Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

建议web跳转时可选根据跳转 #106

Open
Jumbo-WJB opened this issue Jan 24, 2025 · 3 comments · May be fixed by #107
Open

建议web跳转时可选根据跳转 #106

Jumbo-WJB opened this issue Jan 24, 2025 · 3 comments · May be fixed by #107

Comments

@Jumbo-WJB
Copy link

问题

在扫描ip端口时,发现会302跳转,但是gogo并没有跟随跳转并且title展示了[302] 302 Found

建议

建议可配置参数来设置是否根据跳转,且结果展示时可以直观展示,如[+] http://1.1.1.1:80 nginx nginx [302] 302 Found -> real web title
@Jumbo-WJB
Copy link
Author

备注:
版本为2.13.6,302为http->https

@Jumbo-WJB
Copy link
Author

这里有几个问题:
1、 //所有30x,400,以及非http协议的开放端口都送到http包尝试获取更多信息
if result.Status == "400" || result.Protocol == "tcp" || (strings.HasPrefix(result.Status, "3") && bytes.Contains(result.Content, []byte("location: https"))) {
systemHttp(result, "https")
这里判断location: https太简单,因为可能是Location: https://
2、func systemHttp(result *pkg.Result, scheme string) {
// 如果是400或者不可识别协议,则使用https
target := scheme + "://" + result.GetTarget()
这里会导致1.1.1.1:80变成https://1.1.1.1:80,建议获取location进行访问

@M09Ic M09Ic linked a pull request Feb 19, 2025 that will close this issue
修改http跳转到https问题 #107
Open
@M09Ic
Copy link
Contributor

M09Ic commented Feb 19, 2025

百度的http变成https 是因为location就是https。 可以尝试更多的场景测试, 目前的写法应该能适配各种场景。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

修改http跳转到https问题 Jumbo-WJB/gogo
2 participants
@Jumbo-WJB @M09Ic