ReconNess Docs


CRLFuzz Agent Setup for Scan CRLF vulnerability

CRLFuzz Command

Using {{domain}} ReconNess replace {{domain}} for the subdomain.
crlfuzz -u https://{{domain}} -s
This Agent run in each subdomain.

CRLFuzz Script

We save the vulnerability info inside the Subdomain's Notes
return new ReconNess.Core.Models.ScriptOutput { Note = lineInput };
Check the Readme on GitHub to know more about the Script.

CRLFuzz Dockerfile Entry

# -------- Agents dependencies --------
# To allow run CRLFuzz inside the docker
RUN apt-get update && apt-get install -y git wget
RUN wget
RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz
RUN /usr/local/go/bin/go get -v
# -------- End Agents dependencies --------

CRLFuzz Command for Docker

/root/go/bin/crlfuzz -u https://{{domain}} -s