Roman/HackingScripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

subdomain fuzzing adjustment

Browse Source
This commit is contained in:
Roman Hergenreder 2023-09-10 11:15:00 +02:00
parent 7df249ba73
commit 7e87a9f3e9
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
subdomainFuzz.sh
View File

@ -26,11 +26,12 @@ IP_ADDRESS=$(echo $output | head -n 1 | awk '{print $NF}')
echo "[+] IP-Address: ${IP_ADDRESS}" echo "[+] IP-Address: ${IP_ADDRESS}"
echo "[ ] Retrieving default site…" echo "[ ] Retrieving default site…"
charcountDomain=$(curl -s "${PROTOCOL}://${DOMAIN}" -k | wc -m) charcountDomain=$(curl -s "${PROTOCOL}://${DOMAIN}" -k -m 5 | wc -m)
charcountIpAddress=$(curl -s "${PROTOCOL}://${IP_ADDRESS}" -k | wc -m) charcountIpAddress=$(curl -s "${PROTOCOL}://${IP_ADDRESS}" -k -m 5 | wc -m)
echo "[+] Chars: ${charcountDomain} and ${charcountIpAddress}" charcountNonExistent=$(curl -s "${PROTOCOL}://$(uuidgen).${DOMAIN}" -k -m 5 | wc -m)
echo "[+] Chars: ${charcountDomain}, ${charcountIpAddress}, ${charcountNonExistent}"
echo "[ ] Fuzzing…" echo "[ ] Fuzzing…"
ffuf --fs ${charcountDomain},${charcountIpAddress} --fc 400 --mc all \ ffuf --fs ${charcountDomain},${charcountIpAddress},${charcountNonExistent} --fc 400 --mc all \
-w /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-110000.txt \ -w /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-110000.txt \
-u "${PROTOCOL}://${IP_ADDRESS}" -H "Host: FUZZ.${DOMAIN}" "${@:2}" -u "${PROTOCOL}://${IP_ADDRESS}" -H "Host: FUZZ.${DOMAIN}" "${@:2}"