SecLists icon indicating copy to clipboard operation
SecLists copied to clipboard

Published 20 hours ago verified publisher icon danielmiessler

Fixes #760: Strip leading slashes from web discovery word lists

Open denandz opened this issue 2 years ago • 2 comments

This pull strips a leading slash from the web discovery word lists, if present. There was a discrepancy with the word lists, for example common.txt and quickhits.txt.

If a payload location is defined as target.com/§§, and the web server doesn't handle dual leading slashes neatly, things can be missed during content discovery.

Addresses issue #760

denandz avatar Jul 19 '22 07:07 denandz

How did you do this? Did you use a script?

ItsIgnacioPortal avatar Jul 25 '22 04:07 ItsIgnacioPortal

Correct, I ran a script to strip a single leading slash at the beginning of a line in files under the Discovery/Web-Content/ directory

cd Discovery/Web-Content/
find . -type f -exec perl -pi -e 's/^\///' {} \;

I used perl here but sed would work just fine too.

denandz avatar Jul 25 '22 05:07 denandz

Thank you so much! Great call out

g0tmi1k avatar Aug 01 '22 23:08 g0tmi1k