|
@@ -6,6 +6,13 @@ if [ $# -lt 1 ]; then
|
|
|
fi
|
|
|
|
|
|
DOMAIN=$1
|
|
|
+PROTOCOL="http"
|
|
|
+
|
|
|
+if [[ $DOMAIN = "https://*" ]]; then
|
|
|
+ PROTOCOL="https"
|
|
|
+fi
|
|
|
+
|
|
|
+DOMAIN=$(echo $DOMAIN | sed -e 's|^[^/]*//||' -e 's|/.*$||')
|
|
|
|
|
|
echo "[ ] Resolving IP-Address…"
|
|
|
output=$(resolveip $DOMAIN 2>&1)
|
|
@@ -19,10 +26,10 @@ IP_ADDRESS=$(echo $output | head -n 1 | awk '{print $NF}')
|
|
|
echo "[+] IP-Address: ${IP_ADDRESS}"
|
|
|
|
|
|
echo "[ ] Retrieving default site…"
|
|
|
-charcount=$(curl -s -L $DOMAIN | wc -m)
|
|
|
+charcount=$(curl -s -L "${PROTOCOL}://${DOMAIN}" -k | wc -m)
|
|
|
echo "[+] Chars: ${charcount}"
|
|
|
echo "[ ] Fuzzing…"
|
|
|
|
|
|
ffuf --fs ${charcount} --fc 400,500 \
|
|
|
-w /usr/share/wordlists/SecLists/Discovery/Web-Content/raft-large-words-lowercase.txt \
|
|
|
- -u "http://${IP_ADDRESS}" -H "Host: FUZZ.${DOMAIN}"
|
|
|
+ -u "${PROTOCOL}://${IP_ADDRESS}" -H "Host: FUZZ.${DOMAIN}"
|