Thread: Subdomain scanner in C

I coded this when I had a spare few minutes. It's quite basic and I plan on making another version that reads possible subdomains from a .txt file, but this is all I've got for now. Consider this V1.
It does have its uses, even though it's quite basic. I hope somebody can find some use for this, or learn something from it. As always, I am open for constructive criticism.

-Cheers.

PHP Code:

/***
*
* Subdomain Scanner by precedenceDemon
*    New Zealand hacker
*    Email: tickme [at] mail [d0t] ru
*
***/

#define WIN32

#if defined(macintosh)
    #define  DIRECTORY_SEPARATOR_CHAR   ':'
    #define  DIRECTORY_SEPARATOR_STRING ":"
#elif defined(_WIN32) || defined(_WIN32_WCE) || defined(__DOS__) || defined(WIN32)
    #define  DIRECTORY_SEPARATOR_CHAR   '\\'
    #define  DIRECTORY_SEPARATOR_STRING "\\"
#else
    #define  DIRECTORY_SEPARATOR_CHAR   '/'
    #define  DIRECTORY_SEPARATOR_STRING "/"
#endif

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#ifdef WIN32
    #pragma comment(lib, "ws2_32.lib")
    #include <winsock2.h>
#else
    #include <netdb.h>
    #include <sys/types.h>
    #include <sys/socket.h>
    #include <netinet/in.h>
    #include <arpa/inet.h>
#endif


int main(int argc, char *argv[]){
    char *subdomains[] = {"a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z","lan","phpmyadmin","administrator","mape","isp","shop","rex","podcast","potraga","sensation","igre","foo","api","access","ulaz","pam","sport","pretraga","pricaonica","kuvar","raketa","wwwmobile","s1","s2","foro","s3","box","open","abc","phpbb3","phpbb2","internet","phpbb","whm","mysql","webadmin","adm","admin","admins","agent","aix","recnik","alerts","av","antivirus","app","apps","appserver","archive","as400","auto","backup","banking","bbdd","bbs","bea","beta","blog","catalog","cgi","channel","channels","chat","cisco","client","clients","club","cluster","clusters","code","commerce","community","compaq","conole","consumer","contact","contracts","corporate","ceo","cso","cust","customer","cpanel","data","bd","db2","default","demo","cms","design","desktop","dev","develop","developer","device","dial","digital","dir","directory","disc","discovery","disk","dns","dns1","dns2","dns3","docs","poslovi","prijemni","znanje","mojtim","documents","domain","domains","dominoweb","download","downloads","ecommerce","e-commerce","edi","edu","education","email","enable","engine","engineer","enterprise","slike","galerija","error","event","events","example","exchange","extern","external","extranet","fax","field","finance","firewall","forum","forums","fsp","ftp","ftp2","fw","fw1","gallery","galleries","games","gateway","gopher","guest","gw","hello","helloworld","help","helpdesk","arkiva","lajme","faqe","helponline","hp","ibm","ibmdb","ids","ILMI","film","navigator","nalog","prodavnica","zdravlje","reklamiranje","zivot","images","imap","pomoc","imap4","img","imgs","info","intern","internal","intranet","invalid","iphone","ipsec","irc","ircserver","jobs","ldap","link","linux","lists","listserver","local","localhost","log","logs","login","lotus","mail","mailboxes","mailhost","result","management","manage","manager","map","maps","marketing","device","media","member","members","messenger","mngt","mobile","monitor","multimedia","music","my","names","lojra","albania","bisedo","puka","foto","emra","njohje","vip","egea-tirana","historia","forumi","vesti","administracija","net","new1","new","perkohesisht","netdata","netstats","network","news","nms","nntp","ns","ns1","ns2","ns3","ntp","online","openview","oracle","outlook","page","pages","partner","partners","pda","personal","ph","pictures","pix","pop","pop3","portal","press","print","printer","private","project","projects","proxy","public","ra","radio","raptor","ras","read","register","remote","report","reports","root","router","lister","rwhois","sac","schedules","scotty","search","secret","secure","security","seri","serv","serv2","server","service","services","shop","shopping","site","sms","smtp","smtphost","snmp","snmpd","snort","solaris","1","2","3","4","5","6","7","8","9","0","solutions","support","source","sql","ssl","stats","store","stream","streaming","sun","support","switch","sysback","system","tech","terminal","test","testing","testing123","time","tivoli","training","transfers","uddi","update","upload","uploads","video","vpn","w1","w2","w3","wais","wap","web","webdocs","w****b","w****gic","webmail","webserver","webservices","websphere","whois","wireless","work","world","write","ws","ws1","ws2","ws3","www1","www2","www3","www4","www5","www6","www7","www8","www9","drupal","wordpress","joomla","db","database","love"};
    char buffer[256];
    int len;
    int subdomainsTried = 0;
    int successfulTries = 1;
    char *p = NULL;
    struct hostent *h;
#ifdef WIN32
    WSADATA wsaData;
#endif
    p = strrchr(argv[0], DIRECTORY_SEPARATOR_CHAR);
    puts("\n");
    printf("+++++++++++++++++++++++++++++++++\n");
    printf("|                               |\n");
    printf("|       Subdomain scanner       |\n");
    printf("|               By              |\n");
    printf("|        precedenceDemon        |\n");
    printf("|                               |\n");
    printf("+++++++++++++++++++++++++++++++++\n");
    puts("\n");
    if (argc!=2){
        printf("[+] Usage: %s domain\n",p+1);
        printf("[+] Enter domain without http:// & www.\n");
        printf("[+] Example: %s google.com\n",p+1);
        getchar();
        return 1;
    }
    
    if(strlen(argv[1])>150){
        printf("[-] ERROR: Domain is too long!\n");
        return 1;
    }
    
    printf("[+] Scanning: %s\n\n", argv[1]);
    
    #ifdef WIN32  
    if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0){
        fprintf(stderr, "[-] WSAStartup failed.\n");
        return 1;
    }
    #endif
    
    len=sizeof(subdomains)/sizeof(char *);
    while(subdomainsTried!=len){
        sprintf(buffer,"%s.%s", subdomains[subdomainsTried],argv[1]); //Will generate a warning, but it's fine...    
        if ((h=gethostbyname(buffer)) == NULL);
        else{
            printf("[%d] %s            SERVER IP: %s\n", successfulTries, buffer, inet_ntoa(*((struct in_addr *)h->h_addr)));
            successfulTries++;
            }
        subdomainsTried++;
        memset(buffer, 0x00, 256);
    }
    printf("\n[+] %d subdomains were found on %s\n\n", successfulTries-1, argv[1]);
    
#ifdef WIN32
    WSACleanup();
#endif
    
    return 0;
} 


[C] SubdomainScanner by precedenceDemon - Pastebin.com