Added DNSDumpster data source

libsubfinder/engines/passive/passive.go

@@ -20,7 +20,7 @@ import (
 	"subfinder/libsubfinder/sources/crtsh"
 	"subfinder/libsubfinder/sources/hackertarget"
 	"subfinder/libsubfinder/sources/findsubdomains"
-	//"subfinder/libsubfinder/sources/dnsdb"
+	"subfinder/libsubfinder/sources/dnsdumpster"
 	"subfinder/libsubfinder/sources/threatcrowd"
 	"subfinder/libsubfinder/sources/virustotal"
 	"subfinder/libsubfinder/sources/netcraft"
@@ -34,23 +34,25 @@ func PassiveDiscovery(state *helper.State) (finalPassiveSubdomains []string) {
 	fmt.Printf("\n[-] Searching For Subdomains in Certspotter")
 	fmt.Printf("\n[-] Searching For Subdomains in Threatcrowd")
 	fmt.Printf("\n[-] Searching For Subdomains in Findsubdomains")
+	fmt.Printf("\n[-] Searching For Subdomains in DNSDumpster")
 	fmt.Printf("\n[-] Searching For Subdomains in Hackertarget")
 	fmt.Printf("\n[-] Searching For Subdomains in Virustotal")
 	fmt.Printf("\n[-] Searching For Subdomains in Netcraft\n")
 
-	ch := make(chan helper.Result, 7)
+	ch := make(chan helper.Result, 8)
 
 	// Create goroutines for added speed and recieve data via channels
 	go crtsh.Query(state, ch)
 	go certspotter.Query(state, ch)
 	go hackertarget.Query(state, ch)
 	go findsubdomains.Query(state, ch)
+	go dnsdumpster.Query(state, ch)
 	go threatcrowd.Query(state, ch)
 	go virustotal.Query(state, ch)
 	go netcraft.Query(state, ch)
 
 	// recieve data from all goroutines running
-	for i := 1; i <= 7; i++ {
+	for i := 1; i <= 8; i++ {
 		result := <-ch
 
 		if result.Error != nil {

libsubfinder/helper/state.go

@@ -9,10 +9,6 @@
 
 package helper
 
-import (
-	"regexp"
-)
-
 // Holds the State read in from the CLI
 type State struct {
 	Color   		bool		// Whether to use color or not
@@ -25,7 +21,7 @@ type State struct {
 	Bruteforce 		bool 		// Flag to decide whether to bruteforce or not 
 	WildcardIPs		[]string	// Wildcard IP Structure	
 	IsWildcard 		bool 		// Does the host has wildcard subdomains, if yes parse them carefully
-	
+
 	ConfigState  	Config		// Current configuration file state
 }
 
@@ -41,5 +37,5 @@ func InitState() (state State, err error) {
 		return state, err
 	}
 
-	return State{true, 10, 180, false, "", false, "", false, []string{}, true, &regexp.Regexp{}, *config}, nil
+	return State{true, 10, 180, false, "", false, "", false, []string{}, true, *config}, nil
 }

libsubfinder/sources/dnsdumpster/dnsdumpster.go

@@ -0,0 +1,122 @@
+// 
+// dnsdumpster.go : A Parser for subdomains from DNSDumpster
+// Written By : @ice3man (Nizamul Rana)
+// 
+// Distributed Under MIT License
+// Copyrights (C) 2018 Ice3man
+//
+
+package dnsdumpster
+
+import (
+	"io/ioutil"
+	"fmt"
+	"regexp"
+	"strings"
+	"net/http"
+	"net/url"
+	"net/http/cookiejar"
+
+	"subfinder/libsubfinder/helper"
+)
+
+// all subdomains found
+var subdomains []string 
+var gCookies []*http.Cookie
+
+// 
+// Query : Queries awesome DNSDumpster service for subdomains
+// @param state : current application state, holds all information found
+//
+func Query(state *helper.State, ch chan helper.Result) {
+	// CookieJar to hold csrf cookie
+	var curCookieJar *cookiejar.Jar
+	curCookieJar, _ = cookiejar.New(nil)
+
+	var result helper.Result
+	result.Subdomains = subdomains
+
+	// Make a http request to Netcraft
+	resp, gCookies, err := helper.GetHTTPCookieResponse("https://dnsdumpster.com", gCookies, state.Timeout)
+	if err != nil {
+		result.Error = err
+		ch <- result
+		return
+	}
+
+	// Get the response body
+	body, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		result.Error = err
+		ch <- result
+		return
+	}
+
+	src := string(body)
+
+    re := regexp.MustCompile("<input type='hidden' name='csrfmiddlewaretoken' value='(.*)' />")
+    match := re.FindAllStringSubmatch(src, -1)
+    
+    // CSRF Middleware token for POST Request
+   	csrfmiddlewaretoken := match[0]
+
+   	// Set cookiejar values
+   	u, _ := url.Parse("https://dnsdumpster.com")
+   	curCookieJar.SetCookies(u, gCookies)
+
+   	hc := http.Client{Jar: curCookieJar}
+	form := url.Values{}
+
+    form.Add("csrfmiddlewaretoken", csrfmiddlewaretoken[1])
+    form.Add("targetip", state.Domain)
+ 
+    // Create a post request to get subdomain data
+   	req, err := http.NewRequest("POST", "https://dnsdumpster.com", strings.NewReader(form.Encode()))
+
+   	req.PostForm = form
+    req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
+    req.Header.Add("Referer", "https://dnsdumpster.com")
+    req.Header.Set("User-Agent", "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1")
+
+    resp, err = hc.Do(req)
+
+    // Get the response body
+	body, err = ioutil.ReadAll(resp.Body)
+	if err != nil {
+		result.Error = err
+		ch <- result
+		return
+	}
+
+	src = string(body)
+
+	// Find the table holding host records
+	Regex, _ := regexp.Compile("<td class=\"col-md-4\">(.*\\..*\\..*)<br>")
+	match = Regex.FindAllStringSubmatch(src, -1)
+    
+    // String to hold initial subdomains
+    var initialSubs []string
+
+   	for _, data := range match {
+   		initialSubs = append(initialSubs, data[1])
+	}
+
+	validSubdomains := helper.Validate(state, initialSubs)
+
+	for _, subdomain := range validSubdomains {
+		if state.Verbose == true {
+			if state.Color == true {
+				fmt.Printf("\n[%sDNSDUMPSTER%s] %s", helper.Red, helper.Reset, subdomain)
+			} else {
+				fmt.Printf("\n[DNSDUMPSTER] %s", subdomains)
+			}
+		}
+
+		subdomains = append(subdomains, subdomain)
+    }
+
+
+  	result.Subdomains = subdomains
+	result.Error = nil
+	ch <-result
+}

main.go

@@ -13,7 +13,6 @@ import (
 	"fmt"
 	"flag"
 	"os"
-	"regexp"
 
 	"subfinder/libsubfinder/helper"
 	"subfinder/libsubfinder/engines/passive"
@@ -69,9 +68,6 @@ func main() {
 		os.Exit(1)
 	}
 
-	// Create a regex for validating subdomains found
-	state.Regex, _ = regexp.Compile("(.*)."+state.Domain)
-
 	passive.PassiveDiscovery(state)
 	//bruteforce.Bruteforce(state)
 }