CRLFuzz
CRLFuzz Agent Setup for Scan CRLF vulnerability

CRLFuzz Command

Using {{domain}} ReconNess replace {{domain}} for the subdomain.
1
crlfuzz -u https://{{domain}} -s
Copied!
This Agent run in each subdomain.

CRLFuzz Script

We save the vulnerability info inside the Subdomain's Notes
1
return new ReconNess.Core.Models.ScriptOutput { Note = lineInput };
Copied!
Check the Readme on GitHub to know more about the Script.

CRLFuzz Dockerfile Entry

1
# -------- Agents dependencies --------
2
3
# To allow run CRLFuzz inside the docker
4
5
RUN apt-get update && apt-get install -y git wget
6
RUN wget https://dl.google.com/go/go1.14.6.linux-amd64.tar.gz
7
RUN tar -C /usr/local -xzf go1.14.6.linux-amd64.tar.gz
8
RUN /usr/local/go/bin/go get -v github.com/dwisiswant0/crlfuzz/cmd/crlfuzz
9
10
# -------- End Agents dependencies --------
Copied!

CRLFuzz Command for Docker

1
/root/go/bin/crlfuzz -u https://{{domain}} -s
Copied!
Last modified 6mo ago