dan
/
onionscan
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update report_generator.go 

Provided quick fix command that site operators can use to disable directory indexing globally.
This commit is contained in:
JosephGregg 2016-05-19 12:00:00 -04:00
parent eee0c61490
commit 474d9487f2
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
report/report_generator.go
View File

@ -139,6 +139,7 @@ func GenerateSimpleReport(reportFile string, report *OnionScanReport) {
buffer.WriteString("\t Why this is bad: Open directories can reveal the existence of files\n\t not linked from the sites source code. Most of the time this is benign, but sometimes operators forget to clean up more sensitive folders.\n") buffer.WriteString("\t Why this is bad: Open directories can reveal the existence of files\n\t not linked from the sites source code. Most of the time this is benign, but sometimes operators forget to clean up more sensitive folders.\n")
buffer.WriteString("\t To fix, use .htaccess rules or equivalent to make reading directories listings forbidden.\n") buffer.WriteString("\t To fix, use .htaccess rules or equivalent to make reading directories listings forbidden.\n")
buffer.WriteString("\t Quick Fix (Disable indexing globally) for Debian / Ubuntu running Apache: a2dismod autoindex as root.\n")
buffer.WriteString("\t Directories Identified:\n") buffer.WriteString("\t Directories Identified:\n")
for _, dir := range report.OpenDirectories { for _, dir := range report.OpenDirectories {
buffer.WriteString(fmt.Sprintf("\t\t%s\n", dir)) buffer.WriteString(fmt.Sprintf("\t\t%s\n", dir))