fix false positives

Author: boringthegod

Cargo.toml

@@ -14,10 +14,11 @@ path = "src/main.rs"
 
 [dependencies]
 clap = "2.33"
-reqwest = { version = "0.11", features = ["json", "gzip", "brotli", "default-tls", "rustls-tls"] }
-tokio = { version = "1", features = ["full" ] }
 futures = "0.3"
-rand = "0.8"
+indicatif = "0.16"
 num_cpus = "1.13"
-indicatif = "0.17"
-colored = "2.0"
+rand = "0.8"
+reqwest = { version = "0.11", features = ["json", "gzip", "brotli", "deflate", "stream", "native-tls", "rustls-tls"] }
+tokio = { version = "1", features = ["macros", "rt-multi-thread", "time"] }
+colored = "2.0"
+scraper = "0.14"

src/main.rs

@@ -14,6 +14,7 @@ use std::time::Duration;
 use tokio::sync::Semaphore;
 use tokio::time::timeout;
 use colored::*;
+use scraper::{Html, Selector};
 
 #[tokio::main]
 async fn main() {
@@ -75,6 +76,7 @@ async fn main() {
     let ip_range = matches.value_of("iprange");
     let ua_file = matches.value_of("useragents");
     let timeout_secs: u64 = matches.value_of("timeout").unwrap().parse().unwrap();
+    let timeout_duration = Duration::from_secs(timeout_secs);
     let aggressive = matches.is_present("aggressive");
 
     let available_threads = num_cpus::get();
@@ -84,9 +86,8 @@ async fn main() {
         .map(|s| s.parse::<usize>().unwrap_or(available_threads))
         .unwrap_or(available_threads);
 
-    
     println!(
-        "Use of : {} threads",
+        "Utilisation de : {} threads",
         format!("{}", max_threads).blue()
     );
 
@@ -101,21 +102,19 @@ async fn main() {
             }
         }
     } else {
-        eprintln!("You must specify either an IP addresses file or a range of IP addresses.");
+        eprintln!("Vous devez spécifier soit un fichier d'adresses IP, soit une plage d'adresses IP.");
         return;
     };
 
     if ips.is_empty() {
-        eprintln!("No IP address found.");
+        eprintln!("Aucune adresse IP trouvée.");
         return;
     }
 
     let pb = ProgressBar::new(ips.len() as u64);
     pb.set_style(
         ProgressStyle::default_bar()
-            .template("{spinner:.green} [{elapsed_precise}] [{bar:40.cyan/blue}] {pos}/{len} ({eta})")
-            .expect("Progress bar template error")
-            .progress_chars("#>-"),
+            .template("{spinner:.green} [{elapsed_precise}] [{bar:40.cyan/blue}] {pos}/{len} ({eta})"),
     );
 
     let user_agents = if let Some(ua_path) = ua_file {
@@ -129,6 +128,15 @@ async fn main() {
         vec!["Mozilla/5.0 (compatible; CloudFade/1.0; +https://example.com)".to_string()]
     };
 
+    // Extraction du motif unique du domaine cible
+    let target_pattern = match get_target_pattern(domain, timeout_duration).await {
+        Some(pattern) => pattern,
+        None => {
+            eprintln!("Impossible d'extraire un motif unique du domaine cible.");
+            return;
+        }
+    };
+
     let semaphore = Arc::new(Semaphore::new(max_threads));
 
     let mut tasks = FuturesUnordered::new();
@@ -138,15 +146,23 @@ async fn main() {
         let domain = domain.to_string();
         let user_agents = user_agents.clone();
         let aggressive = aggressive;
-        let timeout_duration = Duration::from_secs(timeout_secs);
+        let timeout_duration = timeout_duration;
         let semaphore = semaphore.clone();
         let pb = pb.clone();
+        let target_pattern = target_pattern.clone();
 
         let permit = semaphore.acquire_owned().await.unwrap();
 
         tasks.push(tokio::spawn(async move {
-            let result =
-                test_ip(ip, domain, user_agents, aggressive, timeout_duration).await;
+            let result = test_ip(
+                ip,
+                domain,
+                user_agents,
+                aggressive,
+                timeout_duration,
+                target_pattern,
+            )
+            .await;
             drop(permit);
             pb.inc(1);
             result
@@ -161,15 +177,15 @@ async fn main() {
         }
     }
 
-    pb.finish_with_message("Scan completed");
+    pb.finish_with_message("Scan terminé");
 
     if possible_ips.is_empty() {
         println!(
             "{}",
-            format!("No IPs found linked to {}", domain).red()
+            format!("Aucune IP trouvée liée à {}", domain).red()
         );
     } else {
-        println!("{}", "Potential IP addresses found :".green());
+        println!("{}", "Adresses IP potentielles trouvées :".green());
         for ip in possible_ips {
             println!("{}", ip.green());
         }
@@ -182,11 +198,12 @@ async fn test_ip(
     user_agents: Vec<String>,
     aggressive: bool,
     timeout_duration: Duration,
+    target_pattern: String,
 ) -> Option<String> {
     let socket_addr: SocketAddr = match format!("{}:80", ip).parse() {
         Ok(addr) => addr,
         Err(_) => {
-            eprintln!("Invalid IP address : {}", ip);
+            eprintln!("Adresse IP invalide : {}", ip);
             return None;
         }
     };
@@ -219,46 +236,80 @@ async fn test_ip(
             if let Ok(Ok(resp)) = response {
                 let status = resp.status().as_u16();
                 if status == 200 || status == 301 || status == 302 {
-                    return Some(ip);
+                    if let Ok(text) = resp.text().await {
+                        if text.contains(&target_pattern) {
+                            return Some(ip);
+                        }
+                    }
                 }
             }
         }
     }
     None
 }
 
+async fn get_target_pattern(domain: &str, timeout_duration: Duration) -> Option<String> {
+    let client = reqwest::Client::builder()
+        .danger_accept_invalid_certs(true)
+        .build()
+        .unwrap();
+
+    let url = format!("http://{}/", domain);
+    let request = client.get(&url);
+
+    let response = timeout(timeout_duration, request.send()).await;
+    if let Ok(Ok(resp)) = response {
+        if let Ok(text) = resp.text().await {
+            if let Some(title) = extract_title(&text) {
+                return Some(title);
+            }
+        }
+    }
+    None
+}
+
+fn extract_title(html: &str) -> Option<String> {
+    let document = Html::parse_document(html);
+    let selector = Selector::parse("title").unwrap();
+
+    document.select(&selector).next().map(|element| element.inner_html())
+}
+
 fn read_lines(filename: &str) -> Vec<String> {
-    let file = File::open(filename).expect("Unable to open file");
+    let file = File::open(filename).expect("Impossible d'ouvrir le fichier");
     let reader = BufReader::new(file);
     reader.lines().filter_map(Result::ok).collect()
 }
 
 fn parse_ip_range(ip_range: &str) -> Result<Vec<String>, String> {
     let parts: Vec<&str> = ip_range.split('-').collect();
     if parts.len() != 2 {
-        return Err("IP range format is invalid. Use 'start-end' format.".to_string());
+        return Err("Le format de la plage IP est invalide. Utilisez le format 'début-fin'.".to_string());
     }
 
-    let start_ip = Ipv4Addr::from_str(parts[0]).map_err(|_| "Start IP address invalid.".to_string())?;
-    let end_ip = Ipv4Addr::from_str(parts[1]).map_err(|_| "End IP address invalid.".to_string())?;
+    let start_ip = Ipv4Addr::from_str(parts[0]).map_err(|_| "Adresse IP de début invalide.".to_string())?;
+    let end_ip = Ipv4Addr::from_str(parts[1]).map_err(|_| "Adresse IP de fin invalide.".to_string())?;
 
     let start: u32 = start_ip.into();
     let end: u32 = end_ip.into();
 
     if start > end {
-        return Err("The starting IP address is greater than the ending IP address.".to_string());
+        return Err("L'adresse IP de début est supérieure à l'adresse IP de fin.".to_string());
     }
 
     let max_ips = 1_000_000;
     let total_ips = end - start + 1;
 
     if total_ips > max_ips {
-        return Err(format!("The IP range is too large ({} addresses). Please specify a smaller range.", total_ips));
+        return Err(format!(
+            "La plage d'IP est trop grande ({} adresses). Veuillez spécifier une plage plus petite.",
+            total_ips
+        ));
     }
 
     let ips: Vec<String> = (start..=end)
         .map(|ip_num| Ipv4Addr::from(ip_num).to_string())
         .collect();
 
     Ok(ips)
-}
+}