hostilesubbruteforcer's Issues
Running for infinite time
I used the list you provided. It is just running all the possible subdomains at each level. It's been more than 3 hours now. Is there any possibility to add the level to it. for example level 1 for domain x.y.x and level 2 for p.q.r.s?
installation issue
Hello
how can install it on window 7?what is command for bruteforce?
Fatal error - non HTTP services
Hi there,
I run into an issue while using your tool. Basically what's happening is the discovery process found a SIP-related subdomain which naturally doesn't have port 80 open. Because of this, the tool exited with such error:
Traceback (most recent call last):
15: from sub_brute.rb:174:in `<main>'
14: from sub_brute.rb:135:in `createURI'
13: from sub_brute.rb:135:in `open'
12: from sub_brute.rb:136:in `block in createURI'
11: from sub_brute.rb:136:in `each_line'
10: from sub_brute.rb:138:in `block (2 levels) in createURI'
9: from sub_brute.rb:100:in `find_subs'
8: from /usr/lib/ruby/2.5.0/net/http.rb:485:in `get_response'
7: from /usr/lib/ruby/2.5.0/net/http.rb:609:in `start'
6: from /usr/lib/ruby/2.5.0/net/http.rb:909:in `start'
5: from /usr/lib/ruby/2.5.0/net/http.rb:920:in `do_start'
4: from /usr/lib/ruby/2.5.0/net/http.rb:935:in `connect'
3: from /usr/lib/ruby/2.5.0/timeout.rb:103:in `timeout'
2: from /usr/lib/ruby/2.5.0/timeout.rb:93:in `block in timeout'
1: from /usr/lib/ruby/2.5.0/net/http.rb:936:in `block in connect'
/usr/lib/ruby/2.5.0/net/http.rb:939:in `rescue in block in connect': Failed to open TCP connection to sip.domain.com:80 (Cannot assign requested address - connect(2) for "sip.domain.com" port 80) (Errno::EADDRNOTAVAIL)
Any idea how to bypass such a situation while using your tool?
And thank you for your work building it.
Regards.
Take care of wildcard subdomain
Hi,
when the website uses a wildcard subdomain, e.g *.domain.tld
pointing to one webserver, your script detects every possible subdomain from the list:
[Fri Nov 13 13:59:58 2015] 301 0.internetwache.org ---> 95.143.172.58
[Fri Nov 13 13:59:59 2015] 301 01.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:00 2015] 301 02.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:01 2015] 301 03.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:02 2015] 301 1.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:03 2015] 301 10.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:04 2015] 301 11.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:05 2015] 301 12.internetwache.org ---> 95.143.172.58
[Fri Nov 13 14:00:06 2015] 301 13.internetwache.org ---> 95.143.172.58
Taking care of the wildcard and filtering out 'false positives' would be very helpful. Basic idea of implementation:
- Request some non-existent subdomain (
sdfsdfsdf1337trolololo.domain.tld
andasdasdasd.domain.tld
) and filter all matches with the same IP address. This again may lead to some false negatives (missing subdomains which point to the same IP), but in my opinion less damage is done.
need to change File.open("newlist") to File.open("list")
Looks like that you point to incorrect newlist file, and it should be update to list or to any other file you try to point to.
(list.txt)
Add ability to choose own output log
I think user should select where to save the results.
The output.txt file makes hard time when you try to discover few programs.
Scanning 2 domain in separate termianl show each other domain.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.