From 92a68f2460732851b136a5eda637f24fbf8efb30 Mon Sep 17 00:00:00 2001 From: github-actions Date: Mon, 30 Sep 2024 09:50:27 -0400 Subject: [PATCH] extract hostnames from whitelist only, not target --- bbot/modules/internal/excavate.py | 1 + bbot/scanner/scanner.py | 12 +++++------- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/bbot/modules/internal/excavate.py b/bbot/modules/internal/excavate.py index f09931dc7..d2c65414e 100644 --- a/bbot/modules/internal/excavate.py +++ b/bbot/modules/internal/excavate.py @@ -828,6 +828,7 @@ async def setup(self): yara.set_config(max_match_data=yara_max_match_data) yara_rules_combined = "\n".join(self.yara_rules_dict.values()) try: + self.info(f"Compiling {len(self.yara_rules_dict):,} YARA rules") self.yara_rules = yara.compile(source=yara_rules_combined) except yara.SyntaxError as e: self.debug(yara_rules_combined) diff --git a/bbot/scanner/scanner.py b/bbot/scanner/scanner.py index 9a7860d60..19ea7106a 100644 --- a/bbot/scanner/scanner.py +++ b/bbot/scanner/scanner.py @@ -1004,15 +1004,13 @@ def dns_strings(self): A list of DNS hostname strings generated from the scan target """ if self._dns_strings is None: - dns_targets = set(t.host for t in self.target if t.host and isinstance(t.host, str)) dns_whitelist = set(t.host for t in self.whitelist if t.host and isinstance(t.host, str)) - dns_targets.update(dns_whitelist) - dns_targets = sorted(dns_targets, key=len) - dns_targets_set = set() + dns_whitelist = sorted(dns_whitelist, key=len) + dns_whitelist_set = set() dns_strings = [] - for t in dns_targets: - if not any(x in dns_targets_set for x in self.helpers.domain_parents(t, include_self=True)): - dns_targets_set.add(t) + for t in dns_whitelist: + if not any(x in dns_whitelist_set for x in self.helpers.domain_parents(t, include_self=True)): + dns_whitelist_set.add(t) dns_strings.append(t) self._dns_strings = dns_strings return self._dns_strings