Closed 0x646e78 closed 8 months ago
Hi @0x646e78 - nice find!
I believe each "DNS label" can be up to 63 characters in length. Then, there is a total limit of 253-255 depending on how it is processed.
I think if we limit the custom payload to 63, we will never hit the total limit as all the cloud provider strings are short enough.
So, I think the easiest way to fix this is to drop long strings during the mutation stage. I've given this a shot in this PR. If you pull this branch, does it fix your problem?
Ah I totally forgot to PR my quick fix yesterday... just opened https://github.com/initstring/cloud_enum/pull/63
Your PR still causes the crash for me, as the check needs to be upon mutation. There is also a total length of domains apparently. You can choose to take the idea and adjust your PR accordingly if you like.
Thanks @0x646e78 - I pushed a new commit that hooks into the utility functions. There is now some overlapping protections, but I think it's ok to leave them all.
Does this branch work ok for you now?
Yes, that works :D
I have a domain I'm trying to cloud_enum. Let's say this is "preprod-second-hand-elastic-standalone-abcdefghi-abcdefgh.REDCTcloud.com"
This is an acceptable length for a subdomain, and it does resolve. But, adding the fuzz to it makes it too long, and thus fails.
Perhaps a length check on subdomain + fuzz strings before attempting the check? If any component is too long, then skip as there's no way it'd be a positive result?