Add subdomain input file for VHOST scanner #851

Closed
wants to merge 2 commits into
from

Projects

None yet

3 participants

@sempervictus

This commit allows the vhost scanner to take subdomains from a
text file, one subdomain per line. Lines are stripped of the top
level domain name if present before testing.

RageLtMan Add subdomain input file for VHOST scanner
This commit allows the vhost scanner to take subdomains from a
text file, one subdomain per line. Lines are stripped of the top
level domain name if present before testing.
94f8a41
@jlee-r7 jlee-r7 commented on an outdated diff Oct 3, 2012
modules/auxiliary/scanner/http/vhost_scanner.rb
], self.class)
end
def run_host(ip)
-
- valstr = [
+ valstr = ::File.file?(datastore['SUBDOM_LIST']) ?
@jlee-r7
jlee-r7 Oct 3, 2012

Ternary operators are the devil. Rewrite with if/else, please.

@todb-r7
Collaborator
todb-r7 commented Oct 4, 2012

Ternary operators that span multiple lines are the devil, but simple stuff like

some_var = (other_var ? true : false)

shouldn't be too bad. Just to clarify.

@sempervictus

Sorry about that, i'm all on board with clearly readable code - nobody should be spending what few precious functioning brain cells we have @ 0 dark early making sense of someone's "clever use" of ternary assignment. Will try to be more mindful about committing code with it in the future.

@todb-r7 todb-r7 pushed a commit that closed this pull request Nov 9, 2012
@todb todb Test for subdom_list existence first
Otherwise, you get

````
[11/09/2012 14:50:38] [e(0)] core: Error running against host
173.236.237.136: can't convert nil into String
````

Other than that, looks good.

[Fixes #851]
1b9d45e
@todb-r7 todb-r7 closed this in 1b9d45e Nov 9, 2012
@todb-r7
Collaborator
todb-r7 commented Nov 9, 2012

Works for me:

msf  auxiliary(vhost_scanner) > run

[*] [86.59.118.148] Sending request with random domain UDYIP.debian.org 
[*] [86.59.118.148] Sending request with random domain xxiPp.debian.org 
[*] Running with 12 sudomains
[*] NOT Found admin.debian.org
[*] NOT Found services.debian.org
[*] NOT Found webmail.debian.org
[*] NOT Found console.debian.org
[*] NOT Found apps.debian.org
[*] NOT Found mail.debian.org
[*] NOT Found intranet.debian.org
[*] NOT Found intra.debian.org
[*] NOT Found spool.debian.org
[*] NOT Found corporate.debian.org
[*] [86.59.118.148] Vhost found  www.debian.org 
[*] NOT Found web.debian.org
[*] Scanned 1 of 2 hosts (050% complete)
[*] [128.31.0.51] Sending request with random domain rnuxJ.debian.org 
[*] [128.31.0.51] Sending request with random domain RnWGt.debian.org 
[*] Running with 12 sudomains
[*] NOT Found admin.debian.org
[*] NOT Found services.debian.org
[*] NOT Found webmail.debian.org
[*] NOT Found console.debian.org
[*] NOT Found apps.debian.org
[*] NOT Found mail.debian.org
[*] NOT Found intranet.debian.org
[*] NOT Found intra.debian.org
[*] NOT Found spool.debian.org
[*] NOT Found corporate.debian.org
[*] [128.31.0.51] Vhost found  www.debian.org 
[*] NOT Found web.debian.org
[*] Scanned 2 of 2 hosts (100% complete)
[*] Auxiliary module execution completed
msf  auxiliary(vhost_scanner) > set subdom_list /tmp/list.txt
subdom_list => /tmp/list.txt
msf  auxiliary(vhost_scanner) > run

[*] [86.59.118.148] Sending request with random domain faYWz.debian.org 
[*] [86.59.118.148] Sending request with random domain NUKCm.debian.org 
[*] Running with 5 sudomains
[*] NOT Found foo.debian.org
[*] NOT Found bar.debian.org
[*] [86.59.118.148] Vhost found  www.debian.org 
[*] NOT Found baz.debian.org
[*] NOT Found bat.debian.org
[*] Scanned 1 of 2 hosts (050% complete)
[*] [128.31.0.51] Sending request with random domain LgPTG.debian.org 
[*] [128.31.0.51] Sending request with random domain UAKhc.debian.org 
[*] Running with 5 sudomains
[*] NOT Found foo.debian.org
[*] NOT Found bar.debian.org
[*] [128.31.0.51] Vhost found  www.debian.org 
[*] NOT Found baz.debian.org
[*] NOT Found bat.debian.org
[*] Scanned 2 of 2 hosts (100% complete)
[*] Auxiliary module execution completed
msf  auxiliary(vhost_scanner) > 

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment