v3.5 - see CHANGELOG.md

CHANGELOG.md

@@ -1,5 +1,11 @@
 ## Changelog
 
+- v3.5
+
+  - Changed
+
+    - Small improvements based on the same changes made for GAP v2.0
+
 - v3.4
 
   - Changed

README.md

@@ -1,6 +1,6 @@
 <center><img src="https://github.com/xnl-h4ck3r/xnLinkFinder/blob/main/xnLinkFinder/images/title.png"></center>
 
-## About - v3.4
+## About - v3.5
 
 This is a tool used to discover endpoints (and potential parameters) for a given target. It can find them by:
 
@@ -259,3 +259,5 @@ Good luck and good hunting!
 If you really love the tool (or any others), or they helped you find an awesome bounty, consider [BUYING ME A COFFEE!](https://ko-fi.com/xnlh4ck3r) ☕ (I could use the caffeine!)
 
 🤘 /XNL-h4ck3r
+
+<a href='https://ko-fi.com/B0B3CZKR5' target='_blank'><img height='36' style='border:0px;height:36px;' src='https://storage.ko-fi.com/cdn/kofi2.png?v=3' border='0' alt='Buy Me a Coffee at ko-fi.com' /></a>

xnLinkFinder.py

@@ -307,7 +307,7 @@ def includeLink(link):
             linkWithoutQueryString = link.split("?")[0].lower()
             for exc in lstExclusions:
                 try:
-                    if linkWithoutQueryString.find(exc.lower()) >= 0:
+                    if str(linkWithoutQueryString.encode(encoding="ascii",errors="ignore")).find(exc.lower()) >= 0:
                         include = False
                 except Exception as e:
                     if vverbose():
@@ -537,7 +537,7 @@ def getResponseLinks(response, url):
                 not dirPassed and includeContentType(header)
             ):
                 reString = (
-                    r"(?:^|\"|'|\\n|\\r|\n|\r|\s)(((?:[a-zA-Z]{1,10}:\/\/|\/\/)([^\"'\/]{1,}\.[a-zA-Z]{2,}|localhost)[^\"'\n\s]{0,})|((?:\/|\.\.\/|\.\/)[^\"'><,;| *()(%%$^\/\\\[\]][^\"'><,;|()\s]{1,})|([a-zA-Z0-9_\-\/]{1,}\/[a-zA-Z0-9_\-\/]{1,}\.(?:[a-zA-Z]{1,4}"
+                    r"(?:^|\"|'|\\n|\\r|\n|\r|\s?)(((?:[a-zA-Z]{1,10}:\/\/|\/\/)([^\"'\/]{1,}\.[a-zA-Z]{2,}|localhost)[^\"'\n\s]{0,})|((?:\/|\.\.\/|\.\/)[^\"'><,;| *()(%%$^\/\\\[\]][^\"'><,;|()\s]{1,})|([a-zA-Z0-9_\-\/]{1,}\/[a-zA-Z0-9_\-\/]{1,}\.(?:[a-zA-Z]{1,4}"
                     + LINK_REGEX_NONSTANDARD_FILES
                     + ")(?:[\?|\/][^\"|']{0,}|))|([a-zA-Z0-9_\-]{1,}\.(?:"
                     + LINK_REGEX_FILES
@@ -552,6 +552,7 @@ def getResponseLinks(response, url):
                         link = link.strip("\"'\n\r( ")
                         link = link.replace("\\n", "")
                         link = link.replace("\\r", "")
+                        link = link.replace("\\.",".")
 
                         try:
                             first = link[:1]
@@ -584,9 +585,26 @@ def getResponseLinks(response, url):
                                     end = 1
                                 link = link[start:-end]
 
-                            # If there are any trailing back slashes, remove them all
+                            # If there are any trailing back slashes, ; or >; remove them all
                             link = link.rstrip("\\")
-
+                            link = link.rstrip(">;")
+                            link = link.rstrip(";")
+
+                            # If there are any backticks in the URL, remove everything from the backtick onwards
+                            link = link.split("`")[0]
+
+                            # If there are any closing brackets of any kind without an opening bracket, remove everything from the closing bracket onwards
+                            if re.search(r"^[^(]*\)*$",link):
+                                link = link.split(")", 1)[0]
+                            if re.search(r"^[^{}]*\}*$",link):
+                                link = link.split("}", 1)[0]
+                            if re.search(r"^[^\[]]*\]*$",link):
+                                link = link.split("]", 1)[0]    
+
+                            # If there is a </ in the link then strip from that forward
+                            if re.search(r"<\/", link):
+                                link = link.split("</", 1)[0] 
+
                         except Exception as e:
                             if vverbose():
                                 writerr(colored(getSPACER("ERROR getResponseLinks 2: " + str(e)), "red"))

xnLinkFinder/__init__.py

@@ -1 +1 @@
-__version__="3.4"
+__version__="3.5"