commit
9c493eaff2
|
@ -35,6 +35,7 @@ import (
|
||||||
"github.com/Ice3man543/subfinder/libsubfinder/sources/virustotal"
|
"github.com/Ice3man543/subfinder/libsubfinder/sources/virustotal"
|
||||||
"github.com/Ice3man543/subfinder/libsubfinder/sources/waybackarchive"
|
"github.com/Ice3man543/subfinder/libsubfinder/sources/waybackarchive"
|
||||||
"github.com/Ice3man543/subfinder/libsubfinder/sources/baidu"
|
"github.com/Ice3man543/subfinder/libsubfinder/sources/baidu"
|
||||||
|
"github.com/Ice3man543/subfinder/libsubfinder/sources/ask"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Sources configuration structure specifying what should we use
|
// Sources configuration structure specifying what should we use
|
||||||
|
@ -58,12 +59,13 @@ type Source struct {
|
||||||
Riddler bool
|
Riddler bool
|
||||||
Dnsdb bool
|
Dnsdb bool
|
||||||
Baidu bool
|
Baidu bool
|
||||||
|
Ask bool
|
||||||
|
|
||||||
NoOfSources int
|
NoOfSources int
|
||||||
}
|
}
|
||||||
|
|
||||||
func PassiveDiscovery(state *helper.State) (finalPassiveSubdomains []string) {
|
func PassiveDiscovery(state *helper.State) (finalPassiveSubdomains []string) {
|
||||||
sourceConfig := Source{false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, 0}
|
sourceConfig := Source{false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, false, 0}
|
||||||
|
|
||||||
fmt.Printf("\n")
|
fmt.Printf("\n")
|
||||||
if state.Sources == "all" {
|
if state.Sources == "all" {
|
||||||
|
@ -87,10 +89,11 @@ func PassiveDiscovery(state *helper.State) (finalPassiveSubdomains []string) {
|
||||||
fmt.Printf("\n[-] Searching For Subdomains in Riddler")
|
fmt.Printf("\n[-] Searching For Subdomains in Riddler")
|
||||||
fmt.Printf("\n[-] Searching For Subdomains in Netcraft")
|
fmt.Printf("\n[-] Searching For Subdomains in Netcraft")
|
||||||
fmt.Printf("\n[-] Searching For Subdomains in Dnsdb")
|
fmt.Printf("\n[-] Searching For Subdomains in Dnsdb")
|
||||||
fmt.Printf("\n[-] Searching For Subdomains in Baidu\n")
|
fmt.Printf("\n[-] Searching For Subdomains in Baidu")
|
||||||
|
fmt.Printf("\n[-] Searching For Subdomains in Ask\n")
|
||||||
}
|
}
|
||||||
|
|
||||||
sourceConfig = Source{true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, 18}
|
sourceConfig = Source{true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, true, 19}
|
||||||
} else {
|
} else {
|
||||||
// Check data sources and create a source configuration structure
|
// Check data sources and create a source configuration structure
|
||||||
|
|
||||||
|
@ -204,6 +207,12 @@ func PassiveDiscovery(state *helper.State) (finalPassiveSubdomains []string) {
|
||||||
}
|
}
|
||||||
sourceConfig.Baidu = true
|
sourceConfig.Baidu = true
|
||||||
sourceConfig.NoOfSources = sourceConfig.NoOfSources + 1
|
sourceConfig.NoOfSources = sourceConfig.NoOfSources + 1
|
||||||
|
} else if source == "ask" {
|
||||||
|
if state.Silent != true {
|
||||||
|
fmt.Printf("\n[-] Searching For Subdomains in Ask")
|
||||||
|
}
|
||||||
|
sourceConfig.Ask = true
|
||||||
|
sourceConfig.NoOfSources = sourceConfig.NoOfSources + 1
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -267,6 +276,9 @@ func PassiveDiscovery(state *helper.State) (finalPassiveSubdomains []string) {
|
||||||
if sourceConfig.Baidu == true {
|
if sourceConfig.Baidu == true {
|
||||||
go baidu.Query(state, ch)
|
go baidu.Query(state, ch)
|
||||||
}
|
}
|
||||||
|
if sourceConfig.Ask == true {
|
||||||
|
go ask.Query(state, ch)
|
||||||
|
}
|
||||||
|
|
||||||
// Recieve data from all goroutines running
|
// Recieve data from all goroutines running
|
||||||
for i := 0; i < sourceConfig.NoOfSources; i++ {
|
for i := 0; i < sourceConfig.NoOfSources; i++ {
|
||||||
|
|
|
@ -0,0 +1,96 @@
|
||||||
|
//
|
||||||
|
// Written By : @Mzack9999 (Marco Rivoli)
|
||||||
|
//
|
||||||
|
// Distributed Under MIT License
|
||||||
|
// Copyrights (C) 2018 Ice3man
|
||||||
|
//
|
||||||
|
|
||||||
|
// A golang client for Ask Subdomain Discovery
|
||||||
|
package ask
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"io/ioutil"
|
||||||
|
"regexp"
|
||||||
|
"strconv"
|
||||||
|
"sort"
|
||||||
|
"net/url"
|
||||||
|
|
||||||
|
"github.com/Ice3man543/subfinder/libsubfinder/helper"
|
||||||
|
)
|
||||||
|
|
||||||
|
// all subdomains found
|
||||||
|
var subdomains []string
|
||||||
|
|
||||||
|
// Query function returns all subdomains found using the service.
|
||||||
|
func Query(state *helper.State, ch chan helper.Result) {
|
||||||
|
|
||||||
|
var result helper.Result
|
||||||
|
result.Subdomains = subdomains
|
||||||
|
min_iterations := 15
|
||||||
|
max_iterations := 760
|
||||||
|
search_query := ""
|
||||||
|
current_page := 0
|
||||||
|
for current_iteration := 0; current_iteration <= max_iterations; current_iteration++ {
|
||||||
|
new_search_query := "site:" + state.Domain
|
||||||
|
if len(subdomains) > 0 {
|
||||||
|
new_search_query += " -www." + state.Domain
|
||||||
|
}
|
||||||
|
new_search_query = url.QueryEscape(new_search_query)
|
||||||
|
if search_query != new_search_query {
|
||||||
|
current_page = 0
|
||||||
|
search_query = new_search_query
|
||||||
|
}
|
||||||
|
|
||||||
|
resp, err := helper.GetHTTPResponse("http://www.ask.com/web?q=" + search_query + "&page=" + strconv.Itoa(current_page) + "&qid=8D6EE6BF52E0C04527E51F64F22C4534&o=0&l=dir&qsrc=998&qo=pagination", state.Timeout)
|
||||||
|
if err != nil {
|
||||||
|
result.Error = err
|
||||||
|
ch <- result
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
// Get the response body
|
||||||
|
body, err := ioutil.ReadAll(resp.Body)
|
||||||
|
if err != nil {
|
||||||
|
result.Error = err
|
||||||
|
ch <- result
|
||||||
|
return
|
||||||
|
}
|
||||||
|
src := string(body)
|
||||||
|
|
||||||
|
re := regexp.MustCompile(`([a-z0-9]+\.)+` + state.Domain)
|
||||||
|
match := re.FindAllString(src, -1)
|
||||||
|
|
||||||
|
new_subdomains_found := 0
|
||||||
|
for _, subdomain := range match {
|
||||||
|
if sort.StringsAreSorted(subdomains) == false {
|
||||||
|
sort.Strings(subdomains)
|
||||||
|
}
|
||||||
|
|
||||||
|
insert_index := sort.SearchStrings(subdomains, subdomain)
|
||||||
|
if insert_index < len(subdomains) && subdomains[insert_index] == subdomain {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
if state.Verbose == true {
|
||||||
|
if state.Color == true {
|
||||||
|
fmt.Printf("\n[%sAsk%s] %s", helper.Red, helper.Reset, subdomain)
|
||||||
|
} else {
|
||||||
|
fmt.Printf("\n[Ask] %s", subdomain)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
subdomains = append(subdomains, subdomain)
|
||||||
|
new_subdomains_found++
|
||||||
|
}
|
||||||
|
// If no new subdomains are found exits after min_iterations
|
||||||
|
if new_subdomains_found == 0 && current_iteration > min_iterations {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
current_page++
|
||||||
|
}
|
||||||
|
|
||||||
|
result.Subdomains = subdomains
|
||||||
|
result.Error = nil
|
||||||
|
ch <- result
|
||||||
|
}
|
Loading…
Reference in New Issue