Skip to content

Add subdomain input file for VHOST scanner #851

Closed
wants to merge 2 commits into from
View
39 modules/auxiliary/scanner/http/vhost_scanner.rb
@@ -45,26 +45,32 @@ def initialize(info = {})
OptString.new('QUERY', [ false, "HTTP URI Query", '']),
OptString.new('DOMAIN', [ true, "Domain name", '']),
OptString.new('HEADERS', [ false, "HTTP Headers", '']),
+ OptPath.new('SUBDOM_LIST', [false, "Path to text file with subdomains"]),
], self.class)
end
def run_host(ip)
-
- valstr = [
- "admin",
- "services",
- "webmail",
- "console",
- "apps",
- "mail",
- "intranet",
- "intra",
- "spool",
- "corporate",
- "www",
- "web"
- ]
+ if ::File.file?(datastore['SUBDOM_LIST'])
+ valstr = IO.readlines(datastore['SUBDOM_LIST']).map {
+ |e| e.gsub(".#{datastore['DOMAIN']}", "").chomp
+ }
+ else
+ valstr = [
+ "admin",
+ "services",
+ "webmail",
+ "console",
+ "apps",
+ "mail",
+ "intranet",
+ "intra",
+ "spool",
+ "corporate",
+ "www",
+ "web"
+ ]
+ end
datastore['QUERY'] ? tquery = queryparse(datastore['QUERY']): nil
datastore['HEADERS'] ? thead = headersparse(datastore['HEADERS']) : nil
@@ -102,7 +108,8 @@ def run_host(ip)
print_error("[#{ip}] Unable to identify error response")
return
end
-
+
+ vprint_status("Running with #{valstr.length} sudomains")
valstr.each do |astr|
thost = astr+"."+datastore['DOMAIN']
Something went wrong with that request. Please try again.