Initial commit

README.md

@@ -0,0 +1,49 @@
+# iplookup
+
+## 简介
+IP反查域名工具简称：IPgo，模仿(抄袭)subfinder实现
+
+## 主要接口
+
+- [x] webscan  
+- [x] rapiddns  
+- [x] ip138  
+- [x] yougetsignal  
+- [x] aizhan  
+- [x] c99  
+- [x] chinaz  
+- [x] viewdns  
+- [x] bugscaner  
+- [x] hackertarget  
+- [x] dnslytics  
+- [x] omnisint  
+- [x] dnsgrep  
+- [x] domaintools  
+- [x] securitytrails
+- [ ] ipip
+- [ ] fofa
+- [ ] 360quake
+
+## 使用说明
+有些接口会有历史绑定域名,默认提取50个域名防止查询CDN域名数量过多
+
+可自行设置阈值`-count 9999`
+
+查询过多会导致IP被封，建议搭配代理使用
+
+可以搭配httpx,nuclei等工具食用效果更佳
+
+## usege  
+```
+echo 1.1.1.1 | ipgo 
+ipgo.exe -i 1.1.1.1 -silent | httpx -title -ip -content-length -status-code -tech-detect -random-agent
+
+
+cat ips.txt | ipgo -oD out
+#设置阈值输出目录
+ipgo.exe -count 9999 -iL ips.txt -oD out  
+```
+
+## 参考
+https://github.com/projectdiscovery/subfinder
+

go.mod

@@ -0,0 +1,12 @@
+module iplookup
+
+go 1.15
+
+require (
+	github.com/PuerkitoBio/goquery v1.6.1 // indirect
+	github.com/hako/durafmt v0.0.0-20210316092057-3a2c319c1acd
+	github.com/json-iterator/go v1.1.10
+	github.com/projectdiscovery/fdmax v0.0.3
+	github.com/projectdiscovery/gologger v1.1.4
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
+)

main.go

@@ -0,0 +1,25 @@
+package main
+
+import (
+	"context"
+
+	// Attempts to increase the OS file descriptors - Fail silently
+	_ "github.com/projectdiscovery/fdmax/autofdmax"
+	"github.com/projectdiscovery/gologger"
+	"iplookup/runner"
+)
+
+func main() {
+	// Parse the command line flags and read config files
+	options := runner.ParseOptions()
+
+	newRunner, err := runner.NewRunner(options)
+	if err != nil {
+		gologger.Fatal().Msgf("Could not create runner: %s\n", err)
+	}
+
+	err = newRunner.RunEnumeration(context.Background())
+	if err != nil {
+		gologger.Fatal().Msgf("Could not run enumeration: %s\n", err)
+	}
+}

makefile

@@ -0,0 +1,24 @@
+GOCMD			:=$(shell which go)
+GOBUILD			:=$(GOCMD) build
+FLAG			:="-w -s "
+
+BINARY_DIR=bin
+BINARY_NAME:=ipgo
+
+# linux
+build-linux:
+	@CGO_ENABLED=0 GOOS=linux GOARCH=amd64 $(GOBUILD) -ldflags $(FLAG) -trimpath -o $(BINARY_DIR)/$(BINARY_NAME)-linux
+
+#mac
+build-darwin:
+	CGO_ENABLED=0 GOOS=darwin $(GOBUILD) -ldflags $(FLAG) -trimpath -o $(BINARY_DIR)/$(BINARY_NAME)-darwin
+
+# windows
+build-win:
+	CGO_ENABLED=0 GOOS=windows GOARCH=amd64 $(GOBUILD) -ldflags $(FLAG) -trimpath -o $(BINARY_DIR)/$(BINARY_NAME)-win.exe
+# 全平台
+build-all:
+	make build-linux
+	make build-darwin
+	make build-win
+	upx $(BINARY_DIR)/$(BINARY_NAME)-*

passive/passive.go

@@ -0,0 +1,62 @@
+package passive
+
+import (
+	"context"
+	"fmt"
+	"sync"
+	"time"
+
+	"github.com/projectdiscovery/gologger"
+	"iplookup/subscraping"
+)
+
+// EnumerateSubdomains enumerates all the subdomains for a given domain
+func (a *Agent) EnumerateIp(ip string, keys *subscraping.Keys, proxy *subscraping.Proxy, timeout int, maxEnumTime time.Duration) chan subscraping.Result {
+	results := make(chan subscraping.Result)
+
+	go func() {
+		session := subscraping.NewSession(keys, proxy, timeout) // switch keys struct list
+		//if err != nil {
+		//	results <- subscraping.Result{Type: subscraping.Error, Error: fmt.Errorf("could not init passive session for %s: %s", ip, err)}
+		//}
+		//fmt.Printf("session %+v", session)
+
+		ctx, cancel := context.WithTimeout(context.Background(), maxEnumTime)
+
+		timeTaken := make(map[string]string)
+		timeTakenMutex := &sync.Mutex{}
+
+		wg := &sync.WaitGroup{}
+		// Run each source in parallel on the target domain
+		for source, runner := range a.sources {
+			wg.Add(1) // 遍历存在的接口 每个接口添加1个wg workder
+
+			now := time.Now()
+			go func(source string, runner subscraping.Source) { //匿名函数，执行source中的接口
+				//fmt.Println(runner.Name())
+				for resp := range runner.Run(ctx, ip, session) {
+					results <- resp
+				}
+
+				//fmt.Printf("%v",results)
+				duration := time.Since(now)
+				timeTakenMutex.Lock()
+				timeTaken[source] = fmt.Sprintf("Source took %s for enumeration\n", duration) // api time
+				timeTakenMutex.Unlock()
+
+				wg.Done()
+			}(source, runner)
+
+		}
+		wg.Wait()
+
+		for source, data := range timeTaken {
+			gologger.Verbose().Label(source).Msg(data)
+		}
+
+		close(results)
+		cancel()
+	}()
+
+	return results
+}

passive/sources.go

@@ -0,0 +1,120 @@
+package passive
+
+import (
+	"iplookup/subscraping"
+	"iplookup/subscraping/sources/aizhan"
+	"iplookup/subscraping/sources/bugscaner"
+	"iplookup/subscraping/sources/c99"
+	"iplookup/subscraping/sources/chinaz"
+	"iplookup/subscraping/sources/dnsgrep"
+	"iplookup/subscraping/sources/dnslytics"
+	"iplookup/subscraping/sources/domaintools"
+	"iplookup/subscraping/sources/hackertarget"
+	"iplookup/subscraping/sources/ip138"
+	"iplookup/subscraping/sources/omnisint"
+	"iplookup/subscraping/sources/rapiddns"
+	"iplookup/subscraping/sources/securitytrails"
+	"iplookup/subscraping/sources/viewdns"
+	"iplookup/subscraping/sources/webscan"
+	"iplookup/subscraping/sources/yougetsignal"
+)
+
+// DefaultSources contains the list of fast sources used by default.
+var DefaultSources = []string{
+	"webscan",
+	"rapiddns",
+	"ip138",
+	"yougetsignal",
+	"aizhan",
+	"chinaz",
+	"viewdns",
+	"bugscaner",
+	"hackertarget",
+	"dnslytics",
+	"omnisint",
+	"dnsgrep",
+	"domaintools",
+	"securitytrails",
+}
+
+// DefaultAllSources contains list of all sources
+var DefaultAllSources = []string{
+	"webscan",
+	"rapiddns",
+	"ip138",
+	"yougetsignal",
+	"aizhan",
+	"c99",
+	"chinaz",
+	"viewdns",
+	"bugscaner",
+	"hackertarget",
+	"dnslytics",
+	"omnisint",
+	"dnsgrep",
+	"domaintools",
+	"securitytrails",
+}
+
+// Agent is a struct for running passive subdomain enumeration
+// against a given host. It wraps subscraping package and provides
+// a layer to build upon.
+type Agent struct {
+	sources map[string]subscraping.Source
+}
+
+// New creates a new agent for passive subdomain discovery
+func New(sources, exclusions []string) *Agent {
+	// Create the agent, insert the sources and remove the excluded sources
+	agent := &Agent{sources: make(map[string]subscraping.Source)}
+
+	agent.addSources(sources)
+	agent.removeSources(exclusions)
+
+	return agent
+}
+
+// addSources adds the given list of sources to the source array
+func (a *Agent) addSources(sources []string) {
+	for _, source := range sources {
+		switch source {
+		case "webscan":
+			a.sources[source] = &webscan.Source{}
+		case "hackertarget":
+			a.sources[source] = &hackertarget.Source{}
+		case "dnsgrep":
+			a.sources[source] = &dnsgrep.Source{}
+		case "rapiddns":
+			a.sources[source] = &rapiddns.Source{}
+		case "c99":
+			a.sources[source] = &c99.Source{}
+		case "ip138":
+			a.sources[source] = &ip138.Source{}
+		case "aizhan":
+			a.sources[source] = &aizhan.Source{}
+		case "omnisint":
+			a.sources[source] = &omnisint.Source{}
+		case "viewdns":
+			a.sources[source] = &viewdns.Source{}
+		case "bugscaner":
+			a.sources[source] = &bugscaner.Source{}
+		case "dnslytics":
+			a.sources[source] = &dnslytics.Source{}
+		case "domaintools":
+			a.sources[source] = &domaintools.Source{}
+		case "yougetsignal":
+			a.sources[source] = &yougetsignal.Source{}
+		case "chinaz":
+			a.sources[source] = &chinaz.Source{}
+		case "securitytrails":
+			a.sources[source] = &securitytrails.Source{}
+		}
+	}
+}
+
+// removeSources deletes the given sources from the source map
+func (a *Agent) removeSources(sources []string) {
+	for _, source := range sources {
+		delete(a.sources, source)
+	}
+}

runner/banners.go

@@ -0,0 +1,70 @@
+package runner
+
+import (
+	"github.com/projectdiscovery/gologger"
+	"iplookup/passive"
+)
+
+const banner = `
+  _       _             _                
+ (_)_ __ | | ___   ___ | | ___   _ _ __  
+ | | '_ \| |/ _ \ / _ \| |/ / | | | '_ \ 
+ | | |_) | | (_) | (_) |   <| |_| | |_) |
+ |_| .__/|_|\___/ \___/|_|\_\\__,_| .__/ 
+   |_|                            |_|      v1.0
+`
+
+// Version is the current version of subfinder
+const Version = `1.0`
+
+// showBanner is used to show the banner to the user
+func ShowBanner() {
+	gologger.Print().Msgf("%s\n", banner)
+	//gologger.Print().Msgf("Use with caution. You are responsible for your actions\n")
+	//gologger.Print().Msgf("Developers assume no liability and are not responsible for any misuse or damage.\n")
+	//gologger.Print().Msgf("By using subfinder, you also agree to the terms of the APIs used.\n\n")
+}
+
+// normalRunTasks runs the normal startup tasks
+func (options *Options) normalRunTasks() {
+	configFile, err := UnmarshalRead(options.ConfigFile)
+	if err != nil {
+		gologger.Fatal().Msgf("Could not read configuration file %s: %s\n", options.ConfigFile, err)
+	}
+
+	// If we have a different version of subfinder installed
+	// previously, use the new iteration of config file.
+	if configFile.Version != Version {
+		configFile.Sources = passive.DefaultSources
+		configFile.AllSources = passive.DefaultAllSources
+		configFile.Version = Version
+
+		err = configFile.MarshalWrite(options.ConfigFile)
+		if err != nil {
+			gologger.Fatal().Msgf("Could not update configuration file to %s: %s\n", options.ConfigFile, err)
+		}
+	}
+	options.YAMLConfig = configFile
+}
+
+// firstRunTasks runs some housekeeping tasks done
+// when the program is ran for the first time
+func (options *Options) firstRunTasks() {
+	// Create the configuration file and display information
+	// about it to the user.
+	config := ConfigFile{
+		// Use the default list of passive sources
+		Sources: passive.DefaultSources,
+		// Use the default list of all passive sources
+		AllSources: passive.DefaultAllSources,
+		// Use the default list of recursive sources
+	}
+
+	err := config.MarshalWrite(options.ConfigFile)
+	if err != nil {
+		gologger.Fatal().Msgf("Could not write configuration file to %s: %s\n", options.ConfigFile, err)
+	}
+	options.YAMLConfig = config
+
+	gologger.Info().Msgf("Configuration file saved to %s\n", options.ConfigFile)
+}