x1mdev
commented
5 years ago Good issue, let me check take a look at this. Feel free to create a pull request if you know a solution.
Closed theyosh closed 5 years ago
x1mdev
commented
5 years ago Good issue, let me check take a look at this. Feel free to create a pull request if you know a solution.
theyosh
commented
5 years ago Closing as PR is merged :)
x1mdev
commented
5 years ago Forgot about closing the issue, cheers :)
Describe the bug It looks like that the loop for nmap is using a wrong list? At https://github.com/x1mdev/ReconPi/blob/master/recon.sh#L131 the file with host names is used for scanning ports. But in that list there could be a lot of hosts with the same ip (all subdomains). That would take a long time to scan the same host.
To Reproduce Run the scan against a wildcard DNS domain. All subdomains are valid and producing an IP
Expected behavior Use the list of "$IPS"/"$domain"-ips.txt of line https://github.com/x1mdev/ReconPi/blob/master/recon.sh#L123 In there are the unique IP numbers of all the subdomain hosts.
Screenshots None
Desktop (please complete the following information): Linux black-pearl 4.19.75-v7+ #1270 SMP Tue Sep 24 18:45:11 BST 2019 armv7l GNU/Linux (RPI 3B+)
Additional context I think that port scanning is not depending on (v)host names. So therefore I would think that only the unique IP address are enough for port scanning. Could be wrong....