Exemple #1
0
        /// <summary>
        /// Add Ip.
        /// </summary>
        /// <param name="ip"></param>
        /// <param name="source"></param>
        /// <param name="domainSource"></param>
        public void AddIP(string ip, string source, string domainSource, int MaxRecursion, bool doptr)
        {
            ip = ip.Trim();

            if (isIPv6(ip))
            {
                ip = ParseIPV6(ip);
            }

            if (!Ips.Items.Any(I => I.Ip.ToLower() == ip.ToLower()))
            {
                if (isPublicIP(ip))
                {
                    var isInNetrange = Project.IsIpInNetrange(ip);

                    if (!isInNetrange)
                    {
                        var host = string.Empty;
                        try
                        {
                            host = Dns.GetHostEntry(ip).HostName;

                            if (Program.data.Project.LstNetRange.Count == 0)
                            {
                                if (Program.data.Project.Domain != null)
                                {
                                    if (!IsMainDomainOrAlternative(host))
                                    {
                                        if (Program.data.Project.AlternativeDomains.Select(S => host.Contains(S.ToString())).Count() == 0)
                                        {
                                            string[] arrDom = host.Split(new char[] { '.' });
                                            if (arrDom.Count() > 1)
                                            {
                                                string auxFinalDom = arrDom[arrDom.Length - 2] + "." + arrDom[arrDom.Length - 1];
                                                Program.data.Project.AlternativeDomains.Add(auxFinalDom);
                                                MessageBox.Show("IP address associated to " + Program.data.Project.Domain + " belongs to a Netrange of " + auxFinalDom + ". It is going to be added as an alternative domain.", "Information", MessageBoxButtons.OK, MessageBoxIcon.Information);
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        catch (Exception)
                        {
                        }

                        if (IsMainDomainOrAlternative(host))
                        {
                            var netrange = Project.GetNetrange(ip);

                            if (netrange != null)
                            {
                                Project.LstNetRange.Add(netrange);
#if PLUGINS
                                Thread tPluginOnNetrange = new Thread(new ParameterizedThreadStart(Program.data.plugins.OnNewNetrange));
                                tPluginOnNetrange.IsBackground = true;
                                object[] oNetRange = new object[] { new object[] { netrange.from, netrange.to } };
                                tPluginOnNetrange.Start(oNetRange);
#endif

                                if (!Program.cfgCurrent.ScanNetranges255 || Project.GetIpsOfNetrange(netrange) <= 255)
                                {
                                    List <string> lstIps = netrange.GenerateIpsOfNetrange();
                                    Program.LogThis(new Log(Log.ModuleType.IPRangeSearch, "Netrange with " + lstIps.Count.ToString() + " IPs", Log.LogType.low));
                                    Thread tAddIps = new Thread(new ParameterizedThreadStart(AddIpListAsync));
                                    tAddIps.IsBackground = true;
                                    tAddIps.Priority     = ThreadPriority.Lowest;
                                    tAddIps.Start(lstIps);
                                }
                            }
                        }
                    }
                }

                var ipItem = new IPsItem(ip, source);
                Ips.Items.Add(ipItem);

                // OnNewIP
#if PLUGINS
                Thread tPluginOnIP = new Thread(new ParameterizedThreadStart(Program.data.plugins.OnNewIP));
                tPluginOnIP.IsBackground = true;

                object[] oIP = new object[] { new object[] { ip } };
                tPluginOnIP.Start(oIP);
#endif
                if (MaxRecursion <= 0)
                {
                    OnChangeEvent(null);
                    return;
                }

                List <string> domains;
                if (doptr)
                {
                    if (domainSource != null)
                    {
                        if (Program.cfgCurrent.UseAllDns)
                        {
                            domains = new List <string>();
                            List <string> dnsServers = DNSUtil.GetNSServer(resolver, domainSource, DNSUtil.GetLocalNSServer().First().ToString());

                            foreach (string dns in dnsServers)
                            {
                                OnLog(null, new EventsThreads.ThreadStringEventArgs(string.Format("Making reverse resolution to IP: {0} Using DNS server: {1}", ip, dns)));

                                foreach (var domain in DNSUtil.GetHostNames(resolver, ip, dns).Where(domain => !domains.Contains(domain)))
                                {
                                    domains.Add(domain);
                                }
                            }
                        }
                        else
                        {
                            var dnsserver = DNSUtil.GetNSServer(resolver, domainSource);
                            OnLog(null, new EventsThreads.ThreadStringEventArgs(string.Format("Making reverse resolution to IP: {0} Using DNS server: {1}", ip, dnsserver)));
                            domains = DNSUtil.GetHostNames(resolver, ip, dnsserver);
                        }
                    }
                    else
                    {
                        domains = DNSUtil.GetHostNames(resolver, ip);
                    }
                    foreach (var domain in domains)
                    {
                        AddResolution(domain, ip, string.Format("{0} > DNS reverse resolution [{1}]", GetIpSource(ip), domain), MaxRecursion - 1, Program.cfgCurrent, true);
                    }
                }
                OnChangeEvent(null);
            }
        }
        /// <summary>
        /// Search subdomains using wordlists
        /// </summary>
        private void SearchCommonNames()
        {
            var message = $"Searching subdomains of {strDomain} using common DNS names";

            Program.LogThis(new Log(Log.ModuleType.DNSCommonNames, message, Log.LogType.debug));
            Program.ChangeStatus(message);

            var names = new List <string>();

            try
            {
                names.AddRange(File.ReadAllLines(CommonNamesFileName));
            }
            catch
            {
                Program.LogThis(new Log(Log.ModuleType.DNSCommonNames,
                                        $"Error opening file: {CommonNamesFileName}", Log.LogType.error));
                return;
            }

            List <string> nsServerList = new List <string>();

            foreach (var item in Resolve.DnsServers)
            {
                nsServerList.AddRange(DNSUtil.GetNSServer(Resolve, strDomain, item.Address.ToString()));
            }

            foreach (var nsServer in nsServerList)
            {
                if (DNSUtil.IsDNSAnyCast(Resolve, nsServer, strDomain))
                {
                    Program.LogThis(new Log(Log.ModuleType.DNSCommonNames,
                                            $"DNS server is Anycast, not used: {nsServer}", Log.LogType.debug));
                }
                else
                {
                    var op = Partitioner.Create(names);
                    var po = new ParallelOptions();
                    if (Program.cfgCurrent.ParallelDnsQueries != 0)
                    {
                        po.MaxDegreeOfParallelism = Program.cfgCurrent.ParallelDnsQueries;
                    }

                    try
                    {
                        Parallel.ForEach(op, po, delegate(string name)
                        {
                            CancelIfSkipRequested();

                            var subdomain = $"{name}.{strDomain}";
                            Program.LogThis(new Log(Log.ModuleType.DNSCommonNames,
                                                    string.Format("[{0}] Trying resolve subdomain: {1} with NameServer {0}", nsServer, subdomain),
                                                    Log.LogType.debug));

                            foreach (var ip in DNSUtil.GetHostAddresses(Resolve, subdomain, nsServer))
                            {
                                Program.LogThis(new Log(Log.ModuleType.DNSCommonNames,
                                                        $"[{nsServer}] Found subdomain {subdomain}", Log.LogType.medium));

                                CancelIfSkipRequested();
                                try
                                {
                                    Program.data.AddResolution(subdomain, ip.ToString(),
                                                               $"Common Names [{subdomain}]", MaxRecursion, Program.cfgCurrent,
                                                               true);
                                }
                                catch (Exception)
                                {
                                }
                            }
                        });
                    }
                    catch (AggregateException)
                    { }
                    catch (OperationCanceledException)
                    {
                    }

                    if (!bSearchWithAllDNS)
                    {
                        break;
                    }
                }
            }
        }
Exemple #3
0
        /// <summary>
        /// Search subdomains using wordlists
        /// </summary>
        private void SearchCommonNames()
        {
            string initialMessage        = $"Searching subdomains of {strDomain} using common DNS names.";
            string progressMessageFormat = initialMessage + " ({0} of {1}) queries";

            Program.LogThis(new Log(Log.ModuleType.DNSCommonNames, initialMessage, Log.LogType.debug));
            Program.ChangeStatus(initialMessage);

            List <string> names = new List <string>();

            try
            {
                names.AddRange(File.ReadAllLines(CommonNamesFileName));
            }
            catch
            {
                Program.LogThis(new Log(Log.ModuleType.DNSCommonNames,
                                        $"Error opening file: {CommonNamesFileName}", Log.LogType.error));
                return;
            }
            if (names.Count > 0)
            {
                List <string> nsServerList = new List <string>();
                foreach (IPEndPoint item in Resolve.DnsServers)
                {
                    nsServerList.AddRange(DNSUtil.GetNSServer(Resolve, strDomain, item.Address.ToString()));
                }
                int totalPossibilities = nsServerList.Count * names.Count;

                int queriedCount = 0;

                foreach (string nsServer in nsServerList)
                {
                    if (DNSUtil.IsDNSAnyCast(Resolve, nsServer, strDomain))
                    {
                        Program.LogThis(new Log(Log.ModuleType.DNSCommonNames,
                                                $"DNS server is Anycast, not used: {nsServer}", Log.LogType.debug));
                    }
                    else
                    {
                        var op = Partitioner.Create(names);
                        var po = new ParallelOptions();
                        if (Program.cfgCurrent.ParallelDnsQueries != 0)
                        {
                            po.MaxDegreeOfParallelism = Program.cfgCurrent.ParallelDnsQueries;
                        }

                        try
                        {
                            Parallel.ForEach(op, po, delegate(string name)
                            {
                                CancelIfSkipRequested();

                                var subdomain = $"{name}.{strDomain}";
                                Program.LogThis(new Log(Log.ModuleType.DNSCommonNames,
                                                        string.Format("[{0}] Trying resolve subdomain: {1} with NameServer {0}", nsServer, subdomain),
                                                        Log.LogType.debug));

                                foreach (var ip in DNSUtil.GetHostAddresses(Resolve, subdomain, nsServer))
                                {
                                    Program.LogThis(new Log(Log.ModuleType.DNSCommonNames,
                                                            $"[{nsServer}] Found subdomain {subdomain}", Log.LogType.medium));

                                    CancelIfSkipRequested();
                                    try
                                    {
                                        Program.data.AddResolution(subdomain, ip.ToString(),
                                                                   $"Common Names [{subdomain}]", MaxRecursion, Program.cfgCurrent,
                                                                   true);
                                    }
                                    catch (Exception)
                                    {
                                    }
                                }
                                Interlocked.Increment(ref queriedCount);

                                Invoke(new MethodInvoker(delegate
                                {
                                    Program.FormMainInstance.toolStripProgressBarDownload.Value = queriedCount * 100 / totalPossibilities;
                                    Program.FormMainInstance.toolStripStatusLabelLeft.Text      = String.Format(progressMessageFormat, queriedCount, totalPossibilities);
                                    Program.FormMainInstance.ReportProgress(queriedCount, totalPossibilities);
                                }));
                            });
                        }
                        catch (AggregateException)
                        { }
                        catch (OperationCanceledException)
                        {
                        }

                        if (!bSearchWithAllDNS)
                        {
                            break;
                        }
                    }
                }

                Invoke(new MethodInvoker(delegate
                {
                    Program.FormMainInstance.toolStripProgressBarDownload.Value = 0;
                    Program.FormMainInstance.toolStripStatusLabelLeft.Text      = String.Empty;
                    Program.FormMainInstance.ReportProgress(0, 0);
                }));
                Program.LogThis(new Log(Log.ModuleType.DNSCommonNames, $"DNS dictionary search finished with {queriedCount} queries!", Log.LogType.medium));
            }
            else
            {
                Program.LogThis(new Log(Log.ModuleType.DNSCommonNames, "The domain names file is empty.", Log.LogType.error));
            }
        }