.io domain not working

[heywoodlh]

On current commit, I can't run the following:

❯ dnsmap heywoodlh.io
dnsmap 0.36 - DNS Network Mapper

[+] error: entered domain is not valid!

Seems related to #2

[pagvac]

@heywoodlh thanks for your report. That's because heywoodlh.io supports wildcards, which means that fictitious subdomains such as 988621429891124.heywoodlh.io will successfully resolve which currently dnsmap can't cope with. This definitely needs to be fixed, as there's definitely logic that could be implemented to cater for this. E.g.:

1. generate random subdomain and attempt to resolve it
2. if subdomain resolves then:
   • note down the IP address(es) the random subdomain resolves to
3. do steps 1 and 2 again. If the IP(s) are the same as in the initial step 2, then:
   • note it/them down as false positives
   • proceed brute-forcing the whole subdomain list and only print subdomains that successfully resolve to IPs OTHER THAN those noted as false positives.

Alternatively, we could update dnsmap to simply allow brute-forcing wildcard-enabled domains without the above logic, and inform the user that using -i <ips-to-ignore> is recommended to avoid false positives. IIRC this used to be the default behavior, and was the very purpose of this flag, but I guess there was a regression somewhere along the way.

[heywoodlh]

That makes perfect sense, thanks for the informative response! 😄 I'm happy to leave this open as a placeholder until it is resolved, if desired.

[pagvac]

Yes please, do leave it open. Thanks so much!

[pagvac]

@heywoodlh I've ported dnsmap to python. Brute-forcing domains with a wildcard record is now supported:
https://github.com/pagvac/dnsmap/