rename tldplus1 to apex (correct name) and update some deps

Author: lanrat

Makefile

@@ -5,7 +5,7 @@ BUILD_FLAGS := -ldflags "-X main.gitDate=$(GIT_DATE) -X main.gitHash=$(GIT_HASH)
 
 PLATFORMS := linux/amd64 linux/386 linux/arm darwin/amd64 windows/amd64 windows/386 openbsd/amd64
 SOURCES := $(shell find . -maxdepth 1 -type f -name "*.go")
-ALL_SOURCES = $(shell find . -type f -name '*.go')
+ALL_SOURCES = $(shell find . -type f -name '*.go') go.mod
 
 temp = $(subst /, ,$@)
 os = $(word 1, $(temp))
@@ -40,3 +40,6 @@ clean:
 
 serv:
 	(cd docs; python -m SimpleHTTPServer)
+
+updateMod:
+	go get -u

README.md

@@ -33,13 +33,13 @@ OPTIONS:
   -parallel uint
     	number of certificates to retrieve in parallel (default 10)
   -sanscap int
-    	maximum number of uniq TLD+1 domains in certificate to include, 0 has no limit (default 80)
+    	maximum number of uniq apex domains in certificate to include, 0 has no limit (default 80)
   -save string
     	save certs to folder in PEM format
   -timeout uint
     	tcp timeout in seconds (default 10)
-  -tldplus1
-    	for every domain found, add tldPlus1 of the domain's parent
+  -apex
+    	for every domain found, add the apex domain of the domain's parent
   -verbose
     	verbose logging
   -version
@@ -138,15 +138,15 @@ CertGraph can be used to detect [BygoneSSL](https://insecure.design) DoS with th
 Provide all known input domains you own. If any domains you do not own are printed, then you are vulnerable.
 
 ```
-certgraph -depth 1 -driver CT-DRIVER -ct-subdomains -cdn -tldplus1 [DOMAIN]...
+certgraph -depth 1 -driver CT-DRIVER -ct-subdomains -cdn -apex [DOMAIN]...
 ```
 
 ### Bug Bounty
 
 If you want to find a vulnerable site that has a bug bounty, certgraph can be used with the following options and any driver. But you will have better luck with a non Certificate Transparency driver to ensure that the certificates in question are actually in use
 
 ```
-certgraph -cdn -dns -tldplus1 [DOMAIN]...
+certgraph -cdn -dns -apex [DOMAIN]...
 ```
 
 And domains that print `* Missing DNS for` have vulnerable certificates that should be rotated.

certgraph.go

@@ -42,7 +42,7 @@ var config struct {
 	includeCTExpired    bool
 	cdn                 bool
 	maxSANsSize         int
-	tldPlus1            bool
+	apex                bool
 	updatePSL           bool
 	checkDNS            bool
 	printVersion        bool
@@ -56,10 +56,10 @@ func init() {
 	flag.StringVar(&config.driver, "driver", "http", fmt.Sprintf("driver to use [%s]", strings.Join(driver.Drivers, ", ")))
 	flag.BoolVar(&config.includeCTSubdomains, "ct-subdomains", false, "include sub-domains in certificate transparency search")
 	flag.BoolVar(&config.includeCTExpired, "ct-expired", false, "include expired certificates in certificate transparency search")
-	flag.IntVar(&config.maxSANsSize, "sanscap", 80, "maximum number of uniq TLD+1 domains in certificate to include, 0 has no limit")
+	flag.IntVar(&config.maxSANsSize, "sanscap", 80, "maximum number of uniq apex domains in certificate to include, 0 has no limit")
 	flag.BoolVar(&config.cdn, "cdn", false, "include certificates from CDNs")
 	flag.BoolVar(&config.checkDNS, "dns", false, "check for DNS records to determine if domain is registered")
-	flag.BoolVar(&config.tldPlus1, "tldplus1", false, "for every domain found, add tldPlus1 of the domain's parent")
+	flag.BoolVar(&config.apex, "apex", false, "for every domain found, add the apex domain of the domain's parent")
 	flag.BoolVar(&config.updatePSL, "updatepsl", false, "Update the default Public Suffix List")
 	flag.UintVar(&config.maxDepth, "depth", 5, "maximum BFS depth to go")
 	flag.UintVar(&config.parallel, "parallel", 10, "number of certificates to retrieve in parallel")
@@ -109,12 +109,12 @@ func main() {
 		d := strings.ToLower(domain)
 		if len(d) > 0 {
 			startDomains = append(startDomains, cleanInput(d))
-			if config.tldPlus1 {
-				tldPlus1, err := dns.TLDPlus1(domain)
+			if config.apex {
+				apexDomain, err := dns.ApexDomain(domain)
 				if err != nil {
 					continue
 				}
-				startDomains = append(startDomains, tldPlus1)
+				startDomains = append(startDomains, apexDomain)
 			}
 		}
 	}
@@ -246,13 +246,13 @@ func breathFirstSearch(roots []string) {
 					for _, neighbor := range certGraph.GetDomainNeighbors(domainNode.Domain, config.cdn, config.maxSANsSize) {
 						wg.Add(1)
 						domainNodeInputChan <- graph.NewDomainNode(neighbor, domainNode.Depth+1)
-						if config.tldPlus1 {
-							tldPlus1, err := dns.TLDPlus1(neighbor)
+						if config.apex {
+							apexDomain, err := dns.ApexDomain(neighbor)
 							if err != nil {
 								continue
 							}
 							wg.Add(1)
-							domainNodeInputChan <- graph.NewDomainNode(tldPlus1, domainNode.Depth+1)
+							domainNodeInputChan <- graph.NewDomainNode(apexDomain, domainNode.Depth+1)
 						}
 					}
 				}(domainNode)
@@ -356,7 +356,7 @@ func printNode(domainNode *graph.DomainNode) {
 	if config.checkDNS && !domainNode.HasDNS {
 		// TODO print this in a better way
 		// TODO for debugging
-		realDomain, _ := dns.TLDPlus1(domainNode.Domain)
+		realDomain, _ := dns.ApexDomain(domainNode.Domain)
 		fmt.Fprintf(os.Stdout, "* Missing DNS for: %s\n", realDomain)
 
 	}

dns/ns.go

@@ -26,7 +26,7 @@ func noSuchHostDNSError(err error) bool {
 }
 
 // HasRecords does NS, CNAME, A, and AAAA lookups with a timeout
-// returns error when no NS found, does not use TLDPlus1
+// returns error when no NS found, does not use alexDomain
 func HasRecords(domain string, timeout time.Duration) (bool, error) {
 	ctx, cancel := context.WithTimeout(context.Background(), timeout)
 	defer cancel()
@@ -68,10 +68,10 @@ func HasRecords(domain string, timeout time.Duration) (bool, error) {
 	return false, nil
 }
 
-// HasRecordsCache returns true if the domain has no DNS records (at the tldplus1 level)
+// HasRecordsCache returns true if the domain has no DNS records (at the apex domain level)
 // uses a cache to store results to prevent lots of DNS lookups
 func HasRecordsCache(domain string, timeout time.Duration) (bool, error) {
-	domain, err := TLDPlus1(domain)
+	domain, err := ApexDomain(domain)
 	if err != nil {
 		return false, err
 	}

dns/publicsuffix.go

@@ -36,7 +36,7 @@ func UpdatePublicSuffixList(timeout time.Duration) error {
 	return err
 }
 
-// TLDPlus1 returns TLD+1 of domain
-func TLDPlus1(domain string) (string, error) {
+// ApexDomain returns TLD+1 of domain
+func ApexDomain(domain string) (string, error) {
 	return publicsuffix.DomainFromListWithOptions(suffixList, domain, suffixListFindOptions)
 }

go.mod

@@ -3,6 +3,6 @@ module github.com/lanrat/certgraph
 require (
 	github.com/lib/pq v1.0.0
 	github.com/weppos/publicsuffix-go v0.4.0
-	golang.org/x/net v0.0.0-20180911220305-26e67e76b6c3 // indirect
+	golang.org/x/net v0.0.0-20181102091132-c10e9556a7bc // indirect
 	golang.org/x/text v0.3.0 // indirect
 )

graph/cert_node.go

@@ -57,17 +57,17 @@ func (c *CertNode) CDNCert() bool {
 	return false
 }
 
-// TLDPlus1Count the number of tld+1 domains in the certificate
-func (c *CertNode) TLDPlus1Count() int {
-	tldPlus1Domains := make(map[string]bool)
+// ApexCount the number of tld+1 domains in the certificate
+func (c *CertNode) ApexCount() int {
+	apexDomains := make(map[string]bool)
 	for _, domain := range c.Domains {
-		tldPlus1, err := dns.TLDPlus1(domain)
+		apexDomain, err := dns.ApexDomain(domain)
 		if err != nil {
 			continue
 		}
-		tldPlus1Domains[tldPlus1] = true
+		apexDomains[apexDomain] = true
 	}
-	return len(tldPlus1Domains)
+	return len(apexDomains)
 }
 
 // ToMap returns a map of the CertNode's fields (weak serialization)

graph/domain_node.go

@@ -44,7 +44,7 @@ func (d *DomainNode) AddRelatedDomains(domains []string) {
 	}
 }
 
-// CheckForDNS checks for the existence of DNS records for the domain's tld+1
+// CheckForDNS checks for the existence of DNS records for the domain's apex
 // sets the value to the node and returns the result as well
 func (d *DomainNode) CheckForDNS(timeout time.Duration) (bool, error) {
 	hasDNS, err := dns.HasRecordsCache(d.Domain, timeout)

graph/graph.go

@@ -97,7 +97,7 @@ func (graph *CertGraph) GetDomainNeighbors(domain string, cdn bool, maxSANsSize
 				certNode := node.(*CertNode)
 				if !cdn && certNode.CDNCert() {
 					//v(domain, "-> CDN CERT")
-				} else if maxSANsSize > 0 && certNode.TLDPlus1Count() > maxSANsSize {
+				} else if maxSANsSize > 0 && certNode.ApexCount() > maxSANsSize {
 					//v(domain, "-> Large CERT")
 				} else {
 					for _, neighbor := range certNode.Domains {