dan
/
onionscan
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #36 from JosephGregg/reporting 

Update report_generator.go - command to disable directory indexing for apache
This commit is contained in:
Sarah Jamie Lewis 2016-05-19 23:28:50 -07:00
parent eee0c61490 474d9487f2
commit c5a87aa08d
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
report/report_generator.go
View File

@ -139,6 +139,7 @@ func GenerateSimpleReport(reportFile string, report *OnionScanReport) {
buffer.WriteString("\t Why this is bad: Open directories can reveal the existence of files\n\t not linked from the sites source code. Most of the time this is benign, but sometimes operators forget to clean up more sensitive folders.\n") buffer.WriteString("\t Why this is bad: Open directories can reveal the existence of files\n\t not linked from the sites source code. Most of the time this is benign, but sometimes operators forget to clean up more sensitive folders.\n")
buffer.WriteString("\t To fix, use .htaccess rules or equivalent to make reading directories listings forbidden.\n") buffer.WriteString("\t To fix, use .htaccess rules or equivalent to make reading directories listings forbidden.\n")
buffer.WriteString("\t Quick Fix (Disable indexing globally) for Debian / Ubuntu running Apache: a2dismod autoindex as root.\n")
buffer.WriteString("\t Directories Identified:\n") buffer.WriteString("\t Directories Identified:\n")
for _, dir := range report.OpenDirectories { for _, dir := range report.OpenDirectories {
buffer.WriteString(fmt.Sprintf("\t\t%s\n", dir)) buffer.WriteString(fmt.Sprintf("\t\t%s\n", dir))