-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Question: Am I doing something wrong? /Vhost scanning #781
Comments
Hi @bug-bounty-001,
Checking Burp, this is sending requests to different IPs But when fuzzing to the HTTPs, the IPs are the same as the target. This will need a deeper analysis, I hope it doesn't affect your tests. |
Hi @bsysop,
//It doesn't affect my tests, I was planning to use it on ctf. Thank you for contributing to this great tool. |
Lol, nice work! |
This is actually a feature from HTTP spec, I have stumbled into this before and I figured out it was stemming from the Go standard library request.go, around line 600 in current version. However upon double checking the related RFCs it was pretty clearly written there.
Now while I might end up working around this in the future, I probably won't, as it's a lot of work for a single niche use case - fuzzing Host - header while using a HTTP proxy. |
Description:
I tried to fuzz host header and send it to same IP address.
I ran 2 different commands to demonstrate, I didn't get expected behaviour from second one. Only difference is http/https.
First one: (this works as expected)
ffuf -w subdomains-top1million-20000.txt -u https://142.250.187.142 -H "HOST: FUZZ.google.com" -H "Custom: just testing my tools" -x http://localhost:8080 -t 1 -rate 1
Screenshots from Burp Suite 1:
Second one:
ffuf -w subdomains-top1million-20000.txt -u http://142.250.187.142 -H "HOST: FUZZ.google.com" -H "Custom: just testing my tools" -x http://localhost:8080 -t 1 -rate 1
Screenshots from Burp Suite 2:
Problem:
Apparently I can't change host header in http request.
I am probably missing some configuration or flag, can you assist me?
Thank you.
The text was updated successfully, but these errors were encountered: