Start Depth

[Chalco1712]

It would be really cool if the tool could have a way to start it at a certain depth. Instead of starting at depth zero everytime

[Zamanry]

I may start contributing to this tool. Could you explain further what you mean? Wouldn't your provided URL already specify the depth you're looking for? Such as:

python dotdotslash.py --url 'http://192.168.210.16/cgi-bin/%2e%2e/%2e%2e/etc/passwd' --string 'etc/passwd'

In this case, dotdotslash.py would start brute forcing before the etc. I guess I don't understand the user case.

[justgu3st]

python2 dotdotslash.py --url http://example.com/dirtrav/example2.php?file=/var/www/files/hacker.png --string /var/www/files/hacker.png Traceback (most recent call last): File "dotdotslash.py", line 7, in from http.cookies import SimpleCookie ImportError: No module named http.cookies

python dotdotslash.py --url http://example.com/dirtrav/example2.php?file=/var/www/files/hacker.png --string /var/www/files/hacker.png [+] Depth: 0 Traceback (most recent call last): File "/home/kali/Desktop/tools/dotdotslash/dotdotslash.py", line 114, in forloop() File "/home/kali/Desktop/tools/dotdotslash/dotdotslash.py", line 61, in forloop fullrewrite = re.sub(arguments.string, rewrite, arguments.url) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/re/init.py", line 185, in sub return _compile(pattern, flags).sub(repl, string, count) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/re/init.py", line 317, in _subx template = _compile_repl(template, pattern) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/re/init.py", line 308, in _compile_repl return _parser.parse_template(repl, pattern) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/re/_parser.py", line 1078, in parse_template raise s.error('bad escape %s' % this, len(this)) from None re.error: bad escape \w at position 2

[Zamanry]

python2 dotdotslash.py --url http://example.com/dirtrav/example2.php?file=/var/www/files/hacker.png --string /var/www/files/hacker.png Traceback (most recent call last): File "dotdotslash.py", line 7, in from http.cookies import SimpleCookie ImportError: No module named http.cookies

python dotdotslash.py --url http://example.com/dirtrav/example2.php?file=/var/www/files/hacker.png --string /var/www/files/hacker.png [+] Depth: 0 Traceback (most recent call last): File "/home/kali/Desktop/tools/dotdotslash/dotdotslash.py", line 114, in forloop() File "/home/kali/Desktop/tools/dotdotslash/dotdotslash.py", line 61, in forloop fullrewrite = re.sub(arguments.string, rewrite, arguments.url) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/re/init.py", line 185, in sub return _compile(pattern, flags).sub(repl, string, count) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/re/init.py", line 317, in _subx template = _compile_repl(template, pattern) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/re/init.py", line 308, in _compile_repl return _parser.parse_template(repl, pattern) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/re/_parser.py", line 1078, in parse_template raise s.error('bad escape %s' % this, len(this)) from None re.error: bad escape \w at position 2

This tool doesn't support Python 2.X. Also, see #6 to fix the \w issue.