Description
Describe the bug
Hello there!
I'm encountering a difficulty related to logging in subfinder, which seems to be connected to how gologger handles label and log level. In the piece of code provided below, it seems that whenever an event that includes a label value is logged, this value gets converted to log level during formatting. Is there a specific reasoning behind this design decision?
To illustrate, when I operate subfinder with verbose log level configuration gologger.DefaultLogger.SetMaxLevel(levels.LevelVerbose), I encounter numerous logs with a log level that my external logging system cannot process.
{"level":"dnsdumpster","msg":"rate-limited-proxy-108-177-77-100.google.com","timestamp":"2023-05-25T14:07:57+0000"}
{"level":"dnsdumpster","msg":"code.l.google.com","timestamp":"2023-05-25T14:07:57+0000"}
{"level":"dnsdumpster","msg":"captive.adservice.google.com","timestamp":"2023-05-25T14:07:57+0000"}
{"level":"dnsdumpster","msg":"rate-limited-proxy-108-177-64-100.google.com","timestamp":"2023-05-25T14:07:57+0000"}
{"level":"dnsdumpster","msg":"google-proxy-66-249-83-100.google.com","timestamp":"2023-05-25T14:07:57+0000"}
{"level":"dnsdumpster","msg":"rate-limited-proxy-108-177-73-0.google.com","timestamp":"2023-05-25T14:07:57+0000"}
{"level":"dnsdumpster","msg":"rate-limited-proxy-108-177-73-100.google.com","timestamp":"2023-05-25T14:07:57+0000"}
{"level":"dnsdumpster","msg":"colab-sandbox.research.google.com","timestamp":"2023-05-25T14:07:57+0000"}
{"level":"dnsdumpster","msg":"tensorboard-staging.cloud.google.com","timestamp":"2023-05-25T14:07:57+0000"}
{"level":"dnsdumpster","msg":"mail.google.com","timestamp":"2023-05-25T14:07:57+0000"}
Subfinder version
2.5.8
Complete command you used to reproduce this
I'm not running the CLI but rather using the lib, but the code below should reproduce this bug
package main
import (
"bytes"
"fmt"
"io"
"log"
"github.com/projectdiscovery/subfinder/v2/pkg/resolve"
"github.com/projectdiscovery/subfinder/v2/pkg/runner"
"github.com/projectdiscovery/gologger"
)
func main() {
gologger.DefaultLogger.SetMaxLevel(levels.LevelVerbose)
gologger.DefaultLogger.SetFormatter(&formatter.JSON{})
runnerInstance, err := runner.NewRunner(&runner.Options{
Threads: 10, // Thread controls the number of threads to use for active enumerations
Timeout: 30, // Timeout is the seconds to wait for sources to respond
MaxEnumerationTime: 10, // MaxEnumerationTime is the maximum amount of time in mins to wait for enumeration
Resolvers: resolve.DefaultResolvers, // Use the default list of resolvers by marshaling it to the config
ResultCallback: func(s *resolve.HostEntry) { // Callback function to execute for available host
log.Println(s.Host, s.Source)
},
})
buf := bytes.Buffer{}
err = runnerInstance.EnumerateSingleDomain("projectdiscovery.io", []io.Writer{&buf})
if err != nil {
log.Fatal(err)
}
data, err := io.ReadAll(&buf)
if err != nil {
log.Fatal(err)
}
fmt.Printf("%s", data)
}
You will then see multiple logs such as :
{"level":"hackertarget","msg":"nuclei.projectdiscovery.io","timestamp":"2023-05-26T10:17:26+0000"}
{"level":"hackertarget","msg":"chaos.projectdiscovery.io","timestamp":"2023-05-26T10:17:26+0000"}
{"level":"hackertarget","msg":"test.auth.projectdiscovery.io","timestamp":"2023-05-26T10:17:26+0000"}
{"level":"hackertarget","msg":"dev.auth.projectdiscovery.io","timestamp":"2023-05-26T10:17:26+0000"}
{"level":"alienvault","msg":"test.auth.projectdiscovery.io","timestamp":"2023-05-26T10:17:26+0000"}
The problem comes from those lines of code :
subfinder/v2/pkg/runner/enumerate.go
Lines 69 to 72 in 5aca90d
It seems like the Label() method overwrite the level of the log event object. However, here we just want to specify which source found the domain name (while still keeping the event log level at verbose).
I think this could be easily fixed by using something like gologger.Verbose().Str("source", result.Source).Msg(subdomain)
Activity