httpx
httpx copied to clipboard
Published
20 hours ago •
projectdiscovery
projectdiscovery
bug with -nfs and -nf flag
httpx version:
all with the -nfs and -nf flag version.
Current Behavior:
The bug is that when the requested URL hostname is an IP and the path is a number, the IP address is parsed incorrectly and it is parsed into an IP segment.
#echo http://127.0.0.1/1 | httpx -duc -nfs -v
__ __ __ _ __
/ /_ / /_/ /_____ | |/ /
/ __ \/ __/ __/ __ \| /
/ / / / /_/ /_/ /_/ / |
/_/ /_/\__/\__/ .___/_/|_|
/_/
projectdiscovery.io
[DBG] Failed 'http://0.0.0.22': GET http://0.0.0.22 giving up after 1 attempts: Get "http://0.0.0.22": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.22:80: connect: no route to host
[DBG] Failed 'http://0.0.0.47': GET http://0.0.0.47 giving up after 1 attempts: Get "http://0.0.0.47": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.47:80: connect: no route to host
[DBG] Failed 'http://0.0.0.7': GET http://0.0.0.7 giving up after 1 attempts: Get "http://0.0.0.7": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.7:80: connect: no route to host
[DBG] Failed 'http://0.0.0.41': GET http://0.0.0.41 giving up after 1 attempts: Get "http://0.0.0.41": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.41:80: connect: no route to host
[DBG] Failed 'http://0.0.0.6': GET http://0.0.0.6 giving up after 1 attempts: Get "http://0.0.0.6": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.6:80: connect: no route to host
[DBG] Failed 'http://0.0.0.43': GET http://0.0.0.43 giving up after 1 attempts: Get "http://0.0.0.43": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.43:80: connect: no route to host
[DBG] Failed 'http://0.0.0.50': GET http://0.0.0.50 giving up after 1 attempts: Get "http://0.0.0.50": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.50:80: connect: no route to host
[DBG] Failed 'http://0.0.0.4': GET http://0.0.0.4 giving up after 1 attempts: Get "http://0.0.0.4": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.4:80: connect: no route to host
[DBG] Failed 'http://0.0.0.44': GET http://0.0.0.44 giving up after 1 attempts: Get "http://0.0.0.44": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.44:80: connect: no route to host
[DBG] Failed 'http://0.0.0.51': GET http://0.0.0.51 giving up after 1 attempts: Get "http://0.0.0.51": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.51:80: connect: no route to host
[DBG] Failed 'http://0.0.0.42': GET http://0.0.0.42 giving up after 1 attempts: Get "http://0.0.0.42": [:RUNTIME] ztls fallback failed <- dial tcp 0.0.0.42:80: connect: no route to host
.......
Expected Behavior:
only request http://127.0.0.1/1
Steps To Reproduce:
echo http://127.0.0.1/1 | httpx -duc -nfs -v
echo http://127.0.0.1/12 | httpx -duc -nfs -v
It will request the generated IP segment, and the request time is very long
without -nfs flag,it's normal.only request http://127.0.0.1/1
echo http://127.0.0.1/1 | httpx -duc -v
