Vhost not working as expected #489
Comments
|
I guess you are missing the -append-domain and —domain switch. Without this the plain word from the wordlist will be sent in the host header which could explain the 400s. I’m planning to make this the default setting in the next version as it causes a lot of confusion |
So what the correct command would look like ? Please show us in detail because this make the tool not reliable for vhost enumeration |
|
gobuster vhost -u http://webenum.thm -w subdomains-top1million-5000.txt --append-domain Damn, I spent hours trying to figure this one out and earlier I even saw append domain as set to false when the scan ran, but I told myself, if the devs set that to default for vhosts, it must be for a reason. I'm kicking myself for not simply asking myself what if I change that option, makes sense right you're appending the domain to the prefix. But really, it should be default, unless there's a good reason not to have it as such. |
|
But anyway thank you for making such a cool tool, wish I could be a gigachad like you and code such intricate tools. I'm only at the level where I'm figuring out how to use these tools. One day... |
|
I was having the same issue @mijnog , so apparently with the append domain option you will get something like: without the append domain option you will get: |
Hello,
The gobuster vhost mode is not woking properly in the gobuster v3.6.
The command I put is : gobuster vhost --url http://webenum.thm -w /usr/share/wordlists/seclists/Discovery/DNS/subdomains-top1million-5000.txt
In the wordlist there are 2 values that are true and the expected output is this :
But the output I have is this :
Please note that the website is in my /etc/hosts with the IP address and the website works fine in firefox and with the other mode (dir) it works perfectly well but with vhost and dns modes it doesn't find any results.
Thank you in advance for your responses.
The text was updated successfully, but these errors were encountered: