Comments (4)
from ffuf.
Thanks for the response, I still appear to be having the error. Though in honesty I tried it it with a different request so perhaps its something else.
I am just copying and pasting from burp, from what I understand I don't need to be changing/conditioning anything apart from adding the FUZZ etc
POST /capstone/auth.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 38
Origin: http://localhost
Connection: close
Referer: http://localhost/capstone/index.php?message=Login%20failed!
Cookie: PHPSESSID=bd480e68c91c5e459755a6b32e92a636
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
username=coffeeshop&password=FUZZ&auth=login
Thought maybe command would be useful, as perhaps I missed something there.
ffuf -request request.txt -w /usr/share/wordlists/rockyou.txt:FUZZ -request-proto http
And
ffuf -request request.txt -w /usr/share/wordlists/rockyou.txt -request-proto http
from ffuf.
Hi @RunRenegade,
Please add a -debug-log debug.log
to the ffuf command and paste the results of debug.log in the comments, so it show the error.
from ffuf.
Hi @bsysop , here is the result.
2024/04/15 04:51:02 Error while opening default config file: open /home/kali/.ffufrc: no such file or directory
Since seeing this I have gone through and apt update etc as it looked like a file was missing.
Just ran a test with ffuf using another request against a different target and seems to work fine now.
from ffuf.
Related Issues (20)
- Feature Request: Flag to stop on X no. of errors HOT 2
- Option -sa doesn't work properly (i think, not sure if i really understand it, anyways, would be great if this could be changed / added) HOT 2
- ffuf out put issue HOT 9
- Feature Request: add -prefix flag HOT 4
- Feature request : Filter for (response size - payload size) HOT 6
- window instantly opens and closes in a second (win 11 arm64 build newest release) HOT 2
- Question: Am I doing something wrong? /Vhost scanning HOT 4
- Feature request: Ingest NMAP XML file as targets HOT 3
- When performing -mode clusterbomb getting Context canceled errors (-debug-log option) HOT 5
- Can we Fuzz 2 Request Header at the same time? HOT 3
- How to read website from the txt file HOT 2
- How to skip a job HOT 2
- Flag -c doesnt work HOT 1
- Basic header regex not working. Possibly due to uncaught exceptions? HOT 1
- -H use file path as a parameter HOT 1
- Proxy and Akamai Errors HOT 13
- -fs -fw -fl Not Working HOT 3
- FFUF capitalizes and cannonicalizes headers HOT 2
- Combined filters HOT 2
- Fuff
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ffuf.