MCPcopy Index your code
hub / github.com/AutoRecon/AutoRecon / run

Method run

autorecon/default-plugins/virtual-host-enumeration.py:22–53  ·  view source on GitHub ↗
(self, service)

Source from the content-addressed store, hash-verified

20 self.match_service_name('^nacn_http$', negative_match=True)
21
22 async def run(self, service):
23 hostnames = []
24 if self.get_option('hostname'):
25 hostnames.append(self.get_option('hostname'))
26 if service.target.type == 'hostname' and service.target.address not in hostnames:
27 hostnames.append(service.target.address)
28 if self.get_global('domain') and self.get_global('domain') not in hostnames:
29 hostnames.append(self.get_global('domain'))
30
31 if len(hostnames) > 0:
32 for wordlist in self.get_option('wordlist'):
33 name = os.path.splitext(os.path.basename(wordlist))[0]
34 for hostname in hostnames:
35 try:
36 wildcard = requests.get(
37 ('https' if service.secure else 'http') + '://' + service.target.address + ':' + str(service.port) + '/',
38 headers={'Host': ''.join(random.choice(string.ascii_letters) for _ in range(20)) + '.' + hostname},
39 verify=False,
40 allow_redirects=False
41 )
42 size = str(len(wildcard.content))
43 except requests.exceptions.RequestException as e:
44 service.error(f"[!] Wildcard request failed for {hostname}: {e}")
45 continue
46
47 await service.execute(
48 'ffuf -u {http_scheme}://' + hostname + ':{port}/ -t ' + str(self.get_option('threads')) +
49 ' -w ' + wordlist + ' -H "Host: FUZZ.' + hostname + '" -mc all -fs ' + size +
50 ' -r -noninteractive -s | tee "{scandir}/{protocol}_{port}_{http_scheme}_' + hostname + '_vhosts_' + name + '.txt"'
51 )
52 else:
53 service.info('The target was not a hostname, nor was a hostname provided as an option. Skipping virtual host enumeration.')

Callers

nothing calls this directly

Calls 5

get_optionMethod · 0.80
get_globalMethod · 0.80
errorMethod · 0.45
executeMethod · 0.45
infoMethod · 0.45

Tested by

no test coverage detected