[Other] Running theHarvester on subdomains yield weirdness

[joaociocca]

Feature Request or Bug or Other
Other

Describe the feature request or bug or other
This is mostly a doubt that I had no idea who/where to ask about. I ran theHarvester against a previously known to me target_subdomain.domain.tld, and the results were a bit... unexpected. Among its 700+ results, most of them were other subdomains I knew about - but instead of being shown back as subdomain.domain.tld, they showed up as subdomain.target_subdomain.domain.tld - and none of these exists, since the target_subdomain does NOT have any subdomains/aliases/whatever attached to it.

To Reproduce
Steps to reproduce the behaviour:

1. Run tool like this: 'theHarvester -d <target_subdomain.domain.tld>' against a known subdomain, from a domain you know have other subdomains.
2. See error

Expected behaviour
In this case, where target_subdomain.domain.tld is known for not having any subdomains itself, I expected to see only the target_subdomain listed. If I was scanning the domain.tld I'd expect to see all those subdomains tied to it, no to the target_subdomain...

System Information (System that tool is running on):

• OS: Kali 2022.3
• Version 4.2.0

[NotoriousRebel]

A bit late but thanks for raising this issue, this will require some debugging but perhaps might be due to lax regex results that are not strict enough on false positive subdomains. I assume this was run with -b all?

[joaociocca]

not exactly, but I was using a lot of different sources (part of the script lists the api keys from the repository and allows on manual or actiavates them on auto)