def start():
parse()
print_status('Get input...')
print_status('Fuzzing take turns...')
while task.domains or task.ips or task.rootdomains:
if task.domains:
domain = task.domains.pop()
level = get_level(domain)
print_status('Fuzzing %s domains[level:%s]...' % (domain, str(level+1)))
if level < control.max_level:
print_status('[domain2ip]Get ip by domain...')
ip = Domain2Ip().get_value(domain)
if ip:
add_ip_task(ip, level+1, 'domain2ip', remark='')
print_good('Get ip %s' % ip)
print_status('[rootdomain]Get rootdomain by domain...')
root_domain = Domain.get_root_domain(domain)
if root_domain:
add_rootdomain_task(root_domain, level+1, 'rootdomain', remark='')
print_good('Get root_domain %s' % root_domain)
result.domains.add(domain)
if task.rootdomains:
root_domain = task.rootdomains.pop()
level = get_level(root_domain)
print_status('Fuzzing %s rootdomains[level:%s]...' % (root_domain, str(level+1)))
if level < control.max_level:
ip = Domain2Ip().get_value(root_domain)
print_status('[domain2ip]Get ip by domain...')
if ip:
add_ip_task(ip, level+1, 'domain2ip', remark='')
print_good('Get ip %s' % ip)
print_status('[icp]Get rootdomains by rootdomains...')
root_domains = ICP.get_rootdomains_by_domain(root_domain)
print_good('Get root_domain num:%s' % str(len(root_domains)))
for rd in root_domains:
add_rootdomain_task(rd, level+1, 'icp', remark='')
print_status('[subdomain]Get domains by rootdomain...')
domains = SubDomain().get_subdomain_by_links(root_domain)
print_good('Get domains num:%s' % str(len(domains)))
for domain in domains:
add_domain_task(domain, level+1, 'subdomain', remark='')
result.rootdomains.add(root_domain)
if task.ips:
ip = task.ips.pop()
level = get_level(ip)
print_status('Fuzzing %s ips[level:%s]...' % (ip, str(level+1)))
if level < control.max_level:
print_status('[ip2domain]Get domains by ip...')
domains = Ip2Domain().get_domains_by_ip(ip)
print_good('Get domains num:%s' % str(len(domains)))
for domain in domains:
add_domain_task(domain, level+1, 'ip2domain', remark='')
result.ips.add(ip)
output()
print_status('Complete Fuzzing!')
def get_rootdomains_by_domain(cls, domain):
"""
function to get others rootdomain by a known rootdomain
"""
domain = Domain.get_domain(domain)
zt_name = cls().query_zt_by_domain(domain)
domains = cls().query_domains_by_zt(zt_name)
root_domain = Domain.get_root_domain(domain)
if root_domain:
domains.append(domain)
# todo: Judge the domain/ip format
return domains
def get_domain_type(domain):
if is_ip(domain):
return 'ip'
elif is_url(domain):
domain = Domain.url_format(domain)
root_domain = Domain.get_root_domain(domain)
if root_domain == domain:
return 'root_domain'
else:
return 'domain'
else:
return False
def get_domain_type(domain):
if is_ip(domain):
return "ip"
elif is_url(domain):
domain = Domain.url_format(domain)
root_domain = Domain.get_root_domain(domain)
if root_domain == domain:
return "root_domain"
else:
return "domain"
else:
return False
def get_domain_type(domain):
if is_ip(domain):
return 'ip'
elif is_url(domain):
domain = Domain.url_format(domain)
root_domain = Domain.get_root_domain(domain)
if root_domain == domain:
return 'root_domain'
else:
return 'domain'
else:
return False
def get_rootdomains_by_domain(cls, domain):
"""
function to get others rootdomain by a known rootdomain
"""
domain = Domain.get_domain(domain)
zt_name = cls().query_zt_by_domain(domain)
domains = cls().query_domains_by_zt(zt_name)
root_domain = Domain.get_root_domain(domain)
if root_domain:
domains.append(domain)
# todo: Judge the domain/ip format
return domains
def parse(args=None):
parser = argparse.ArgumentParser(
usage=USAGE, formatter_class=argparse.RawTextHelpFormatter,
add_help=False
)
parser.add_argument(
'-h', '--help', action='help',
help='show this help message and exit'
)
parser.add_argument('-V', '--version', action='version',
version=VERSION_INFO)
group = parser.add_mutually_exclusive_group(required=True)
group.add_argument(
'-d', '--domain', dest='domain',
help='Target domain/rootdomain'
)
group.add_argument(
'-i', '--ip', dest='ip',
help='Target ip'
)
parser.add_argument(
'-l', '--max_level', dest='max_level', default=3,
type=int, help='max level to get domain/ip/rootdomain, default:3'
)
args = parser.parse_args(args)
try:
if args.domain:
domain = args.domain
root_domain = Domain.get_root_domain(domain)
new_target = deepcopy(target)
new_target.value = domain
new_target.source = 'input'
if root_domain != domain:
domain_type = 'domain'
else:
domain_type = 'rootdomain'
new_target.type = domain_type
task['%ss' % domain_type].add(domain)
all_target[domain.replace('.', '_')] = new_target
if args.ip:
ip = args.ip
new_target = deepcopy(target)
new_target.value = ip
new_target.source = 'input'
new_target.type = 'ip'
task.ips.add(ip)
all_target[ip.replace('.', '_')] = new_target
control.max_level = args.max_level
except Exception, e:
print_error(str(e))
def start(self, domain, domain_type, level):
super(domain2root, self).start(domain, domain_type, level)
try:
root_domain = Domain.get_root_domain(domain)
except:
root_domain = None
if root_domain:
self.result = {
'root_domain': [root_domain],
'ip': [],
'domain': []
}
super(domain2root, self).end()
return self.result
def start(self, domain, domain_type, level):
super(domain2root, self).start(domain, domain_type, level)
try:
root_domain = Domain.get_root_domain(domain)
except:
root_domain = None
if root_domain:
self.result = {
'root_domain': [root_domain],
'ip': [],
'domain': []
}
super(domain2root, self).end()
return self.result
def start():
parse()
print_status('Get input...')
print_status('Fuzzing take turns...')
while task.domains or task.ips or task.rootdomains:
if task.domains:
domain = task.domains.pop()
level = get_level(domain)
print_status('Fuzzing %s domains[level:%s]...' %
(domain, str(level + 1)))
if level < control.max_level:
print_status('[domain2ip]Get ip by domain...')
ip = Domain2Ip().get_value(domain)
if ip:
add_ip_task(ip, level + 1, 'domain2ip', remark='')
print_good('Get ip %s' % ip)
print_status('[rootdomain]Get rootdomain by domain...')
root_domain = Domain.get_root_domain(domain)
if root_domain:
add_rootdomain_task(root_domain,
level + 1,
'rootdomain',
remark='')
print_good('Get root_domain %s' % root_domain)
result.domains.add(domain)
if task.rootdomains:
root_domain = task.rootdomains.pop()
level = get_level(root_domain)
print_status('Fuzzing %s rootdomains[level:%s]...' %
(root_domain, str(level + 1)))
if level < control.max_level:
ip = Domain2Ip().get_value(root_domain)
print_status('[domain2ip]Get ip by domain...')
if ip:
add_ip_task(ip, level + 1, 'domain2ip', remark='')
print_good('Get ip %s' % ip)
print_status('[icp]Get rootdomains by rootdomains...')
root_domains = ICP.get_rootdomains_by_domain(root_domain)
print_good('Get root_domain num:%s' % str(len(root_domains)))
for rd in root_domains:
add_rootdomain_task(rd, level + 1, 'icp', remark='')
print_status('[subdomain]Get domains by rootdomain...')
domains = SubDomain().get_subdomain_by_links(root_domain)
print_good('Get domains num:%s' % str(len(domains)))
for domain in domains:
add_domain_task(domain, level + 1, 'subdomain', remark='')
result.rootdomains.add(root_domain)
if task.ips:
ip = task.ips.pop()
level = get_level(ip)
print_status('Fuzzing %s ips[level:%s]...' % (ip, str(level + 1)))
if level < control.max_level:
print_status('[ip2domain]Get domains by ip...')
domains = Ip2Domain().get_domains_by_ip(ip)
print_good('Get domains num:%s' % str(len(domains)))
for domain in domains:
add_domain_task(domain, level + 1, 'ip2domain', remark='')
result.ips.add(ip)
output()
print_status('Complete Fuzzing!')
