mdaxfr/mdaxfr

73 lines
2.4 KiB
Plaintext
Raw Normal View History

2023-10-29 02:10:35 +00:00
#!/bin/sh
2023-11-01 21:02:39 +00:00
# Mass DNS AXFR (POSIX version) - developed by acidvegas (https://git.acid.vegas/mdaxfr)
2023-10-29 02:10:35 +00:00
OUTPUT_DIR="axfrout"
mkdir -p "$OUTPUT_DIR"
mkdir -p "$OUTPUT_DIR/root"
mkdir -p "$OUTPUT_DIR/psl"
2023-10-29 02:10:35 +00:00
2023-10-29 04:45:10 +00:00
resolve_nameserver() {
dig +short AAAA $1 +short -t A $1 2>/dev/null
2023-10-29 04:45:10 +00:00
}
2023-10-29 02:10:35 +00:00
attempt_axfr() {
tld=$1
nameserver=$2
filename="$3"
temp_file="${filename}.temp"
nameserver_ips=$(resolve_nameserver "$nameserver")
if [ -z "$nameserver_ips" ]; then
echo -e "\e[31m[FAIL]\e[0m AXFR for \e[36m$tld\e[0m on \e[33m$nameserver\e[0m \e[90m(failed to resolve nameserver)\e[0m"
return
fi
for nameserver_ip in $nameserver_ips; do
dig AXFR "$tld" "@$nameserver_ip" > "$temp_file"
if ! grep -q 'IN.*NS' "$temp_file"; then
echo -e "[\e[31mFAIL\e[0m] AXFR for \e[36m$tld\e[0m on \e[33m$nameserver\e[0m \e[90m($nameserver_ip)\e[0m"
rm -f "$temp_file"
else
mv "$temp_file" "$filename"
echo -e "[\e[32mSUCCESS\e[0m] AXFR for \e[36m$tld\e[0m on \e[33m$nameserver\e[0m \e[90m($nameserver_ip)\e[0m"
return
fi
done
2023-10-29 02:10:35 +00:00
}
2023-11-24 10:03:38 +00:00
echo "[\e[31mWARNING\e[0m] Most nameservers will block AXFR requests \e[90m(It is normal for most of these to fail)\e[0m"
sleep 3
# For root IP space zones
2023-11-24 09:12:04 +00:00
for i in $(seq 0 255); do
dig +nocmd +noall +answer +multiline $i.in-addr.arpa NS >> $OUTPUT_DIR/root/in-addr.arpa.txt
done
2023-10-29 04:45:10 +00:00
# For root nameservers
for root in $(dig +short . NS | sed 's/\.$//'); do
attempt_axfr "." "$root" "$OUTPUT_DIR/root/$root.txt"
2023-10-29 04:45:10 +00:00
done
2023-10-29 02:10:35 +00:00
# Parse the tld list from a root nameserver
rndroot=$(find $OUTPUT_DIR/root/*.root-servers.net.txt -type f | shuf -n 1)
if [ -z $rndroot ]; then
echo "Failed to AXFR a root nameserver (using IANA list instead)"
tlds=$(curl -s 'https://data.iana.org/TLD/tlds-alpha-by-domain.txt' | tail -n +2 | tr '[:upper:]' '[:lower:]')
else
tlds=$(cat $rndroot | grep -E 'IN\s+NS' | awk '{print $1}' | sed 's/\.$//' | sort -u)
fi
2023-10-29 04:45:10 +00:00
# For TLD nameservers
for tld in $tlds; do
for ns in $(dig +short "$tld" NS | sed 's/\.$//'); do
2023-10-29 04:45:10 +00:00
attempt_axfr "$tld" "$ns" "$OUTPUT_DIR/$tld.txt"
2023-10-29 02:10:35 +00:00
done
2023-10-29 04:45:10 +00:00
done
# For Public Suffix List TLD nameservers
for tld in $(curl -s https://publicsuffix.org/list/public_suffix_list.dat | grep -vE '^(//|.*[*!])' | grep '\.' | awk '{print $1}'); do
for ns in $(dig +short "$tld" NS | sed 's/\.$//'); do
attempt_axfr "$tld" "$ns" "$OUTPUT_DIR/psl/$tld.txt"
done
done