Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for IIS /bin exposure to ffuf_shortnames #1570

Open
liquidsec opened this issue Jul 18, 2024 · 1 comment
Open

Add support for IIS /bin exposure to ffuf_shortnames #1570

liquidsec opened this issue Jul 18, 2024 · 1 comment
Assignees
@liquidsec
Labels
enhancement New feature or request

Comments

@liquidsec
Copy link
Collaborator

The additional techniques described here:

https://swarm.ptsecurity.com/source-code-disclosure-in-asp-net-apps/

Could be applied to iis_shortnames/ffuf_shortnames modules

Thanks @amiremami for the suggestion.
@liquidsec liquidsec added the enhancement New feature or request label Jul 18, 2024
@liquidsec liquidsec self-assigned this Jul 18, 2024
@liquidsec liquidsec mentioned this issue Jan 4, 2025
Open
@liquidsec
Copy link
Collaborator Author

This has been implemented here: #2127

In the form of detecting shortnames for the bin folder using the bin::$index_allocation trick.

Will likely not be trying to have ffuf_shortnames actually guess the dll names using the cookieless session URL trick, because the DLLs anyone would care about would not be in the prediction model anyway. I might revisit if I can get true generative AI predictions to work.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@liquidsec liquidsec

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@liquidsec