Shulou(Shulou.com)05/31 Report--

This article will explain in detail how to use Sub404 to quickly detect sub-domain name takeover vulnerabilities. The content of the article is of high quality, so the editor shares it for you as a reference. I hope you will have some understanding of the relevant knowledge after reading this article.

What is Sub404?

Sub404 is a Python-based tool that can help researchers quickly detect potential subdomain name takeover vulnerabilities. The tool runs very fast and supports asynchronous scanning and business processing.

In the process of network reconnaissance, we may get a large number of sub-domain names, which may be tens of thousands. Therefore, it is unlikely that we can test these subdomains manually or with traditional request and urllib methods. With the help of Sub404, you will be able to automate this task in a very fast way. Sub404 uses aiohttp/asyncio, so the tool supports asynchronous scanning and processing, and runs very fast.

The tool has been tested on Linux systems and theoretically supports use on other operating system platforms.

Working mechanism

Sub404 can receive a text file as a list of subdomain names and detect the URL's "404 Not Found" status code. Sub404 can also get the CNAME of the target domain name and remove the URL address that contains the target domain name in the CNAME. In addition, it can also be analyzed with the processing results of subfinder and sublist3r (subdomain name enumeration tool). If you have not got the target subdomain name, it is recommended that you use these two tools together, but only if we install sublist3r and subfinder on the system. It is worth mentioning that Sub404 can scan and detect more than 7, 000 sub-domain names in five minutes.

Key function

This time hi asynchronous processing mode, the running speed is very fast.

Two additional tools are used to improve productivity

Store the processing results as a text file to support other references

How to use

Note: this tool currently supports only Python 3.7 + environments.

First, clone the project source code locally using the following command:

Git clone https://github.com/r3curs1v3-pr0xy/sub404.git

Next, install the dependent components using the following command:

Pip install-r requirements.txt

Install Subfinder (optional): [portal]

Install Sublist3r (optional): [portal]

After the installation is complete, we can use the tool with the following command:

Python3 sub404.py-h uses Docker

Of course, we can also build a Docker image to use Sub404, so we don't need other dependent components:

$docker build-t sub404. $docker run-- rm sub404-h tool uses installed Subfinder and Sublist3r

Use the results of the Subfinder and Sublist3r tools to detect potential subdomain name takeover vulnerabilities:

$python3 sub404.py-d anydomain.com

Subfinder and Sublist3r are not installed

If you do not have Subfinder and Sublist3r installed, you need to provide the subdomain name to Sub404:$ python3 sub404.py-f subdomain.txt as a text file

Use the option $python3 sub404.py-h

The above command will display the help information for the tool to the user. Here are the parameter options supported by the tool:

Parameters.

Description

Use exampl

-d

Target domain name

Python3 sub404.py-d noobarmy.tech

-f

Provide a subdomain name file path to detect subdomain name takeover vulnerabilities

Python3 sub404.py-f subdomain.txt

-p

Set the request protocol. Default is http.

Python3 sub404.py-f subdomain.txt-p https or python3 sub404.py-d noobarmy.tech-p https

-o

Output the subdomain name results of Sublist3r and Subfinder to a text file, which defaults to "uniqueURL.txt"

Python3 sub404.py-d noobarmy.tech-o output.txt

-h

Display help information and exit

Python3 sub404.py-h

On how to use Sub404 to quickly detect sub-domain name takeover vulnerabilities to share here, I hope the above content can be of some help to you, can learn more knowledge. If you think the article is good, you can share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.