Skip to content

Commit

Permalink
Fix extensions with query vars
Browse files Browse the repository at this point in the history
  • Loading branch information
@liamg
liamg committed Jun 23, 2020
1 parent cf7fdf2 commit 92ea7fc
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion pkg/scan/url_scanner.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -305,7 +305,12 @@ func (scanner *URLScanner) checkURL(job URLJob) *URLResult {

if !job.BasicOnly && !strings.Contains(job.URL, "/.htpasswd") && !strings.Contains(job.URL, "/.htaccess") {
for _, ext := range scanner.backupExtensions {
scanner.queue(URLJob{URL: job.URL + ext, BasicOnly: true})
bUrl := job.URL + ext
if strings.Contains(job.URL, "?") {
bits := strings.SplitN(job.URL, "?", 2)
bUrl = strings.Join(bits, ext+"?")
}
scanner.queue(URLJob{URL: bUrl, BasicOnly: true})
}
}

Expand Down

0 comments on commit 92ea7fc

Please sign in to comment.