Roman/HackingScripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

https support for subdomain fuzzing

Browse Source
This commit is contained in:
Roman Hergenreder 2020-10-07 11:53:57 +02:00
parent 018eac82dd
commit fcb562e6df
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
subdomainFuzz.sh
View File

@ -6,6 +6,13 @@ if [ $# -lt 1 ]; then
fi fi
DOMAIN=$1 DOMAIN=$1
PROTOCOL="http"
if [[ $DOMAIN = "https://*" ]]; then
PROTOCOL="https"
fi
DOMAIN=$(echo $DOMAIN | sed -e 's|^[^/]*//||' -e 's|/.*$||')
echo "[ ] Resolving IP-Address…" echo "[ ] Resolving IP-Address…"
output=$(resolveip $DOMAIN 2>&1) output=$(resolveip $DOMAIN 2>&1)
@ -19,10 +26,10 @@ IP_ADDRESS=$(echo $output | head -n 1 | awk '{print $NF}')
echo "[+] IP-Address: ${IP_ADDRESS}" echo "[+] IP-Address: ${IP_ADDRESS}"
echo "[ ] Retrieving default site…" echo "[ ] Retrieving default site…"
charcount=$(curl -s -L $DOMAIN | wc -m) charcount=$(curl -s -L "${PROTOCOL}://${DOMAIN}" -k | wc -m)
echo "[+] Chars: ${charcount}" echo "[+] Chars: ${charcount}"
echo "[ ] Fuzzing…" echo "[ ] Fuzzing…"
ffuf --fs ${charcount} --fc 400,500 \ ffuf --fs ${charcount} --fc 400,500 \
-w /usr/share/wordlists/SecLists/Discovery/Web-Content/raft-large-words-lowercase.txt \ -w /usr/share/wordlists/SecLists/Discovery/Web-Content/raft-large-words-lowercase.txt \
-u "http://${IP_ADDRESS}" -H "Host: FUZZ.${DOMAIN}" -u "${PROTOCOL}://${IP_ADDRESS}" -H "Host: FUZZ.${DOMAIN}"