Skip to content

Parse TopLevelDomains correctly. #485

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Nov 6, 2015
Merged

Parse TopLevelDomains correctly. #485

merged 2 commits into from
Nov 6, 2015

Conversation

gustavo-iniguez-goya
Copy link
Contributor

and put out of the loop the check for adding dots to the domain.

fixes #21.

@gainan
parse TopLevelDomains correctly.
7f8ea0a 
put out of the loop the check for adding dots to the domain.

fixes cSploit#21.
@gustavo-iniguez-goya
Copy link
Contributor Author

this won't still fully work, because the TLD array is sorted in a way, that domains of "one component" are checked first:

".dz", ".com.dz", ".org.dz", ".net.dz", ".gov.dz", ".edu.dz", ".asso.dz", ".pol.dz", ".art.dz"

so www.ansej.org.dz will match first with .dz and thus set the base domain to org.dz.

There is another solution, which is to check every part of the domain against the TLD array:
is www.ansej.org.dz in the TLD array? no.
is ansej.org.dz in the TLD array? no.
is org.dz in the TLD array? yes. return org.dz - 1 -> ansej.org.dz.

accurate, but slower than the current implementation in most cases (avg of ~30ms vs ~100-200ms), .

besides, there are some entries in the array that are simply wrong: "more..." and "...".

@tux-mind , I know that evilproxy will be developed, but in the meantime a few questions: should I sort the TLD array? and as the array is outdated, should I update it with the latest list https://publicsuffix.org/list/public_suffix_list.dat ?
what do you think?

@gainan
parse TopLevelDomains better.
bc3cfa7 
reorder TLD domains, to put simple domains (.us) at the end of the compounded domains of the same type (.com.us)
gustavo-iniguez-goya added a commit that referenced this pull request Nov 6, 2015
@gustavo-iniguez-goya
Merge pull request #485 from gainan/issue_21
515b337 
Parse TopLevelDomains correctly.
@gustavo-iniguez-goya gustavo-iniguez-goya merged commit 515b337 into cSploit:develop Nov 6, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Session Hijacker: only 2nd level domain shown
2 participants
@gustavo-iniguez-goya @gainan