search

d3mondev / puredns

Puredns is a fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.
GNU General Public License v3.0
1.72k stars 160 forks source link

Any way to speed up wildcard filtering? #33

Closed marcelo321 closed 1 year ago

marcelo321 commented 2 years ago

I am resolving a lot of subdomains pretty fast, but when it comes to wildcard filtering it just takes forever and I don't know if it would be possible to speed it up, it takes an absurd amount of time:

Resolving domains with public resolvers
Processed: 2253265 Rate: 7514 Elapsed: 00:05:16

Detecting wildcard root subdomains
[ETA 52:12:09] |█░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░| 5616/1553671 queries: 5718 (time: 00:10:55))

5 minutes to resolve, ~52 hours to wildcard filtering (it is updated all the time), the queries go so slow even thought I didn't provide any --wildcard-batch value

Does the --rate-limit-trusted flag affect the wildcard filtering (does it use the trusted resolvers)? or just -t for threads and --wildcard-batch affect it? because I don't see much changes from the last 2 flags, but I notice some different when changing the limit of trusted resolvers

d3mondev commented 1 year ago

I've seen this happen on some targets that drop the traffic from resolvers producing too many queries. Unfortunately not much to do in this case, besides trying to add more trusted resolvers and rate limiting. But even then, some target are pretty resistant to bruteforcing.