From ded3118058c557a06539043c2bbc5798241ba309 Mon Sep 17 00:00:00 2001 From: Shreeram Date: Tue, 17 Oct 2023 01:14:25 +0530 Subject: [PATCH 1/3] feat: adding subdomain center as source --- pkg/opendb/subdomaincenter.go | 70 +++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 pkg/opendb/subdomaincenter.go diff --git a/pkg/opendb/subdomaincenter.go b/pkg/opendb/subdomaincenter.go new file mode 100644 index 0000000..163078f --- /dev/null +++ b/pkg/opendb/subdomaincenter.go @@ -0,0 +1,70 @@ +/* + +======================= +Scilla - Information Gathering Tool +======================= + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program. If not, see http://www.gnu.org/licenses/. + + @Repository: https://github.com/edoardottt/scilla + + @Author: edoardottt, https://www.edoardoottavianelli.it + + @License: https://github.com/edoardottt/scilla/blob/main/LICENSE + +*/ + +package opendb + +import ( + "encoding/json" + "fmt" + "net/http" + + httpUtils "github.com/edoardottt/scilla/internal/http" +) + +// SubdomainCenter retrieves from the url below some known subdomains. +func SubdomainCenter(domain string, plain bool) []string { + if !plain { + fmt.Println("Pulling data from ThreatCrowd") + } + + client := http.Client{ + Timeout: httpUtils.Seconds30, + } + result := make([]string, 0) + url := "http://api.subdomain.center/?domain=" + domain + wrapper := struct { + Records []string `json:"subdomains"` + }{} + resp, err := client.Get(url) + + if err != nil { + return result + } + + defer resp.Body.Close() + + dec := json.NewDecoder(resp.Body) + err = dec.Decode(&wrapper) + + if err != nil { + return result + } + + result = append(result, wrapper.Records...) + + return result +} From 5217aa68f909e3c66f0a3061900a4b1bbdb9447c Mon Sep 17 00:00:00 2001 From: Shreeram Date: Wed, 18 Oct 2023 06:07:37 +0530 Subject: [PATCH 2/3] feat: fixing review comments for subdomain center --- pkg/opendb/subdomaincenter.go | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/pkg/opendb/subdomaincenter.go b/pkg/opendb/subdomaincenter.go index 163078f..47590b5 100644 --- a/pkg/opendb/subdomaincenter.go +++ b/pkg/opendb/subdomaincenter.go @@ -30,6 +30,7 @@ package opendb import ( "encoding/json" "fmt" + "io" "net/http" httpUtils "github.com/edoardottt/scilla/internal/http" @@ -38,33 +39,36 @@ import ( // SubdomainCenter retrieves from the url below some known subdomains. func SubdomainCenter(domain string, plain bool) []string { if !plain { - fmt.Println("Pulling data from ThreatCrowd") + fmt.Println("Pulling data from Subdomain") } client := http.Client{ Timeout: httpUtils.Seconds30, } + result := make([]string, 0) url := "http://api.subdomain.center/?domain=" + domain - wrapper := struct { - Records []string `json:"subdomains"` - }{} - resp, err := client.Get(url) + resp, err := client.Get(url) if err != nil { return result } - defer resp.Body.Close() - dec := json.NewDecoder(resp.Body) - err = dec.Decode(&wrapper) + // read the response body + body, err := io.ReadAll(resp.Body) + if err != nil { + return result + } + // Decode the response body as list of string + var response []string + err = json.Unmarshal(body, &response) if err != nil { return result } - result = append(result, wrapper.Records...) + result = append(result, response...) return result } From df98dccc464a9add624e895720dc09e432b75ba4 Mon Sep 17 00:00:00 2001 From: Shreeram Date: Wed, 18 Oct 2023 17:32:03 +0530 Subject: [PATCH 3/3] feat: adding subdomaincenter to runner.go and fixing linter error --- pkg/opendb/subdomaincenter.go | 5 +++-- pkg/runner/runner.go | 8 ++++++++ 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/pkg/opendb/subdomaincenter.go b/pkg/opendb/subdomaincenter.go index 47590b5..f14a7ec 100644 --- a/pkg/opendb/subdomaincenter.go +++ b/pkg/opendb/subdomaincenter.go @@ -37,9 +37,9 @@ import ( ) // SubdomainCenter retrieves from the url below some known subdomains. -func SubdomainCenter(domain string, plain bool) []string { +func SubdomainCenterSubdomains(domain string, plain bool) []string { if !plain { - fmt.Println("Pulling data from Subdomain") + fmt.Println("Pulling data from Subdomain Center") } client := http.Client{ @@ -64,6 +64,7 @@ func SubdomainCenter(domain string, plain bool) []string { // Decode the response body as list of string var response []string err = json.Unmarshal(body, &response) + if err != nil { return result } diff --git a/pkg/runner/runner.go b/pkg/runner/runner.go index c1619b5..528327a 100644 --- a/pkg/runner/runner.go +++ b/pkg/runner/runner.go @@ -188,6 +188,10 @@ func ReportSubcommandHandler(userInput input.Input, mutex *sync.Mutex, // sonar := opendb.SonarSubdomains(urlUtils.CleanProtocol(target), false) // subdomains = opendb.AppendDBSubdomains(sonar, subdomains) + // Service not working + // subdomaincenter := opendb.SubdomainCenterSubdomains(urlUtils.CleanProtocol(target), false) + // subdomains = opendb.AppendDBSubdomains(subdomaincenter, subdomains) + if userInput.ReportVirusTotal { vtSubs := opendb.VirusTotalSubdomains(urlUtils.CleanProtocol(target), input.GetVirusTotalKey(), false) subdomains = opendb.AppendDBSubdomains(vtSubs, subdomains) @@ -365,6 +369,10 @@ func SubdomainSubcommandHandler(userInput input.Input, mutex *sync.Mutex, // sonar := opendb.SonarSubdomains(urlUtils.CleanProtocol(target), userInput.SubdomainPlain) // subdomains = opendb.AppendDBSubdomains(sonar, subdomains) + // Service not working + // subdomaincenter := opendb.SubdomainCenterSubdomains(urlUtils.CleanProtocol(target), false) + // subdomains = opendb.AppendDBSubdomains(subdomaincenter, subdomains) + if userInput.SubdomainVirusTotal { vtSubs := opendb.VirusTotalSubdomains(urlUtils.CleanProtocol(target), input.GetVirusTotalKey(), userInput.SubdomainPlain)