HellBound Hackers
Join us at IRC!
Society leans ever heavily on computers, if you have the power to take out computers you can take out society. - cubeman372
Friday, May 25, 2012
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
HellBoundHackers Additional:
Shop
Learn
Communicate
Submit
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Interact
Other
HellBoundHackers Executive:
HellBoundHackers Leisure:
Members Online
Total Online: 28
Web Spiders: 16
Guests Online: 28
Members Online: 0

Registered Members: 70218
Newest Member: iceiceice
Latest Articles
View Thread

HellBound Hackers | Computer General | Programming
Author

Virtual Host Scanner
skathgh420
Member



Posts: 418
Location: 127.0.0.1
Joined: 03.03.08
Rank: God
Posted on 11-08-09 20:09
I recently coded a little virtual host scanner in C and just wanted to see if anyone had any suggestions to make it better or any code optimization tips for it. For those of you who don't know what a virtual host scanner is it basically takes lets say google.com and checks to see if there are any sub domains up. For example mail.google.com or admin.google.com. Its a pretty nifty tool to have sometimes. Anyway here is the code...

pastebin: http://pastebin.com/f5a7339af

or

/*

##################
# Virtual Host #
# Scanner #
##################

*/

#include <stdio.h>
#include <string.h>
#include <netdb.h>

#define my_port "80"

int main(int argc, char *argv[]) {

if (argc != 3) {
printf("\nusage: ./dns <host> <list>\n\n");
return 1; }

FILE *dns_file;

if ((dns_file = fopen(argv[2],"r")) == NULL) {
printf("\nFile does not exist!\n");
return 1; }

char guess[50];

while (fscanf(dns_file, "%s", guess) != EOF) {
int status;
char dnsbrute[60];
sprintf(dnsbrute,"%s.%s",guess, argv[1]);

struct addrinfo hints, *res;
memset(&hints, 0, sizeof hints);
hints.ai_family = AF_UNSPEC;
hints.ai_socktype = SOCK_STREAM;

if ((status = getaddrinfo(dnsbrute, my_port, &hints, &res)) == 0) {
printf("\nFOUND! %s", dnsbrute); } }

fclose(dns_file);
return 0; }


Here it is in action against google.com with a small wordlist of possible sub domains...

[root@localhost code]# gcc -o vhost vhost.c

[root@localhost code]# ./vhost google.com wordlist.txt

FOUND! blog.google.com
FOUND! doc.google.com
FOUND! docs.google.com
FOUND! download.google.com
FOUND! downloads.google.com
FOUND! image.google.com
FOUND! images.google.com
FOUND! mail.google.com
FOUND! search.google.com
FOUND! web.google.com
FOUND! www2.google.com


As of right now its kind of slow but not too terribly slow. Its pretty reliable but on some hosts it
gives false positives on all of the sub domains. Any criticism/comments/suggestions are welcome.




Edited by skathgh420 on 11-08-09 21:08
1 3 3 www.google.com
Author

RE: Virtual Host Scanner
skathgh420
Member



Posts: 418
Location: 127.0.0.1
Joined: 03.03.08
Rank: God
Posted on 11-08-09 20:36
MoshBat wrote:
Print only those found.


Done and done. Thanks for the tip looks a lot cleaner when you run it now.
(Edited my original post)
1 3 3 www.google.com
Guest
Username

Password

Remember Me


Bookmark This Page
Affiliates
Adverts

 

 

Links

Anime Wallpaper Site
By using, viewing or obtaining any information contained on this site, you agree to the disclaimer.

© HellBound Hackers 2008- 2009. Since 3rd December 2004.

20615379 Unique Visits

Powered by HBH-Fusion