Could not parse raw request: could not read request: EOF

[RunRenegade]

Hi,

Seem to keep coming across the titled error whenever I try to use the raw headers, I believe I have done things correctly.

I have used this method before without issues, so unsure why it is not.

The command used is;
ffuf -request request.txt -request-proto http -mode clusterbomb -w top4.txt:FUZZPASS -w users.txt:FUZZUSER

However, I have also had the same error when doing a single fuzz without the mode.

Below is the raw request;

Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 27
Origin: http://localhost
Connection: close
Referer: http://localhost/labs/a0x03.php
Cookie: admin_cookie=5ac5355b84894ede056ab81b324c4675
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1

username=FUZZUSER&password=FUZZPASS```



Any help appreciated.

[joohoi]

You seem to be missing the first line that contains the HTTP method along with the requested resource and HTTP version

…

On Fri 22. Mar 2024 at 11.44, RunRenegade ***@***.***> wrote: Hi, Seem to keep coming across the titled error whenever I try to use the raw headers, I believe I have done things correctly. I have used this method before without issues, so unsure why it is not. The command used is; ffuf -request request.txt -request-proto http -mode clusterbomb -w top4.txt:FUZZPASS -w users.txt:FUZZUSER However, I have also had the same error when doing a single fuzz without the mode. Below is the raw request; Host: localhost User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 27 Origin: http://localhost Connection: close Referer: http://localhost/labs/a0x03.php Cookie: admin_cookie=5ac5355b84894ede056ab81b324c4675 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 username=FUZZUSER&password=FUZZPASS``` Any help appreciated. — Reply to this email directly, view it on GitHub <#772>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ABH6DJKEYNIQ37RSSL6SXUDYZP4OFAVCNFSM6AAAAABFC75LT2VHI2DSMVQWIX3LMV43ASLTON2WKOZSGIYDEMBZHAZDEMY> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[RunRenegade]

Thanks for the response, I still appear to be having the error. Though in honesty I tried it it with a different request so perhaps its something else.

I am just copying and pasting from burp, from what I understand I don't need to be changing/conditioning anything apart from adding the FUZZ etc

POST /capstone/auth.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 38
Origin: http://localhost
Connection: close
Referer: http://localhost/capstone/index.php?message=Login%20failed!
Cookie: PHPSESSID=bd480e68c91c5e459755a6b32e92a636
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1

username=coffeeshop&password=FUZZ&auth=login

Thought maybe command would be useful, as perhaps I missed something there.

ffuf -request request.txt -w /usr/share/wordlists/rockyou.txt:FUZZ -request-proto http

And

ffuf -request request.txt -w /usr/share/wordlists/rockyou.txt -request-proto http

[bsysop]

Hi @RunRenegade,
Please add a -debug-log debug.log to the ffuf command and paste the results of debug.log in the comments, so it show the error.

[RunRenegade]

Hi @bsysop , here is the result.

2024/04/15 04:51:02 Error while opening default config file: open /home/kali/.ffufrc: no such file or directory

Since seeing this I have gone through and apt update etc as it looked like a file was missing.
Just ran a test with ffuf using another request against a different target and seems to work fine now.