Stuck in a loop?

[infosecconsultant]

I'm not sure what's happening here. I've used this tool quite a bit for several years and I've run it against a box that appears to have the tool stuck in some kind of loop and I'm unsure why/how to fix it.

Seems to start with 1 then 2, then 3, then 4 etc characters. Doesn't seem to detect web.config there though and I'm not sure why.
Running the tool with default options.

Any suggestions would be welcome.

[irsdl]

Questions:

• Did you let it to finish? It may take some time for it to finish. You can always proxy the requests to see when it goes wrong. Then you can use the config file to make it better.

• Is this a known bb programme you can share the name?

• Have you tried https://github.com/bitquark/shortscan?

[infosecconsultant]

It didn't seem to finish (ran for more than 20 minutes when normally it would run for a few minutes at most and didn't detect any file names).

Do you mind opening your DM's on twitter for a few moments? I can share the host with you there.

I did indeed try with bitquarks version. It produced even more unexpected results. It detected it as vulnerable. Identified a bunch of files and folders, including some expected ones. But it also generated a huuuuge volume of files I'm not really convinced are actually there. Could be something else going on but I'm really not sure.

[irsdl]

What is your Twitter handle?