-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When performing -mode clusterbomb getting Context canceled errors (-debug-log option) #783
Comments
I have the same issue
|
This is an error something that can be ignored, this is rate limiting thing that is applied, if you want more information just privately message I can troubleshoot with you. |
Thank you so much, Custos Thank you |
This is strange, without any filter the default behavior should be that it returns all matches... |
Default setting for ffuf is to match "commonly interesting" responses based on HTTP spec, as it's the most common use case for the tool. You can modify this value in your ffuf configuration file if you want to match all as default behavior instead. Ffuf will tell you the default values in help text (ffuf -h) as well as the active values in the banner that gets printed when you start a run. |
I'm on
Kali 6.6.9-1kali1
and using ffuf
Fuzz Faster U Fool - v2.1.0-dev
My command
ffuf -request pasta.txt -request-proto https -mode clusterbomb -w 10k-most-common.txt -w finalnames.txt:FUZZUSER -fc 401 -debug-log errors6.txt
output of error.log
2024/05/10 00:49:16 Post "https://1.2.3.4/mail/?_task=login": context canceled
2024/05/10 00:49:16 Post "https://1.2.3.4/mail/?_task=login": context canceled
....
Is this due to some rate-limiting , as I tried on other sites but I'm getting same error. On main site If I browse manually and enter wrong passwords 4 times in a row, I get error of 'invalid attempts exceeded'. I don't know if this is what the error rate shows here, its hard to tell, please guide me.
The text was updated successfully, but these errors were encountered: