Merge pull request #1649 from blacklanternsecurity/dnsbrute-active

Reclassify dnsbrute modules as 'active'

bbot/modules/dnsbrute.py

@@ -2,7 +2,7 @@
 
 
 class dnsbrute(subdomain_enum):
-    flags = ["subdomain-enum", "passive", "aggressive"]
+    flags = ["subdomain-enum", "active", "aggressive"]
     watched_events = ["DNS_NAME"]
     produced_events = ["DNS_NAME"]
     meta = {

bbot/modules/dnsbrute_mutations.py

@@ -2,7 +2,7 @@
 
 
 class dnsbrute_mutations(BaseModule):
-    flags = ["subdomain-enum", "passive", "aggressive", "slow"]
+    flags = ["subdomain-enum", "active", "aggressive", "slow"]
     watched_events = ["DNS_NAME"]
     produced_events = ["DNS_NAME"]
     meta = {
@@ -45,6 +45,10 @@ def get_parent_event(self, subdomain):
         return self.parent_events[parent_host]
 
     async def finish(self):
+        """
+        TODO: speed up this loop.
+            We should see if we can combine multiple runs together instead of running them each individually.
+        """
         found = sorted(self.found.items(), key=lambda x: len(x[-1]), reverse=True)
         # if we have a lot of rounds to make, don't try mutations on less-populated domains
         trimmed_found = []

bbot/modules/dnscommonsrv.py

@@ -5,7 +5,7 @@
 class dnscommonsrv(subdomain_enum):
     watched_events = ["DNS_NAME"]
     produced_events = ["DNS_NAME"]
-    flags = ["subdomain-enum", "passive", "safe"]
+    flags = ["subdomain-enum", "active", "safe"]
     meta = {"description": "Check for common SRV records", "created_date": "2022-05-15", "author": "@TheTechromancer"}
     dedup_strategy = "lowest_parent"
 

bbot/test/test_step_1/test_cli.py

@@ -268,15 +268,15 @@ async def test_cli_args(monkeypatch, caplog, capsys, clean_default_config):
     result = await cli._main()
     out, err = capsys.readouterr()
     assert result == None
-    assert "| dnsbrute " in out
+    assert "| chaos " in out
     assert not "| httpx " in out
 
     # list modules by flag + excluded flag
     monkeypatch.setattr("sys.argv", ["bbot", "-f", "subdomain-enum", "-ef", "active", "-l"])
     result = await cli._main()
     out, err = capsys.readouterr()
     assert result == None
-    assert "| dnsbrute " in out
+    assert "| chaos " in out
     assert not "| httpx " in out
 
     # list modules by flag + excluded module

bbot/test/test_step_1/test_presets.py

@@ -826,8 +826,8 @@ def get_module_flags(p):
     module_flags = list(get_module_flags(preset))
     dnsbrute_flags = preset.preloaded_module("dnsbrute").get("flags", [])
     assert "subdomain-enum" in dnsbrute_flags
-    assert "passive" in dnsbrute_flags
-    assert not "active" in dnsbrute_flags
+    assert "active" in dnsbrute_flags
+    assert not "passive" in dnsbrute_flags
     assert "aggressive" in dnsbrute_flags
     assert not "safe" in dnsbrute_flags
     assert "dnsbrute" in [x[0] for x in module_flags]
@@ -842,7 +842,8 @@ def get_module_flags(p):
     preset = Preset(flags=["subdomain-enum"], require_flags=["passive"]).bake()
     assert len(preset.modules) > 25
     module_flags = list(get_module_flags(preset))
-    assert "dnsbrute" in [x[0] for x in module_flags]
+    assert "chaos" in [x[0] for x in module_flags]
+    assert not "httpx" in [x[0] for x in module_flags]
     assert all("passive" in flags for module, flags in module_flags)
     assert not any("active" in flags for module, flags in module_flags)
     assert any("safe" in flags for module, flags in module_flags)
@@ -852,7 +853,8 @@ def get_module_flags(p):
     preset = Preset(flags=["subdomain-enum"], exclude_flags=["active"]).bake()
     assert len(preset.modules) > 25
     module_flags = list(get_module_flags(preset))
-    assert "dnsbrute" in [x[0] for x in module_flags]
+    assert "chaos" in [x[0] for x in module_flags]
+    assert not "httpx" in [x[0] for x in module_flags]
     assert all("passive" in flags for module, flags in module_flags)
     assert not any("active" in flags for module, flags in module_flags)
     assert any("safe" in flags for module, flags in module_flags)
@@ -863,6 +865,7 @@ def get_module_flags(p):
     assert len(preset.modules) > 25
     module_flags = list(get_module_flags(preset))
     assert not "dnsbrute" in [x[0] for x in module_flags]
+    assert "httpx" in [x[0] for x in module_flags]
     assert any("passive" in flags for module, flags in module_flags)
     assert any("active" in flags for module, flags in module_flags)
     assert any("safe" in flags for module, flags in module_flags)