|
|
|
|
|
|
by jjanzer
5410 days ago
|
|
|
I recently fixed an issue where the server wouldn't follow redirects which was causing some false negatives. If your site still shows as a no would you mind letting me know what the domain is so I can fix any other issue? The way I check for the vulnerability is based on the original perl script in the OP link. I submit 20 byte range requests and check for a Partial string in the response, if I see that I assume that the server is vulnerable. It's more of an educated guess, but I've been using it myself to fix misc servers I have running. |
|
|