Giter Site home page Giter Site logo

Comments (16)

ehsandeep avatar ehsandeep commented on May 22, 2024

It works without port flag? @marcopolo157

from httpx.

marcopolo157 avatar marcopolo157 commented on May 22, 2024

Also it sometimes randomly returns double results for the same http port:

echo 192.168.8.0/24 | ./httpx -title -content-length -status-code -ports 80,443,8080

    __    __  __       _  __
   / /_  / /_/ /_____ | |/ /
  / __ \/ __/ __/ __ \|   / 
 / / / / /_/ /_/ /_/ /   |  
/_/ /_/\__/\__/ .___/_/|_|  
             /_/              v1           

		projectdiscovery.io

[WRN] Use with caution. You are responsible for your actions
[WRN] Developers assume no liability and are not responsible for any misuse or damage.
http://192.168.8.100:8080 [200] [1409] [Burp Suite Professional]
http://192.168.8.100:8080 [200] [1409] [Burp Suite Professional]

from httpx.

marcopolo157 avatar marcopolo157 commented on May 22, 2024

@bauthard yes without port flag works fine.

from httpx.

ehsandeep avatar ehsandeep commented on May 22, 2024

Thank you, we will confirm and fix this.

from httpx.

ehsandeep avatar ehsandeep commented on May 22, 2024

@marcopolo157 I'm not able to reproduce this, it's working fine as you can see here, and that duplicate is not random, when you request for port, 80 and 443, You see result for both request, other one for port 443 which fallback to 80 as that host was not accessible on port 443.

> echo 173.0.84.0/24 | httpx -title -content-length -status-code -ports 80,443 -silent

http://173.0.84.22:80 [302] [0] []
http://173.0.84.12:80 [404] [42] []
http://173.0.84.13:80 [302] [0] []
https://173.0.84.4:443 [301] [0] []
https://173.0.84.4:443 [301] [0] []
http://173.0.84.4:80 [302] [0] []
http://173.0.84.13:80 [302] [0] []
http://173.0.84.14:80 [404] [42] []
https://173.0.84.6:443 [200] [7543] []
https://173.0.84.6:443 [200] [7543] []
https://173.0.84.6:443 [200] [7543] []
https://173.0.84.12:443 [404] [42] []
https://173.0.84.12:443 [404] [42] []
https://173.0.84.14:443 [404] [42] []
https://173.0.84.24:443 [302] [35] []
https://173.0.84.24:443 [302] [35] []
https://173.0.84.24:443 [302] [35] []
https://173.0.84.16:443 [200] [7543] []
https://173.0.84.16:443 [200] [7525] []
https://173.0.84.16:443 [200] [7543] []
https://173.0.84.2:443 [200] [7543] []
http://173.0.84.2:80 [301] [0] []
https://173.0.84.29:443 [404] [169] [404 Not Found]
http://173.0.84.27:80 [302] [0] []
http://173.0.84.28:80 [302] [0] []
http://173.0.84.27:80 [302] [0] []

from httpx.

marcopolo157 avatar marcopolo157 commented on May 22, 2024

@bauthard Idk why this is happening, but I noticed when the threads are set to 1, it works fine.

echo 192.168.8.0/24 | ./httpx -title -content-length -status-code -ports 80,443,8080 -silent -threads 1
http://192.168.8.1:80 [307] [13] []

Btw try on CIDR where the x.x.x.1 is alive.

from httpx.

ehsandeep avatar ehsandeep commented on May 22, 2024

I can not test or confirm as you are testing this on your local network, would like to know if you facing this issue on any public IP which we can use to reproduce @marcopolo157

from httpx.

marcopolo157 avatar marcopolo157 commented on May 22, 2024

@bauthard try this one

echo 1.1.1.1 | ./httpx -title -content-length -status-code -ports 80,443 -silent 
http://1.1.1.1:80 [301] [186] [301 Moved Permanently]
https://1.1.1.1:443 [200] [47069] [1.1.1.1 — The free app that makes your Internet faster.]

echo 1.1.1.0/24 | ./httpx -title -content-length -status-code -ports 80,443 -silent 
http://1.1.1.4:80 [403] [16] []
https://1.1.1.2:443 [302] [0] []
https://1.1.1.2:443 [302] [0] []
http://1.1.1.8:80 [403] [16] []
http://1.1.1.14:80 [403] [16] []
http://1.1.1.22:443 [400] [253] [400 The plain HTTP request was sent to HTTPS port]
http://1.1.1.12:443 [400] [253] [400 The plain HTTP request was sent to HTTPS port]
http://1.1.1.16:443 [400] [253] [400 The plain HTTP request was sent to HTTPS port]
http://1.1.1.6:443 [400] [253] [400 The plain HTTP request was sent to HTTPS port]
....
....

from httpx.

ehsandeep avatar ehsandeep commented on May 22, 2024

it's a valid issue @marcopolo157, thank you for pointing this out.

from httpx.

marcopolo157 avatar marcopolo157 commented on May 22, 2024

Thank you!

from httpx.

ehsandeep avatar ehsandeep commented on May 22, 2024

To reproduce:-

> prips 1.1.1.0/24 | httpx -title -content-length -status-code -ports 80,443 -silent | grep 1.1.1.1:80
http://1.1.1.1:80 [301] [186] [301 Moved Permanently]
> echo 1.1.1.0/24 | httpx -title -content-length -status-code -ports 80,443 -silent | grep 1.1.1.1:80

from httpx.

marcopolo157 avatar marcopolo157 commented on May 22, 2024

@bauthard duplicate bug reproduce:

echo 1.1.1.0/24 | ./httpx -title -content-length -status-code -ports 80,443 -silent | sort | uniq -d

from httpx.

ehsandeep avatar ehsandeep commented on May 22, 2024

Hey @marcopolo157,

Please have a look at last comment:-

and that duplicate is not random, when you request for port, 80 and 443, You see the result for both request, other one for port 443 which fallback to 80 as that host was not accessible on port 443.

that's not a bug, but expected behavior to auto fallback to HTTP when HTTPs is not working.

from httpx.

marcopolo157 avatar marcopolo157 commented on May 22, 2024

hi @bauthard it's a bug, sometimes it gives triple duplicates randomly.

Run the following command multiple times:

echo 1.1.1.0/24 | ./httpx -title -content-length -status-code -ports 80,443 -silent | sort

http://1.1.1.24:80 [403] [16] []
http://1.1.1.24:80 [403] [16] []
http://1.1.1.24:80 [403] [16] []

http://1.1.1.22:443 [400] [253] [400 The plain HTTP request was sent to HTTPS port]
http://1.1.1.22:443 [400] [253] [400 The plain HTTP request was sent to HTTPS port]
http://1.1.1.22:443 [400] [253] [400 The plain HTTP request was sent to HTTPS port]

from httpx.

ehsandeep avatar ehsandeep commented on May 22, 2024

@marcopolo157 thank you, now I see, something is not right with CIDR handling, I've reproduced this issue as well and will be fixed with CIDR bug.

from httpx.

ehsandeep avatar ehsandeep commented on May 22, 2024

@marcopolo157 this is fixed in the master code.

from httpx.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.