Stuck at the crawling part - Gospider.txt output: unknown flag: --js

Question

Stuck at the crawling part - Gospider.txt output: unknown flag: --js

sh0tal opened this issue 3 years ago · comments

Hello guys,

I installed Garud on a kali linux VM, and when i run the command, i cant get it going more than the crawling part. It stuck at the crawling part and i managed to found in the gospider.txt (from the output of the scan) the following:
unknown flag: --js
Which is the reason that it get stuck at the crawling part i suppose.

Looking at the garud code, i found the line that causes the problem:
gospider -S enumeration/liveurls.txt -d 10 -c 20 -t 50 -K 3 --no-redirect --js -a -w --blacklist ".(eot|jpg|jpeg|gif|css|tif|tiff|png|ttf|otf|woff|woff2|ico|svg|txt)" --include-subs -q -o enumeration/temp/gospider 2> /dev/null | anew -q enumeration/parameters/gospider.txt && rm -rf out/ &> /dev/null

Can anyone help?
Is this something that has to do with a flag regarding gospider?
I couldnt find any flag --js in the gospiders' flags.

Eshan Singh · Answer 1 · Fri Aug 13 2021 19:25:22 GMT+0800 (China Standard Time)

Hello @sh0tal,
Thanks for raising the issue.

--js is a valid argument in gospider you can check it using gospider -h command

--js                        Enable linkfinder in javascript file (default true)

Maybe the issue is from your side or from the gospider. You can kill all the gospider process running on you system so garud will skip to the next step.

To kill all gospider processes

$ ps aux | grep gospider | sed '/grep/d' | awk '{print $2}' | while read -r line; do kill $line; done

Regards,
R0X4R

sh0tal · Answer 2 · Sat Aug 14 2021 17:19:36 GMT+0800 (China Standard Time)

Hello @R0X4R ,

Thank you for your answer :)

The problem was that I had an outdated version of gospider ( v1.1.0), where the --js flag was missing, and I updated it to the newest (v1.1.6).

Then, I run Garud again but it got stuck at the crawling part again. - I left it running for about 15 hours, scanning hackerone.com (24 subdomains found).

After looking into the results txts' in the parameters folder, I found out that gospider.txt was empty (the file that had the error with the --js flag) and the others (gauplus.txt jslinks.txt wayback.txt) were okay (had results in them).

I suppose that the problem is still when executing the gospider command.
I will keep looking to find out what is going wrong and let you know if i find something or any fix i will come up with.

Eshan Singh · Answer 3 · Sun Aug 15 2021 19:37:52 GMT+0800 (China Standard Time)

Hey @sh0tal,
Thanks for your reply.

I have released the latest version of Garud, check it out. I have added the timeout option in gospider hope it will fix your issue.

Regards,
R0X4R

sh0tal · Answer 4 · Tue Aug 17 2021 19:07:45 GMT+0800 (China Standard Time)

Hello, @R0X4R

Thank you for the update.
I will give it a try and let you know if any problem arises.

Eshan Singh · Answer 5 · Thu Sep 16 2021 14:56:43 GMT+0800 (China Standard Time)

Hey @sh0tal,
Greetings of the day,

It's been 1 month, I think your issue is resolved. Closing this issue.

Thanks.