Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE REQUEST] Is there an option to not go for another request before the tool didn't receive a response from the server #1136

Open
jedai47 opened this issue May 1, 2024 · 8 comments
Open

[FEATURE REQUEST] Is there an option to not go for another request before the tool didn't receive a response from the server #1136

jedai47 opened this issue May 1, 2024 · 8 comments
Labels
enhancement New feature or request

Comments

@jedai47
Copy link

jedai47 commented May 1, 2024

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when the server ban my ip since its very slow to respond to a request, takes about 15 seconds to respond to a request

Describe the solution you'd like
an option to not go for another request before the tool didn't receive a response from the server
@jedai47 jedai47 added the enhancement New feature or request label May 1, 2024
@epi052
Copy link
Owner

epi052 commented May 1, 2024
edited

howdy!

you should be able to use -t 1 -L 1 to achieve what you're asking for.

https://epi052.github.io/feroxbuster-docs/docs/configuration/limit-connections/

@jedai47
Copy link
Author

jedai47 commented May 1, 2024

i tried that but it didnt work still i see multiple requests going without waiting the response from the server, here is the url example: https://www.poledesanteduvilleneuvois.fr/

@jedai47
Copy link
Author

jedai47 commented May 1, 2024

i also added : --rate-limit 1 but still without success

@epi052
Copy link
Owner

epi052 commented May 1, 2024

--rate-limit 1 -L 1 should give you one request per second to the target. it may take a few requests at the beginning to slow down to 1/sec

@jedai47
Copy link
Author

jedai47 commented May 1, 2024

well i guess we get banned in the few requests at the beginning so you think u can improve the tool behavior ?

@epi052
Copy link
Owner

epi052 commented May 1, 2024

-L 1 forces only a single directory at a time, limiting that form of asynchronicity.

-t 1 means only a single thread is operating at a time. the requests are likely to still go out asynchronously, but the responses should be handled as they're received by the single thread, slowing down the sending once responses start flowing.

ultimately, what you want is a synchronous client, and feroxbuster doesn't support that.

if you happen to write rust code, i have a library you could use to build your own synchronous fuzzer https://github.com/epi052/feroxfuzz

@jedai47
Copy link
Author

jedai47 commented May 1, 2024

Oh i see thanks for your response im not good on rust. Do you know any other tool that works synchronously ?

@epi052
Copy link
Owner

epi052 commented May 1, 2024

you can check gobuster/ffuf/wfuzz. there are others, but some names are escaping me rn.

gobuster and ffuf are both async tools, so may have a similar problem to ferox in that regard. wfuzz may be single threaded but im not sure.

if you truly need something super slow, you could always wirte a simple python script with requests

for line in wordlist.readlines():
    requests.get(f'{url}/line')

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@epi052 @jedai47