search

nahamsec / lazyrecon

This script is intended to automate your reconnaissance process in an organized fashion
1.88k stars 569 forks source link

jq: error (at <stdin>:0): Cannot index string with string "dns_names" #34

Open gustavorobertux opened 4 years ago

gustavorobertux commented 4 years ago

Hello guys, I am constantly encountering the following error:

Listing subdomains using sublister...
Checking certspotter...
jq: error (at <stdin>:0): Cannot index string with string "dns_names"
Checking http://crt.sh

I'm using Ubuntu at Linode

Linux localhost 4.15.0-72-generic #81-Ubuntu SMP Tue Nov 26 12:20:02 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

Thank you in advance :)

nahamsec commented 4 years ago

Can you show me what domain are you trying this on? Also does it show any results when you look for it directly on crt.sh?

gustavorobertux commented 4 years ago

Can you show me what domain are you trying this on? Also does it show any results when you look for it directly on crt.sh?

domain=paloalto.com ; curl -s https://certspotter.com/api/v0/certs\?domain\=$domain | jq '.[].dns_names[]' | sed 's/\"//g' | sed 's/\*\.//g' | sort -u | grep $domain

Works fine :)

domain=www.paloalto.com ; curl -s https://certspotter.com/api/v0/certs\?domain\=$domain | jq '.[].dns_names[]' | sed 's/\"//g' | sed 's/\*\.//g' | sort -u | grep $domain

jq: error (at <stdin>:0): Cannot index string with string "dns_names"

:P

gustavorobertux commented 4 years ago

image

After this happens, the script freezes and does not end.

ghost commented 4 years ago

@nahamsec

Unfortunately I think this is related to Certspotter limit on requests using the free API key subscription. For this reason, sometimes the curl does not return anything.

Also, the prices are really high if you want higher limits!

curl -s https://certspotter.com/api/v0/certs\?domain\=vpn.hackerone.net {"code":"rate_limited","message":"You have exceeded the domain search rate limit for the Cert Spotter API. Please try again later, or authenticate with an API key."}

h3cksamrat commented 3 years ago

Fixed in #52 @nahamsec Please, take a look at it.

juliohmb commented 2 years ago

Aparently the V0 API has been discontinuated, I recived this message: {"code":"api_discontinued","message":"Cert Spotter APIv0 has been discontinued in favor of APIv1. Please see <https://sslmate.com/help/reference/ct_search_api_v1> for documentation."} , then I figured out the V1 API, you can use like this to find domains and subdomains: curl -s https://certspotter.com/api/v1/issuances\?$domain\=clubhouse.com\&expand\=dns_names\&include_subdomains\=true . I hope this helped.