diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8d1bbee..bad1d11 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -5,7 +5,7 @@ on: [push] jobs: build-nix: runs-on: ${{ matrix.os }} - if: github.ref == 'refs/heads/master' + if: github.ref == 'refs/heads/main' strategy: matrix: type: [ubuntu-x64, ubuntu-x86] @@ -73,7 +73,7 @@ jobs: build-macos: runs-on: macos-latest - if: github.ref == 'refs/heads/master' + if: github.ref == 'refs/heads/main' steps: - uses: actions/checkout@v2 - uses: actions-rs/toolchain@v1 @@ -103,7 +103,7 @@ jobs: build-windows: runs-on: ${{ matrix.os }} - if: github.ref == 'refs/heads/master' + if: github.ref == 'refs/heads/main' strategy: matrix: type: [windows-x64, windows-x86] diff --git a/Cargo.lock b/Cargo.lock index 1047b1a..eefc507 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -687,7 +687,7 @@ checksum = "531a685ab99b8f60a271b44d5dd1a76e55124a8c9fa0407b7a8e9cd172d5b588" dependencies = [ "futures-core", "futures-sink", - "pin-project 1.0.5", + "pin-project", "spinning_top", ] @@ -990,7 +990,7 @@ dependencies = [ "httparse", "httpdate", "itoa", - "pin-project 1.0.5", + "pin-project", "socket2", "tokio", "tower-service", @@ -1459,33 +1459,13 @@ version = "0.3.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "28b9b4df73455c861d7cbf8be42f01d3b373ed7f02e378d55fa84eafc6f638b1" -[[package]] -name = "pin-project" -version = "0.4.27" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2ffbc8e94b38ea3d2d8ba92aea2983b503cd75d0888d75b86bb37970b5698e15" -dependencies = [ - "pin-project-internal 0.4.27", -] - [[package]] name = "pin-project" version = "1.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "96fa8ebb90271c4477f144354485b8068bd8f6b78b428b01ba892ca26caf0b63" dependencies = [ - "pin-project-internal 1.0.5", -] - -[[package]] -name = "pin-project-internal" -version = "0.4.27" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "65ad2ae56b6abe3a1ee25f15ee605bacadb9a764edaba9c2bf4103800d4a1895" -dependencies = [ - "proc-macro2", - "quote", - "syn", + "pin-project-internal", ] [[package]] @@ -2232,11 +2212,11 @@ dependencies = [ [[package]] name = "tracing-futures" -version = "0.2.4" +version = "0.2.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ab7bb6f14721aa00656086e9335d363c5c8747bae02ebe32ea2c7dece5689b4c" +checksum = "97d095ae15e245a057c8e8451bab9b3ee1e1f68e9ba2b4fbc18d0ac5237835f2" dependencies = [ - "pin-project 0.4.27", + "pin-project", "tracing", ] diff --git a/README.md b/README.md index 01aee15..e5f6f78 100644 --- a/README.md +++ b/README.md @@ -198,9 +198,9 @@ Download `feroxbuster_amd64.deb` from the [Releases](https://github.com/epi052/f that, use your favorite package manager to install the `.deb`. ``` -wget -sLO https://github.com/epi052/feroxbuster/releases/latest/download/feroxbuster_amd64.deb.zip +curl -sLO https://github.com/epi052/feroxbuster/releases/latest/download/feroxbuster_amd64.deb.zip unzip feroxbuster_amd64.deb.zip -sudo apt install ./feroxbuster_amd64.deb +sudo apt install ./feroxbuster_*_amd64.deb ``` ### AUR Install diff --git a/src/heuristics.rs b/src/heuristics.rs index e64d58a..3329d91 100644 --- a/src/heuristics.rs +++ b/src/heuristics.rs @@ -221,10 +221,17 @@ impl HeuristicTests { self.handles.config.output_level, OutputLevel::Default | OutputLevel::Quiet ) { - ferox_print( - &format!("Could not connect to {}, skipping...", target_url), - &PROGRESS_PRINTER, - ); + if e.to_string().contains(":SSL") { + ferox_print( + &format!("Could not connect to {} due to SSL errors (run with -k to ignore), skipping...", target_url), + &PROGRESS_PRINTER, + ); + } else { + ferox_print( + &format!("Could not connect to {}, skipping...", target_url), + &PROGRESS_PRINTER, + ); + } } log::warn!("{}", e); } diff --git a/tests/test_banner.rs b/tests/test_banner.rs index 8f0b588..3890274 100644 --- a/tests/test_banner.rs +++ b/tests/test_banner.rs @@ -409,7 +409,7 @@ fn banner_prints_verbosity_one() { #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see all mandatory prints + verbosity=2 -fn banner_prints_verbosity_two() -> Result<(), Box> { +fn banner_prints_verbosity_two() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -430,13 +430,12 @@ fn banner_prints_verbosity_two() -> Result<(), Box> { .and(predicate::str::contains("│ 2")) .and(predicate::str::contains("─┴─")), ); - Ok(()) } #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see all mandatory prints + verbosity=3 -fn banner_prints_verbosity_three() -> Result<(), Box> { +fn banner_prints_verbosity_three() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -457,13 +456,12 @@ fn banner_prints_verbosity_three() -> Result<(), Box> { .and(predicate::str::contains("│ 3")) .and(predicate::str::contains("─┴─")), ); - Ok(()) } #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see all mandatory prints + verbosity=4 -fn banner_prints_verbosity_four() -> Result<(), Box> { +fn banner_prints_verbosity_four() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -484,13 +482,12 @@ fn banner_prints_verbosity_four() -> Result<(), Box> { .and(predicate::str::contains("│ 4")) .and(predicate::str::contains("─┴─")), ); - Ok(()) } #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see all mandatory prints + add slash -fn banner_prints_add_slash() -> Result<(), Box> { +fn banner_prints_add_slash() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -511,13 +508,12 @@ fn banner_prints_add_slash() -> Result<(), Box> { .and(predicate::str::contains("true")) .and(predicate::str::contains("─┴─")), ); - Ok(()) } #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see all mandatory prints + INFINITE recursion -fn banner_prints_infinite_depth() -> Result<(), Box> { +fn banner_prints_infinite_depth() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -539,13 +535,12 @@ fn banner_prints_infinite_depth() -> Result<(), Box> { .and(predicate::str::contains("INFINITE")) .and(predicate::str::contains("─┴─")), ); - Ok(()) } #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see all mandatory prints + recursion depth -fn banner_prints_recursion_depth() -> Result<(), Box> { +fn banner_prints_recursion_depth() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -567,13 +562,12 @@ fn banner_prints_recursion_depth() -> Result<(), Box> { .and(predicate::str::contains("343214")) .and(predicate::str::contains("─┴─")), ); - Ok(()) } #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see all mandatory prints + no recursion -fn banner_prints_no_recursion() -> Result<(), Box> { +fn banner_prints_no_recursion() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -594,13 +588,12 @@ fn banner_prints_no_recursion() -> Result<(), Box> { .and(predicate::str::contains("true")) .and(predicate::str::contains("─┴─")), ); - Ok(()) } #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see nothing -fn banner_doesnt_print() -> Result<(), Box> { +fn banner_doesnt_print() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -611,13 +604,12 @@ fn banner_doesnt_print() -> Result<(), Box> { .stderr(predicate::str::contains( "Could not connect to any target provided", )); - Ok(()) } #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see all mandatory prints + extract-links -fn banner_prints_extract_links() -> Result<(), Box> { +fn banner_prints_extract_links() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -638,13 +630,12 @@ fn banner_prints_extract_links() -> Result<(), Box> { .and(predicate::str::contains("true")) .and(predicate::str::contains("─┴─")), ); - Ok(()) } #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see all mandatory prints + scan-limit -fn banner_prints_scan_limit() -> Result<(), Box> { +fn banner_prints_scan_limit() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -666,13 +657,12 @@ fn banner_prints_scan_limit() -> Result<(), Box> { .and(predicate::str::contains("│ 4")) .and(predicate::str::contains("─┴─")), ); - Ok(()) } #[test] /// test allows non-existent wordlist to trigger the banner printing to stderr /// expect to see all mandatory prints + filter-status -fn banner_prints_filter_status() -> Result<(), Box> { +fn banner_prints_filter_status() { Command::cargo_bin("feroxbuster") .unwrap() .arg("--url") @@ -694,7 +684,6 @@ fn banner_prints_filter_status() -> Result<(), Box> { .and(predicate::str::contains("│ [200]")) .and(predicate::str::contains("─┴─")), ); - Ok(()) } #[test] diff --git a/tests/test_heuristics.rs b/tests/test_heuristics.rs index 443b749..bc29ef5 100644 --- a/tests/test_heuristics.rs +++ b/tests/test_heuristics.rs @@ -90,6 +90,28 @@ fn test_one_good_and_one_bad_target_scan_succeeds() -> Result<(), Box Result<(), Box> { + let (tmp_dir, file) = setup_tmp_directory(&["LICENSE".to_string()], "wordlist")?; + + Command::cargo_bin("feroxbuster") + .unwrap() + .arg("--url") + .arg("https://expired.badssl.com") + .arg("--wordlist") + .arg(file.as_os_str()) + .assert() + .success() + .stdout( + predicate::str::contains("Could not connect to https://expired.badssl.com due to SSL errors (run with -k to ignore), skipping...", ) + ); + + teardown_tmp_directory(tmp_dir); + Ok(()) +} + #[test] /// test pipes two good targets to the scanner, expected result is that both targets /// are scanned successfully and no error is reported (result of issue #169) diff --git a/tests/test_main.rs b/tests/test_main.rs index de21ef4..80ebe80 100644 --- a/tests/test_main.rs +++ b/tests/test_main.rs @@ -7,7 +7,7 @@ use utils::{setup_tmp_directory, teardown_tmp_directory}; #[test] /// send the function a file to which we dont have permission in order to execute error branch -fn main_use_root_owned_file_as_wordlist() -> Result<(), Box> { +fn main_use_root_owned_file_as_wordlist() { let srv = MockServer::start(); let mock = srv.mock(|when, then| { @@ -30,7 +30,6 @@ fn main_use_root_owned_file_as_wordlist() -> Result<(), Box