diff --git a/reconftw.cfg b/reconftw.cfg index 28d9fb6d..c36e9c39 100644 --- a/reconftw.cfg +++ b/reconftw.cfg @@ -61,7 +61,7 @@ SUBDOMAINS_GENERAL=true # Enable or disable the whole Subdomains module SUBPASSIVE=true # Passive subdomains search SUBCRT=true # crtsh search CTR_LIMIT=999999 # Limit the number of results -SUBNOERROR=true # Check DNS NOERROR response and BF on them +SUBNOERROR=false # Check DNS NOERROR response and BF on them SUBANALYTICS=true # Google Analytics search SUBBRUTE=true # DNS bruteforcing SUBSCRAPING=true # Subdomains extraction from web crawling diff --git a/reconftw.sh b/reconftw.sh index c0a9b961..7c05faca 100755 --- a/reconftw.sh +++ b/reconftw.sh @@ -1193,7 +1193,7 @@ function fuzz(){ sub_out=$(echo $sub | sed -e 's|^[^/]*//||' -e 's|/.*$||') [ -s "$dir/.tmp/fuzzing/${sub_out}.json" ] && cat $dir/.tmp/fuzzing/${sub_out}.json | jq -r 'try .results[] | "\(.status) \(.length) \(.url)"' | sort -k1 | anew -q $dir/fuzzing/${sub_out}.txt done - find $dir/fuzzing/ -type f -iname "*.txt" -exec cat {} + 2>>"$LOGFILE" | sort -k3 | anew -q $dir/fuzzing/fuzzing_full.txt + find $dir/fuzzing/ -type f -iname "*.txt" -exec cat {} + 2>>"$LOGFILE" | sort -k1 | anew -q $dir/fuzzing/fuzzing_full.txt else axiom-exec "mkdir -p /home/op/lists/seclists/Discovery/Web-Content/" &>/dev/null axiom-exec "wget -q -O - ${fuzzing_remote_list} > /home/op/lists/fuzz_wordlist.txt" &>/dev/null @@ -1203,7 +1203,7 @@ function fuzz(){ sub_out=$(echo $sub | sed -e 's|^[^/]*//||' -e 's|/.*$||') [ -s "$dir/.tmp/ffuf-content.json" ] && cat .tmp/ffuf-content.json | jq -r 'try .results[] | "\(.status) \(.length) \(.url)"' | grep $sub | sort -k1 | anew -q fuzzing/${sub_out}.txt done - find $dir/fuzzing/ -type f -iname "*.txt" -exec cat {} + 2>>"$LOGFILE" | sort -k3 | anew -q $dir/fuzzing/fuzzing_full.txt + find $dir/fuzzing/ -type f -iname "*.txt" -exec cat {} + 2>>"$LOGFILE" | sort -k1 | anew -q $dir/fuzzing/fuzzing_full.txt fi end_func "Results are saved in $domain/fuzzing/*subdomain*.txt" ${FUNCNAME[0]} else