Randoms 'connection timed out'

[marcelo321]

Sometimes when running scans I get the below message and I need to delete instances and run evertyhing again. But I am not sure why this happens, it doesn't happen to often tho.

ssh: connect to host 45.33.92.201 port 2266: Connection timed out                                                                                                                                           
ssh: connect to host 173.255.233.46 port 2266: Connection timed out                                                                                                                                         
ssh: connect to host 173.255.233.99 port 2266: Connection timed out                                                                                                                                         
ssh: connect to host 173.255.233.93 port 2266: Connection timed out                                                                                                                                         
ssh: connect to host 173.255.233.48 port 2266: Connection timed out                                                                                                                                         
ssh: connect to host 173.255.233.106 port 2266: Connection timed out                                                                                                                                        
ssh: connect to host 173.255.233.67 port 2266: Connection timed out                                                                                                                                         
ssh: connect to host 45.33.92.174 port 2266: Connection timed out

[0xtavian]

@marcelo321 can you show me the command you are running? If you are using —rm-when-done, this error is expected and can be ignored. Also is it happening at the beginning, middle or end of the scan?

[marcelo321]

it just happened again @0xtavian:

edit: deleted image

edit: I wonder if it has something to do that I delete rm -r nuclei* in .axiom/logs folder, but because I sometimes stop a scan and it leaves folders that consume a lot of space, so I free it up.

[marcelo321]

the weird thing is, it says instances: 0 [ ] | but seems like the scan keeps going but not sure what it is doing with no instances to scan with.

[0xtavian]

@marcelo321 can you update to the latest code and try again? If it still doesn’t work, can you add —preflight-timeout 30 to the axiom-scan command. It seems like you aren’t using the axiom-scan —spinup 30 and instead you are running axiom-fleet before axiom-scan? If that’s the case, you can try to add a 60 second sleep after axiom-fleet (before axiom-scan).

[marcelo321]

I am doing axiom-fleet and right after that I was doing axiom-scan, I will update it and try with a 60s timeout too, thanks! I will update later. btw, to update it just axiom-update is enough, right?

[0xtavian]

It might be better to increase the preflight timeout option too. I have a feeling that might be causing the issue.

[marcelo321]

so with the axiom-scan command, I add —preflight-timeout 30 flag too?

[marcelo321]

so just a 60s timeout, helped a lot. now adding the —preflight-timeout 30 too.

Still some which fail, but not many and it is working.

Warning: Permanently added '[172.104.208.229]:2266' (ECDSA) to the list of known hosts.
Warning: Permanently added '[172.104.208.8]:2266' (ECDSA) to the list of known hosts.
Warning: Permanently added '[172.104.208.48]:2266' (ECDSA) to the list of known hosts.
Warning: Permanently added '[172.104.208.75]:2266' (ECDSA) to the list of known hosts.
Warning: Permanently added '[172.104.11.169]:2266' (ECDSA) to the list of known hosts.
Warning: Permanently added '[172.104.208.5]:2266' (ECDSA) to the list of known hosts.
Warning: Permanently added '[172.104.208.90]:2266' (ECDSA) to the list of known hosts.
ssh: connect to host 172.104.208.105 port 2266: Connection refused
ssh: connect to host 172.104.208.30 port 2266: Connection timed out

[0xtavian]

@marcelo321

. btw, to update it just axiom-update is enough, right?

Yes as long as you haven’t made any local changes, axiom-update should work. You can check for any local changes by running cd $HOME/.axiom ; git status

so with the axiom-scan command, I add —preflight-timeout 30 flag too?

Yep

so just a 60s timeout, helped a lot. now adding the —preflight-timeout 30 too.

Still some which fail, but not many and it is working.

If you are on the latest code and this is still happening lmk. It might be because of a change I made over the weekend, or it might be a temporary provisioning delay on Linodes end.

[marcelo321]

@0xtavian,

Would it be possible for me to send you a priv message so I don't create issues to ask dumb questions? One thing I would love to see differently, is e.g when you use findomain to enumerate subdomains, that it doesn't print all the subdomains it finds, but if you > /dev/null, then you don't see the output of axiom running. a flag like -silent or getting the axiom output as stderr would fix it (like tools of project discovery do).

[0xtavian]

@marcelo321 sure. HMU on twitter or join the 0x00sec discord (link is in the wiki). Probably best to join the 0x00sec discord, since we have a channel dedicated to axiom support etc.

A few points and questions

1. I just noticed that the findomain install one-liner we use stopped working, Ty for bringing attention to this. I’ll try to push a fix later today.

2. Findomain doesn’t have a comparable flag to PD’s —silent? If not, I can add tailing only stdout during axiom-scan. I actually have prep work for that feature already in master so it would be a minimal change. Thinking the flag name would be —stdout, and it would simply only tail stdout from axiom-scan, this is what you were looking for right?

3. or getting the axiom output as stderr

I’m not sure I follow this last point :)

[0xtavian]

@marcelo321 I added the --stdout flag. also lmk if you are still seeing this issue. I also moved error with number of instances, exiting message to after preflight_function, which should fix this instances: 0 [ ] issue.