Skip to content

Commit

Permalink
Refactoring the code
Browse files Browse the repository at this point in the history
Refactoring the code
  • Loading branch information
neriberto committed Mar 21, 2024
1 parent 02845fb commit 6208587
Show file tree
Hide file tree
Showing 7 changed files with 270 additions and 238 deletions.
74 changes: 18 additions & 56 deletions cmd/hednsextractor/hednsextractor.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,7 @@ import (
"strconv"

"github.com/HuntDownProject/hednsextractor/utils"
"github.com/projectdiscovery/goflags"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/gologger/levels"
)

var (
Expand All @@ -17,72 +15,35 @@ var (

func main() {

// Parse the stdin
utils.ParseStdin()

flagSet := goflags.NewFlagSet()
flagSet.Marshal = true
flagSet.SetDescription("HEDnsExtractor - A suite for hunting suspicious targets, expose domains and phishing discovery!")
flagSet.BoolVar(&utils.OptionCmd.Onlydomains, "only-domains", false, "show only domains")
flagSet.BoolVar(&utils.OptionCmd.Onlynetworks, "only-networks", false, "show only networks")
flagSet.StringVar(&utils.OptionCmd.Workflow, "workflow", "", "Workflow config")
flagSet.StringVar(&utils.OptionCmd.Target, "target", "", "IP Address or Network to query")
flagSet.BoolVar(&utils.OptionCmd.Silent, "silent", false, "show silent output")
flagSet.BoolVar(&utils.OptionCmd.Verbose, "verbose", false, "show verbose output")

flagSet.CreateGroup("configuration", "Configuration",
flagSet.StringVar(&utils.OptionCmd.Config, "config", utils.DefaultConfigLocation, "flag config file"),
)

flagSet.CreateGroup("config", "Virustotal",
flagSet.BoolVar(&utils.OptionCmd.Vtscore, "vt", false, "show Virustotal score"),
flagSet.StringVar(&utils.OptionCmd.VtApiKey, "vt-api-key", "", "Virustotal API Key"),
flagSet.StringVar(&utils.OptionCmd.VtscoreValue, "vt-score", "0", "Minimum Virustotal score to show"),
)

if err := flagSet.Parse(); err != nil {
gologger.Fatal().Msgf("Could not parse flags: %s\n", err)
}

if utils.OptionCmd.Verbose {
gologger.DefaultLogger.SetMaxLevel(levels.LevelVerbose)
} else if utils.OptionCmd.Silent {
gologger.DefaultLogger.SetMaxLevel(levels.LevelSilent)
} else {
gologger.DefaultLogger.SetMaxLevel(levels.LevelInfo)
}

if utils.OptionCmd.Vtscore && utils.OptionCmd.VtApiKey == "" {
gologger.Fatal().Msgf("A Virustotal API Key is needed in config file: %s\n", utils.DefaultConfigLocation)
}
// Load parameters from command line and configuration file
utils.LoadParameters()

// Show Banner
utils.ShowBanner()

// read the targets from yaml
var c utils.Conf
// read the Workflow from yaml
var workflow utils.Workflow
if utils.OptionCmd.Workflow != "" {
c.GetConf(utils.OptionCmd.Workflow)
workflow.GetConf(utils.OptionCmd.Workflow)

for i := range c.Domains {
utils.IdentifyTarget(c.Domains[i])
for i := range workflow.Domains {
utils.IdentifyTarget(workflow.Domains[i])
}

for i := range c.Ipaddrs {
utils.IdentifyTarget(c.Ipaddrs[i])
for i := range workflow.Ipaddrs {
utils.IdentifyTarget(workflow.Ipaddrs[i])
}

for i := range c.Networks {
utils.IdentifyTarget(c.Networks[i])
for i := range workflow.Networks {
utils.IdentifyTarget(workflow.Networks[i])
}
}

// Look into target parameter to grab the IPv4s and Networks
if utils.OptionCmd.Target != "" {
gologger.Verbose().Msgf("Identifying networks for %s", utils.OptionCmd.Target)
utils.IdentifyTarget(utils.OptionCmd.Target)
}

utils.RunCrawler()
hurricane := utils.Hurricane{}
hurricane.RunCrawler()

if utils.OptionCmd.Vtscore && !utils.OptionCmd.Silent {
gologger.Info().Msgf("Filtering with Virustotal with a mininum score %s", utils.OptionCmd.VtscoreValue)
Expand All @@ -92,8 +53,8 @@ func main() {
var bMatchedPTR = false
var bMatchedDomain = false

if c.Regex != "" {
var re = regexp.MustCompile(c.Regex)
if workflow.Regex != "" {
var re = regexp.MustCompile(workflow.Regex)
bMatchedDomain = re.MatchString(result.Domain)
bMatchedPTR = re.MatchString(result.PTR)
} else {
Expand All @@ -106,7 +67,8 @@ func main() {
}

if utils.OptionCmd.Vtscore {
result.VtScore = utils.GetVtReport(result.Domain)
virustotal := utils.Virustotal{}
result.VtScore = virustotal.GetVtReport(result.Domain)
if score, err := strconv.ParseUint(utils.OptionCmd.VtscoreValue, 10, 64); err == nil {
if result.VtScore < score {
continue
Expand Down
26 changes: 0 additions & 26 deletions utils/data.go
Original file line number Diff line number Diff line change
@@ -1,24 +1,11 @@
package utils

import (
"log"
"os"
"path/filepath"

"github.com/projectdiscovery/gologger"
folderutil "github.com/projectdiscovery/utils/folder"
"gopkg.in/yaml.v2"
)

const urlBase = "https://bgp.he.net/"

type Conf struct {
Domains []string `yaml:"domains"`
Ipaddrs []string `yaml:"ipaddrs"`
Networks []string `yaml:"networks"`
Regex string `yaml:"regex"`
}

type Result struct {
IPAddr string
PTR string
Expand All @@ -36,16 +23,3 @@ var (
)

var Results = make(map[string]Result)

func (c *Conf) GetConf(filename string) *Conf {
yamlFile, err := os.ReadFile(filename)
if err != nil {
gologger.Fatal().Msgf("Could not %s\n", err)
}

err = yaml.Unmarshal(yamlFile, c)
if err != nil {
log.Fatalf("Unmarshal: %v", err)
}
return c
}
137 changes: 137 additions & 0 deletions utils/hurricane.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,137 @@
package utils

import (
"io"
"net/http/httputil"
"regexp"
"strings"

"github.com/PuerkitoBio/goquery"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/retryablehttp-go"
)

type Hurricane struct {
}

const urlBase = "https://bgp.he.net/"

func (h *Hurricane) RunCrawler() {
for _, domain := range Domains {
gologger.Verbose().Msgf("Identifying networks for domain: %s", domain)
h.ExtractDomain(domain)
}

for _, host := range Hosts {
gologger.Verbose().Msgf("Identifying networks for IPv4: %s", host)
h.ExtractNetwork(host)
}

if !OptionCmd.Onlynetworks {
for _, network := range Networks {
gologger.Verbose().Msgf("Identifying domains for network: %s", network)
h.ExtractDomains(network)
}
}
}

func (h *Hurricane) Request(url string) string {
opts := retryablehttp.DefaultOptionsSpraying
client := retryablehttp.NewClient(opts)
resp, err := client.Get(url)
if err != nil {
panic(err)
}

bin, err := httputil.DumpResponse(resp, true)
if err != nil {
panic(err)
}
str := string(bin)

return str
}

func (h *Hurricane) ExtractDomain(domain string) {
var url = ""

if domain != "" {
url = urlBase + "dns/" + domain
}

var str = h.Request(url)

var re = regexp.MustCompile(`(?m)href="/net/([^"]+)"`)
for _, match := range re.FindAllStringSubmatch(str, -1) {
if !Contains(Networks, match[1]) {
if (!OptionCmd.Silent && !OptionCmd.Onlydomains) || OptionCmd.Onlynetworks {
gologger.Info().Msgf("[%s] network: %s\n", domain, match[1])
}
Networks = append(Networks, match[1])
}
}
}

func (h *Hurricane) ExtractDomains(ipRange string) {
if ipRange == "" {
return
}

var url = urlBase + "net/" + ipRange
var html = h.Request(url)

h.ParseHTML(strings.NewReader(html))
}

func (h *Hurricane) ParseHTML(body io.Reader) {
doc, err := goquery.NewDocumentFromReader(body)
if err != nil {
gologger.Fatal().Msgf("%s", err)
}
var re = regexp.MustCompile(`\/dns\/([^"]+)`)
doc.Find("#dnsrecords").Each(func(h int, div *goquery.Selection) {
div.Find("tr").Each(func(i int, tr *goquery.Selection) {
var result Result
tr.Find("td").Each(func(j int, td *goquery.Selection) {
td.Find("a").Each(func(k int, a *goquery.Selection) {
switch td.Index() {
case 0:
result.IPAddr = a.Text()
case 1:
result.PTR = a.Text()
case 2:
html, err := td.Html()
if err == nil {
for _, match := range re.FindAllStringSubmatch(html, -1) {
result.Domain = match[1]
Results[result.Domain] = result
}
}
}
})
})
})
})
}

func (h *Hurricane) ExtractNetwork(ip string) {
var url = ""

if ip != "" {
url = urlBase + "ip/" + ip
}

var str = h.Request(url)

if ip != "" {
var re = regexp.MustCompile(`(?m)href="/net/([^"]+)"`)
for _, match := range re.FindAllStringSubmatch(str, -1) {
if !Contains(Networks, match[1]) {
if (!OptionCmd.Silent && !OptionCmd.Onlydomains) || OptionCmd.Onlynetworks {
gologger.Info().Msgf("[%s] network: %s\n", ip, match[1])
}
Networks = append(Networks, match[1])
}
}
}
}
Loading

0 comments on commit 6208587

Please sign in to comment.