[BUG] Directories are not enumerated if directory has no trailing slash #1077
Description
Describe the bug
When Feroxbuster discovers a link with no trailing slash, it is not further enumerated.
To Reproduce
- Save this simple example server as
index.py:
from flask import Flask, render_template, request
import base64
app = Flask(__name__)
@app.route('/', methods=['GET'])
def index():
return '<html><body><img src="/test/image.png"/></body></html>', 200
@app.route('/test', methods=['GET'])
def test():
return 'Hello world', 200
@app.route('/test/a', methods=['GET'])
def a():
return 'Hello world', 200
@app.route('/test/image.png', methods=['GET'])
def image():
return base64.decodebytes(b'iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=='), 200- Run
python3 index.py - Run
echo -e "a\n" | feroxbuster -u http://localhost:5000 -w /dev/stdin --force-recursion
Expected behavior
/test/image.png is discovered using HTML parsing. Then Feroxbuster also checks if any parent directories exists and enumerates these directories (i.e. /test and /test/a)
Traceback / Error Output
Only the link itself is discovered
___ ___ __ __ __ __ __ ___
|__ |__ |__) |__) | / ` / \ \_/ | | \ |__
| |___ | \ | \ | \__, \__/ / \ | |__/ |___
by Ben "epi" Risher 🤓 ver: 2.10.1
───────────────────────────┬──────────────────────
🎯 Target Url │ http://localhost:5000
🚀 Threads │ 50
📖 Wordlist │ /dev/stdin
👌 Status Codes │ All Status Codes!
💥 Timeout (secs) │ 7
🦡 User-Agent │ feroxbuster/2.10.1
🔎 Extract Links │ true
🏁 HTTP methods │ [GET]
🔃 Recursion Depth │ 4
🤘 Force Recursion │ true
───────────────────────────┴──────────────────────
🏁 Press [ENTER] to use the Scan Management Menu™
──────────────────────────────────────────────────
DBG 0.198 feroxbuster sending ["http://localhost:5000"] to be scanned as initial targets
INF 0.198 feroxbuster::event_handlers::scans scan handler received http://localhost:5000 - beginning scan
INF 0.198 feroxbuster::scanner::ferox_scanner Starting scan against: http://localhost:5000
404 GET 4l 34w 232c Auto-filtering found 404-like response and created new filter; toggle off with --dont-filter
DBG 0.238 feroxbuster::filters::wildcard filtered out http://localhost:5000/a
DBG 0.238 feroxbuster::filters::container filtering response due to: WildcardFilter { content_length: Some(232), line_count: Some(4), word_count: Some(34), method: "GET", status_code: 404, dont_filter: false }
INF 0.239 feroxbuster::event_handlers::scans Added new directory to recursive scan: http://localhost:5000/
DBG 0.240 feroxbuster::extractor::container Parsed link "/test/image.png" from http://localhost:5000/
DBG 0.241 feroxbuster::filters::wildcard filtered out http://localhost:5000/test/
DBG 0.241 feroxbuster::filters::container filtering response due to: WildcardFilter { content_length: Some(232), line_count: Some(4), word_count: Some(34), method: "GET", status_code: 404, dont_filter: false }
DBG 0.242 feroxbuster::extractor::container Extracted File: FeroxResponse { url: http://localhost:5000/test/image.png, method: GET, status: 200 OK, content-length: 86 }
200 GET 3l 5w 86c http://localhost:5000/test/image.png
200 GET 1l 2w 54c http://localhost:5000/
INF 0.949 feroxbuster All scans complete!
Environment (please complete the following information):
- feroxbuster version: 2.10.1
- OS: Ubuntu 22.04.1
Other information
If the test route is defined as /test/ (with trailing slash), Feroxbuster does function as expected