Comments (11)
epi052
commented on June 12, 2024
1
@amiremami no, that's not correct. you're encountering what i consider an edge case. that you found it on three separate targets is pretty impressive to me, lol. parsing a url over 65,535 characters is not what i would consider the norm.
at any rate, thank you for pinging this thread. the upstream fix was merged and i can push a fix for this on my end. expect an update soon!
from feroxbuster.
epi052
commented on June 12, 2024
1
@all-contributors add @amiremami and @dirhamgithub for bug
from feroxbuster.
allcontributors
commented on June 12, 2024
1
I've put up a pull request to add @amiremami! 🎉
from feroxbuster.
epi052
commented on June 12, 2024
1
fixed in main, new release soon
from feroxbuster.
epi052
commented on June 12, 2024
sorry for the late reply, didn't see this one.
that looks to be coming from a library that ferox relies on to do url parsing. at best, id be able to check to make sure we don't trigger the underlying core dump...
thanks for the bug report! ill take a look at a fix
from feroxbuster.
epi052
commented on June 12, 2024
ok, following up on this: the underlying library has a pull request to turn this panic into an Error. Once that lands, i can make sure i handle the Error (it may already be handled cleanly, if not ill update).
for anyone wondering, the max URI length is u16::MAX or 65,535. In the meantime @dirhamgithub you can use --dont-scan to prevent that particular folder from being scanned OR if the url is being picked up during link extraction, you can try --dont-extract-links. Happy hunting!
pinning this til i get an upstream fix
from feroxbuster.
amiremami
commented on June 12, 2024
Hey, thanks for the interesting tool. I installed feroxbuster for the first time today. I tried it on 3 different domains, and for all of them I got the error. It seems feroxbuster is not functional at the moment, am I right?
from feroxbuster.
epi052
commented on June 12, 2024
https://github.com/all-contributors add @dirhamgithub for bug
from feroxbuster.
epi052
commented on June 12, 2024
@all-contributors add @dirhamgithub for bug
from feroxbuster.
allcontributors
commented on June 12, 2024
I've put up a pull request to add @dirhamgithub! 🎉
from feroxbuster.
amiremami
commented on June 12, 2024
fixed in main, new release soon
Thanks a lot, it works now 🙏
from feroxbuster.
Related Issues (20)
- [FEATURE REQUEST] Implementation of scan time limits per individual url when fuzzing in parallel HOT 12
- [BUG] Links are not recursed HOT 1
- [BUG] Directories are not enumerated if directory has no trailing slash HOT 5
- [BUG] deb file seems not in Releases section HOT 5
- [BUG] Redirect loop at /robots.txt causes application to hang HOT 5
- Can't Open Wordlist HOT 3
- [FEATURE REQUEST] Option to include banner in output file HOT 3
- FeroxBuster giving no result for the existing directory HOT 7
- emojis are not showing up in the banner HOT 2
- [FEATURE REQUEST] improve json logs for post processing HOT 8
- errors HOT 1
- [FEATURE REQUEST] Include Raw Request instead of Headers HOT 1
- [FEATURE REQUEST] Improved POSTs requests (1): automatic Content-type HOT 1
- [FEATURE REQUEST] Improved POSTs requests (2): automatic POST HTTP verb when using --data HOT 6
- [BUG] Mishandling of whitespace for supplied request headers HOT 5
- [FEATURE REQUEST] Add the option for including a custom suffix in URLs HOT 2
- [BUG] Internet slow down after using feroxbuster HOT 3
- [FEATURE REQUEST] Making it usable with terminator, just as gobuster
- [FEATURE REQUEST] Specify config file to use via flags HOT 2
- [FEATURE REQUEST] Is there an option to not go for another request before the tool didn't receive a response from the server HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from feroxbuster.