forked from jhaddix/SubreconGPT
-
Notifications
You must be signed in to change notification settings - Fork 2
/
subrecongpt.py
66 lines (53 loc) · 2.39 KB
/
subrecongpt.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import openai
import dns.resolver
import argparse
import sys
import time
def generate_subdomains(subdomain, domain, api_key):
openai.api_key = api_key
while True: # Continue trying until a successful API call is made
try:
response = openai.ChatCompletion.create(
model="gpt-3.5-turbo",
messages=[
{"role": "system", "content": "You are a helpful assistant."},
{"role": "user", "content": f"Generate 5 subdomains similar to {subdomain}."},
],
)
ai_generated_subdomains = [f"{sub}.{domain}" for sub in response['choices'][0]['message']['content'].strip().split('\n')]
return ai_generated_subdomains
except openai.error.RateLimitError as e:
print("Rate limit exceeded. Sleeping for 20 seconds...")
time.sleep(20) # Sleep for 20 seconds and then try again
except Exception as e:
print(f"An unexpected error occurred: {e}")
raise e # If it's a different kind of error, raise it
def resolve_subdomains(subdomains):
resolved_subdomains = []
for subdomain in subdomains:
try:
answers = dns.resolver.resolve(subdomain, 'A')
for rdata in answers:
resolved_subdomains.append(subdomain)
print(f"\n*** {subdomain} RESOLVES to {rdata.address} ***\n")
except dns.resolver.NXDOMAIN:
print(f"{subdomain} does not resolve.")
except Exception as e:
print(f"Error resolving {subdomain}: {e}")
return resolved_subdomains
def main():
parser = argparse.ArgumentParser(description='AI-assisted subdomain discovery.')
parser.add_argument('--apikey', required=True, help='OpenAI API key.')
args = parser.parse_args()
lines = [line.strip() for line in sys.stdin]
for line in lines:
if '*' in line: # Skip wildcard domains
continue
subdomain, domain = line.split('.', 1) # Split the line into subdomain and domain
print(f"\nSubdomain = {subdomain}.{domain}")
new_subdomains = generate_subdomains(subdomain, domain, args.apikey)
print(f"Guesses: {', '.join([sub.split('.')[0] for sub in new_subdomains])}\n")
resolved_subdomains = resolve_subdomains(new_subdomains)
time.sleep(1) # Pause for 1 second
if __name__ == "__main__":
main()