sherlock-project/sherlock

cgtrader is returning false positives

Closed this issue · 8 comments

thedaryltan commented

Checklist

  • I'm reporting a website that is returning false positive results
  • I've checked for similar site support requests including closed ones
  • I've checked for pull requests attempting to fix this false positive
  • I'm only reporting one site (create a separate issue for each site)

Description

cgtrader is returning a false positive on all usernames.

I believe the issue is that the data.json file identifies it as a errortype: Message but the current website has changed to return a 404 error instead.

On further testing, I found that even when I changed it to an errortype: message to try to address the false positives, it continues to have the same issue. From some of the data I see in Burpsuite, it seems like cgtrader may have cloudflare protection. If someone knows how to verify and confirm this then I suggest we remove cgtrader from the list of sites.

SourGeckoo commented

Same here. Also got false positives for Coders Rank.

  • 👍3
thedaryltan commented

Same here. Also got false positives for Coders Rank.

Oh. I haven't encountered that. Does it happen for all usernames or just some specific examples?

SourGeckoo commented

the vast majority of usernames return a false positive, but not all. It's quite strange...

JonUleis commented

Seeing false positives on these 10 currently:

[+] Archive.org: https://archive.org/details/@______
[+] CGTrader: https://www.cgtrader.com/______
[+] Coders Rank: https://profile.codersrank.io/user/______/
[+] G2G: https://www.g2g.com/______
[+] Linktree: https://linktr.ee/______
[+] NationStates Nation: https://nationstates.net/nation=______
[+] NationStates Region: https://nationstates.net/region=______
[+] Oracle Community: https://community.oracle.com/people/______
[+] SoylentNews: https://soylentnews.org/~______

  • 👍6
orimandel commented

Contently (https://username.contently.com) gives a false positive too