blark / aiodnsbrute Goto Github PK
View Code? Open in Web Editor NEWPython 3.5+ DNS asynchronous brute force utility
License: GNU General Public License v3.0
Python 3.5+ DNS asynchronous brute force utility
License: GNU General Public License v3.0
●When reading a dictionary file with "os.path.dirname (os.path.realpath (__ file__)))", it is possible to read arbitrary directories.
●You can resolve by specifying the base directory. (Example using * startswith)
os.path.realpath("/../../../../../..//etc/passwd").startswith("/root/pen/aiodnsbrute/aiodnsbrute")
False
●PoC
python3 cli.py -w /../../../../../etc/passwd -vv -t 1024 example.com
[] Brute forcing example.com with a maximum of 1024 concurrent tasks...
[] Wordlist loaded, brute forcing 54 DNS records
[*] Using recursive DNS with the following servers: ['192.168.31.2']
[-] Debian-gdm:x:131:139:Gnome Display Manager:/var/lib/gdm3:/bin/false.example.com generated an unexpected exception: encoding with 'idna' codec failed (UnicodeError: label empty or too long)
aiodnsbrute: command not found
get this when iam running it. Why does it now recognize the command?
I've tried following the documentation for installing aiodnsbrute but having some issues. I'm running on MAC OS X so not sure if that is part of the issue but I've installed virtualenv via brew, and also installed pipsi as documented in the README file.
Where I have issues is when I attempt to invoke: pipsi install .
from within the repo directory. Here is the output I receive:
$ pipsi install . Running virtualenv with interpreter /Users/user/.local/venvs/pipsi/bin/python3.6 Using base prefix '/usr/local/Cellar/python/3.6.4_3/bin/../Frameworks/Python.framework/Versions/3.6' New python executable in /Users/user/.local/venvs/aiodnsbrute/bin/python3.6 Also creating executable in /Users/user/.local/venvs/aiodnsbrute/bin/python ERROR: The executable /Users/user/.local/venvs/aiodnsbrute/bin/python3.6 is not functioning ERROR: It thinks sys.prefix is '/usr/local/Cellar/python/3.6.4_3/Frameworks/Python.framework/Versions/3.6' (should be '/Users/user/.local/venvs/aiodnsbrute') ERROR: virtualenv is not compatible with this system or executable Failed to create virtualenv. Aborting.
Note that the python3.6 binary it seems to depends on does not exist for me:
$ file /Users/user/.local/venvs/aiodnsbrute/bin/python3.6 /Users/user/.local/venvs/aiodnsbrute/bin/python3.6: cannot open `/Users/user/.local/venvs/aiodnsbrute/bin/python3.6' (No such file or directory)
Any assistance would be greatly appreciated. Cheers!
We came across an issue where output is unique with LANG=en_US
which is causing issues with automation. While we can work around it by forcing LANG=en_US
it's still vexing.
# python --version
Python 3.8.0
# locale -a
C
C.UTF-8
en_US
en_US.iso88591
en_US.utf8
POSIX
Here is what we expect:
# export LANG=en_US
# aiodnsbrute --no-verify --gethostbyname -f - -o json example.org
[{"domain": "www.example.org", "ip": ["93.184.216.34"]}]
When LANG is not one of the en* locales, things I expect to be on stderr come out on stdout.
# export LANG=C.UTF-8
# aiodnsbrute --no-verify --gethostbyname -f - -o json example.org
[*] Brute forcing example.org with a maximum of 512 concurrent tasks...
[!] Skipping domain verification. YOLO!
[*] Using recursive DNS with the following servers: ['8.8.8.8', '8.8.4.4', '114.114.114.114']
[*] No wildcard response was detected for this domain.
[*] Using pycares `gethostbyname` function to perform lookups, CNAME data will be appended to results (** denotes CNAME, show actual name with -vv)
[*] Wordlist loaded, proceeding with 1000 DNS requests
[+] www.example.org ['93.184.216.34']
100%|███████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████████| 1000/1000 [00:06<00:00, 163.37rec/s]
[*] Completed, 1 subdomains found
# export LANG=en_US.utf8
# aiodnsbrute --no-verify --gethostbyname -f - -o json example.org
[{"domain": "www.example.org", "ip": ["93.184.216.34"]}]
Is this an issue in aiodnsbrute, or an issue in an underlying library used, or a problem between monitor & chair?
The setup.py
file says the license is BSD but the LICENSE.txt
file that it's GPLv3.
Which one is the right license?
Hello, thanks for creating this tool. I wanted to try it out but there seem to be 2 issues that I am facing:
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf3 in position 167457: invalid continuation byte
AttributeError: 'aioDNSBrute' object has no attribute 'pbar'
I followed the steps to create virtualenv
as per instructions and also installed the application using pipsi install .
.
Below is the full error message:
root@kali:/opt# aiodnsbrute -w test.txt -vv -t 1024 google.com
[*] Brute forcing google.com with a maximum of 1024 concurrent tasks...
Traceback (most recent call last):
File "/root/.local/venvs/aiodnsbrute/lib/python3.5/site-packages/aiodnsbrute/cli.py", line 86, in run
w = words.read().splitlines()
File "/root/.local/venvs/aiodnsbrute/lib/python3.5/codecs.py", line 321, in decode
(result, consumed) = self._buffer_decode(data, self.errors, final)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xf3 in position 167457: invalid continuation byte
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/root/.local/bin/aiodnsbrute", line 11, in <module>
sys.exit(main())
File "/root/.local/venvs/aiodnsbrute/lib/python3.5/site-packages/click/core.py", line 722, in __call__
return self.main(*args, **kwargs)
File "/root/.local/venvs/aiodnsbrute/lib/python3.5/site-packages/click/core.py", line 697, in main
rv = self.invoke(ctx)
File "/root/.local/venvs/aiodnsbrute/lib/python3.5/site-packages/click/core.py", line 895, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/root/.local/venvs/aiodnsbrute/lib/python3.5/site-packages/click/core.py", line 535, in invoke
return callback(*args, **kwargs)
File "/root/.local/venvs/aiodnsbrute/lib/python3.5/site-packages/aiodnsbrute/cli.py", line 122, in main
results = bf.run(wordlist=wordlist, domain=domain, recursive=recursive)
File "/root/.local/venvs/aiodnsbrute/lib/python3.5/site-packages/aiodnsbrute/cli.py", line 104, in run
self.pbar.close()
AttributeError: 'aioDNSBrute' object has no attribute 'pbar'
This would be a helpful addition, and ideally enabled by default whenever a wildcard response is detected, in order to find the canonical name for the wildcarded IP.
As a potential feature request. It would be great if aiodnsbrute would import a list of domains from a file. This would be quite useful to perform sub-domain enumeration across multiple domains.
https://github.com/carlbordum/common-crawl-subdomains has good data
And https://github.com/kevin91nl/common-crawl-subdomain has tools to analyse the Common Crawl data.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.