forked from owasp-amass/amass
/
passivetotal.go
112 lines (95 loc) · 2.67 KB
/
passivetotal.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
// Copyright 2017 Jeff Foley. All rights reserved.
// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
package sources
import (
"encoding/json"
"time"
"github.com/OWASP/Amass/amass/core"
"github.com/OWASP/Amass/amass/utils"
)
// PassiveTotal is the Service that handles access to the PassiveTotal data source.
type PassiveTotal struct {
core.BaseService
API *core.APIKey
SourceType string
RateLimit time.Duration
}
// NewPassiveTotal returns he object initialized, but not yet started.
func NewPassiveTotal(config *core.Config, bus *core.EventBus) *PassiveTotal {
pt := &PassiveTotal{
SourceType: core.API,
RateLimit: 5 * time.Second,
}
pt.BaseService = *core.NewBaseService(pt, "PassiveTotal", config, bus)
return pt
}
// OnStart implements the Service interface
func (pt *PassiveTotal) OnStart() error {
pt.BaseService.OnStart()
pt.API = pt.Config().GetAPIKey(pt.String())
if pt.API == nil || pt.API.Username == "" || pt.API.Key == "" {
pt.Config().Log.Printf("%s: API key data was not provided", pt.String())
}
go pt.processRequests()
return nil
}
func (pt *PassiveTotal) processRequests() {
last := time.Now()
for {
select {
case <-pt.Quit():
return
case req := <-pt.DNSRequestChan():
if pt.Config().IsDomainInScope(req.Domain) {
if time.Now().Sub(last) < pt.RateLimit {
time.Sleep(pt.RateLimit)
}
last = time.Now()
pt.executeQuery(req.Domain)
last = time.Now()
}
case <-pt.AddrRequestChan():
case <-pt.ASNRequestChan():
case <-pt.WhoisRequestChan():
}
}
}
func (pt *PassiveTotal) executeQuery(domain string) {
if pt.API == nil || pt.API.Username == "" || pt.API.Key == "" {
return
}
re := pt.Config().DomainRegex(domain)
if re == nil {
return
}
pt.SetActive()
url := pt.restURL(domain)
headers := map[string]string{"Content-Type": "application/json"}
page, err := utils.RequestWebPage(url, nil, headers, pt.API.Username, pt.API.Key)
if err != nil {
pt.Config().Log.Printf("%s: %s: %v", pt.String(), url, err)
return
}
// Extract the subdomain names from the REST API results
var subs struct {
Success bool `json:"success"`
Subdomains []string `json:"subdomains"`
}
if err := json.Unmarshal([]byte(page), &subs); err != nil || !subs.Success {
return
}
for _, s := range subs.Subdomains {
name := s + "." + domain
if re.MatchString(name) {
pt.Bus().Publish(core.NewNameTopic, &core.DNSRequest{
Name: name,
Domain: domain,
Tag: pt.SourceType,
Source: pt.String(),
})
}
}
}
func (pt *PassiveTotal) restURL(domain string) string {
return "https://api.passivetotal.org/v2/enrichment/subdomains?query=" + domain
}