From de25c58a7a795537c372eaeb600aecb4fb062023 Mon Sep 17 00:00:00 2001 From: LuitelSamikshya Date: Thu, 16 Dec 2021 21:12:05 -0600 Subject: [PATCH 1/6] source- fullhunt --- v2/pkg/passive/sources.go | 5 ++ v2/pkg/runner/config.go | 7 +- .../subscraping/sources/fullhunt/fullhunt.go | 64 +++++++++++++++++++ v2/pkg/subscraping/types.go | 1 + 4 files changed, 76 insertions(+), 1 deletion(-) create mode 100644 v2/pkg/subscraping/sources/fullhunt/fullhunt.go diff --git a/v2/pkg/passive/sources.go b/v2/pkg/passive/sources.go index 72b9a3e78..a99bca062 100644 --- a/v2/pkg/passive/sources.go +++ b/v2/pkg/passive/sources.go @@ -36,6 +36,7 @@ import ( "github.com/projectdiscovery/subfinder/v2/pkg/subscraping/sources/virustotal" "github.com/projectdiscovery/subfinder/v2/pkg/subscraping/sources/waybackarchive" "github.com/projectdiscovery/subfinder/v2/pkg/subscraping/sources/zoomeye" + "github.com/projectdiscovery/subfinder/v2/pkg/subscraping/sources/fullhunt" ) // DefaultSources contains the list of fast sources used by default. @@ -62,6 +63,7 @@ var DefaultSources = []string{ "threatminer", "virustotal", "fofa", + "fullhunt", } // DefaultRecursiveSources contains list of default recursive sources @@ -115,6 +117,7 @@ var DefaultAllSources = []string{ "waybackarchive", "zoomeye", "fofa", + "fullhunt", } // Agent is a struct for running passive subdomain enumeration @@ -207,6 +210,8 @@ func (a *Agent) addSources(sources []string) { a.sources[source] = &zoomeye.Source{} case "fofa": a.sources[source] = &fofa.Source{} + case "fullhunt": + a.sources[source] = &fullhunt.Source{} } } } diff --git a/v2/pkg/runner/config.go b/v2/pkg/runner/config.go index 0d6d2f9a2..dfff96837 100644 --- a/v2/pkg/runner/config.go +++ b/v2/pkg/runner/config.go @@ -1,6 +1,7 @@ package runner import ( + "fmt" "math/rand" "os" "strings" @@ -48,6 +49,7 @@ type ConfigFile struct { Virustotal []string `yaml:"virustotal"` ZoomEye []string `yaml:"zoomeye"` Fofa []string `yaml:"fofa"` + FullHunt []string `json:"fullhunt"` // Version indicates the version of subfinder installed. Version string `yaml:"subfinder-version"` } @@ -207,6 +209,9 @@ func (c *ConfigFile) GetKeys() subscraping.Keys { keys.FofaSecret = parts[1] } } - + if len(c.FullHunt) > 0 { + keys.FullHunt = c.FullHunt[rand.Intn(len(c.FullHunt))] + } + fmt.Println("full hunt ky", keys.FullHunt) return keys } diff --git a/v2/pkg/subscraping/sources/fullhunt/fullhunt.go b/v2/pkg/subscraping/sources/fullhunt/fullhunt.go new file mode 100644 index 000000000..153de979c --- /dev/null +++ b/v2/pkg/subscraping/sources/fullhunt/fullhunt.go @@ -0,0 +1,64 @@ +package fullhunt + +import ( + "context" + "fmt" + + jsoniter "github.com/json-iterator/go" + "github.com/projectdiscovery/subfinder/v2/pkg/subscraping" +) + +//fullHunt response +type fullHuntResponse struct { + Hosts []hostDetails `json:"hosts"` + Message string `json:"message"` + Status int `json:"status"` +} + +//hostDetails struct +type hostDetails struct { + Host string `json:"host"` +} + +// Source is the passive scraping agent +type Source struct{} + +func (s *Source) Run(ctx context.Context, domain string, session *subscraping.Session) <-chan subscraping.Result { + results := make(chan subscraping.Result) + + go func() { + defer close(results) + // if session.Keys.FullHunt == "" { + // return + // } + + resp, err := session.Get(ctx, fmt.Sprintf("https://fullhunt.io/api/v1/domain/%s/details", domain), "", map[string]string{"X-API-KEY": session.Keys.FullHunt}) + if err != nil { + results <- subscraping.Result{Source: s.Name(), Type: subscraping.Error, Error: err} + session.DiscardHTTPResponse(resp) + return + } + + var response fullHuntResponse + err = jsoniter.NewDecoder(resp.Body).Decode(&response) + if err != nil { + results <- subscraping.Result{Source: s.Name(), Type: subscraping.Error, Error: err} + resp.Body.Close() + return + } + resp.Body.Close() + fmt.Println("reading record data :", len(response.Hosts)) + var x = "" + for _, record := range response.Hosts { + x = fmt.Sprintf("\"%s,\"%s\"", x, record.Host) + results <- subscraping.Result{Source: s.Name(), Type: subscraping.Subdomain, Value: record.Host} + } + fmt.Print(len(x)) + }() + return results +} + +// Name returns the name of the source +func (s *Source) Name() string { + return "fullhunt" +} diff --git a/v2/pkg/subscraping/types.go b/v2/pkg/subscraping/types.go index 5d9525214..e363c04b2 100644 --- a/v2/pkg/subscraping/types.go +++ b/v2/pkg/subscraping/types.go @@ -63,6 +63,7 @@ type Keys struct { ZoomEyePassword string `json:"zoomeye_password"` FofaUsername string `json:"fofa_username"` FofaSecret string `json:"fofa_secret"` + FullHunt string `json:"fullhunt"` } // Result is a result structure returned by a source From 124c04f77912732025bb8b11cea03c2644e922d7 Mon Sep 17 00:00:00 2001 From: LuitelSamikshya Date: Thu, 16 Dec 2021 21:37:32 -0600 Subject: [PATCH 2/6] deleted commented code --- v2/pkg/subscraping/sources/fullhunt/fullhunt.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/v2/pkg/subscraping/sources/fullhunt/fullhunt.go b/v2/pkg/subscraping/sources/fullhunt/fullhunt.go index 153de979c..0fbc317a2 100644 --- a/v2/pkg/subscraping/sources/fullhunt/fullhunt.go +++ b/v2/pkg/subscraping/sources/fullhunt/fullhunt.go @@ -28,10 +28,7 @@ func (s *Source) Run(ctx context.Context, domain string, session *subscraping.Se go func() { defer close(results) - // if session.Keys.FullHunt == "" { - // return - // } - + resp, err := session.Get(ctx, fmt.Sprintf("https://fullhunt.io/api/v1/domain/%s/details", domain), "", map[string]string{"X-API-KEY": session.Keys.FullHunt}) if err != nil { results <- subscraping.Result{Source: s.Name(), Type: subscraping.Error, Error: err} From 1254fbdd1aaed7133774e5bd06eb12431d2fa69f Mon Sep 17 00:00:00 2001 From: LuitelSamikshya Date: Thu, 16 Dec 2021 21:39:37 -0600 Subject: [PATCH 3/6] removed fmt --- v2/pkg/runner/config.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/v2/pkg/runner/config.go b/v2/pkg/runner/config.go index dfff96837..dc933afa4 100644 --- a/v2/pkg/runner/config.go +++ b/v2/pkg/runner/config.go @@ -1,7 +1,6 @@ package runner import ( - "fmt" "math/rand" "os" "strings" @@ -212,6 +211,5 @@ func (c *ConfigFile) GetKeys() subscraping.Keys { if len(c.FullHunt) > 0 { keys.FullHunt = c.FullHunt[rand.Intn(len(c.FullHunt))] } - fmt.Println("full hunt ky", keys.FullHunt) return keys } From dbc0c4585c9453803898ff12245a6c115e7bbb16 Mon Sep 17 00:00:00 2001 From: LuitelSamikshya Date: Fri, 17 Dec 2021 11:09:44 -0600 Subject: [PATCH 4/6] removed fmt statement --- v2/pkg/subscraping/sources/fullhunt/fullhunt.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/v2/pkg/subscraping/sources/fullhunt/fullhunt.go b/v2/pkg/subscraping/sources/fullhunt/fullhunt.go index 0fbc317a2..ebe29cea0 100644 --- a/v2/pkg/subscraping/sources/fullhunt/fullhunt.go +++ b/v2/pkg/subscraping/sources/fullhunt/fullhunt.go @@ -15,7 +15,7 @@ type fullHuntResponse struct { Status int `json:"status"` } -//hostDetails struct +// hostDetails struct type hostDetails struct { Host string `json:"host"` } @@ -44,7 +44,6 @@ func (s *Source) Run(ctx context.Context, domain string, session *subscraping.Se return } resp.Body.Close() - fmt.Println("reading record data :", len(response.Hosts)) var x = "" for _, record := range response.Hosts { x = fmt.Sprintf("\"%s,\"%s\"", x, record.Host) From 0a5a5aa5f376f653f0b73dce0010c7ac947020da Mon Sep 17 00:00:00 2001 From: LuitelSamikshya Date: Fri, 17 Dec 2021 11:13:11 -0600 Subject: [PATCH 5/6] removed fmt --- v2/pkg/subscraping/sources/fullhunt/fullhunt.go | 1 - 1 file changed, 1 deletion(-) diff --git a/v2/pkg/subscraping/sources/fullhunt/fullhunt.go b/v2/pkg/subscraping/sources/fullhunt/fullhunt.go index ebe29cea0..b79cf6350 100644 --- a/v2/pkg/subscraping/sources/fullhunt/fullhunt.go +++ b/v2/pkg/subscraping/sources/fullhunt/fullhunt.go @@ -49,7 +49,6 @@ func (s *Source) Run(ctx context.Context, domain string, session *subscraping.Se x = fmt.Sprintf("\"%s,\"%s\"", x, record.Host) results <- subscraping.Result{Source: s.Name(), Type: subscraping.Subdomain, Value: record.Host} } - fmt.Print(len(x)) }() return results } From 4d668384a3213f558bf09b3f3178139b12cb3343 Mon Sep 17 00:00:00 2001 From: LuitelSamikshya Date: Mon, 20 Dec 2021 21:57:06 -0600 Subject: [PATCH 6/6] replaced details with subdomains endpoint --- .../subscraping/sources/fullhunt/fullhunt.go | 21 +++++++------------ 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/v2/pkg/subscraping/sources/fullhunt/fullhunt.go b/v2/pkg/subscraping/sources/fullhunt/fullhunt.go index b79cf6350..555505885 100644 --- a/v2/pkg/subscraping/sources/fullhunt/fullhunt.go +++ b/v2/pkg/subscraping/sources/fullhunt/fullhunt.go @@ -8,16 +8,11 @@ import ( "github.com/projectdiscovery/subfinder/v2/pkg/subscraping" ) -//fullHunt response +//fullhunt response type fullHuntResponse struct { - Hosts []hostDetails `json:"hosts"` - Message string `json:"message"` - Status int `json:"status"` -} - -// hostDetails struct -type hostDetails struct { - Host string `json:"host"` + Hosts []string `json:"hosts"` + Message string `json:"message"` + Status int `json:"status"` } // Source is the passive scraping agent @@ -28,8 +23,8 @@ func (s *Source) Run(ctx context.Context, domain string, session *subscraping.Se go func() { defer close(results) - - resp, err := session.Get(ctx, fmt.Sprintf("https://fullhunt.io/api/v1/domain/%s/details", domain), "", map[string]string{"X-API-KEY": session.Keys.FullHunt}) + + resp, err := session.Get(ctx, fmt.Sprintf("https://fullhunt.io/api/v1/domain/%s/subdomains", domain), "", map[string]string{"X-API-KEY": session.Keys.FullHunt}) if err != nil { results <- subscraping.Result{Source: s.Name(), Type: subscraping.Error, Error: err} session.DiscardHTTPResponse(resp) @@ -44,10 +39,8 @@ func (s *Source) Run(ctx context.Context, domain string, session *subscraping.Se return } resp.Body.Close() - var x = "" for _, record := range response.Hosts { - x = fmt.Sprintf("\"%s,\"%s\"", x, record.Host) - results <- subscraping.Result{Source: s.Name(), Type: subscraping.Subdomain, Value: record.Host} + results <- subscraping.Result{Source: s.Name(), Type: subscraping.Subdomain, Value: record} } }() return results