nuclei
nuclei copied to clipboard
Support to scan all available IPs associated with dns record
host hackerone.com
hackerone.com has address 104.16.99.52
hackerone.com has address 104.16.100.52
Currently, when multiple A records are associated with dns, nuclei picks 1st IP for the connection and there is no way to scan using other or all IPs (IPv4 for HTTP/Network) when required across all protocols, this feature is already supported in naabu.
-scan-all-ips, -sa scan all the ip's associated with dns record
-ip-version, -iv string[] ip version to scan of hostname (4,6) - (default 4)
id: basic-example
info:
name: Test HTTP Template
author: pdteam
severity: info
requests:
- method: GET
path:
- "{{BaseURL}}"
echo https://hackerone.com | nuclei -t test.yaml -scan-all-ips -v
__ _
____ __ _______/ /__ (_)
/ __ \/ / / / ___/ / _ \/ /
/ / / / /_/ / /__/ / __/ /
/_/ /_/\__,_/\___/_/\___/_/ 2.7.2
projectdiscovery.io
[WRN] Use with caution. You are responsible for your actions.
[WRN] Developers assume no liability and are not responsible for any misuse or damage.
[INF] Using Nuclei Engine 2.7.2 (latest)
[INF] Using Nuclei Templates 9.0.6 (latest)
[INF] Templates added in last update: 0
[INF] Templates loaded for scan: 1
[VER] [basic-example] Sent HTTP request to https://hackerone.com (104.16.99.52)
[VER] [basic-example] Sent HTTP request to https://hackerone.com (104.16.100.52)
[INF] No results found. Better luck next time!
@hktalent I've updated the issue to include more specfic details, if you required any help or discuss further or new feature, feel free to message at https://discord.gg/projectdiscovery (pdteam)
@ehsandeep OK,thanks example: tcp respectively connect to Connect to the ip of domain1.xxx.com ip1: 33.33.22.33, port: 80 ip2: 33.33.22.133, port: 80 send the same payload
GET /xxpayload HTTP/1.1
Host: domain1.xxx.com
....
thank you very much @ehsandeep