updated the reverse whois support

blo0dshe3d · Jun 9, 2019 · e37b827 · e37b827
1 parent 9340dc6
commit e37b827
Show file tree

Hide file tree

Showing 4 changed files with 75 additions and 7 deletions.
diff --git a/amass/core/request.go b/amass/core/request.go
@@ -39,7 +39,8 @@ const (
 	NewASNTopic       = "amass:asn"
 	IPRequestTopic    = "amass:iprequest"
 	IPInfoTopic       = "amass:ipinfo"
-	NewWhoisTopic     = "amass:whois"
+	WhoisRequestTopic = "amass:whoisreq"
+	NewWhoisTopic     = "amass:whoisinfo"
 )
 
 // DNSAnswer is the type used by Amass to represent a DNS record.
@@ -86,6 +87,7 @@ type WhoisRequest struct {
 	Domain  string
 	Company string
 	Email   string
+	NewDomains []string
 	Tag     string
 	Source  string
 }

diff --git a/amass/intel.go b/amass/intel.go
@@ -298,9 +298,63 @@ func LookupASNsByName(s string) ([]*core.ASNRequest, error) {
 }
 
 // ReverseWhois returns domain names that are related to the domain provided
-func ReverseWhois(domain string) ([]string, error) {
+func (ic *IntelCollection) ReverseWhois(domain string) ([]string, error) {
 	var domains []string
 
+	collect := func(req *core.WhoisRequest) {
+		for _, d := range req.NewDomains {
+			domains = utils.UniqueAppend(domains, d)
+		}
+	}
+
+	ic.Bus.Subscribe(core.NewWhoisTopic, collect)
+	defer ic.Bus.Unsubscribe(core.NewWhoisTopic, collect)
+
+	srcs := sources.GetAllSources(ic.Config, ic.Bus)
+	// Select the data sources desired by the user
+	if len(ic.Config.DisabledDataSources) > 0 {
+		srcs = ic.Config.ExcludeDisabledDataSources(srcs)
+	}
+	// Keep only the data sources that successfully start
+	var keep []core.Service
+	for _, src := range srcs {
+		if err := src.Start(); err != nil {
+			src.Stop()
+			continue
+		}
+		keep = append(keep, src)
+	}
+	srcs = keep
+
+	// Send the whois request to the data sources
+	for _, src := range srcs {
+		src.SendWhoisRequest(&core.WhoisRequest{Domain: domain})
+	}
+
+	t := time.NewTicker(2 * time.Second)
+loop:
+	for {
+		select {
+		case <-ic.Done:
+			break loop
+		case <-t.C:
+			done := true
+			for _, src := range srcs {
+				if src.IsActive() {
+					done = false
+					break
+				}
+			}
+			if done {
+				break loop
+			}
+		}
+	}
+	t.Stop()
+	// Stop all the data sources and wait for cleanup to finish
+	for _, src := range srcs {
+		src.Stop()
+	}
 	sort.Strings(domains)
 	return domains, nil
 }
diff --git a/amass/sources/viewdns.go b/amass/sources/viewdns.go
@@ -36,6 +36,7 @@ func NewViewDNS(config *core.Config, bus *core.EventBus) *ViewDNS {
 func (v *ViewDNS) OnStart() error {
 	v.BaseService.OnStart()
 
+	v.Bus().Subscribe(core.WhoisRequestTopic, v.SendWhoisRequest)
 	go v.processRequests()
 	return nil
 }
@@ -114,14 +115,19 @@ func (v *ViewDNS) executeWhoisQuery(domain string) {
 	// Get the list of domain names discovered through the reverse DNS service
 	re := regexp.MustCompile("<tr><td>([a-zA-Z0-9]{1}[a-zA-Z0-9-]{0,61}[a-zA-Z0-9]{1}[.]{1}[a-zA-Z0-9-]+)</td><td>")
 	subs := re.FindAllStringSubmatch(table, -1)
+
+	var matches []string
 	for _, match := range subs {
 		sub := match[1]
-		if sub == "" {
-			continue
+		if sub != "" {
+			matches = utils.UniqueAppend(matches, strings.TrimSpace(sub))
 		}
+	}
 
+	if len(matches) > 0 {
 		v.Bus().Publish(core.NewWhoisTopic, &core.WhoisRequest{
-			Domain: strings.TrimSpace(sub),
+			Domain: domain,
+			NewDomains: matches,
 			Tag:    v.SourceType,
 			Source: v.String(),
 		})

diff --git a/cmd/amass/intel.go b/cmd/amass/intel.go
@@ -177,17 +177,23 @@ func runIntelCommand(clArgs []string) {
 	}
 
 	if args.Options.ReverseWhois {
+		var all []string
+
 		for _, domain := range args.Domains {
-			domains, err := amass.ReverseWhois(domain)
+			domains, err := intel.ReverseWhois(domain)
 			if err != nil {
 				continue
 			}
 			for _, d := range domains {
 				if name := strings.TrimSpace(d); name != "" {
-					g.Println(name)
+					all = utils.UniqueAppend(all, name)
 				}
 			}
 		}
+
+		for _, d := range all {
+			g.Println(d)
+		}
 		return
 	}