Can not understand this, i think both if statement will scan same list !

SolomonSklash / chomp-scan

A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.

https://www.solomonsklash.io/chomp-scan-update.html

GNU General Public License v3.0

393 stars 76 forks source link

Can not understand this, i think both if statement will scan same list ! #49

Closed Sy3Omda closed 5 years ago

Sy3Omda commented 5 years ago

https://github.com/SolomonSklash/chomp-scan/blob/80e17512b57f289bd0bad8b7f2c4bdeeb30971a2/chomp-scan.sh#L1782

SolomonSklash commented 5 years ago

So $1 is the domain list, which will either be all discovered domains, or all resolved domains. The if [[ $1 == $WORKING_DIR/$ALL_RESOLVED ]]; then check looks for the all resolved domains list, otherwise it runs against the discovered domains. Does that make sense?

Sy3Omda commented 5 years ago

got it, but in any case there will be all resolved domains list so I think it will never run against all discovered domains, right!

SolomonSklash commented 5 years ago

It will run against all discovered domains if you pass the flag to tell it to. By default it uses all resolved, which is usually what most people would want. See the USE_ALL parameter in the config file.