Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Isn't classifier broken? #1531

Open
OpsecGuy opened this issue Feb 16, 2025 · 4 comments
Open

Isn't classifier broken? #1531

OpsecGuy opened this issue Feb 16, 2025 · 4 comments

Comments

@OpsecGuy
Copy link

OpsecGuy commented Feb 16, 2025
edited
Loading

Hi, I wanted to give a chance to your tool, but any domain I scan gives an error from classifier.
"Domain doesn't exist or is a placeholder page"
Domains I have tried are this:
thehackernews.com
krebsonsecurity.com
tmpfile.packetsdatabase.com
packetsdatabase.com

Is something wrong with these URLs or simply classifier is broken?
@kazet
Copy link
Member

kazet commented Feb 17, 2025
edited
Loading

Hello,

this result means that Artemis checked whether these domains exist and did not receive a DNS response. Can you run:

./scripts/run_docker_compose exec karton-classifier apk add bind-tools
./scripts/run_docker_compose exec karton-classifier dig thehackernews.com

in order to check whether the DNS settings inside the container are correct?

@OpsecGuy
Copy link
Author

Hello,

this result means that Artemis checked whether these domains exist and did not receive a DNS response. Can you run:

./scripts/run_docker_compose exec karton-classifier apk add bind-tools
./scripts/run_docker_compose exec karton-classifier dig thehackernews.com

in order to check whether the DNS settings inside the container are correct?

Hey,
1st command properly downloaded stuff and after executing 2nd command I received this:


; <<>> DiG 9.18.33 <<>> thehackernews.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36569
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;thehackernews.com.             IN      A

;; ANSWER SECTION:
thehackernews.com.      300     IN      A       172.67.72.95
thehackernews.com.      300     IN      A       104.26.10.117
thehackernews.com.      300     IN      A       104.26.11.117

;; Query time: 4018 msec
;; SERVER: 127.0.0.11#53(127.0.0.11) (UDP)
;; WHEN: Mon Feb 17 18:36:21 UTC 2025
;; MSG SIZE  rcvd: 94

@OpsecGuy
Copy link
Author

@kazet Is there anything else what can I do in my case?

@kazet
Copy link
Member

kazet commented Feb 19, 2025
edited
Loading

To be honest, I don't have an idea - your setup seems to be different. Can you paste full Docker logs (obtained via ./scripts/run_docker_compose logs )?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kazet @OpsecGuy