From 91af4e8fb8c9a0d08467f57ecd7b025147a911c2 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Wed, 4 Jun 2025 16:52:44 +0900 Subject: [PATCH] Pass exclude-unlikely to vulnerability checks --- Subdominator.Tests/FingerprintTests.cs | 12 ++++++++++++ Subdominator/Program.cs | 6 +++--- Subdominator/SubdomainHijack.cs | 4 ++-- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/Subdominator.Tests/FingerprintTests.cs b/Subdominator.Tests/FingerprintTests.cs index 6bbd2ae..136a3aa 100644 --- a/Subdominator.Tests/FingerprintTests.cs +++ b/Subdominator.Tests/FingerprintTests.cs @@ -67,4 +67,16 @@ private string GenerateRandomSubdomain(string baseCname) return $"{subdomain}.{baseCname}"; } + + [TestMethod] + public async Task ShouldExcludeEdgeCaseFingerprints() + { + var hijack = new SubdomainHijack(); + var allFingerprints = await hijack.GetFingerprintsAsync(false); + Assert.IsTrue(allFingerprints.Any(f => f.Status.ToLower() == "edge case")); + + hijack = new SubdomainHijack(); + var filteredFingerprints = await hijack.GetFingerprintsAsync(true); + Assert.IsFalse(filteredFingerprints.Any(f => f.Status.ToLower() == "edge case")); + } } \ No newline at end of file diff --git a/Subdominator/Program.cs b/Subdominator/Program.cs index c4a9dc5..4a2201f 100644 --- a/Subdominator/Program.cs +++ b/Subdominator/Program.cs @@ -160,7 +160,7 @@ _____ _ _ _ _ await Parallel.ForEachAsync(domains, new ParallelOptions { MaxDegreeOfParallelism = maxConcurrentTasks }, async (domain, cancellationToken) => { - var isVulnerable = await CheckAndLogDomain(hijackChecker, domain, o.Validate, o.Verbose, o.Quiet); + var isVulnerable = await CheckAndLogDomain(hijackChecker, domain, o.Validate, o.Verbose, o.Quiet, o.ExcludeUnlikely); if(isVulnerable) { Interlocked.Increment(ref vulnerableCount); @@ -237,12 +237,12 @@ static async Task> FilterAndNormalizeDomains(List do return normalizedDomains.Where(d => d.IsValid).Select(d => d.Original); } - static async Task CheckAndLogDomain(SubdomainHijack hijackChecker, string domain, bool validateResults, bool verbose, bool quiet) + static async Task CheckAndLogDomain(SubdomainHijack hijackChecker, string domain, bool validateResults, bool verbose, bool quiet, bool excludeUnlikely) { bool isFound = false; try { - var result = await hijackChecker.IsDomainVulnerable(domain, validateResults); + var result = await hijackChecker.IsDomainVulnerable(domain, validateResults, excludeUnlikely); if (result.IsVulnerable || verbose) { if (result.IsVulnerable) diff --git a/Subdominator/SubdomainHijack.cs b/Subdominator/SubdomainHijack.cs index 7587db0..a477b71 100644 --- a/Subdominator/SubdomainHijack.cs +++ b/Subdominator/SubdomainHijack.cs @@ -306,9 +306,9 @@ public async Task> GetFingerprintsAsync(bool excludeUnl return _fingerprints; } - public async Task IsDomainVulnerable(string domain, bool validateResults, bool update = false) + public async Task IsDomainVulnerable(string domain, bool validateResults, bool excludeUnlikely = false, bool update = false) { - var fingerprints = await GetFingerprintsAsync(update); + var fingerprints = await GetFingerprintsAsync(excludeUnlikely: excludeUnlikely, update: update); // DNS Lookup var subdomainDns = await GetDnsForSubdomain(domain);