daffainfo
/
subfinder
mirror of https://github.com/daffainfo/subfinder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added CertDB Data Source

master
ice3man 2018-04-08 06:54:28 +05:30
parent dcf9dbf6d8
commit 886ef57a2a
6 changed files with 133 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
libsubfinder/engines/passive/passive.go
View File

@ -17,6 +17,7 @@ import (
// Load different Passive data sources // Load different Passive data sources
"subfinder/libsubfinder/sources/certspotter" "subfinder/libsubfinder/sources/certspotter"
"subfinder/libsubfinder/sources/certdb"
"subfinder/libsubfinder/sources/crtsh" "subfinder/libsubfinder/sources/crtsh"
"subfinder/libsubfinder/sources/hackertarget" "subfinder/libsubfinder/sources/hackertarget"
"subfinder/libsubfinder/sources/findsubdomains" "subfinder/libsubfinder/sources/findsubdomains"
@ -33,6 +34,7 @@ func PassiveDiscovery(state *helper.State) (finalPassiveSubdomains []string) {
// TODO : Add Selection for search sources // TODO : Add Selection for search sources
fmt.Printf("\n\n[-] Searching For Subdomains in Crt.sh") fmt.Printf("\n\n[-] Searching For Subdomains in Crt.sh")
fmt.Printf("\n[-] Searching For Subdomains in CertDB")
fmt.Printf("\n[-] Searching For Subdomains in Certspotter") fmt.Printf("\n[-] Searching For Subdomains in Certspotter")
fmt.Printf("\n[-] Searching For Subdomains in Threatcrowd") fmt.Printf("\n[-] Searching For Subdomains in Threatcrowd")
fmt.Printf("\n[-] Searching For Subdomains in Findsubdomains") fmt.Printf("\n[-] Searching For Subdomains in Findsubdomains")
@ -43,10 +45,11 @@ func PassiveDiscovery(state *helper.State) (finalPassiveSubdomains []string) {
fmt.Printf("\n[-] Searching For Subdomains in Virustotal") fmt.Printf("\n[-] Searching For Subdomains in Virustotal")
fmt.Printf("\n[-] Searching For Subdomains in Netcraft\n") fmt.Printf("\n[-] Searching For Subdomains in Netcraft\n")
ch := make(chan helper.Result, 10) ch := make(chan helper.Result, 11)
// Create goroutines for added speed and recieve data via channels // Create goroutines for added speed and recieve data via channels
go crtsh.Query(state, ch) go crtsh.Query(state, ch)
go certdb.Query(state, ch)
go certspotter.Query(state, ch) go certspotter.Query(state, ch)
go hackertarget.Query(state, ch) go hackertarget.Query(state, ch)
go findsubdomains.Query(state, ch) go findsubdomains.Query(state, ch)
@ -58,7 +61,7 @@ func PassiveDiscovery(state *helper.State) (finalPassiveSubdomains []string) {
go netcraft.Query(state, ch) go netcraft.Query(state, ch)
// recieve data from all goroutines running // recieve data from all goroutines running
for i := 1; i <= 10; i++ { for i := 1; i <= 11; i++ {
result := <-ch result := <-ch
if result.Error != nil { if result.Error != nil {

111
libsubfinder/sources/certdb/certdb.go Normal file
View File

@ -0,0 +1,111 @@
//
// certdb.go : A CertDB Subdomain parser in golang
// Written By : @ice3man (Nizamul Rana)
//
// Distributed Under MIT License
// Copyrights (C) 2018 Ice3man
//
package certdb
import (
"io/ioutil"
"fmt"
"regexp"
"subfinder/libsubfinder/helper"
)
// all subdomains found
var subdomains []string
// Parser subdomains from SSL Certificate Information Page
func findSubdomains(link string, state *helper.State) (subdomainsfound []string, err error) {
resp, err := helper.GetHTTPResponse("https://certdb.com"+link, state.Timeout)
if err != nil {
return subdomainsfound, err
}
// Get the response body
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return subdomainsfound, err
}
src := string(body)
SubdomainRegex, err := regexp.Compile("<a href=\"https://certdb.com/domain/(.*)\" target='_blank' class='link-underlined' >")
if err != nil {
return subdomainsfound, err
}
match := SubdomainRegex.FindAllStringSubmatch(src, -1)
for _, link := range match {
subdomainsfound = append(subdomainsfound, link[1])
}
return subdomainsfound, nil
}
//
// Query : Queries awesome CertDB service for subdomains
// @param state : current application state, holds all information found
//
func Query(state *helper.State, ch chan helper.Result) {
var result helper.Result
result.Subdomains = subdomains
// Make a http request to CertDB
resp, err := helper.GetHTTPResponse("https://certdb.com/domain/"+state.Domain, state.Timeout)
if err != nil {
result.Error = err
ch <- result
return
}
// Get the response body
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
result.Error = err
ch <- result
return
}
src := string(body)
// Get links for all the SSL Certficates found
Regex, _ := regexp.Compile("<a href=\"(.*)\" class=\"see-more-link\">See more →</a>")
match := Regex.FindAllStringSubmatch(src, -1)
var initialSubs []string
for _, link := range match {
subsReturned, err := findSubdomains(link[1], state)
if err != nil {
result.Error = err
ch <- result
return
}
initialSubs = append(initialSubs, subsReturned...)
}
for _, subdomain := range initialSubs {
if state.Verbose == true {
if state.Color == true {
fmt.Printf("\n[%sCERTDB%s] %s", helper.Red, helper.Reset, subdomain)
} else {
fmt.Printf("\n[CERTDB] %s", subdomains)
}
}
subdomains = append(subdomains, subdomain)
}
result.Subdomains = subdomains
result.Error = nil
ch <-result
}

2
libsubfinder/sources/dnsdumpster/dnsdumpster.go
View File

@ -36,7 +36,7 @@ func Query(state *helper.State, ch chan helper.Result) {
var result helper.Result var result helper.Result
result.Subdomains = subdomains result.Subdomains = subdomains
// Make a http request to Netcraft // Make a http request to DNSDumpster
resp, gCookies, err := helper.GetHTTPCookieResponse("https://dnsdumpster.com", gCookies, state.Timeout) resp, gCookies, err := helper.GetHTTPCookieResponse("https://dnsdumpster.com", gCookies, state.Timeout)
if err != nil { if err != nil {
result.Error = err result.Error = err

11
libsubfinder/sources/passivetotal/passivetotal.go
View File

@ -97,10 +97,11 @@ func Query(state *helper.State, ch chan helper.Result) {
result.Subdomains = subdomains result.Subdomains = subdomains
result.Error = nil result.Error = nil
ch <-result ch <-result
return
} else {
result.Subdomains = subdomains
result.Error = nil
ch <- result
return
} }
result.Subdomains = subdomains
result.Error = nil
ch <- result
return
} }

4
libsubfinder/sources/ptrarchive/ptrarchive.go
View File

@ -20,7 +20,7 @@ import (
var subdomains []string var subdomains []string
// //
// Query : Queries awesome DNSDumpster service for subdomains // Query : Queries awesome CertDB service for subdomains
// @param state : current application state, holds all information found // @param state : current application state, holds all information found
// //
func Query(state *helper.State, ch chan helper.Result) { func Query(state *helper.State, ch chan helper.Result) {
@ -28,7 +28,7 @@ func Query(state *helper.State, ch chan helper.Result) {
var result helper.Result var result helper.Result
result.Subdomains = subdomains result.Subdomains = subdomains
// Make a http request to Netcraft // Make a http request to CertDB
resp, err := helper.GetHTTPResponse("http://ptrarchive.com/tools/search2.htm?label="+state.Domain+"&date=ALL", state.Timeout) resp, err := helper.GetHTTPResponse("http://ptrarchive.com/tools/search2.htm?label="+state.Domain+"&date=ALL", state.Timeout)
if err != nil { if err != nil {
result.Error = err result.Error = err

15
libsubfinder/sources/virustotal/virustotal.go
View File

@ -101,12 +101,13 @@ func Query(state *helper.State, ch chan helper.Result) {
result.Subdomains = subdomains result.Subdomains = subdomains
result.Error = nil result.Error = nil
ch <-result ch <-result
return
} else {
var subdomains []string
result.Subdomains = subdomains
result.Error = nil
ch <- result
return
} }
var subdomains []string
result.Subdomains = subdomains
result.Error = nil
ch <- result
return
} }