search

owasp-amass / amass

In-depth attack surface mapping and asset discovery
https://owasp.org/www-project-amass/
Other
11.94k stars 1.88k forks source link

Some domain names are wrong #165

Closed icezhaoL closed 5 years ago

icezhaoL commented 5 years ago

image i don't know why

icezhaoL commented 5 years ago

linux is ok , windows is wrong

caffix commented 5 years ago

@danmartinj @rbadguy @s7x Can you help discover the reason for this issue? Thanks!

caffix commented 5 years ago

@icezhaoL When I just tested Amass on Windows, it ran quite well (very fast), so I'm not sure what trouble you're experiencing

s7x commented 5 years ago

I'll do some tests in a few minutes at home. Which version are you using @icezhaoL?

icezhaoL commented 5 years ago

2.9.11

s7x commented 5 years ago

Hey @icezhaoL sorry for the delay, can you try with the new version? The whole tool got a new rework on many points/features.

Try with this command:

amass.exe enum -src -ip -d yourdomainhere.com

With the amass_3.0.3_windows_amd64.zip binary.

Cheers

caffix commented 5 years ago

@icezhaoL Has this issue been resolved for you?

icezhaoL commented 5 years ago

image Outages occur when large domain names are encountered

icezhaoL commented 5 years ago 
mode = active
output_directory = amass_output
maximum_dns_queries = 2000000
[network_settings]
port = 443
[resolvers]
resolver = ******
resolver = ******
[blacklisted]
subdomain = ******
[bruteforce]
enabled = true
recursive = true
minimum_for_recursive = 2
wordlist_file = **********
[alterations]
enabled = true
minimum_for_word_flip = 2
edit_distance = 1
flip_words = true   
flip_numbers = true 
add_words = true    
add_numbers = true  
wordlist_file = **********
[BinaryEdge]
apikey = **********
[Censys]
[CertDB]
[DNSDB]
[PassiveTotal]
[SecurityTrails]
[Shodan]
[Umbrella]
[URLScan]
[VirusTotal]
[Riddler]
[NetworksDB]
[Spyse]
caffix commented 5 years ago

What type of outage are you referring to? Your current network, DNS resolvers or the target organization’s infrastructure?

Turning up the maximum DNS queries to two million concurrent requests could definitely cause some problems if your network cannot handle it or you do not have enough resolvers to spread the load across. Additionally, some organizations will detect such a large amount of traffic and throttle the activity.

I hope that helps, and we appreciate the feedback!

icezhaoL commented 5 years ago

thank you 谢谢你

s7x commented 5 years ago

@icezhaoL & @caffix can we close this issue now? Do we consider this solved?

icezhaoL commented 5 years ago

Has been resolved