RealiTLScanner icon indicating copy to clipboard operation
RealiTLScanner copied to clipboard
verified publisher icon XTLS

HTTP Status, Allowed domains, Verbose output file

Open APT-ZERO opened this issue 1 year ago • 3 comments

Hi,

Please add an option to show/save each feasible target's HTTP Status (when connected to IP without SNI) Then we can know if we can use that domain as fallback of our reality or not

option to paste list of 'Allowed domains' for each domain like xray-core tls ping

ability to Parse ASN of each IP

option to make output file more detailed

Thank you.

APT-ZERO avatar Feb 15 '24 10:02 APT-ZERO

I give a 10k list 150threads and it does scan only part of them like 700 - 3k each time and stops

level=INFO msg="Connected to target" feasible=true ip=5.10.-.- origin=www.--.com tls="TLS 1.3" alpn=h2 cert-domain=*.--.com cert-issuer="Let's Encrypt" geo=--
level=DEBUG msg="Failed to get IP from the origin" origin=--.com err="failed to lookup: lookup --.com: getaddrinfow: This is usually a temporary error during hostname resolution and means that the local server did not receive a response from an authoritative server."
level=INFO msg="Connected to target" feasible=true ip=104.21.-.- origin=www.--.com tls="TLS 1.3" alpn=h2 cert-domain=--.com cert-issuer="Google Trust Services LLC" geo=CLOUDFLARE
level=DEBUG msg="TLS handshake failed" target=10.10.-.-:443
level=DEBUG msg="TLS handshake failed" target=185.107.-.-:443
level=DEBUG msg="TLS handshake failed" target=10.10.-.-:443
level=DEBUG msg="Cannot dial" target=185.213.-.-:443
level=DEBUG msg="Connected to target" feasible=false ip=185.55.-.- origin=www.---.com tls="TLS 1.3" alpn=http/1.1 cert-domain=---.com cert-issuer="" geo=--
level=DEBUG msg="Cannot dial" target=185.126.-.-:443
level=DEBUG msg="Cannot dial" target=18.119.-.-:443
level=DEBUG msg="TLS handshake failed" target=188.40.-.-:443
level=DEBUG msg="TLS handshake failed" target=77.36.-.-:443
level=DEBUG msg="TLS handshake failed" target=38.48.-.-:443
level=DEBUG msg="Cannot dial" target=77.36.-.-:443
level=DEBUG msg="Cannot dial" target=107.163.-.-:443
level=DEBUG msg="TLS handshake failed" target=77.36.-.-:443
level=DEBUG msg="TLS handshake failed" target=154.211.-.-:443
level=DEBUG msg="TLS handshake failed" target=185.129.-.-:443
level=DEBUG msg="TLS handshake failed" target=185.242.-.-:443
level=DEBUG msg="TLS handshake failed" target=192.155.-.-:443
level=INFO msg="Scanning completed" time=2024-02-15T--:--:--.---Z elapsed=1m20.3361503s

APT-ZERO avatar Feb 15 '24 11:02 APT-ZERO

If you are saying there is a bug accepting a list. Please provide minimum list that you can reproduce the issue.

yuhan6665 avatar Feb 15 '24 15:02 yuhan6665

You can get one from cloudflare radar, i tested it with 100 threads and stopped at near 4k, IPs printed on my powershell is even less, it shows only ~700 of them in my powershell log https://radar.cloudflare.com/charts/LargerTopDomainsTable/attachment?id=975&top=10000&startDate=2024-02-05&endDate=2024-02-12 .\RealiTLScanner.exe -in cloudflare-radar-domains-top-10000-20240205-20240212.csv -out out.txt -port 443 -thread 100 -timeout 8 -v i used last build with geo support

APT-ZERO avatar Feb 16 '24 13:02 APT-ZERO

I think the issue is that you can only use plain text file reliably

Scan a list of targets from a file (targets should be divided by line break):

./RealiTLScanner -in in.txt

yuhan6665 avatar Sep 04 '24 14:09 yuhan6665