amass icon indicating copy to clipboard operation
amass copied to clipboard

Published 20 hours ago verified publisher icon owasp-amass

Amass db has no output

Open rew1nter opened this issue 2 years ago • 1 comments

Amass db only works a few times after installation for a domain with 30k subdomains. Then basically stops giving any output for that domain.

version

Latest

Produced on

Kubuntu (home network), Ubuntu (aws) Tested around 10 times

Steps to reproduce

  1. Reinstall amass
  2. Run amass enum -d huge.corp -passive -config amass.ini -silent a few times.
  3. Query the db a few times. Should get stuck in one of these.
  4. Repeat step 2 and 3 few times if it's still not reproduced.

rew1nter avatar Apr 28 '22 14:04 rew1nter

Amass db only works a few times after installation for a domain with 30k subdomains. Then basically stops giving any output for that domain.

version

Latest

Produced on

Kubuntu (home network), Ubuntu (aws)

Tested around 10 times

Steps to reproduce

  1. Reinstall amass

  2. Run amass enum -d huge.corp -passive -config amass.ini -silent a few times.

  3. Query the db a few times. Should get stuck in one of these.

  4. Repeat step 2 and 3 few times if it's still not reproduced.

This is almost certainly because the various data sources are rate-limiting (well, penalty-boxing) you. It's something I noticed some time ago- that unfortunately, except for commercial/authenticated sources (e.g. Umbrella, etc.) Amass loses its value after a couple of consecutive runs

However- if you're seeing this happen when the target is the same each time, the caching in Amass should be mitigating this. I don't knkw what cache lifetime ("ttl" in the configuration file) is by default currently, but it must be at least 1 day

Maybe explicitly set the ttl globally to 7 days and see if you can reproduce the behavior. If you can then @caffix may be interested to know (unless the caching has been deliberately removed- which would be surprising to me)

mzpqnxow avatar Sep 04 '23 23:09 mzpqnxow