-2

im a begginer at bash scripting, i was able to do a subdomain bruteforce but now im stuck at directory bruteforce, im using "curl" to do a get request and get a response (200,400,301) but im not able to make it work

domain=$1
curl=$(curl --write-out %{http_code} --silent --output /dev/null $domain/$dir)

while read dir;do
  $curl
  if [ $curl != 400 ];then
    echo "Dominios encontrados: " $domain/$dir
  fi
done < listadiretorios.txt

I know its too stupid but ive already looked for answers and did not find anything :)

cas
  • 1
  • 7
  • 119
  • 185
whiterose
  • 3
  • 1
  • 1
    Double-quote your variables when you use them - e.g. `"$domain/$dir"`. URLs are especially likely to contain shell metacharacters (like `&`) that will affect the shell's operation. See [Why does my shell script choke on whitespace or other special characters?](https://unix.stackexchange.com/questions/131766/why-does-my-shell-script-choke-on-whitespace-or-other-special-characters). Also, why are you setting variable $curl to be the output from a `curl` command, and then trying to execute the contents of that variable inside a `while read` loop? – cas May 20 '22 at 03:50

1 Answers1

0

A few issues I can see, a key problem is that you are executing the curl before the loop.

I think this should work better, without diverging too much from your original code.

Also you might need to look at more response codes.

domain="$1"

while read dir;do
  # capture response from curl command
  response="$(curl --write-out %{http_code} --silent --output /dev/null "$domain/$dir")"
  # check curl response
  if [ "$response" != 400 ];then
    echo "Dominios encontrados: $domain/$dir"
  fi
done < listadiretorios.txt
bxm
  • 4,561
  • 1
  • 20
  • 21
  • 1
    Why do you not just call `curl` explicitly in the loop? You have "fancy" quotes (1st line), a dangling left-parentheses (3rd line), and missing quotes (the `eval`). – Kusalananda May 20 '22 at 05:44
  • That's what I get for trying to write answers on my phone. And also trying to implement what the OP seemed to be attempting. You're right, using `eval` is unnecessary here. Fixed. – bxm May 20 '22 at 07:51
  • Why you use `!=` which is for comparing strings? – Romeo Ninov May 20 '22 at 09:24
  • 1
    I've just brought that across from what was in the original post. It's no doing any particular harm, given that shell script isn't very opinionated about variable typing. – bxm May 20 '22 at 12:35
  • hi, i talked to a friend of mine yesterday and h e just helped me, anyways, thanks a lot guys, this is the new code btw: domain=$1 COR_RED="\e[31;1;4m" COR_YELLOW="\e[33;1;1m" while read dir;do if wget $domain/$dir &> /dev/null;then echo -e ${COR_YELLOW}"Diretório encontrado: " ${COR_RED}"$1/$dir" fi done < listadiretorios.txt – whiterose May 20 '22 at 13:22
  • thanks @bmx, u helped me a lot to get new views of clean code and good code as well, i really apreciate this! – whiterose May 20 '22 at 13:25
  • No problem; it might be helpful for someone looking later if you add your final script as an answer. – bxm May 23 '22 at 09:58