.2.