Closed naterobbified closed 5 years ago
Hey @naterobbified,
I actually just fixed this the other day in this pull request: https://github.com/subfinder/subfinder/pull/143
You should be able to re-install subfinder from the latest master commit by running the following command: go get -u github.com/subfinder/subfinder
wow, this is fantastic news. thanks!
What's the problem (or question)?
When I use the subdomain bruteforce functionality within subfinder, I get tens of thousands of false positives all of which resolve to the same IP address: 198.105.254.11.
Do you have an idea for a solution?
When I navigate to http://198.105.254.11, I am redirected to searchguide.level3.com. Perhaps this has to do with the DNS resolvers used and not found domains are redirected to this IP address? Only solution I can think of would be to filter out any results pointing to this ip address.
How can we reproduce the issue?
Use the command: subfinder -v -o output.txt -d redacted.net --no-passive -b -w all.txt -t 100
Output:
=============================================== -=Subfinder v1.1.3 github.com/subfinder/subfinder
Running enumeration on redacted.net
Starting Bruteforcing of redacted.net with 2178752 words [...] [BRUTE] home01.redacted.net : 198.105.254.11 [BRUTE] home10.redacted.net : 198.105.254.11 [BRUTE] home101.redacted.net : 198.105.254.11 [BRUTE] home110.redacted.net : 198.105.254.11 [...]
What are the running context details?