Class: Snackhack2::Subdomains

Inherits:

Object

• Object
• Snackhack2::Subdomains

Defined in:

lib/snackhack2/subdomains.rb

Instance Method Summary

• #brute ⇒ Object
• #initialize(site, wordlist: nil) ⇒ Subdomains constructor

  A new instance of Subdomains.

• #resolv(sd) ⇒ Object
• #run ⇒ Object
• #site ⇒ Object
• #wordlist ⇒ Object

Constructor Details

#initialize(site, wordlist: nil) ⇒ Subdomains

Returns a new instance of Subdomains.

# File 'lib/snackhack2/subdomains.rb', line 8

def initialize(site, wordlist: nil)
  @site     = site
  @wordlist = wordlist
end

Instance Method Details

#brute ⇒ Object

# File 'lib/snackhack2/subdomains.rb', line 27

def brute
  found = ""
  File.readlines(wordlist).each do |l|
    s = "#{l.strip}.#{site}"
    begin
      puts File.join("https://", s)
      g = Snackhack2::get(File.join("https://", s))
      if g.code == 200
        found += s + "\n"
      elsif g.code == 300
        found += s + "\n"
      else
        puts "HTTP Code: #{g.code}"
      end
    rescue => e
      puts e
    end
  end
  Snackhack2::file_save(@site, "subdomain_brute", found)
end

#resolv(sd) ⇒ Object

# File 'lib/snackhack2/subdomains.rb', line 48

def resolv(sd)
  # NOTE: this is really slow & multi thread does not work
  # due to resolv
  active = []
  subdomains = []
  Resolv::DNS.open do |dns|
    ress = dns.getresources "#{sd}.#{@site}", Resolv::DNS::Resource::IN::A
    unless ress.map(&:address).empty?
      address = ress.map(&:address)
      unless active.include?(address)
        active << address
        subdomains << "#{sd}.#{@site}" unless subdomains.include?(sd)
      end
    end
  end
  host = URI.parse(@site).host
  File.open("#{host}_subdomains.txt", 'w+') { |file| file.write(subdomains.join("\n")) }
  File.open("#{host}_ips.txt", 'w+') { |file| file.write(active.join("\n")) }
end

#run ⇒ Object

# File 'lib/snackhack2/subdomains.rb', line 21

def run
  File.readlines(wordlist).each do |sd|
    resolv(sd)
  end
end

#site ⇒ Object

# File 'lib/snackhack2/subdomains.rb', line 13

def site
  @site.gsub("https://", "")
end

#wordlist ⇒ Object

# File 'lib/snackhack2/subdomains.rb', line 17

def wordlist
  File.join(__dir__, 'lists', 'subdomains.txt')
end