From 9bb613050ea71e1f5d4e778c27a82777ffd5ff22 Mon Sep 17 00:00:00 2001 From: bjhulst <30053806+bjhulst@users.noreply.github.com> Date: Thu, 23 Jul 2020 12:28:31 +0300 Subject: [PATCH] Update random seed logic (#262) * Update util.go * Update job.go rand.Seed updated just before usage * Update util.go revert * Updated CHANGELOG.MD with a description of the bug fix. Co-authored-by: Joona Hoikkala --- CHANGELOG.md | 1 + pkg/ffuf/job.go | 1 + 2 files changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 36a869b..6395910 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ - Added support to output "all" formats (specify the path/filename sans file extension and ffuf will add the appropriate suffix for the filetype) - Changed + - Fixed a bug related to the autocalibration feature making the random seed initialization also to take place before autocalibration needs it. - Added tls renegotiation flag to fix #193 in http.Client - Fixed HTML report to display select/combo-box for rows per page (and increased default from 10 to 250 rows). - Added Host information to JSON output file diff --git a/pkg/ffuf/job.go b/pkg/ffuf/job.go index 0fb65fb..a72e569 100644 --- a/pkg/ffuf/job.go +++ b/pkg/ffuf/job.go @@ -331,6 +331,7 @@ func (j *Job) handleRecursionJob(resp Response) { //CalibrateResponses returns slice of Responses for randomly generated filter autocalibration requests func (j *Job) CalibrateResponses() ([]Response, error) { cInputs := make([]string, 0) + rand.Seed(time.Now().UnixNano()) if len(j.Config.AutoCalibrationStrings) < 1 { cInputs = append(cInputs, "admin"+RandomString(16)+"/") cInputs = append(cInputs, ".htaccess"+RandomString(16))