Skip to content
This repository has been archived by the owner on Dec 16, 2022. It is now read-only.

Importing domains using -D is not setting them in scope #131

Open
cwaazywabbit opened this issue Mar 30, 2020 · 1 comment
Open

Importing domains using -D is not setting them in scope #131

cwaazywabbit opened this issue Mar 30, 2020 · 1 comment
Assignees
@sethsec

Comments

@cwaazywabbit
Copy link

I thought that the -D parameter is supposed to import domains to scope, but it's importing them to DB without setting the flag In Scope as seen here:

./celerystalk import -D /root/x/scope.txt

celerystalk  -  An asynchronous network enumeration/vulnerability scanner 
    v1.3.1      Run all your tools against all your hosts (IPs/virtual hosts/subdomains)
                by @sethsec
                Build: 245

[+] Found subdomain (out of scope):             srv-sql-p4.xx.xyz.de
[+] Found subdomain (out of scope):             srv-fs-p04.xx.xyz.de
[+] Found subdomain (out of scope):             xx-develop.xx.xyz.de
[+] Found subdomain (out of scope):             srv-xx-ea2.xx.xyz.de

[!] There are no in scope hosts in the DB

./celerystalk db hosts

celerystalk  -  An asynchronous network enumeration/vulnerability scanner 
    v1.3.1      Run all your tools against all your hosts (IPs/virtual hosts/subdomains)
                by @sethsec
                Build: 245

[+] Showing hosts for the [prima] workspace

+---------------+--------------------------+----------+-----------------------+-----------+
| IP            | Vhost                    | In Scope | Explicit Out of Scope | Submitted |
+---------------+--------------------------+----------+-----------------------+-----------+
| 10.35.100.103 | srv-xx-ea2.xx.xyz.de      |    0     |           0           |     0     |
| 10.35.100.202 | srv-sql-p4.xx.xyz.de      |    0     |           0           |     0     |
| 10.35.100.214 | srv-fs-p04.xx.xyz.de      |    0     |           0           |     0     |
| 10.35.100.94  | xx-develop.xx.xyz.de |    0     |           0           |     0     |
+---------------+--------------------------+----------+-----------------------+-----------+

Am I missing something?
@cwaazywabbit
Copy link
Author

Nevermind, I have just RTFM.. but I am not seeing the logic of importing IPs first, than domains. The documentation says:

celerystalk determines whether each subdomain is in scope by resolving the IP and looking for IP in the DB. If there is a match, the domain is marked as in scope and will be scanned.

@sethsec sethsec self-assigned this Apr 1, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@sethsec sethsec

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sethsec @cwaazywabbit