admin/spray
1
0
Fork 0
mirror of https://github.com/chainreactors/spray.git synced 2025-09-15 19:50:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

revert: not same redirect banned

Browse Source
This commit is contained in:
M09Ic 2024-11-01 12:27:31 +08:00
parent 9e74a17096
commit 02162cffd6
2 changed files with 20 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
internal/pool/brutepool.go
View File

@ -315,7 +315,7 @@ func (pool *BrutePool) Invoke(v interface{}) {
// 手动处理重定向 // 手动处理重定向
if bl.IsValid && unit.source != parsers.CheckSource && bl.RedirectURL != "" { if bl.IsValid && unit.source != parsers.CheckSource && bl.RedirectURL != "" {
bl.SameDomain = pool.checkHost(bl.RedirectURL) bl.SameRedirectDomain = pool.checkHost(bl.RedirectURL)
pool.doRedirect(bl, unit.depth) pool.doRedirect(bl, unit.depth)
} }
@ -586,7 +586,7 @@ func (pool *BrutePool) BaseCompare(bl *pkg.Baseline) bool {
// 30x状态码的特殊处理 // 30x状态码的特殊处理
if bl.RedirectURL != "" { if bl.RedirectURL != "" {
if bl.SameDomain && strings.HasSuffix(bl.RedirectURL, bl.Url.Path+"/") { if bl.SameRedirectDomain && strings.HasSuffix(bl.RedirectURL, bl.Url.Path+"/") {
bl.Reason = pkg.ErrFuzzyRedirect.Error() bl.Reason = pkg.ErrFuzzyRedirect.Error()
return false return false
} }
@ -709,9 +709,10 @@ func (pool *BrutePool) doRedirect(bl *pkg.Baseline, depth int) {
if depth >= pool.MaxRedirect { if depth >= pool.MaxRedirect {
return return
} }
if !bl.SameDomain {
return // 不同域名的重定向不处理 //if !bl.SameRedirectDomain {
} // return // 不同域名的重定向不处理
//}
reURL := pkg.FormatURL(bl.Url.Path, bl.RedirectURL) reURL := pkg.FormatURL(bl.Url.Path, bl.RedirectURL)
pool.wg.Add(1) pool.wg.Add(1)
go func() { go func() {

28
pkg/baseline.go
View File

@ -113,20 +113,20 @@ func NewInvalidBaseline(u, host string, resp *ihttp.Response, reason string) *Ba
type Baseline struct { type Baseline struct {
*parsers.SprayResult *parsers.SprayResult
Url *url.URL `json:"-"` Url *url.URL `json:"-"`
Dir bool `json:"-"` Dir bool `json:"-"`
Chunked bool `json:"-"` Chunked bool `json:"-"`
Body BS `json:"-"` Body BS `json:"-"`
Header BS `json:"-"` Header BS `json:"-"`
Raw BS `json:"-"` Raw BS `json:"-"`
Response *http.Response `json:"-"` Response *http.Response `json:"-"`
Recu bool `json:"-"` Recu bool `json:"-"`
RecuDepth int `json:"-"` RecuDepth int `json:"-"`
URLs []string `json:"-"` URLs []string `json:"-"`
Collected bool `json:"-"` Collected bool `json:"-"`
Retry int `json:"-"` Retry int `json:"-"`
SameDomain bool `json:"-"` SameRedirectDomain bool `json:"-"`
IsBaseline bool `json:"-"` IsBaseline bool `json:"-"`
} }
func (bl *Baseline) IsDir() bool { func (bl *Baseline) IsDir() bool {