search

pry0cc / axiom

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
MIT License
4k stars 622 forks source link

Gobuster-dns scan module #544

Closed Hax0rG1rl closed 2 years ago

Hax0rG1rl commented 2 years ago

Hi,

I am trying to use the axiom's gobuster-dns module this way,

axiom-scan 3.txt -m gobuster-dns --fleet [my_fleet_name] -wD mylist.txt

creating scan working directory at : /home/op/scan/gobuster-dns+1649823447/
splitting and uploading local wordlist : mylist.txt to /home/op/scan/gobuster-dns+1649823447/mylist.txt...
distributed wordlist successfully!
module: [ gobuster-dns ] | module args: [  ] | input: [ 6 lines ] |
instances:  x  [ 1 2 3 4..... ] |
command: [ /usr/bin/gobuster dns -q -w input -o output -d  ] | ext: [ txt ] | threads: [ null ]
spliting and distributing input file...
[ OK ]

However, I get this error message:

Error: flag needs an argument: 'd' in -d
Error: flag needs an argument: 'd' in -d
Error: flag needs an argument: 'd' in -d

Any idea what I am doing wrong here?

Thanks!

0xtavian commented 2 years ago

@Hax0rG1rl the default module can be a little confusing, I believe this is a horizontally scaling module. The way it’s supposed to work is: axiom-scan mylocalwordlist.txt -m gobuster-dns yahoo.com Where you’ll spilt a local wordlist and use the combined power of the fleet to brute force a signaler target ( specified in the command line or you can hardcore the target directly in the module), in this case yahoo.com.

i should be able to make you a module that fits your needs, as long as I know the following:

what is the contents of 3.txt ( three root/target domains)? Is mylist.txt a list of words to use for brute forcing? If not what is it? What are you looking to accomplish?

Hax0rG1rl commented 2 years ago

Apologies for my delayed response.

So:

I am trying to use axiom's feature and load balance the subdomain brute forcing.

0xtavian commented 2 years ago

@Hax0rG1rl Try this

[{
    "command":"/usr/bin/gobuster dns -q -w _wordlist_ -o output/_cleantarget_ -d _target_",
    "ext":"dir",
    "threads":"1"
}]

axiom-scan 3.txt -m gobuster-new-dns -wD mywordlist.txt

if you want to upload the entire wordlist (instead of splitting and uploading), try

axiom-scan 3.txt -m gobuster-new-dns -wL mywordlist.txt

i haven’t gotten a chance to try it yet but pretty confident it will work, but lmk if it doesn’t (include all terminal output if it doesn’t work, please and thank you).

The above is a “one-shot” module. Its useful when the tool doesn’t support taking a list of targets as an input file. Our Whois module is another example of a simple “one-shot” module. https://github.com/pry0cc/axiom/blob/master/modules/whois.json

Hax0rG1rl commented 2 years ago

Hey,

It seems to work so far. Thank you!

Hax0rG1rl commented 1 year ago

Hi Octavian,

So:

- 3.txt contains a list of domains I am looking to scan

- mylocal list is a large words list for domain brute-force

I am looking to use the axiom split the workload concept and expedite the brute force subdomain discovery supplying a list of root domains.

And thank you very much!

Sent from ProtonMail mobile

-------- Original Message -------- On Apr 14, 2022, 17:47, Octavian [Masked] < @.***> wrote:

Preview: @Hax0rG1rl the default module can be a little confusing, I be --> SPAM? CLICK to BLOCK

This email is Masked using Blur - it was sent from github.com to @.*** (your reply stays Masked). To protect your privacy, do not forward this message, or add new recipients like CCs or BCCs.

Thanks for being a Blur customer! If you haven't yet, [ Try DeleteMe at a discount. ]

@.***Hax0rG1rl the default module can be a little confusing, I believe this is a horizontally scaling module. The way it’s supposed to work is: axiom-scan mylocalwordlist.txt -m gobuster-dns yahoo.com Where you’ll spilt a local wordlist and use the combined power of the fleet to brute force a signaler target ( specified in the command line or you can hardcore the target directly in the module), in this case yahoo.com.

i should be able to make you a module that fits your needs, as long as I know the following:

what is the contents of 3.txt ( three root/target domains)? Is mylist.txt a list of words to use for brute forcing? If not what is it? What are you looking to accomplish?

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.AA4IQJE7PPEB3VNUYC7IYR3VE6WOBA5CNFSM5TJMFS32YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOIF6VITA.gifMessage ID: @.***>