hostilesubbruteforcer's People
Forkers
geekspeed secforks n0z3r0 infosecsecurity naylamp6 asanso oussoudreamer ankushgoel27 dznaix haseebeqx codedevloper open-sec akshay-pandurangi gub0x1 mgcfish 5up3rc michaeltestliu caoyunzhu nurnobi-sg7 shahsparx aindoria ducnp parag85 mfadzilramli hayg97 baldhead xianxiaman panckazzz idkwim phantasmlab w3bt00lz engmomostafa samhaxr binaryreaper vncloudsco obaidrehman12345 nareshmail orf53975 io-security-solutions irwandimail theshuvo ramy-gerges yokumaz dr-aryone la3b0z safisec affilares freeguy1 lordokeson x3n0nme marciopocebon malli1983 krouser averroes websecresearch 1337in uid-root t0fy 0xfatty repson bluedangerforyou layth01 ellerbrock unsecureio adelmahmoudhussein berkotako andutra abdallahmaher0 vishal9066 hacback17 prinsharma1999 jeff-spec saugatasil harishvenkatram zforks rakhithjk eth0-re hmidani-abdelilah certix7 24nitin mandatedisrael masterscott sageof6iixpaths jayway007 zorroroot john-harold-pof 5l1v3r1 uemon-code secwiththamhv hartl3y94 ashrafullah royzsec scriptkkiddie tommalvoriddle vaibhavkrjha rami999eid akaritidubey kingofbugbounty sirbaek paulinhonetohostilesubbruteforcer's Issues
Running for infinite time
I used the list you provided. It is just running all the possible subdomains at each level. It's been more than 3 hours now. Is there any possibility to add the level to it. for example level 1 for domain x.y.x and level 2 for p.q.r.s?
Take care of wildcard subdomain
Hi,
when the website uses a wildcard subdomain, e.g *.domain.tld
pointing to one webserver, your script detects every possible subdomain from the list:
[Fri Nov 13 13:59:58 2015] 301 0.internetwache.org ---> 95.143.172.58
[Fri Nov 13 13:59:59 2015] 301 01.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:00 2015] 301 02.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:01 2015] 301 03.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:02 2015] 301 1.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:03 2015] 301 10.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:04 2015] 301 11.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:05 2015] 301 12.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:06 2015] 301 13.internetwache.org ---> 95.143.172.58
Taking care of the wildcard and filtering out 'false positives' would be very helpful. Basic idea of implementation:
- Request some non-existent subdomain (
sdfsdfsdf1337trolololo.domain.tld
andasdasdasd.domain.tld
) and filter all matches with the same IP address. This again may lead to some false negatives (missing subdomains which point to the same IP), but in my opinion less damage is done.
need to change File.open("newlist") to File.open("list")
Looks like that you point to incorrect newlist file, and it should be update to list or to any other file you try to point to.
(list.txt)
Fatal error - non HTTP services
Hi there,
I run into an issue while using your tool. Basically what's happening is the discovery process found a SIP-related subdomain which naturally doesn't have port 80 open. Because of this, the tool exited with such error:
Traceback (most recent call last):
15: from sub_brute.rb:174:in `<main>'
14: from sub_brute.rb:135:in `createURI'
13: from sub_brute.rb:135:in `open'
12: from sub_brute.rb:136:in `block in createURI'
11: from sub_brute.rb:136:in `each_line'
10: from sub_brute.rb:138:in `block (2 levels) in createURI'
9: from sub_brute.rb:100:in `find_subs'
8: from /usr/lib/ruby/2.5.0/net/http.rb:485:in `get_response'
7: from /usr/lib/ruby/2.5.0/net/http.rb:609:in `start'
6: from /usr/lib/ruby/2.5.0/net/http.rb:909:in `start'
5: from /usr/lib/ruby/2.5.0/net/http.rb:920:in `do_start'
4: from /usr/lib/ruby/2.5.0/net/http.rb:935:in `connect'
3: from /usr/lib/ruby/2.5.0/timeout.rb:103:in `timeout'
2: from /usr/lib/ruby/2.5.0/timeout.rb:93:in `block in timeout'
1: from /usr/lib/ruby/2.5.0/net/http.rb:936:in `block in connect'
/usr/lib/ruby/2.5.0/net/http.rb:939:in `rescue in block in connect': Failed to open TCP connection to sip.domain.com:80 (Cannot assign requested address - connect(2) for "sip.domain.com" port 80) (Errno::EADDRNOTAVAIL)
Any idea how to bypass such a situation while using your tool?
And thank you for your work building it.
Regards.
Add ability to choose own output log
I think user should select where to save the results.
The output.txt file makes hard time when you try to discover few programs.
Scanning 2 domain in separate termianl show each other domain.
installation issue
Hello
how can install it on window 7?what is command for bruteforce?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.