Add extract-fqdn option

projectdiscovery · May 30, 2024 · ff262a0 · ff262a0
1 parent 91afa0c
commit ff262a0
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 2 deletions.
diff --git a/common/httpx/csp.go b/common/httpx/csp.go
@@ -21,7 +21,7 @@ var CSPHeaders = []string{
 
 // CSPData contains the Content-Security-Policy domain list
 type CSPData struct {
-	Fqdns   []string `json:"fqdns,omitempty"`
+	Fqdns   []string `json:"fqdn,omitempty"`
 	Domains []string `json:"domains,omitempty"`
 }
 

diff --git a/runner/options.go b/runner/options.go
@@ -221,6 +221,7 @@ type Options struct {
 	OutputContentType         bool
 	OutputIP                  bool
 	OutputCName               bool
+	ExtractFqdn               bool
 	Unsafe                    bool
 	Debug                     bool
 	DebugRequests             bool
@@ -335,6 +336,7 @@ func ParseOptions() *Options {
 		flagSet.BoolVar(&options.OutputWebSocket, "websocket", false, "display server using websocket"),
 		flagSet.BoolVar(&options.OutputIP, "ip", false, "display host ip"),
 		flagSet.BoolVar(&options.OutputCName, "cname", false, "display host cname"),
+		flagSet.BoolVarP(&options.ExtractFqdn, "efqdn", "extract-fqdn", false, "get domain and subdomains from response body and header in jsonl/csv output"),
 		flagSet.BoolVar(&options.Asn, "asn", false, "display host asn information"),
 		flagSet.DynamicVar(&options.OutputCDN, "cdn", "true", "display cdn/waf in use"),
 		flagSet.BoolVar(&options.Probe, "probe", false, "display probe status"),

diff --git a/runner/runner.go b/runner/runner.go
@@ -874,7 +874,11 @@ func (r *Runner) RunEnumeration() {
 			if r.options.OnResult != nil {
 				r.options.OnResult(resp)
 			}
-
+			// Set body domains and fqdns
+			if r.options.ExtractFqdn && resp.CSPData != nil {
+				resp.BodyDomains = resp.CSPData.Domains
+				resp.BodyFqdns = resp.CSPData.Fqdns
+			}
 			// store responses or chain in directory
 			URL, _ := urlutil.Parse(resp.URL)
 			domainFile := resp.Method + ":" + URL.EscapedString()

diff --git a/runner/types.go b/runner/types.go
@@ -36,6 +36,8 @@ type Result struct {
 	ASN                *AsnResponse           `json:"asn,omitempty" csv:"asn"`
 	Err                error                  `json:"-" csv:"-"`
 	CSPData            *httpx.CSPData         `json:"csp,omitempty" csv:"csp"`
+	BodyFqdns          []string               `json:"body_fqdn,omitempty" csv:"body_fqdn"`
+	BodyDomains        []string               `json:"body_domains,omitempty" csv:"body_domains"`
 	TLSData            *clients.Response      `json:"tls,omitempty" csv:"tls"`
 	Hashes             map[string]interface{} `json:"hash,omitempty" csv:"hash"`
 	ExtractRegex       []string               `json:"extract_regex,omitempty" csv:"extract_regex"`