IF THE TOOL IS FAILING DUE TO VIRUSTOTAL... here is a quick fix
yeti-code opened this issue · comments
As title says above, I shall deliver.
Step 1: Open the sublist3r.py in your favorite IDE.
Step 2: Remove this code-block:
`class Virustotal(enumratorBaseThreaded):
def init(self, domain, subdomains=None, q=None, silent=False, verbose=True):
subdomains = subdomains or []
base_url = 'https://www.virustotal.com/ui/domains/{domain}/subdomains'
self.engine_name = "Virustotal"
self.q = q
super(Virustotal, self).init(base_url, self.engine_name, domain, subdomains, q=q, silent=silent, verbose=verbose)
self.url = self.base_url.format(domain=self.domain)
return
# the main send_req need to be rewritten
def send_req(self, url):
try:
resp = self.session.get(url, headers=self.headers, timeout=self.timeout)
except Exception as e:
self.print_(e)
resp = None
return self.get_response(resp)
# once the send_req is rewritten we don't need to call this function, the stock one should be ok
def enumerate(self):
while self.url != '':
resp = self.send_req(self.url)
resp = json.loads(resp)
if 'error' in resp:
self.print_(R + "[!] Error: Virustotal probably now is blocking our requests" + W)
break
if 'links' in resp and 'next' in resp['links']:
self.url = resp['links']['next']
else:
self.url = ''
self.extract_domains(resp)
return self.subdomains
def extract_domains(self, resp):
#resp is already parsed as json
try:
for i in resp['data']:
if i['type'] == 'domain':
subdomain = i['id']
if not subdomain.endswith(self.domain):
continue
if subdomain not in self.subdomains and subdomain != self.domain:
if self.verbose:
self.print_("%s%s: %s%s" % (R, self.engine_name, W, subdomain))
self.subdomains.append(subdomain.strip())
except Exception:
pa`
Step 3: command + f in your IDE and search for the string "virus"
Any lines that you find which match the search string, delete them.
Step 4: command + s to save the file.
Step 5: Run and check that the tool now works.
python3 sublist3r.py -d google.com
Tool should now work!
Thanks!
Step 3:
I deleted virustotal in supported_engines and chosenEnums and then it starts work again.
cool
worked for me once and again failed due to virus total
I am a beginner and facing the same issue in kali; it's stopping after the Error.
Could someone please provide with step-wise instructions to fix it and fetch results in kali?
hi i solved the virus total error problem but the sublister is not showing any output after its scan all the requirements are done but it still not showing any output
hi i solved the virus total error problem but the sublister is not showing any output after its scan all the requirements are done but it still not showing any output
same here
Yeah this tool just doesn't seem to work anymore.
I recommend a tool called subfinder. Which can be found here:
https://github.com/projectdiscovery/subfinder
It requires golang to be installed. But I use it on the Kali image for WSL. Works on Mac and Linux too.
You can skip Virustotal with a command like this : sublist3r -v -d tesla.com -t 10 -e "baidu,yahoo,google,bing,ask,netcraft,dnsdumpster,threatcrowd,ssl,passivedns"
Where -d : domain name, -v : verbose the output (which tells from where it is getting the results), -t : the number of threads, -e : search engine list
.I'm not getting any results either, I got the exact same output as @LoGan070raGnaR
Without VirusTotal this tool became blind.
@LoGan070raGnaR @cyberbarbie try https://github.com/chris408/virustotal-subdomain-scraper
get VT standard free api here https://support.virustotal.com/hc/en-us/articles/115002100149-API
tnx @yeti-code you just saved me a bunch of misery, can't believe nobody seems to read yr comment, it works even better too, spits out boatloads of subdomains, its nuts.
sublist3r is shit.
no matter how many time change a code or add api key it doesn't work.
thats why golang tool are best . we say like chaos , subfinder , finddomain, assetfinder, amass,
developer of this doesn't want to correct this code. he should delete this repo. anyone came waste there time to correct his mistake
Seems like this tard happens in 2/7/2023, a year a half after this bug/topic opened, We need to push this fix somehow
@yeti-code
Guys / gals
I switched to subfinder, you can find it here:
https://github.com/projectdiscovery/subfinder
It's a golang tool that is still being actively updated.
It works similarily to sublister.
If you are allergic to using it or another tool, sure. You can get VirusTotal API key and the tool will work. Or you can remove the code for it and it will work also.
It's not working. it simply giving empty output.
Note: For some domains it's working (like google.com, yahoo.com etc.)
Also, I have the same problem. But i fix it.
Open sublist3r.py file in any text editor or idle and add this in self.headers variable on line number 155
'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:105.0) Gecko/20100101 Firefox/105.0', 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8', 'Accept-Language': 'en-US,en;q=0.5', 'Accept-Encoding': 'gzip, deflate',
And save the file
And your problem is solve run sublist3r
As title says above, I shall deliver.
Step 1: Open the sublist3r.py in your favorite IDE.
Step 2: Remove this code-block:
`class Virustotal(enumratorBaseThreaded): def init(self, domain, subdomains=None, q=None, silent=False, verbose=True): subdomains = subdomains or [] base_url = 'https://www.virustotal.com/ui/domains/{domain}/subdomains' self.engine_name = "Virustotal" self.q = q super(Virustotal, self).init(base_url, self.engine_name, domain, subdomains, q=q, silent=silent, verbose=verbose) self.url = self.base_url.format(domain=self.domain) return
# the main send_req need to be rewritten def send_req(self, url): try: resp = self.session.get(url, headers=self.headers, timeout=self.timeout) except Exception as e: self.print_(e) resp = None return self.get_response(resp) # once the send_req is rewritten we don't need to call this function, the stock one should be ok def enumerate(self): while self.url != '': resp = self.send_req(self.url) resp = json.loads(resp) if 'error' in resp: self.print_(R + "[!] Error: Virustotal probably now is blocking our requests" + W) break if 'links' in resp and 'next' in resp['links']: self.url = resp['links']['next'] else: self.url = '' self.extract_domains(resp) return self.subdomains def extract_domains(self, resp): #resp is already parsed as json try: for i in resp['data']: if i['type'] == 'domain': subdomain = i['id'] if not subdomain.endswith(self.domain): continue if subdomain not in self.subdomains and subdomain != self.domain: if self.verbose: self.print_("%s%s: %s%s" % (R, self.engine_name, W, subdomain)) self.subdomains.append(subdomain.strip()) except Exception: pa`
Step 3: command + f in your IDE and search for the string "virus"
Any lines that you find which match the search string, delete them.
Step 4: command + s to save the file.
Step 5: Run and check that the tool now works.
python3 sublist3r.py -d google.com
Tool should now work!
Sorry where can i find sublist3r.py so i can modify the code?
As title says above, I shall deliver.
Step 1: Open the sublist3r.py in your favorite IDE.
Step 2: Remove this code-block:
`class Virustotal(enumratorBaseThreaded): def init(self, domain, subdomains=None, q=None, silent=False, verbose=True): subdomains = subdomains or [] base_url = 'https://www.virustotal.com/ui/domains/{domain}/subdomains' self.engine_name = "Virustotal" self.q = q super(Virustotal, self).init(base_url, self.engine_name, domain, subdomains, q=q, silent=silent, verbose=verbose) self.url = self.base_url.format(domain=self.domain) return
# the main send_req need to be rewritten def send_req(self, url): try: resp = self.session.get(url, headers=self.headers, timeout=self.timeout) except Exception as e: self.print_(e) resp = None return self.get_response(resp) # once the send_req is rewritten we don't need to call this function, the stock one should be ok def enumerate(self): while self.url != '': resp = self.send_req(self.url) resp = json.loads(resp) if 'error' in resp: self.print_(R + "[!] Error: Virustotal probably now is blocking our requests" + W) break if 'links' in resp and 'next' in resp['links']: self.url = resp['links']['next'] else: self.url = '' self.extract_domains(resp) return self.subdomains def extract_domains(self, resp): #resp is already parsed as json try: for i in resp['data']: if i['type'] == 'domain': subdomain = i['id'] if not subdomain.endswith(self.domain): continue if subdomain not in self.subdomains and subdomain != self.domain: if self.verbose: self.print_("%s%s: %s%s" % (R, self.engine_name, W, subdomain)) self.subdomains.append(subdomain.strip()) except Exception: pa`
Step 3: command + f in your IDE and search for the string "virus"
Any lines that you find which match the search string, delete them.
Step 4: command + s to save the file.
Step 5: Run and check that the tool now works.
python3 sublist3r.py -d google.com
Tool should now work!