add https if missing url scheme; check /usr/local/share for wordlist

2026-06-03 23:11:12 -03:00 · 2022-05-10 06:45:10 -05:00
parent a8fae65d63
commit 3066efa848
2 changed files with 20 additions and 2 deletions
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -76,6 +76,8 @@ pub const DEFAULT_WORDLIST: &str =
 #[cfg(target_os = "windows")]
 pub const DEFAULT_WORDLIST: &str =
    ".\\SecLists\\Discovery\\Web-Content\\raft-medium-directories.txt";
+pub const SECONDARY_WORDLIST: &str =
+    "/usr/local/share/seclists/Discovery/Web-Content/raft-medium-directories.txt";

 /// Number of milliseconds to wait between polls of `PAUSE_SCAN` when user pauses a scan
 pub(crate) const SLEEP_DURATION: u64 = 500;
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,3 +1,4 @@
+use std::fmt::format;
 use std::io::stdin;
 use std::{
    env::args,
@@ -10,6 +11,7 @@ use std::{
 };

 use anyhow::{bail, Context, Result};
+use feroxbuster::SECONDARY_WORDLIST;
 use futures::StreamExt;
 use tokio::{
    io,
@@ -150,7 +152,7 @@ async fn get_targets(handles: Arc<Handles>) -> Result<Vec<String>> {
    }

    // remove footgun that arises if a --dont-scan value matches on a base url
-    for target in &targets {
+    for target in targets.iter_mut() {
        for denier in &handles.config.regex_denylist {
            if denier.is_match(target) {
                bail!(
@@ -169,6 +171,11 @@ async fn get_targets(handles: Arc<Handles>) -> Result<Vec<String>> {
                );
            }
        }
+
+        if !target.starts_with("http") && !target.starts_with("https") {
+            // --url hackerone.com
+            *target = format!("https://{}", target);
+        }
    }

    log::trace!("exit: get_targets -> {:?}", targets);
@@ -195,7 +202,16 @@ async fn wrapped_main(config: Arc<Configuration>) -> Result<()> {
    // cloning an Arc is cheap (it's basically a pointer into the heap)
    // so that will allow for cheap/safe sharing of a single wordlist across multi-target scans
    // as well as additional directories found as part of recursion
-    let words = get_unique_words_from_wordlist(&config.wordlist)?;
+    let words = match get_unique_words_from_wordlist(&config.wordlist) {
+        Ok(w) => w,
+        Err(_) => {
+            eprintln!(
+                "Could not open {}, checking secondary location",
+                &config.wordlist,
+            );
+            get_unique_words_from_wordlist(&SECONDARY_WORDLIST)?
+        }
+    };

    if words.len() <= 1 {
        // the check is now <= 1 due to the initial empty string added in 2.6.0