Closed doncalli closed 2 years ago
So I ran the code line system("amass enum -d %s -o -silent" % URL_TARGET) in isolation (not from within the script) For example: amass enum -d nytimes.com -o .list_amass.txt -silent
There is no output...it appears to be HANGING with NO OUTPUT
discovered that it was the AMASS program which was corrupt. So uninstalled it and reinstalled; the program is now working fine even when ran in isolation. The issue of converting the sicon script to reflect nmap3 still remains. See the code lines under: perform quick port scan using nmap Can you pls help?
thanks for the report, i will try to do it
another thing, I would advise that you update your "Readme.md" to advise people of the need to INSTALL NMAP as a prerequisite prior to using your program. Otherwise THANK YOU!!
thank you for the advice, you are very helpful
#########Latest Modification tried for NMAP 3 for the NMAP port scan##############
for s in subdomain_list:
# perform quick port scan using nmap
#quick_scan = nmap.scan(hosts=s, arguments="-F")
quick_scan = nmap.scan_top_ports("s")
host = list(quick_scan.keys())
#host = list(quick_scan["scan"].keys())
if (len(host) > 0):
tcp_open = str(list(quick_scan["scan"][host[0]]["tcp"].keys()))
print(Colors.RESET + Colors.GREEN + "\t -> " + Colors.RESET + Colors.BOLD + s +
" | " + Colors.GREEN + tcp_open + Colors.RESET)
else:
print(Colors.RESET + Colors.GREEN + "\t -> " + Colors.RESET + Colors.BOLD + s +
" | " + Colors.RED + "FAIL MAYBE HOST DIED" + Colors.RESET)
Obviously it did not work: See error message below
**[+] SUBDOMAINS DETECTED: 36
Traceback (most recent call last):
File "/home/doncalli/Repo/s1c0n/sicon.py", line 168, in
actually you can install python-nmap in python3, and you can run this tool without any problem, well i will try changing python-nmap to python3-nmap
Thank you for the advice
Hey there,python-Nmap doesn't work on my kali Linux...I don't know why. Only python3-nmap does
Hey there,python-Nmap doesn't work on my kali Linux...I don't know why. Only python3-nmap does
i code this tool using kali linux, and of course i install python-nmap, and it works well i also using python3 to run this tool, python that i use is python 3.10.5
What version of Nmap are you using? I'm using 7.9.2
Also when I Uninstalled and reinstalled python-nmap. Then I imported the module " import Nmap" . I still have the same issue when I run the python script.
UPDATE: I finally got it to work with "import nmap"! I uninstalled,purged and reinstalled "python-nmap".
So it now works! However it would be nice to see another script running nmap3 module though. FYI. If running NMAP3, you will not be able to match on the "scan" key if you run this command see below:
quick_scan = nmap.scan_top_ports("owasp.org") list(quick_scan["scan"].keys()) .............will not match on the "scan" key and you cannot match on port, protocol etc
only matches on: [ip address; runtime; scope]
Python 3.10.5 (main, Jun 8 2022, 09:26:22) [GCC 11.3.0] on linux Type "help", "copyright", "credits" or "license" for more information.
import nmap3 nmap = nmap3.Nmap() nmap.scan_top_ports("nytimes.com", args="-sV") {'151.101.129.164': {'osmatch': {}, 'ports': [{'protocol': 'tcp', 'portid': '21', 'state': 'filtered', 'reason': 'no-response', 'reason_ttl': '0', 'service': {'name': 'ftp', 'method': 'table', 'conf': '3'}, 'cpe': [], 'scripts': []}, {'protocol': 'tcp', 'portid': '22', 'state': 'filtered', 'reason': 'no-response', 'reason_ttl': '0', 'service': {'name': 'ssh', 'method': 'table', 'conf': '3'}, 'cpe': [], 'scripts': []}, {'protocol': 'tcp', 'portid': '23', 'state': 'filtered', 'reason': 'no-response', 'reason_ttl': '0', 'service': {'name': 'telnet', 'method': 'table', 'conf': '3'}, 'cpe': [], 'scripts': []}, {'protocol': 'tcp', 'portid': '25', 'state': 'filtered', 'reason': 'no-response', 'reason_ttl': '0', 'service': {'name': 'smtp', 'method': 'table', 'conf': '3'}, 'cpe': [], 'scripts': []}, {'protocol': 'tcp', 'portid': '80', 'state': 'open', 'reason': 'syn-ack', 'reason_ttl': '53', 'service': {'name': 'http-proxy', 'product': 'Varnish', 'method': 'probed', 'conf': '10'}, 'cpe': [{'cpe': 'cpe:/a:varnish-cache:varnish'}], 'scripts': []}, {'protocol': 'tcp', 'portid': '110', 'state': 'filtered', 'reason': 'no-response', 'reason_ttl': '0', 'service': {'name': 'pop3', 'method': 'table', 'conf': '3'}, 'cpe': [], 'scripts': []}, {'protocol': 'tcp', 'portid': '139', 'state': 'filtered', 'reason': 'no-response', 'reason_ttl': '0', 'service': {'name': 'netbios-ssn', 'method': 'table', 'conf': '3'}, 'cpe': [], 'scripts': []}, {'protocol': 'tcp', 'portid': '443', 'state': 'open', 'reason': 'syn-ack', 'reason_ttl': '53', 'service': {'name': 'https', 'product': 'Varnish', 'servicefp': 'SF-Port443-TCP:V=7.92%T=SSL%I=7%D=7/30%Time=62E5D9F0%P=x86_64-unknown-linux-gnu%r(GetRequest,1FE,"HTTP/1\.1\x20500\x20Domain\x20Not\x20Found\r\nConnection:\x20close\r\nContent-Length:\x20228\r\nServer:\x20Varnish\r\nRetry-After:\x200\r\ncontent-type:\x20text/html\r\nCache-Control:\x20private,\x20no-cache\r\nX-Served-By:\x20cache-bur-kbur8200167-BUR\r\nAccept-Ranges:\x20bytes\r\nDate:\x20Sun,\x2031\x20Jul\x202022\x2001:25:05\x20GMT\r\nVia:\x201\.1\x20varnish\r\n\r\n\n\n
\nFastly\x20error:\x20unknown\x20domain\x20 \n\n\nFastly\x20error:\x20unknown\x20domain:\x20\.\x20Please\x20check\x20that\x20this\x20domain\x20has\x20been\x20added\x20to\x20a\x20service\.
\nDetails:\x20cache-bur-kbur8200167-BUR
")%r(HTTPOptions,1FE,"HTTP/1\.1\x20500\x20Domain\x20Not\x20Found\r\nConnection:\x20close\r\nContent-Length:\x20228\r\nServer:\x20Varnish\r\nRetry-After:\x200\r\ncontent-type:\x20text/html\r\nCache-Control:\x20private,\x20no-cache\r\nX-Served-By:\x20cache-bur-kbur8200122-BUR\r\nAccept-Ranges:\x20bytes\r\nDate:\x20Sun,\x2031\x20Jul\x202022\x2001:25:05\x20GMT\r\nVia:\x201\.1\x20varnish\r\n\r\n\n\n\nFastly\x20error:\x20unknown\x20domain\x20 \n\n\nFastly\x20error:\x20unknown\x20domain:\x20\.\x20Please\x20check\x20that\x20this\x20domain\x20has\x20been\x20added\x20to\x20a\x20service\.
\nDetails:\x20cache-bur-kbur8200122-BUR
")%r(FourOhFourRequest,1FE,"HTTP/1\.1\x20500\x20Domain\x20Not\x20Found\r\nConnection:\x20close\r\nContent-Length:\x20228\r\nServer:\x20Varnish\r\nRetry-After:\x200\r\ncontent-type:\x20text/html\r\nCache-Control:\x20private,\x20no-cache\r\nX-Served-By:\x20cache-bur-kbur8200178-BUR\r\nAccept-Ranges:\x20bytes\r\nDate:\x20Sun,\x2031\x20Jul\x202022\x2001:25:05\x20GMT\r\nVia:\x201\.1\x20varnish\r\n\r\n\n\n\nFastly\x20error:\x20unknown\x20domain\x20 \n\n\nFastly\x20error:\x20unknown\x20domain:\x20\.\x20Please\x20check\x20that\x20this\x20domain\x20has\x20been\x20added\x20to\x20a\x20service\.
\nDetails:\x20cache-bur-kbur8200178-BUR
");', 'tunnel': 'ssl', 'method': 'probed', 'conf': '10'}, 'cpe': [], 'scripts': []}, {'protocol': 'tcp', 'portid': '445', 'state': 'filtered', 'reason': 'no-response', 'reason_ttl': '0', 'service': {'name': 'microsoft-ds', 'method': 'table', 'conf': '3'}, 'cpe': [], 'scripts': []}, {'protocol': 'tcp', 'portid': '3389', 'state': 'filtered', 'reason': 'no-response', 'reason_ttl': '0', 'service': {'name': 'ms-wbt-server', 'method': 'table', 'conf': '3'}, 'cpe': [], 'scripts': []}], 'hostname': [{'name': 'nytimes.com', 'type': 'user'}], 'macaddress': None, 'state': {'state': 'up', 'reason': 'echo-reply', 'reason_ttl': '53'}}, 'stats': {'scanner': 'nmap', 'args': '/usr/local/bin/nmap -oX - --top-ports 10 -sV nytimes.com', 'start': '1659230685', 'startstr': 'Sat Jul 30 18:24:45 2022', 'version': '7.92', 'xmloutputversion': '1.05'}, 'runtime': {'time': '1659230708', 'timestr': 'Sat Jul 30 18:25:08 2022', 'summary': 'Nmap done at Sat Jul 30 18:25:08 2022; 1 IP address (1 host up) scanned in 23.41 seconds', 'elapsed': '23.41', 'exit': 'success'}} quick_scan = nmap.scan_top_ports("owasp.org", args="-sV") quick_scan.keys() dict_keys(['104.22.26.77', 'stats', 'runtime']) list(quick_scan["stats"].keys()) ['scanner', 'args', 'start', 'startstr', 'version', 'xmloutputversion'] list(quick_scan["runtime"].keys()) ['time', 'timestr', 'summary', 'elapsed', 'exit'] list(quick_scan["104.22.26.77"].keys()) ['osmatch', 'ports', 'hostname', 'macaddress', 'state']
above is the output from using nmap3 module to do the scan. You can see that using the python-nmap3 module to scan for open ports, will NOT result in a KEY matching "scan" (as in nmap module). so you will have to find a python-nmap3 command that scan for open ports whose output will result in a KEY matching "scan" or "ports" etc
can you scan "southlandind.com" with your script(nmap module import) and see if you are running into errors
UPDATE: I finally got it to work with "import nmap"! I uninstalled,purged and reinstalled "python-nmap".
So it now works! However it would be nice to see another script running nmap3 module though. FYI. If running NMAP3, you will not be able to match on the "scan" key if you run this command see below:
quick_scan = nmap.scan_top_ports("owasp.org") list(quick_scan["scan"].keys()) .............will not match on the "scan" key and you cannot match on port, protocol etc
only matches on: [ip address; runtime; scope]
that's why i prefer to use python-nmap instead of python3-nmap
can you scan "southlandind.com" with your script(nmap module import) and see if you are running into errors
` ┏━┓╺┓ ┏━╸┏━┓┏┓╻ ┗━┓ ┃ ┃ ┃┃┃┃┗┫ ┗━┛╺┻╸┗━╸┗━┛╹ ╹
Simple Recon
Coded by UnknownSec666
Thanks to: Jeager
[*] Starting recon on southlandind.com:
[+] WAF: NOT DETECTED
[+] OPENED PORTS: 2
-> 80/tcp open http
-> 443/tcp open https
[+] SUBDOMAINS DETECTED: 54
-> officewebapps.southlandind.com | FAIL MAYBE HOST DIED
-> webmail4.southlandind.com | FAIL MAYBE HOST DIED
-> rs2.southlandind.com | [25, 80, 443, 465, 587]
-> lyncweb2013.southlandind.com | FAIL MAYBE HOST DIED
-> madsslvpn.southlandind.com | [443]
-> aw2sslvpn.southlandind.com | FAIL MAYBE HOST DIED
-> lyncweb.southlandind.com | FAIL MAYBE HOST DIED
-> webconfedge01.southlandind.com | FAIL MAYBE HOST DIED
-> help.southlandind.com | [80, 443, 8080, 8443]
-> webmail.southlandind.com | FAIL MAYBE HOST DIED
-> meet.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157]
-> daw.southlandind.com | FAIL MAYBE HOST DIED
-> sentrymad.southlandind.com | FAIL MAYBE HOST DIED
-> share.southlandind.com | [80, 443]
-> coins-mobiletech2.southlandind.com | FAIL MAYBE HOST DIED
-> dae.southlandind.com | FAIL MAYBE HOST DIED
-> lyncdiscover.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157]
-> coins.southlandind.com | FAIL MAYBE HOST DIED
-> mdlyncweb2013.southlandind.com | FAIL MAYBE HOST DIED
-> legacy.southlandind.com | FAIL MAYBE HOST DIED
-> webconfedge02.southlandind.com | FAIL MAYBE HOST DIED
-> vsp.southlandind.com | FAIL MAYBE HOST DIED
-> sipedge02.southlandind.com | FAIL MAYBE HOST DIED
-> coins-mobiletech.southlandind.com | FAIL MAYBE HOST DIED
-> registry.devops.southlandind.com | FAIL MAYBE HOST DIED
-> ggsslvpn.southlandind.com | [443]
-> southlandind.com | [80, 443]
-> rs.southlandind.com | [25, 80, 443, 465, 587]
-> lyncdiscoverinternal.southlandind.com | FAIL MAYBE HOST DIED
-> webconf.southlandind.com | FAIL MAYBE HOST DIED
-> sip13.southlandind.com | FAIL MAYBE HOST DIED
-> autodiscover.southlandind.com | FAIL MAYBE HOST DIED
-> www.southlandind.com | [80, 443]
-> coins2-mobiletech.southlandind.com | FAIL MAYBE HOST DIED
-> uccrew.southlandind.com | [443]
-> tmpsslvpn.southlandind.com | [443]
-> tableau.southlandind.com | FAIL MAYBE HOST DIED
-> mail2k3.southlandind.com | FAIL MAYBE HOST DIED
-> dialin.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157]
-> webconf13.southlandind.com | FAIL MAYBE HOST DIED
-> dev.southlandind.com | FAIL MAYBE HOST DIED
-> smartchecklist.southlandind.com | [80, 443]
-> photos.southlandind.com | FAIL MAYBE HOST DIED
-> aesslvpn.southlandind.com | FAIL MAYBE HOST DIED
-> mail2k.southlandind.com | FAIL MAYBE HOST DIED
-> intranet.southlandind.com | FAIL MAYBE HOST DIED
-> webmail3.southlandind.com | FAIL MAYBE HOST DIED
-> sip.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157]
-> mx.southlandind.com | FAIL MAYBE HOST DIED
-> smtp-east.southlandind.com | FAIL MAYBE HOST DIED
-> smtp.southlandind.com | FAIL MAYBE HOST DIED
-> exchangehybrid.southlandind.com | FAIL MAYBE HOST DIED
-> webmail2.southlandind.com | FAIL MAYBE HOST DIED
-> sentry.southlandind.com | FAIL MAYBE HOST DIED
[+] DIRECTORIES: 5
-> 200 | https://southlandind.com/.well-known/acme-challenge/dtfy
-> 403 | https://southlandind.com/vendor/phpunit/Util/PHP/eval-stdin.php
-> 403 | https://southlandind.com/vendor/phpunit/phpunit/Util/PHP/eval-stdin.php
-> 403 | https://southlandind.com/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
-> 403 | https://southlandind.com/vendor/phpunit/src/Util/PHP/eval-stdin.php`
I am coming up with errors. See output below:
Coded by UnknownSec666
Thanks to: Jeager
[*] Starting recon on southlandind.com:
[+] WAF: NOT DETECTED
[+] OPENED PORTS: 2
-> 80/tcp open http
-> 443/tcp open https
[+] SUBDOMAINS DETECTED: 54
-> aesslvpn.southlandind.com | FAIL MAYBE HOST DIED
-> photos.southlandind.com | FAIL MAYBE HOST DIED
-> lyncweb.southlandind.com | FAIL MAYBE HOST DIED
-> share.southlandind.com | [80, 443]
-> coins.southlandind.com | FAIL MAYBE HOST DIED
-> webmail2.southlandind.com | FAIL MAYBE HOST DIED
-> smtp-east.southlandind.com | FAIL MAYBE HOST DIED
-> sipedge02.southlandind.com | FAIL MAYBE HOST DIED
-> webmail.southlandind.com | FAIL MAYBE HOST DIED
-> vsp.southlandind.com | FAIL MAYBE HOST DIED
-> mail2k3.southlandind.com | FAIL MAYBE HOST DIED
-> smartchecklist.southlandind.com | [80, 443]
-> legacy.southlandind.com | FAIL MAYBE HOST DIED
-> daw.southlandind.com | FAIL MAYBE HOST DIED
-> dae.southlandind.com | FAIL MAYBE HOST DIED
Traceback (most recent call last):
File "/home/doncalli/Repo/s1c0n/sicon2.py", line 165, in
so far I can scan other domains without any issues. What do you think is causing this error for "southlandind.com"
I am coming up with errors. See output below:
Coded by UnknownSec666 Thanks to: Jeager [*] Starting recon on southlandind.com: [+] WAF: NOT DETECTED [+] OPENED PORTS: 2 -> 80/tcp open http -> 443/tcp open https [+] SUBDOMAINS DETECTED: 54 -> aesslvpn.southlandind.com | FAIL MAYBE HOST DIED -> photos.southlandind.com | FAIL MAYBE HOST DIED -> lyncweb.southlandind.com | FAIL MAYBE HOST DIED -> share.southlandind.com | [80, 443] -> coins.southlandind.com | FAIL MAYBE HOST DIED -> webmail2.southlandind.com | FAIL MAYBE HOST DIED -> smtp-east.southlandind.com | FAIL MAYBE HOST DIED -> sipedge02.southlandind.com | FAIL MAYBE HOST DIED -> webmail.southlandind.com | FAIL MAYBE HOST DIED -> vsp.southlandind.com | FAIL MAYBE HOST DIED -> mail2k3.southlandind.com | FAIL MAYBE HOST DIED -> smartchecklist.southlandind.com | [80, 443] -> legacy.southlandind.com | FAIL MAYBE HOST DIED -> daw.southlandind.com | FAIL MAYBE HOST DIED -> dae.southlandind.com | FAIL MAYBE HOST DIED
Traceback (most recent call last): File "/home/doncalli/Repo/s1c0n/sicon2.py", line 165, in tcp_open = str(list(quick_scan["scan"][host[0]]["tcp"].keys())) KeyError: 'tcp' ┌──(rootskullsa9901793)-[/home/doncalli/Repo/s1c0n] └─#
so far I can scan other domains without any issues. What do you think is causing this error for "southlandind.com"
did you run the tools that you edited before? or tools that you haven't edited at all
Answer: tools which were not edited. sicon.py is the nmap3 script which we know, was having issues as the python-nmap codes needed to be converted to python-nmap3
After reinstalling python-nmap, I used a different script (sicon2.py) using your code python3 sicon2.py -u southlandind.com
the ? is why is the script failing for this domain (it is failing why doing an enum of the sub-domains) but not failing for others?
I don't have a clue why the error occurred, I've tried on another device and did a scan on southlandind.com and the result is the same as before, it worked without any errors
ran into the same issue with scanning "independent.co.uk" Notice the "ind" present in both "southlandind.com" and independent.co.uk coincidence?
I think it's a bit strange if a domain containing ind could cause errors in the script, you can try to do a scan on hindustantimes.com, otherwise the error could be accidental
ran into the same issue with scanning "independent.co.uk" Notice the "ind" present in both "southlandind.com" and independent.co.uk coincidence?
no issues with scanning "ind.com"
┏━┓╺┓ ┏━╸┏━┓┏┓╻
┗━┓ ┃ ┃ ┃┃┃┃┗┫
┗━┛╺┻╸┗━╸┗━┛╹ ╹
Simple Recon
Coded by UnknownSec666
Thanks to: Jeager
[*] Starting recon on ind.com:
[+] WAF: NOT DETECTED
[+] OPENED PORTS: 2
-> 80/tcp open http
-> 443/tcp open https
[+] SUBDOMAINS DETECTED: 201
-> www.noe.ind.com | FAIL MAYBE HOST DIED
-> www.tocantins.ind.com | FAIL MAYBE HOST DIED
-> www.cbse.ind.com | FAIL MAYBE HOST DIED
-> local.ind.com | FAIL MAYBE HOST DIED
-> www.2xp.ind.com | FAIL MAYBE HOST DIED
-> www.devers.ind.com | FAIL MAYBE HOST DIED
-> www.apddcf.ind.com | FAIL MAYBE HOST DIED
-> cricinfo.ind.com | FAIL MAYBE HOST DIED
-> 2xp.ind.com | FAIL MAYBE HOST DIED
-> www.upsc.ind.com | FAIL MAYBE HOST DIED
-> www.sharif.ind.com | FAIL MAYBE HOST DIED
-> italianinha.ind.com | FAIL MAYBE HOST DIED
-> www.pti.ind.com | FAIL MAYBE HOST DIED
-> vinaae-ex04.ind.com | FAIL MAYBE HOST DIED
-> www.proeza.ind.com | FAIL MAYBE HOST DIED
-> employment.gov.ind.com | FAIL MAYBE HOST DIED
-> www.norco.ind.com | FAIL MAYBE HOST DIED
-> parkindplus-allison.ind.com | [80, 443]
-> logismarket.ind.com | FAIL MAYBE HOST DIED
-> motion--ind.com | FAIL MAYBE HOST DIED
-> business.ind.com | FAIL MAYBE HOST DIED
-> vinaae-ems00.ind.com | FAIL MAYBE HOST DIED
-> vpn.ind.com | [80, 443]
-> sex.ind.com | FAIL MAYBE HOST DIED
-> payment.wintec.ind.com | FAIL MAYBE HOST DIED
-> www.feromonio.ind.com | FAIL MAYBE HOST DIED
-> www.rafealadebayo.ind.com | FAIL MAYBE HOST DIED
-> www.incometax.ind.com | FAIL MAYBE HOST DIED
-> converge.ind.com | [443]
-> www.gecis.ind.com | FAIL MAYBE HOST DIED
-> aes.mail.ind.com | FAIL MAYBE HOST DIED
-> www.aima.ind.com | FAIL MAYBE HOST DIED
-> hub.ind.com | FAIL MAYBE HOST DIED
-> autodiscover.ind.com | [80, 110, 143, 443, 587, 993, 995]
-> www.standardequipments.ind.com | FAIL MAYBE HOST DIED
-> www.cmaa.ind.com | FAIL MAYBE HOST DIED
-> www.angelus.ind.com | FAIL MAYBE HOST DIED
-> www.universities.ind.com | FAIL MAYBE HOST DIED
-> www.msn.ind.com | FAIL MAYBE HOST DIED
-> www.google.co.ind.com | FAIL MAYBE HOST DIED
-> www.healthcareproducts.ind.com | FAIL MAYBE HOST DIED
-> www.tbjosua.ind.com | FAIL MAYBE HOST DIED
-> www.muller.ind.com | FAIL MAYBE HOST DIED
-> gre.ind.com | FAIL MAYBE HOST DIED
-> exchcasnlb.ind.com | FAIL MAYBE HOST DIED
-> www.shenazhussien.ind.com | FAIL MAYBE HOST DIED
-> www.passport.chd.ind.com | FAIL MAYBE HOST DIED
-> finalresults.ind.com | FAIL MAYBE HOST DIED
-> www.freemount.ind.com | FAIL MAYBE HOST DIED
-> www.moil.ind.com | FAIL MAYBE HOST DIED
-> www.syndicatebank.ind.com | FAIL MAYBE HOST DIED
-> www.mhn.ind.com | FAIL MAYBE HOST DIED
-> cpanel.motion--ind.com | FAIL MAYBE HOST DIED
-> www.incometax.gov.ind.com | FAIL MAYBE HOST DIED
-> www.belplast.ind.com | FAIL MAYBE HOST DIED
-> childsupport.gov.ind.com | FAIL MAYBE HOST DIED
-> www.tamilsexstory.ind.com | FAIL MAYBE HOST DIED
-> www.irctc.ind.com | FAIL MAYBE HOST DIED
-> www.motion--ind.com | FAIL MAYBE HOST DIED
-> imap.ind.com | FAIL MAYBE HOST DIED
-> www.siexis.photos.ind.com | FAIL MAYBE HOST DIED
-> www.aponline.gov.ind.com | FAIL MAYBE HOST DIED
-> pms--ind.com | FAIL MAYBE HOST DIED
-> ftp.ind.com | [443]
-> supplierdiversity.ind.com | [80, 443]
-> www.koreanlanguage.ind.com | FAIL MAYBE HOST DIED
-> yahoo.ind.com | FAIL MAYBE HOST DIED
-> microsoft.ind.com | FAIL MAYBE HOST DIED
-> vinaae-cas01.ind.com | FAIL MAYBE HOST DIED
-> www.gurbani.ind.com | FAIL MAYBE HOST DIED
-> grainer.ind.com | FAIL MAYBE HOST DIED
-> www.iit.ind.com | FAIL MAYBE HOST DIED
-> www.indian.rail.govt.ind.com | FAIL MAYBE HOST DIED
-> www.opensex.ind.com | FAIL MAYBE HOST DIED
-> www.opengils.ind.com | FAIL MAYBE HOST DIED
-> www.northstate.ind.com | FAIL MAYBE HOST DIED
-> www.edu.ind.com | FAIL MAYBE HOST DIED
-> www.thor.ind.com | FAIL MAYBE HOST DIED
-> mail.brasilata.ind.com | FAIL MAYBE HOST DIED
-> www.federation.ind.com | FAIL MAYBE HOST DIED
-> www.rni.ind.com | FAIL MAYBE HOST DIED
-> www.parkindplus.ind.com | FAIL MAYBE HOST DIED
-> webmail.motion--ind.com | FAIL MAYBE HOST DIED
-> www.miller.ind.com | FAIL MAYBE HOST DIED
-> www.allenco.ind.com | FAIL MAYBE HOST DIED
-> webdisk.motion--ind.com | FAIL MAYBE HOST DIED
-> www.ap.ind.com | FAIL MAYBE HOST DIED
-> mdm.ind.com | FAIL MAYBE HOST DIED
-> www.homeoffice.ind.com | FAIL MAYBE HOST DIED
-> www.airtel.ind.com | FAIL MAYBE HOST DIED
-> www.italianha.ind.com | FAIL MAYBE HOST DIED
-> www.dyestuf.ind.com | FAIL MAYBE HOST DIED
-> www.dhs.ind.com | FAIL MAYBE HOST DIED
-> www.goog.ind.com | FAIL MAYBE HOST DIED
-> www.paid4typing.ind.com | FAIL MAYBE HOST DIED
-> www.alok.ind.com | FAIL MAYBE HOST DIED
-> devide.ind.com | FAIL MAYBE HOST DIED
-> www.mirchmasala.ind.com | FAIL MAYBE HOST DIED
-> mall.ind.com | FAIL MAYBE HOST DIED
-> myiaa-m.ind.com | FAIL MAYBE HOST DIED
-> vincenncenes.ind.com | FAIL MAYBE HOST DIED
-> mail.motion--ind.com | FAIL MAYBE HOST DIED
-> www.ingersoll-rand.ind.com | FAIL MAYBE HOST DIED
-> pop3.ind.com | FAIL MAYBE HOST DIED
-> www.converge.ind.com | FAIL MAYBE HOST DIED
-> www.esic.ind.com | FAIL MAYBE HOST DIED
-> www.w00den.ind.com | FAIL MAYBE HOST DIED
-> www.disney.ind.com | FAIL MAYBE HOST DIED
-> allindia.test.ind.com | FAIL MAYBE HOST DIED
-> www.helm.ind.com | FAIL MAYBE HOST DIED
-> www.tnpsc.ind.com | FAIL MAYBE HOST DIED
-> www.vodafone.ind.com | FAIL MAYBE HOST DIED
-> bps.jkrt.ind.com | FAIL MAYBE HOST DIED
-> mstc.ind.com | FAIL MAYBE HOST DIED
-> igd.www.ind.com | FAIL MAYBE HOST DIED
-> www.gov.ind.com | FAIL MAYBE HOST DIED
-> www.penstate.ind.com | FAIL MAYBE HOST DIED
-> www.ywcahostel.ind.com | FAIL MAYBE HOST DIED
-> www.anabelle.ind.com | FAIL MAYBE HOST DIED
-> centerplast central de pl\303\241sticos ind.com | [80, 443]
-> www.willoughby.ind.com | FAIL MAYBE HOST DIED
-> mailaes.ind.com | FAIL MAYBE HOST DIED
-> pinamt-ex03.ind.com | FAIL MAYBE HOST DIED
-> atrius.ind.com | FAIL MAYBE HOST DIED
-> www.blackboard.ind.com | FAIL MAYBE HOST DIED
-> crescentschool.ind.com | FAIL MAYBE HOST DIED
-> mail.ind.com | FAIL MAYBE HOST DIED
-> www.escortgirl.ind.com | FAIL MAYBE HOST DIED
-> www.ind.com | [80, 443]
-> www.tartrou.ind.com | FAIL MAYBE HOST DIED
-> www.nokia.ind.com | FAIL MAYBE HOST DIED
-> devflightstatus.ind.com | [80, 443, 8080]
-> www.nine.ind.com | FAIL MAYBE HOST DIED
-> www.gva.ind.com | FAIL MAYBE HOST DIED
-> myiaa.ind.com | FAIL MAYBE HOST DIED
-> www.kent.ind.com | FAIL MAYBE HOST DIED
-> www.mdm.ind.com | FAIL MAYBE HOST DIED
-> toodisney.ind.com | FAIL MAYBE HOST DIED
-> www.britannia.ind.com | FAIL MAYBE HOST DIED
-> www.ebick.ind.com | FAIL MAYBE HOST DIED
-> www.mcdonalds.ind.com | FAIL MAYBE HOST DIED
-> www.stannshsbol.ind.com | FAIL MAYBE HOST DIED
-> geeassosiate.ind.com | FAIL MAYBE HOST DIED
-> www.landrover.ind.com | FAIL MAYBE HOST DIED
-> www.superveyor.ind.com | FAIL MAYBE HOST DIED
-> www.agconst.ind.com | FAIL MAYBE HOST DIED
-> hurrayedutech.ind.com | FAIL MAYBE HOST DIED
-> www.employeeskoch.ind.com | FAIL MAYBE HOST DIED
-> www.jashengroup.ind.com | FAIL MAYBE HOST DIED
-> www.uniaoengenharia.ind.com | FAIL MAYBE HOST DIED
-> federation.ind.com | FAIL MAYBE HOST DIED
-> www.reliance.ind.com | FAIL MAYBE HOST DIED
-> www.colabloco.ind.com | FAIL MAYBE HOST DIED
-> autodiscover.motion--ind.com | FAIL MAYBE HOST DIED
-> www.passport.ind.com | FAIL MAYBE HOST DIED
-> smtp.ind.com | FAIL MAYBE HOST DIED
-> www.supportwatts.ind.com | FAIL MAYBE HOST DIED
-> schenck.ind.com | FAIL MAYBE HOST DIED
-> parkindplus.ind.com | [443]
-> zim.ind.com | FAIL MAYBE HOST DIED
-> lapbandsurgians.ind.com | FAIL MAYBE HOST DIED
-> www.pgtl.ind.com | FAIL MAYBE HOST DIED
-> gen.ind.com | FAIL MAYBE HOST DIED
-> www.gilbert.ind.com | FAIL MAYBE HOST DIED
-> www.employees.koch.ind.com | FAIL MAYBE HOST DIED
-> herohonda.ind.com | FAIL MAYBE HOST DIED
-> www.parkindplus-lilly.ind.com | FAIL MAYBE HOST DIED
-> icc.champeantarafy.ind.com | FAIL MAYBE HOST DIED
-> www.meganslaw.ind.com | FAIL MAYBE HOST DIED
-> www.hsbc.ind.com | FAIL MAYBE HOST DIED
-> www.rocket.ind.com | FAIL MAYBE HOST DIED
-> www.tamilcinima.ind.com | FAIL MAYBE HOST DIED
-> kamasutra.porn.ind.com | FAIL MAYBE HOST DIED
-> www.takmeel.ind.com | FAIL MAYBE HOST DIED
-> www.milly.ind.com | FAIL MAYBE HOST DIED
-> www.aksports.ind.com | FAIL MAYBE HOST DIED
-> sendsmsfree.ind.com | FAIL MAYBE HOST DIED
-> mcs.ind.com | FAIL MAYBE HOST DIED
-> www.instakolege.eng.ind.com | FAIL MAYBE HOST DIED
-> sextv.ind.com | FAIL MAYBE HOST DIED
-> www.learningaccord.ind.com | FAIL MAYBE HOST DIED
-> mail.aes.ind.com | FAIL MAYBE HOST DIED
-> www.sonyericsson.ind.com | FAIL MAYBE HOST DIED
-> ssjc.k12.ind.com | FAIL MAYBE HOST DIED
-> homeofice.ind.com | FAIL MAYBE HOST DIED
-> www.singapo.ind.com | FAIL MAYBE HOST DIED
-> www.nante.ind.com | FAIL MAYBE HOST DIED
-> parkindplus-lilly.ind.com | [80, 443]
-> www.totodealers.ind.com | FAIL MAYBE HOST DIED
-> www.primeiroato.ind.com | FAIL MAYBE HOST DIED
-> www.ares.ind.com | FAIL MAYBE HOST DIED
-> www.google.ind.com | FAIL MAYBE HOST DIED
-> www.kinzie.ind.com | FAIL MAYBE HOST DIED
-> www.bmv.ind.com | FAIL MAYBE HOST DIED
-> cooktravel.ind.com | [80, 443]
-> www.beutty.ind.com | FAIL MAYBE HOST DIED
-> gsfc.ind.com | FAIL MAYBE HOST DIED
-> ind.com | [80, 443]
-> www.vpn.ind.com | FAIL MAYBE HOST DIED
-> trameco.ind.com | FAIL MAYBE HOST DIED
-> cablestarplus.ind.com | FAIL MAYBE HOST DIED
[+] DIRECTORIES: 0
ran into the same issue with scanning "independent.co.uk" Notice the "ind" present in both "southlandind.com" and independent.co.uk coincidence? ` Simple Recon Coded by UnknownSec666 / roo@x-krypt0n-x Thanks to: Jeager
[*] Starting recon on independent.co.uk:
[+] WAF: NOT DETECTED
[+] OPENED PORTS: 3
-> 80/tcp open http
-> 443/tcp open https
-> 8100/tcp open xprint-server
[+] SUBDOMAINS DETECTED: 232
-> link.independent.co.uk | [25, 80, 443]
-> www.blogs.independent.co.uk | FAIL MAYBE HOST DIED
-> courses.independent.co.uk | [80, 443]
-> dp.independent.co.uk | [80, 443]
-> cmpv2.independent.co.uk | FAIL MAYBE HOST DIED
-> www.i100.independent.co.uk | FAIL MAYBE HOST DIED
-> zh.independent.co.uk | [80, 443]
-> www.jobs.independent.co.uk | FAIL MAYBE HOST DIED
-> cms.independent.co.uk | FAIL MAYBE HOST DIED
-> maturedating.independent.co.uk | [80, 443, 8080, 8443]
-> independentjobs.independent.co.uk | [80, 443]
-> ic.independent.co.uk | [80, 443]
-> atalanta.cc | [80, 443, 8080, 8443]
-> 057www.independent.co.uk | [80, 443]
-> www.dulnvxiers.tk | [80, 443, 8080, 8443]
-> static.independent.co.uk | [80, 443]
-> www.standard.co.uk | [80, 443]
-> webreader.independent.co.uk | [80]
-> holajs.independent.co.uk | [80, 443]
-> dev2.independent.co.uk | FAIL MAYBE HOST DIED
-> traveloffers.independent.co.uk | [80, 443]
-> mature.independent.co.uk | [80, 443]
-> tatic.independent.co.uk | [80, 443]
-> mycrowdpay.com | [21, 22, 25, 53, 80, 110, 143, 443, 465, 587, 993, 995, 3306]
-> www.enjoyment.independent.co.uk | [80, 443, 8080]
-> newsletter.independent.co.uk | [80, 443]
-> www.studentdiscounts.independent.co.uk | FAIL MAYBE HOST DIED
-> prod.independent.co.uk | [80, 443]
-> student.independent.co.uk | FAIL MAYBE HOST DIED
-> www.search.independent.co.uk | FAIL MAYBE HOST DIED
-> education.independent.co.uk | FAIL MAYBE HOST DIED
-> origin.education.independent.co.uk | FAIL MAYBE HOST DIED
-> stats.independent.co.uk | FAIL MAYBE HOST DIED
-> property.independent.co.uk | FAIL MAYBE HOST DIED
-> newswwc.com | [80, 443, 8080, 8443]
-> environment.independent.co.uk | FAIL MAYBE HOST DIED
-> forums.independent.co.uk | FAIL MAYBE HOST DIED
-> 2fwww.independent.co.uk | [80, 443]
-> comment.independent.co.uk | FAIL MAYBE HOST DIED
-> www.financial-advisor.independent.co.uk | FAIL MAYBE HOST DIED
-> register.independent.co.uk | [80, 443]
-> origin.premium.independent.co.uk | FAIL MAYBE HOST DIED
-> dahl-brogaard.blogbright.net | [22, 80, 443, 3306]
-> uat.independent.co.uk | [80, 443]
-> motoring.independent.co.uk | FAIL MAYBE HOST DIED
-> dev3.independent.co.uk | FAIL MAYBE HOST DIED
-> recruiters.independent.co.uk | [80, 443]
-> origin.news.independent.co.uk | FAIL MAYBE HOST DIED
-> news.independent.co.uk | FAIL MAYBE HOST DIED
-> u002fwww.independent.co.uk | [80, 443]
-> login.yukana.com.au | [22, 80, 443]
-> static-dev.independent.co.uk | [80, 443]
-> m.independent.co.uk | FAIL MAYBE HOST DIED
-> assets.independent.co.uk | [80, 443]
-> tickets.independent.co.uk | [80, 443]
-> prod-origin.independent.co.uk | FAIL MAYBE HOST DIED
-> indynewsletters.independent.co.uk | FAIL MAYBE HOST DIED
-> news-archive.independent.co.uk | FAIL MAYBE HOST DIED
-> date.independent.co.uk | [80, 443, 8080, 8443]
-> live.independent.co.uk | [80, 443]
-> www.newsncr.com | [80, 443, 8080, 8443]
-> wvwv.independent.co.uk | [80, 443]
-> canucksjerseysshop.com | [80, 443, 8080, 8443]
-> us.independent.co.uk | [80, 443]
-> www.news.independent.co.uk | FAIL MAYBE HOST DIED
-> 22.independent.co.uk | [80, 443]
-> compare.independent.co.uk | [80, 443]
-> elk.independent.co.uk | FAIL MAYBE HOST DIED
-> marcomms.londonfirst.co.uk | [80, 443, 8080]
-> www.arts.independent.co.uk | FAIL MAYBE HOST DIED
-> ftp.independent.co.uk | FAIL MAYBE HOST DIED
-> independent.co.uk | [80, 443]
-> i100.independent.co.uk | [80]
-> origin.www.independent.co.uk | FAIL MAYBE HOST DIED
-> sip.independent.co.uk | [443]
-> register.i100.independent.co.uk | [80, 443]
-> www.feeds.independent.co.uk | FAIL MAYBE HOST DIED
-> www.property.independent.co.uk | [80, 443]
-> portal.homeflow.co.uk.independent.co.uk | [80, 443]
-> directory.independent.co.uk | [53, 80, 443, 1025, 3389, 5900]
-> www.accountants.independent.co.uk | FAIL MAYBE HOST DIED
-> staging.independent.co.uk | [80, 443]
-> horizon.e.independent.co.uk | [80, 443]
-> today.independent.co.uk | [80, 443]
-> olive92.com | [80, 443, 8080, 8443]
-> www.mbasearch.independent.co.uk | FAIL MAYBE HOST DIED
-> broadband.independent.co.uk | [80]
-> www.phonerecycling.independent.co.uk | FAIL MAYBE HOST DIED
-> ssc.independent.co.uk | [80, 443]
-> www.indy100.com | [80, 443]
-> eminetra.co.uk | [22, 80, 443, 3389]
-> www2.independent.co.uk | FAIL MAYBE HOST DIED
-> blogs.independent.co.uk | [80]
-> telegra.ph | [80, 443]
-> enjoyment.independent.co.uk | [80]
-> msdn.independent.co.uk | [80, 443]
-> london2012.independent.co.uk | [80, 443]
-> pdf.independent.co.uk | [80, 443]
-> flatshare.independent.co.uk | FAIL MAYBE HOST DIED
-> argument.independent.co.uk | FAIL MAYBE HOST DIED
-> lux-fix.independent.co.uk | [80, 443]
-> www.rugby.independent.co.uk | FAIL MAYBE HOST DIED
-> sport.independent.co.uk | FAIL MAYBE HOST DIED
-> www.sport.independent.co.uk | FAIL MAYBE HOST DIED
-> squareblogs.net | [80, 443, 8080, 8443]
-> isawthenews.com | [80, 443]
-> search.independent.co.uk | FAIL MAYBE HOST DIED
-> customerservices.independent.co.uk | [80]
-> wwww.independent.co.uk | [80, 443]
-> money.independent.co.uk | FAIL MAYBE HOST DIED
-> www.jb3img.top | [80, 443, 8080, 8443]
-> loveislandjournal.com | [22, 80, 443]
-> m.ijobs.independent.co.uk | [80, 443]
-> cardiffcity2022.com | [80, 443, 8080, 8443]
-> cncnews.tech | [21, 22, 25, 53, 80, 106, 110, 143, 443, 465, 587, 646, 993, 995, 3000, 8443]
-> fwww.independent.co.uk | [80, 443]
-> intiv.leaderboardscore.online | [21, 22, 25, 53, 80, 110, 143, 443, 465, 587, 993, 995, 32768, 49152, 49153, 49154, 49155, 49156, 49157]
-> uk.alertbreakingnews.com | [80, 443, 8080, 8443]
-> sc.independent.co.uk | [80, 443]
-> a.independent.co.uk | FAIL MAYBE HOST DIED
-> financial-advisor.independent.co.uk | [80, 443]
-> ukwww.independent.co.uk | [80, 443]
-> www.trendolizer.com | [22, 80, 135, 139, 443, 445]
-> syndication.independent.co.uk | [80, 443]
-> leedsunited2022.com | [80, 443, 8080, 8443]
-> accountants.independent.co.uk | FAIL MAYBE HOST DIED
-> link.e.independent.co.uk | [80, 443]
-> www.independent.co.uk | [80, 443]
-> from.hydneahidiberbunc.gq | [80, 443, 8080, 8443]
-> reddit.independent.co.uk | [80]
-> prooftamapost.tk | [80, 443, 8080, 8443]
-> studentdiscounts.independent.co.uk | [80, 443]
-> independentwww.independent.co.uk | [80, 443]
-> 0.rockstonesecond.com | [22, 80, 443, 8080]
-> do.independent.co.uk | [80]
-> www.evaneos.independent.co.uk | FAIL MAYBE HOST DIED
-> tions.independent.co.uk | [80, 443]
-> team-noir.net | [80, 443, 8080, 8443]
-> app.independent.co.uk | [80, 443]
-> 2fstatic.independent.co.uk | [80, 443]
-> living.independent.co.uk | FAIL MAYBE HOST DIED
-> mobile.independent.co.uk | FAIL MAYBE HOST DIED
-> my.independent.co.uk | [80, 443]
-> link.indy100.independent.co.uk | [80, 443]
-> x3d.independent.co.uk | [80, 443]
-> www.gallery.independent.co.uk | FAIL MAYBE HOST DIED
-> fantasyrugby.independent.co.uk | FAIL MAYBE HOST DIED
-> solicitors.independent.co.uk | FAIL MAYBE HOST DIED
-> theindependentwww.independent.co.uk | [80, 443]
-> www.independentespanol.com | [80, 443]
-> www.lux-fix.independent.co.uk | FAIL MAYBE HOST DIED
-> www.register.independent.co.uk | FAIL MAYBE HOST DIED
-> parship.independent.co.uk | [80, 443, 8080, 8443]
-> travel.independent.co.uk | FAIL MAYBE HOST DIED
-> guardiola.xyz | [80, 443, 8080, 8443]
-> mortgage-advisor.independent.co.uk | [7, 9, 13, 21, 22, 23, 25, 26, 37, 53, 79, 80, 81, 88, 106, 110, 111, 113, 119, 135, 139, 143, 144, 179, 199, 389, 427, 443, 444, 445, 465, 513, 514, 515, 543, 544, 548, 554, 587, 631, 646, 873, 990, 993, 995, 10 25, 1026, 1027, 1028, 1029, 1110, 1433, 1720, 1723, 1755, 1900, 2000, 2001, 2049, 2121, 2717, 3000, 3128, 3306, 3389, 3986, 4899, 5000, 5009, 5051, 5060, 5101, 5190, 5357, 5432 , 5631, 5666, 5800, 5900, 6000, 6001, 6646, 7070, 8000, 8008, 8009, 8080, 8081, 8443, 88 88, 9100, 9999, 10000, 32768, 49152, 49153, 49154, 49155, 49156, 49157]
-> beefnepal7.bravejournal.net | [22, 80, 443]
-> hacksawridge.independent.co.uk | [80, 443]
-> gallery.independent.co.uk | FAIL MAYBE HOST DIED
-> pbase.com | [80, 443]
-> ijobs.independent.co.uk | [80, 443]
-> edition.independent.co.uk | [80, 443]
-> www.sneakernews25.top | FAIL MAYBE HOST DIED
-> www.news-archive.independent.co.uk | FAIL MAYBE HOST DIED
-> dev4.independent.co.uk | FAIL MAYBE HOST DIED
-> classified.independent.co.uk | FAIL MAYBE HOST DIED
-> www.techsghost.com | [21, 25, 26, 53, 80, 110, 143, 443, 465, 587, 993, 995]
-> publicnewstime.com | [80, 443, 8080, 8443]
-> eflchampionship.net | [80, 443, 8080, 8443]
-> www.classified.independent.co.uk | FAIL MAYBE HOST DIED
-> origin.comment.independent.co.uk | FAIL MAYBE HOST DIED
-> fstatic.independent.co.uk | [80, 443]
-> usapp.independent.co.uk | [80, 443]
-> anotepad.com | [25, 80, 143, 443, 465, 993]
-> mba.independent.co.uk | [80, 443]
-> www.mortgage-advisor.independent.co.uk | FAIL MAYBE HOST DIED
-> 252fwww.independent.co.uk | [80, 443]
-> logger.independent.co.uk | [80, 443]
-> origin.motoring.independent.co.uk | FAIL MAYBE HOST DIED
-> kahlua.independent.co.uk | [80, 443]
-> evaneos.independent.co.uk | FAIL MAYBE HOST DIED
-> uat-web.independent.co.uk | [80, 443]
-> www.courses.independent.co.uk | [80, 443]
-> www.jb4img.top | [80, 443, 8080, 8443]
-> blogfreely.net | [80, 443, 8080, 8443]
-> atic.independent.co.uk | [80, 443]
-> www.fantasyrugby.independent.co.uk | FAIL MAYBE HOST DIED
-> arts.independent.co.uk | FAIL MAYBE HOST DIED
-> bitlive.stream | [80, 443, 8443]
-> pixelrz.com | [80, 443, 8080, 8443]
-> preview.independent.co.uk | FAIL MAYBE HOST DIED
-> www.environment.independent.co.uk | FAIL MAYBE HOST DIED
-> dev-web.independent.co.uk | [80, 443]
-> jenkins.independent.co.uk | FAIL MAYBE HOST DIED
-> feeds.independent.co.uk | FAIL MAYBE HOST DIED
-> www.mba.independent.co.uk | [80, 443]
-> bluemoon.atshop.io | [80, 443, 8080, 8443]
-> sanmiguelrichlist.independent.co.uk | [80, 443]
-> media.independent.co.uk | [21, 22, 80, 443, 646]
-> www.sexpicturespass.com | [80, 443, 8080, 8443]
-> sc2.independent.co.uk | FAIL MAYBE HOST DIED
-> admin.independent.co.uk | [80, 443]
-> naijal.com | [80, 443, 8080, 8443]
-> dating.independent.co.uk | [80, 443]
-> www.directory.independent.co.uk | [21, 80, 110, 199, 443, 587, 8080]
-> rugby.independent.co.uk | FAIL MAYBE HOST DIED
-> uat-origin.independent.co.uk | FAIL MAYBE HOST DIED
-> help.independent.co.uk | [80, 443, 8080, 8443]
-> zcashpredictions.com | [80, 443, 8080, 8443]
-> coach.independent.co.uk | [80, 443]
-> advancement.independent.co.uk | [80, 443]
-> ww.independent.co.uk | [80, 443]
-> indy100.independent.co.uk | [80]
-> origin.jobs.independent.co.uk | FAIL MAYBE HOST DIED
-> puzzles.independent.co.uk | [53, 80, 443]
-> mbasearch.independent.co.uk | FAIL MAYBE HOST DIED
-> jobs.independent.co.uk | [80, 443]
-> fip.independent.co.uk | [21, 80, 443]
-> www.fip.independent.co.uk | FAIL MAYBE HOST DIED
-> www.www.independent.co.uk | FAIL MAYBE HOST DIED
-> newsncr.com | [80, 443, 8080, 8443]
-> autodiscover.independent.co.uk | [80, 443]
-> feature-indy-premium-prod.independent.co.uk | [80, 443]
-> www.solicitors.independent.co.uk | FAIL MAYBE HOST DIED
-> www.haberm.com | [80, 443, 8080, 8443]
-> writeablog.net | [80, 443, 8080, 8443]
-> subscriptions.independent.co.uk | [80, 443]
-> sagtenews.independent.co.uk | [80, 443]
-> pm.independent.co.uk | FAIL MAYBE HOST DIED
-> www.holidayoffers.independent.co.uk | FAIL MAYBE HOST DIED
-> dev.independent.co.uk | FAIL MAYBE HOST DIED
-> sslvpn.independent.co.uk | [80, 443]
[+] DIRECTORIES: 0 `
i was try to scanning independent.co.uk and there is no error at all, I'm very confused now why it happened, maybe it happened because there was a problem from the domain we scanned, or maybe a connection problem
is it possible to run the script with a error log? that way, we can see why the script actually failed while doing the enum of the sub-domains?
Also can you pls send your current copy of sicon.py that is in use on your machine to my email doncalli46@hotmail.com if possible?
Also can you pls send your current copy of sicon.py that is in use on your machine to my email doncalli46@hotmail.com if possible?
actually the sicon script will get some additional features, but I haven't started it yet, and the one I use on my machine is actually the same as the one on github, okay I'll send
is it possible to run the script with a error log? that way, we can see why the script actually failed while doing the enum of the sub-domains?
idk, maybe its possible if i recreate sicon script
Thank you ...received your sicon.py script and ran it against "southlandind.com". See output below:
┏━┓╺┓ ┏━╸┏━┓┏┓╻
┗━┓ ┃ ┃ ┃┃┃┃┗┫
┗━┛╺┻╸┗━╸┗━┛╹ ╹
Simple Recon
Coded by UnknownSec666 / roo@x-krypt0n-x
Thanks to: Jeager
[*] Starting recon on southlandind.com:
[+] WAF: NOT DETECTED
[+] OPENED PORTS: 2
-> 80/tcp open http
-> 443/tcp open https
[+] SUBDOMAINS DETECTED: 54
-> sentry.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> sipedge02.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> webconfedge02.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> aesslvpn.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> officewebapps.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> ggsslvpn.southlandind.com | [443]
-> sentrymad.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> legacy.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> webmail4.southlandind.com | FAIL MAYBE HOST IS OFFLINE
Traceback (most recent call last):
File "/home/doncalli/Repo/s1c0n/sicon3.py", line 169, in
I have no idea why it works for some domains and not others such as southlandind.com. The only way to find out is to run the script with an error log recording what really happened. I am running the script with python3 on kali linux installed within windows sub-system (WSL) 2.0
I did "formula1.com" and hre is the output with NO ISSUES:
┏━┓╺┓ ┏━╸┏━┓┏┓╻
┗━┓ ┃ ┃ ┃┃┃┃┗┫
┗━┛╺┻╸┗━╸┗━┛╹ ╹
Simple Recon
Coded by UnknownSec666 / roo@x-krypt0n-x
Thanks to: Jeager
[*] Starting recon on formula1.com:
[+] WAF: DETECTED [ Cloudfront (Amazon) ]
[+] OPENED PORTS: 2
-> 80/tcp open http
-> 443/tcp open https
[+] SUBDOMAINS DETECTED: 166
-> f1.eu | [80, 443, 8008]
-> alpha.formula1.com | [80, 443]
-> ottdev-config.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> ottdev-video-cf.formula1.com | [80, 443]
-> f1store2.formula1.com | [80, 443]
-> f1live.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> test.corp.formula1.com | [80, 443]
-> www.formula1.com | [80, 443]
-> ottdev-api.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> performance-f1tv-images.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> pp-video-cf.formula1.com | [80, 443]
-> f1store.formula1.com | [80, 443]
-> drive.formula1.com | [80, 443]
-> pp-config.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> fantasy-stage-api.formula1.com | [80, 443]
-> preprod2-f1tv-images.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> s3.amazonaws.com | [80, 443]
-> login-stage.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> amp.formula1.com | [80, 443]
-> pp-api.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> pp-ott.formula1.com | [80, 443]
-> digitalstore.formula1.com | [80, 443]
-> pp-video-ak.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> www.jwdamg4.top | [80, 443, 8080, 8443]
-> sit.formula1.com | [80, 443]
-> live.formula1.com | [80, 443]
-> preprod-f1tv-images.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> performance-f1tv.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> live-timing.lb.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> pp-video-fer-ak.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> f1tv-images.formula1.com | [80, 443]
-> www.jihoyoll.top | FAIL MAYBE HOST IS OFFLINE
-> www.china.formula1.com | [80, 443]
-> ottdev-ott.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> matchreplaytv.com | [21, 22, 80, 443, 3306, 8080, 8443]
-> fans.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> uat-static.formula1.com | [80, 443]
-> ott-video-ak.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> dev-video-cf.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> ottdev-video-ak.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> svc-staging.formula1.com | [80, 443]
-> e2e-video-fer-ak.formula1.com | [53, 80, 443]
-> pitwall.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> origin.formula1.com | [80, 443]
-> pp-img.formula1.com | [80, 443]
-> login.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> mobilestore.formula1.com | [80, 443]
-> notifications.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> news-board.oiya.xyz | [80, 443, 8080, 8443]
-> corp.formula1.com | [80, 443]
-> account-hotfix.formula1.com | [80, 443]
-> staging-f1tv-api.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> ottdev-video-fer-cf.formula1.com | [80, 443]
-> convictconviction1612.blogspot.ru | [80, 443]
-> live-timing.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> origin-f1.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> f1tv-livedata.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> f1store4.formula1.com | [53, 80, 443]
-> api.formula1.com | [80, 443]
-> m.f1store.formula1.com | [53, 80, 443]
-> www.f1.com | [21, 80, 443, 1028, 5009, 5800, 8008]
-> ottdev-img.formula1.com | [80, 443]
-> svc.formula1.com | [80, 443]
-> replies.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> raceprogramme.formula1.com | [80, 443]
-> account-staging-f1tv.formula1.com | [7, 9, 13, 21, 22, 23, 25, 26, 37, 53, 79, 80, 81, 88, 106, 110, 111, 113, 119, 135, 139, 143, 144, 179, 199, 389, 427, 443, 444, 445, 465, 513, 514, 515, 543, 544, 548, 554, 587, 631, 646, 873, 990, 993, 995, 1025, 1026, 1027, 1028, 1029, 1110, 1433, 1720, 1723, 1755, 1900, 2000, 2001, 2049, 2121, 2717, 3000, 3128, 3306, 3389, 3986, 4899, 5000, 5009, 5051, 5060, 5101, 5190, 5357, 5432, 5631, 5666, 5800, 5900, 6000, 6001, 6646, 7070, 8000, 8008, 8009, 8080, 8081, 8443, 8888, 9100, 9999, 10000, 32768, 49152, 49153, 49154, 49155, 49156, 49157]
-> staging-f1tv-images.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> www.f1authentics.com | [80, 443, 8080, 8443]
-> e2e-config.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> mail.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> privacy.formula1.com | [80, 443]
-> formula1.com | [80, 443]
-> sit-static.formula1.com | [80, 443]
-> prod-support-f1tv-livedata.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> stage.formula1.com | [80, 443]
-> gtm-hbg.formula1.com | [53, 113]
-> dev-livetiming.formula1.com | [53, 80, 443]
-> amp-staging.formula1.com | [80, 443]
-> outpost-es.com | [80, 443, 8080, 8443]
-> e2e-api.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> www.f1store.formula1.com | [53, 80, 443]
-> ott-api.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> rdio-staging.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> fantasypreprod-f1tv-livedata.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> sa.e-m.media | [80, 443]
-> f1fragrances.com | [22, 80, 443]
-> horizon.formula1.com | [80, 443]
-> e2e-img.formula1.com | [80, 443]
-> secure.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> amp-qa.formula1.com | [80, 443]
-> view.e.f1store.formula1.com | [80, 113, 443]
-> izo-stage.formula1.com | [80, 443]
-> livetiming.formula1.com | [80, 443, 49157]
-> performance-f1tv-livedata.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> ott-video-cf.formula1.com | [80, 443]
-> dev-api.formula1.com | [80, 443]
-> www.bookrooms.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> hotfix-api.formula1.com | [80, 443]
-> pp-video-fer-cf.formula1.com | [80, 443]
-> link.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> preprod2-f1tv-api.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> m.formula1.com | [80, 443]
-> f1tv-api.formula1.com | [80, 443]
-> f1tv-cdn-cent-west.formula1.com | [53, 80, 443]
-> staging-static.formula1.com | [80, 443]
-> e2e-video-ak.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> dev.ott.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> gtm-crx.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> fantasy-stage.formula1.com | [80, 443]
-> newsletter.formula1.com | [80, 135, 139, 443, 445]
-> track.f1store.formula1.com | [80, 443]
-> www.bing.com | [53, 80, 443]
-> preprod-f1tv-livedata.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> ftp.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> f1store3.formula1.com | [80, 443]
-> static.formula1.com | [80, 443]
-> svc-hotfix.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> rdio.formula1.com | [80, 443]
-> izo-origin.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> bookrooms.formula1.com | [80, 443]
-> mobile.formula1.com | [80, 443]
-> f1tv-cdn-cent-vod.formula1.com | [53, 80, 443]
-> f1tv.formula1.com | [80, 443]
-> f1rocks.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> f1tv-cdn-cent-live.formula1.com | [53, 80, 443]
-> fantasy.formula1.com | [80, 443]
-> tickets.formula1.com | [80, 443, 8080, 8443]
-> china.formula1.com | [80, 443]
-> uat-api.formula1.com | [80, 443]
-> f1tv-cdn-cent-east.formula1.com | [53, 80, 443]
-> ott-video-fer-cf.formula1.com | [80, 443]
-> e.f1store.formula1.com | [25, 113, 465, 587]
-> izo-prod-origin.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> ott-img.formula1.com | [80, 443]
-> e2e-video-cf.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> f1.com | [80, 443, 9999]
-> dev-img.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> automobilist.com | [80, 443, 515, 2717]
-> fantasy-dev.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> dev-f1tv.formula1.com | [80, 443]
-> ott.formula1.com | [80, 443]
-> origin.lb.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> e2e-video-fer-cf.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> click.e.f1store.formula1.com | [80, 113]
-> ottdev-video-fer-ak.formula1.com | [80, 443]
-> e2e-ott.formula1.com | [80, 443]
-> video.formula1.com | [80, 443]
-> strack.f1store.formula1.com | [80, 443]
-> beta.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> convictconviction1612.blogspot.com | [80, 443]
-> account.formula1.com | [80, 443]
-> staging-f1tv.formula1.com | [80, 443]
-> support.formula1.com | [80, 443, 8080, 8443]
-> f1vod.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> staging-api.formula1.com | [80, 443]
-> payments.f1store.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> fantasy-api.formula1.com | [80, 443]
-> account-staging.formula1.com | [80, 443]
-> dev-config.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> qa-api.formula1.com | [80, 443]
-> ott-config.formula1.com | [80, 443]
-> ott-video-fer-ak.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> preprod2-f1tv.formula1.com | FAIL MAYBE HOST IS OFFLINE
-> integration-api.formula1.com | [80, 443]
-> preprod-f1tv.formula1.com | [80, 443]
-> rdio-dev.formula1.com | [80, 443]
[+] DIRECTORIES: 0
I just don't understand what is happening
I showed the script to a friend as to the errors and he came up with a little workaround, which I think, should be a change to your script. See below:
if (len(host) > 0): try:
tcp_open = str(list(quick_scan["scan"][host[0]]["tcp"].keys()))
print(Colors.RESET + Colors.GREEN + "\t -> " + Colors.RESET + Colors.BOLD + s +
" | " + Colors.GREEN + tcp_open + Colors.RESET)
**except:
# port scan failed
print(Colors.RESET + Colors.GREEN + "\t -> " + Colors.RESET + Colors.BOLD + s +
" | " + Colors.RED + "FAIL MAYBE HOST IS OFFLINE" + Colors.RESET)**
else:
# port scan failed
print(Colors.RESET + Colors.GREEN + "\t -> " + Colors.RESET + Colors.BOLD + s +
" | " + Colors.RED + "FAIL MAYBE HOST IS OFFLINE" + Colors.RESET)
An except statement was added to "skip" the error that was causing the traceback error.
Now I am able to scan southlandind.com:
**┏━┓╺┓ ┏━╸┏━┓┏┓╻
┗━┓ ┃ ┃ ┃┃┃┃┗┫
┗━┛╺┻╸┗━╸┗━┛╹ ╹
Simple Recon
Coded by UnknownSec666 / roo@x-krypt0n-x
Thanks to: Jeager
[*] Starting recon on southlandind.com:
[+] WAF: NOT DETECTED
[+] OPENED PORTS: 2
-> 80/tcp open http
-> 443/tcp open https
[+] SUBDOMAINS DETECTED: 54
-> sip.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157]
-> tmpsslvpn.southlandind.com | [443]
-> southlandind.com | [80, 443]
-> mdlyncweb2013.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> aesslvpn.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> photos.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> meet.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157]
-> coins.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> coins2-mobiletech.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> daw.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> sentry.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> lyncweb2013.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> exchangehybrid.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> help.southlandind.com | [80, 443, 8080, 8443]
-> webconfedge01.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> sip13.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> lyncweb.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> mx.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> sipedge02.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> mail2k3.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> smtp-east.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> tableau.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> sentrymad.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> webconf.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> webconfedge02.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> lyncdiscover.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157]
-> share.southlandind.com | [80, 443]
-> uccrew.southlandind.com | [443]
-> legacy.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> intranet.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> smtp.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> registry.devops.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> aw2sslvpn.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> webmail4.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> dialin.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157]
-> autodiscover.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> rs2.southlandind.com | [25, 80, 443, 465, 587]
-> webmail.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> webconf13.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> dae.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> vsp.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> mail2k.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> www.southlandind.com | [80, 443]
-> madsslvpn.southlandind.com | [443]
-> dev.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> webmail3.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> smartchecklist.southlandind.com | [80, 443]
-> ggsslvpn.southlandind.com | [443]
-> webmail2.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> coins-mobiletech.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> officewebapps.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> lyncdiscoverinternal.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> coins-mobiletech2.southlandind.com | FAIL MAYBE HOST IS OFFLINE
-> rs.southlandind.com | [25, 80, 443, 465, 587]
[+] DIRECTORIES: 5
-> 200 | https://southlandind.com/.well-known/acme-challenge/dtfy
-> 403 | https://southlandind.com/vendor/phpunit/Util/PHP/eval-stdin.php
-> 403 | https://southlandind.com/vendor/phpunit/phpunit/Util/PHP/eval-stdin.php
-> 403 | https://southlandind.com/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
-> 403 | https://southlandind.com/vendor/phpunit/src/Util/PHP/eval-stdin.php
┌──(root💀sa9901793)-[/home/doncalli/Repo/s1c0n]** └─#
I showed the script to a friend as to the errors and he came up with a little workaround, which I think, should be a change to your script. See below:
if (len(host) > 0): try: # tcp ports were found tcp_open = str(list(quick_scan["scan"][host[0]]["tcp"].keys())) print(Colors.RESET + Colors.GREEN + "\t -> " + Colors.RESET + Colors.BOLD + s + " | " + Colors.GREEN + tcp_open + Colors.RESET) except: # port scan failed print(Colors.RESET + Colors.GREEN + "\t -> " + Colors.RESET + Colors.BOLD + s + " | " + Colors.RED + "FAIL MAYBE HOST IS OFFLINE" + Colors.RESET) else: # port scan failed print(Colors.RESET + Colors.GREEN + "\t -> " + Colors.RESET + Colors.BOLD + s + " | " + Colors.RED + "FAIL MAYBE HOST IS OFFLINE" + Colors.RESET)
An except statement was added to "skip" the error that was causing the traceback error.
Now I am able to scan southlandind.com:
**┏━┓╺┓ ┏━╸┏━┓┏┓╻ ┗━┓ ┃ ┃ ┃┃┃┃┗┫ ┗━┛╺┻╸┗━╸┗━┛╹ ╹ Simple Recon Coded by UnknownSec666 / roo@x-krypt0n-x Thanks to: Jeager [*] Starting recon on southlandind.com: [+] WAF: NOT DETECTED [+] OPENED PORTS: 2 -> 80/tcp open http -> 443/tcp open https [+] SUBDOMAINS DETECTED: 54 -> sip.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157] -> tmpsslvpn.southlandind.com | [443] -> southlandind.com | [80, 443] -> mdlyncweb2013.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> aesslvpn.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> photos.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> meet.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157] -> coins.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> coins2-mobiletech.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> daw.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> sentry.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> lyncweb2013.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> exchangehybrid.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> help.southlandind.com | [80, 443, 8080, 8443] -> webconfedge01.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> sip13.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> lyncweb.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> mx.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> sipedge02.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> mail2k3.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> smtp-east.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> tableau.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> sentrymad.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> webconf.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> webconfedge02.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> lyncdiscover.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157] -> share.southlandind.com | [80, 443] -> uccrew.southlandind.com | [443] -> legacy.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> intranet.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> smtp.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> registry.devops.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> aw2sslvpn.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> webmail4.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> dialin.southlandind.com | [80, 443, 49152, 49153, 49154, 49155, 49156, 49157] -> autodiscover.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> rs2.southlandind.com | [25, 80, 443, 465, 587] -> webmail.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> webconf13.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> dae.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> vsp.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> mail2k.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> www.southlandind.com | [80, 443] -> madsslvpn.southlandind.com | [443] -> dev.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> webmail3.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> smartchecklist.southlandind.com | [80, 443] -> ggsslvpn.southlandind.com | [443] -> webmail2.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> coins-mobiletech.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> officewebapps.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> lyncdiscoverinternal.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> coins-mobiletech2.southlandind.com | FAIL MAYBE HOST IS OFFLINE -> rs.southlandind.com | [25, 80, 443, 465, 587] [+] DIRECTORIES: 5 -> 200 | https://southlandind.com/.well-known/acme-challenge/dtfy -> 403 | https://southlandind.com/vendor/phpunit/Util/PHP/eval-stdin.php -> 403 | https://southlandind.com/vendor/phpunit/phpunit/Util/PHP/eval-stdin.php -> 403 | https://southlandind.com/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php -> 403 | https://southlandind.com/vendor/phpunit/src/Util/PHP/eval-stdin.php
┌──(rootskullsa9901793)-[/home/doncalli/Repo/s1c0n]** └─#
thx for your report
here try this out if the problem doesnt work simple wrapper for many tools feel free to contribute https://github.com/Tech-Realm/The-Exploiter
Hello there. I initially HAD issues running your script if running with python3. so I made some adjustments to make it work.
had to install python3.nmap (I am running python 3.10 in my environment). Reference https://pypi.org/project/python3-nmap/ had to compile and install the latest nmap (7.20) from nmap.org (now referred to "nmap3") had to install python3-tk for the tklinter issue reported earlier With these changes, the script then managed to run to an extent
Then based on https://pypi.org/project/python3-nmap/, I made some further adjustments on the sicon.py script to get the script into referencing "nmap3" as a python module. I have pasted the FULL modified script below with comments
1.1: importing dependencies from turtle import color
try: from os import path, system, getcwd import os.path import subprocess import nmap3 import json import sys import time except ImportError as error: print("\n\t [!] Error on import", error)
1.2: defining classes & functions: class Colors: RESET = "\33[0m" BOLD = "\33[1m" RED = "\33[31m" GREEN = "\33[32m" YELLOW = "\33[33m"
1.4 checking dependecies tools def check(tool): if os.path.exists("/usr/bin/" + tool) == True: print(Colors.GREEN + Colors.BOLD + "[*] " + tool + " exist" + Colors.RESET) time.sleep(0.2) pass
elif os.path.exists("/usr/bin" + tool) == False:
checking user privileges
user = os.getuid()
if user == 0: pass
else: print(Colors.RED + Colors.BOLD + "[!] " + tool + " is missing, Please run me with sudo to install " + tool + Colors.RESET) exit()
installing missing requirements
print(Colors.RED + Colors.BOLD + "[!] " + tool + " missing" + Colors.RESET) print(Colors.RED + Colors.BOLD + "[!] installing " + tool + Colors.RESET) time.sleep(0.2) system("apt install "+ tool + " -y") requirements list_tool = ['nmap','wafw00f','sublist3r','subfinder','assetfinder','amass','dirsearch','httprobe'] for tool in list_tool: check(tool) pass
def break_and_help(): print("\n\t [?] Usage example: sicon -u target.com") exit()
def remove_list_files(extension): system("rm -rf .list*.%s" % extension)
1.4: preparing everything saving_path = getcwd() + "/"
port_scan = nmap.PortScanner()..........................for NMAP
nmap = nmap3.nmap()
1.5: "welcome" screen system("clear") print(Colors.GREEN + Colors.BOLD + """ \t ┏━┓╺┓ ┏━╸┏━┓┏┓╻ \t ┗━┓ ┃ ┃ ┃┃┃┃┗┫ \t ┗━┛╺┻╸┗━╸┗━┛╹ ╹
Colors.RESET)
1.6: getting started command_arguments = sys.argv[1:]
if (len(command_arguments) > 0): flag = command_arguments[0].upper()
if flag == "-U" or flag == "--URL": URL_TARGET = command_arguments[1]
else: break_and_help() else: break_and_help()
2.0: Starting recon phase: print(Colors.BOLD + Colors.GREEN + "\n\t[*] Starting recon on %s:" % URL_TARGET + Colors.RESET)
2.1: Detect WAF using wafw00f: convert to domain using httprobe get_host = subprocess.check_output(("echo %s | httprobe -prefer-https" % URL_TARGET), shell=True, text=True) detect_waf = subprocess.check_output(("wafw00f %s > /dev/null" % get_host), shell=True, text=True)
if ("is behind" in detect_waf):
has some WAF
processed_string = detect_waf[detect_waf.find("is behind"):] pre_parser = processed_string.find("\x1b[1;96m") # process to get valuable results only post_parser = processed_string.find("\x1b[0m") which_waf = processed_string[pre_parser:post_parser] # don't include color codes
print(Colors.BOLD + Colors.GREEN + "\n\t [+] WAF: DETECTED [ %s ]" % which_waf + Colors.RESET) elif ("No WAF detected" in detect_waf): print(Colors.BOLD + Colors.YELLOW + "\n\t [+] WAF: NOT DETECTED" + Colors.RESET)
else: print(Colors.BOLD + Colors.RED + "\n\t [!] FAIL TO DETECT WAF" + Colors.RESET)
2.2: Scanning ports using nmap run NMAP and filter results using GREP system("nmap %s -o .list_NMAP.txt > /dev/null" % URL_TARGET)..............Change made here system("cat .list_NMAP.txt | grep open > .list_PORTS.txt")
open file we just created with open(".list_PORTS.txt", encoding="utf-8") as file: ports_list = file.read().splitlines()
remove files we just created remove_list_files("txt")
print(Colors.BOLD + Colors.GREEN + "\n\t [+] OPENED PORTS: %s" % len(ports_list) + Colors.RESET)
for p in ports_list: print(Colors.RESET + "\t " + Colors.GREEN + "-> " + Colors.RESET + Colors.BOLD + p)
2.3: Getting subdomains this process might take a while, we'll use different scripts for that system("subfinder -d %s -o .list_subfinder.txt -silent > /dev/null" % URL_TARGET) system("sublist3r -d %s -o .list_sublist3r.txt > /dev/null" % URL_TARGET) system("assetfinder %s > .list_assetfinder.txt" % URL_TARGET) system("amass enum -d %s -o .list_amass.txt -silent" % URL_TARGET)
concat every output into one file system("cat .list*.txt > .list_subdomains.txt")
open "general" file with open(".list_subdomains.txt", encoding="utf-8") as file: subdomain_raw_list = file.read().splitlines()
drop duplicates subdomain_list = set(subdomain_raw_list)
remove_list_files("txt")
print(Colors.BOLD + Colors.GREEN + "\n\t [+] SUBDOMAINS DETECTED: %s" % len(subdomain_list) + Colors.RESET)
for s in subdomain_list:
perform quick port scan using nmap
quick_scan = port_scan.scan(hosts=s, arguments="-F") ..........for NMAP
quick_scan = nmap.scan(hosts=s, arguments="-F") host = list(quick_scan["scan"].keys())
if (len(host) > 0):
tcp ports were found
else:
port scan failed
2.4: Bruteforcing json_directory: system("dirsearch -u {} -o {} --format=json > /dev/null".format(URL_TARGET, (saving_path + ".list_json_directory.json")))
with open(".list_json_directory.json", encoding="utf-8") as file: json_directory = json.load(file)
remove_list_files("json")
host = str( list(json_directory["results"][0].keys())[0] ) directory = json_directory["results"][0][host]
dir_list = [] for d in directory: path = d["path"] status = d["status"]
drop other codes
if (status == 200 or status == 403): dir_list.append([status, path]) sorted_directories = sorted(dir_list)
print(Colors.BOLD + Colors.GREEN + "\n\t [+] DIRECTORIES: %s" % len(sorted_directories) + Colors.RESET)
for d in sorted_directories:
format_host = get_host.replace("\n", "")
if (d[0] == 200):
green alert
elif (d[0] == 403): print(Colors.GREEN + "\t -> " + Colors.RESET + Colors.YELLOW
#######List of adjustment made to sicon.py#############
Basically I had to import nmap3 (instead of nmap) and reference it below: try: from os import path, system, getcwd import os.path import subprocess import nmap3 import json import sys import time
1.4: preparing everything saving_path = getcwd() + "/" #port_scan = nmap.PortScanner()..........................for NMAP nmap = nmap3.nmap()
Then i made an adjustment here:
2.2: Scanning ports using nmap run NMAP and filter results using GREP system("nmap %s -o .list_NMAP.txt > /dev/null" % URL_TARGET)..............Change made here system("cat .list_NMAP.txt | grep open > .list_PORTS.txt")
The final adjustment was made here: for s in subdomain_list:
perform quick port scan using nmap
#quick_scan = port_scan.scan(hosts=s, arguments="-F") ..........for NMAP quick_scan = nmap.scan(hosts=s, arguments="-F") host = list(quick_scan["scan"].keys()) The result of the adjustments is the adjusted script now running with:
the WAF scan module working the "Opened Ports" scan module working However I am running into issues where I see the sub-domain scan FAIL My investigation reveals that the .list_amass.txt is NOT being created by the script (see script line below) in the directory that the script is being run. The other ".list" files ARE BEING CREATED
system("amass enum -d %s -o -silent" % URL_TARGET)
So as a consequence, the script just HANGS WITHOUT ERRORS after the "Opened Ports" scan completes.
Can you have a look at the script I sent and help me figure out why pls.
Thanks.