Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Skipfish doesn't scan sites with 301 redirect #175

Open
GoogleCodeExporter opened this issue Jan 29, 2016 · 5 comments
Open

Skipfish doesn't scan sites with 301 redirect #175

GoogleCodeExporter opened this issue Jan 29, 2016 · 5 comments
Labels
auto-migrated Priority-Medium Type-Defect

Comments

@GoogleCodeExporter
Copy link 

My site has permanent redirect from site.com to site.com/ru
When I try to:

skipfish -o /report site.com

it works 2 seconds and show me only 2 items in "Document type overview":
- http://www.site.com/ with 301 redirect
- http://www.site.com/sfi9876

that's all. Why?

Original issue reported on code.google.com by [email protected] on 27 Mar 2013 at 6:57
@GoogleCodeExporter
Copy link
Author 


What does the redirect look like ? Is it on the same domain?  

Typically if a site redirect to another domain and if you additionally do not 
enable bruteforcing then the scan will not get far.  Btw, you can also check 
report/pivots.txt to see what requests were sent.

Original comment by [email protected] on 27 Mar 2013 at 6:39

@GoogleCodeExporter
Copy link
Author 

Domain is the same.
Pivots.txt:
GET http://www.site.com/ name=http://www.site.com/ type=serv linked=yes 
browsers=0 browser_used=FAST dup=0 code=301 len=184 notes=4 sig=0x3638ac6e
GET http://www.site.com/ru/ name=ru type=dir linked=yes browsers=0 
browser_used=FAST dup=0 code=200 len=30789 notes=4 sig=0x839ec72d

Original comment by [email protected] on 28 Mar 2013 at 11:09

@GoogleCodeExporter
Copy link
Author 

That's captured contant of http://www.site.com:

=== REQUEST ===

GET / HTTP/1.1
Host: www.site.com
Accept-Encoding: gzip
Connection: keep-alive
User-Agent: Mozilla/5.0 SF/2.10b
Range: bytes=0-399999
Referer: http://www.site.com/
Cookie: PHPSESSID=vjhb2g2gkub7hrogtjep1hcij4


=== RESPONSE ===

HTTP/1.1 301 Moved Permanently
Server: nginx/1.2.4
Date: Thu, 14 Mar 2013 13:14:28 GMT
Content-Type: text/html
Content-Length: 184
Location: http://www.site.com/ru/
Connection: keep-alive

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.2.4</center>
</body>
</html>

=== END OF DATA ===

Original comment by [email protected] on 28 Mar 2013 at 11:11

@GoogleCodeExporter
Copy link
Author 

Cheers! Could you give me the full command-line and also tell me what the 
report says ? According to the pivots.txt file, there were 4 notes.

Cheers,
Niels

Original comment by [email protected] on 14 Apr 2013 at 2:52

@GoogleCodeExporter
Copy link
Author 

Hey, sorry but I need more data to explain the behavior.  Most useful would be 
to give me the debug output which is described here:

https://code.google.com/p/skipfish/wiki/SkipfishDoc#Oy!_Something_went_horribly_
wrong!

Original comment by [email protected] on 20 Apr 2013 at 6:00

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
auto-migrated Priority-Medium Type-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter