Closed alanEG closed 1 year ago
d3mondev
commented
1 year ago Thanks for the PR! I'd accept it as it's a useful feature but I'm actually planning to release a new version of puredns tomorrow that includes a change like this!
See this commit in the development branch: https://github.com/d3mondev/puredns/commit/01709c5f04d944bccda1bdfa478e24df0ac3b8a5
The placeholder string I'm using is the * character instead of FUZZ. Let me know what you think.
alanEG
commented
1 year ago I don't really know if * or FUZZ will be a good choice or not
But In general, "FUZZ" is commonly used in enumeration tools to represent the position where the wordlist value will be inserted.
d3mondev
commented
1 year ago The reason I chose is because many subdomain enumeration tools, especially those that scrape SSL certificates, will return wildcard subdomains as .example.com. That allows you to pipe the results directly into puredns without having to perform additional sanitization on the input domains like replacing *. with FUZZ..
alanEG
commented
1 year ago I believe it may not be ideal to use the asterisk (*) symbol in subdomain enumeration because it can cause problems with commands that use wildcards to match files or directories..
Adds support for the "FUZZ" placeholder when enumerating subdomains. With this change, we can specify a subdomain with the "FUZZ" keyword, and it will substitute this keyword with words in the wordlist
The code change introduces a new conditional statement that checks if the domain name contains "FUZZ". If it does, the code splits the domain name into two parts at the "FUZZ" keyword, and then generates a subdomain by inserting the word between these two parts.
This feature can be particularly useful when trying to find subdomains that follow a certain pattern, such as "admin.FUZZ.example.com", where "FUZZ" can be replaced with different words to discover different subdomains.