Roman/HackingScripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Subdomain Fuzz: static IP

Browse Source
This commit is contained in:
Roman Hergenreder
2025-12-08 12:35:30 +01:00
parent d89c0ccf64
commit 6cd353b911
1 changed files with 15 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
subdomainFuzz.sh
View File

@@ -14,7 +14,7 @@ fi
DOMAIN=$(echo $DOMAIN | sed -e 's|^[^/]*//||' -e 's|/.*$||') DOMAIN=$(echo $DOMAIN | sed -e 's|^[^/]*//||' -e 's|/.*$||')
if [ $# -lt 2 ]; then
echo "[ ] Resolving IP-Address…" echo "[ ] Resolving IP-Address…"
output=$(resolveip $DOMAIN 2>&1) output=$(resolveip $DOMAIN 2>&1)
status=$(echo $?) status=$(echo $?)
@@ -22,6 +22,12 @@ if ! [[ $status == 0 ]] ; then
echo "[-] ${output}" echo "[-] ${output}"
exit exit
fi fi
IP_ADDRESS=$(echo $output | head -n 1 | awk '{print $NF}')
echo "[+] IP-Address: ${IP_ADDRESS}"
else
IP_ADDRESS=$2
echo "[+] Using IP-Address: ${IP_ADDRESS}"
fi
function sni () { function sni () {
protocol=$1 protocol=$1
@@ -37,14 +43,12 @@ function sni () {
echo $sni echo $sni
} }
IP_ADDRESS=$(echo $output | head -n 1 | awk '{print $NF}')
echo "[+] IP-Address: ${IP_ADDRESS}"
echo "[ ] Retrieving default site…" echo "[ ] Retrieving default site…"
rnd=$(uuidgen) rnd=$(uuidgen)
sni=$(sni ${PROTOCOL} ${rnd}.${DOMAIN}) sni=$(sni ${PROTOCOL} ${rnd}.${DOMAIN})
charcountDomain=$(curl -s "${PROTOCOL}://${DOMAIN}" -k -m 5 | wc -m)
charcountIpAddress=$(curl -s "${PROTOCOL}://${IP_ADDRESS}" -k -m 5 | wc -m) charcountIpAddress=$(curl -s "${PROTOCOL}://${IP_ADDRESS}" -k -m 5 | wc -m)
charcountNonExistent=$(curl -s "${PROTOCOL}://${rnd}.${DOMAIN}" --resolve "${sni}:${IP_ADDRESS}" -k -m 5 | wc -m) charcountNonExistent=$(curl -s "${PROTOCOL}://${rnd}.${DOMAIN}" --resolve "${sni}:${IP_ADDRESS}" -k -m 5 | wc -m)
charcountDomain=$(curl -s "${PROTOCOL}://${DOMAIN}" -k -m 5 | wc -m)
echo "[+] Chars: ${charcountDomain}, ${charcountIpAddress}, ${charcountNonExistent}" echo "[+] Chars: ${charcountDomain}, ${charcountIpAddress}, ${charcountNonExistent}"
echo "[ ] Fuzzing…" echo "[ ] Fuzzing…"