failed to resolve hostname problem #460
Comments
|
I'm also recieving this error, though there is nothing related to an internal IP address. |
|
|
|
That commit causing the problem does indeed make no sense. Any chance of the results of a -D d for the affect call so we can see what the address is being overwritten by? (or even the results of a -Save.) The fact you're getting multiple HSTS messages tells me that the hostname keeps on getting changed with each request. |
|
I can see that the hostname has changed from "x.com', to "admin.x.com', which is an internal only domain. I'm going to continue investigating though. |
|
Looks like it is doing subdomain enumeration at the end of the scan, I may have missed it but I don't remember Nikto doing that before. This is the debug from my run. |
|
Ah that would make total sense. One of the lines removed was to ensure that the mutate plugins, including subdomain enumeration would not be run, which means that subdomain is being run (and it's obviously not working that well). A quick solution would be to put these two lines back into nikto.conf:
|
|
I'll try and patch it properly, but I'm onsite at the moment with poor Internet access, so I may have to leave this 'til next week. |
|
That fixed it, thanks. |
|
Hmm, seemed like a good idea at the time--crap. So we should have: Correct, @tautology0 ? |
|
But if it stays in and broken turn then if someone enables it then the
issue will come back. Wouldn't it be better to fix it or remove it
completely.
…On Thu, 23 Mar 2017, 19:39 sullo, ***@***.***> wrote:
Hmm, seemed like a good idea at the time--crap.
So we should have:
@@default=@@ALL;-subdomain;-dictionary;tests(report:500)
Correct, @tautology0 <https://github.com/tautology0> ?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#460 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAHJWa8Li_0_XF6dpDkW-yRQO4mTvtfAks5rosplgaJpZM4MjpVv>
.
|
|
There's two problems here:
The reason why we haven't had a problem with the dictionary plugin is that it has a required parameter or it doesn't do anything, whereas subdomain will do things. |
|
I'd agree with removing it. I use dnsrecon for all my DNS stuff as it is a
dedicated tool.
…On Thu, 23 Mar 2017, 22:44 David Lodge, ***@***.***> wrote:
There's two problems here:
1. The definition for which plugins are meant to be run was broken by
the patch to remove MUTATE. This can be easily fixed with something like
(where @@extra <https://github.com/EXTRA> should contain the names of
any plugins that we don't want to be run by default)
@@extra <https://github.com/EXTRA>=subdomain;dictionary
@@default <https://github.com/DEFAULT>=@@ALL <https://github.com/ALL>;-@
@extra <https://github.com/EXTRA>;tests(report:500)
1. The subdomain plugin is broken. I favour removing this one totally
as there're much better programs to do this around.
The reason why we haven't had a problem with the dictionary plugin is that
it has a required parameter or it doesn't do anything, whereas subdomain
will do things.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#460 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAHJWagNewWglluC6DipjWR7WtdrXrxoks5rovXNgaJpZM4MjpVv>
.
|
|
Fixed as discussed above. Also removed subdomain plugin (may I could've deprecated it, but I don't think any one actually uses it). Moved a few plugins into the EXTRAS list which may improve running time in some cases. |
|
@opt9 has been adding to the subdomain DB,so someone uses it at least. I'd generally prefer to keep big changes like this for a full release like 2.2, but it doesn't seem like that's going to happen for another 5 years! :) Someone needs to get motivated around here and finish that up (/me looks in mirror). Thanks @tautology0 |
|
I'll certainly buy you a few drinks or dinner if we ever bump into each
other at a con, hows that?
…On Sat, 25 Mar 2017 at 00:46 sullo ***@***.***> wrote:
@opt9 <https://github.com/opt9> has been adding to the subdomain DB,so
someone uses it at least.
I'd generally prefer to keep big changes like this for a full release like
2.2, but it doesn't seem like that's going to happen for another 5 years!
:) Someone needs to get motivated around here and finish that up (/me looks
in mirror).
Thanks @tautology0 <https://github.com/tautology0>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#460 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAHJWacTeA3e2kWJu0-iwNrtxUs-9P4dks5rpGPmgaJpZM4MjpVv>
.
|
|
@digininja you could persuade him to give a talk at Steelcon. If not, I'll take beer on his behalf... |
|
Free bar at SteelCon, all welcome.
…On Sun, 26 Mar 2017, 16:57 David Lodge, ***@***.***> wrote:
@digininja <https://github.com/digininja> you could persuade him to give
a talk at Steelcon. If not, I'll take beer on his behalf...
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#460 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAHJWYN6IHBiAs4Cfw2AaOUZMCV4Nqkaks5rporcgaJpZM4MjpVv>
.
|
|
@digininja come on over to rvasec--beer on me! |
|
Would love to get over there. Really need to find a rich patron to send me
round the world.
…On Mon, 27 Mar 2017 at 03:00 sullo ***@***.***> wrote:
@digininja <https://github.com/digininja> come on over to rvasec--beer on
me!
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#460 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAHJWWYzcqPRlaw62RIDoXcbDPrUh_6Oks5rpxhLgaJpZM4MjpVv>
.
|
I've had this a couple of times now:
The hostname is hardcoded in the hosts file and can be resolved through DNS. From memory, the last time this happened there was also an internal IP disclosure so I'm wondering if that check is somehow overwriting the hostname variable and so breaking everything.
The text was updated successfully, but these errors were encountered: