Skip to content

Usage

Jump to bottom
Nefcore Security edited this page Aug 16, 2022 · 1 revision

Specify Targets(s)

Scan a single URL

You can scan a single URL using the -t/--target arguments:

crlfsuite -t http://testphp.vulnweb.com

Scan multiple URLs

You can scan multiple URLs using the -iT/--import-targets arguments:

crlfsuite -iT targets.txt

Scan URL(S) from stdin

CRLFsuite supports stdin so you can scan URL(s) from stdin using --pipe argument:

cat targets.txt | crlfsuite --pipe

HTTP request arguments usage

Specify HTTP method

CRLFsuite supports GET/POST

crlfsuite -t http://example.com -m POST

Specify HTTP POST data

You can specify HTTP POST data using -d/--data arguments:

crlfsuite http://example.com -m POST -d "nefcore=security&crlf=injection"

Specify HTTP Cookies

You can specify HTTP cookies using -c/--cookies arguments:

crlfsuite http://example.com -c "PID=334;CID=32234"

Specify Request timeout

You can specify Request timeout using -tO/--timeout arguments:

crlfsuite http://example.com --timeout 30

SSL verification

You can use --ssl if you want CRLFsuite to verify SSL cert.

crlfsuite -iT targets --ssl

Specify delay between every request

You can specify delay between every URL using --delay argument (it will set the number of threads to 1):

crlfsuite -iT targets.txt --delay 5

Stable requests

If you want CRLFsuite to prioritize stability over speed then can specify --stable argument (it will also set the number of threads to 1):

crlfsuite -t http://example.com --stable

Specify headers

There are two ways you can specify headers:

  1. Using command line
crlfsuite -t http://example.com --headers "user-agent: mozila\naccept: */*"
  1. By Pasting headers in the editor

The following command will open a temp file in nano editor so you can paste headers in it

crlfsuite -t https://example.com --headers

Export vulnerable URLs

CRLFsuite supports Text & JSON output formats, you can export vulnerable URLs using -oN/--normal-output or -oJ/--json-output

crlfsuite -t http://example.com -oJ output.json

Other arguments usage

Specify concurrent threads

You can specify number of concurrent threads using -cT/--concurrent-threads arguments:

crlfsuite -t http://example.com -cT 15

Specify Verbosity

There are three levels of verbosity in CRLFsuite:

Level 1: It shows basic information like when waf detector started and ended.

Level 2: It shows more information than level 1 like parsed URLs details, Requested URL and Status code.

Level 3: It shows every thing like all the things of the previous levels, parsed cookies, parsed post data, parsed headers, response headers and response text of every URL

You can give higher level than 3 but it will effect the verbosity.

Resume scans

You can resume scan after CTRL^C is pressed using -r/--resume argument:

crlfsuite --resume

Note:resumable_data.crlfsuite and resume.cfg is required to resume a scan.

Clone this wiki locally