mdaxfr/mdaxfr

#!/bin/sh
# Mass DNS AXFR (POSIX version) - developed by acidvegas (https://git.acid.vegas/mdaxfr)

OUTPUT_DIR="axfrout"
mkdir -p "$OUTPUT_DIR"
mkdir -p "$OUTPUT_DIR/root"
mkdir -p "$OUTPUT_DIR/psl"

resolve_nameserver() {
	dig +short AAAA $1 +short -t A $1 2>/dev/null
}

attempt_axfr() {
    tld=$1
    nameserver=$2
    filename="$3"
    temp_file="${filename}.temp"

    nameserver_ips=$(resolve_nameserver "$nameserver")
    if [ -z "$nameserver_ips" ]; then
        echo -e "\e[31m[FAIL]\e[0m AXFR for \e[36m$tld\e[0m on \e[33m$nameserver\e[0m \e[90m(failed to resolve nameserver)\e[0m"
        return
    fi

    for nameserver_ip in $nameserver_ips; do
        dig AXFR "$tld" "@$nameserver_ip" > "$temp_file"
        if ! grep -q 'IN.*NS' "$temp_file"; then
			echo -e "[\e[31mFAIL\e[0m] AXFR for \e[36m$tld\e[0m on \e[33m$nameserver\e[0m \e[90m($nameserver_ip)\e[0m"
            rm -f "$temp_file"
        else
            mv "$temp_file" "$filename"
            echo -e "[\e[32mSUCCESS\e[0m] AXFR for \e[36m$tld\e[0m on \e[33m$nameserver\e[0m \e[90m($nameserver_ip)\e[0m"
            return
        fi
    done
}

echo "[\e[31mWARNING\e[0m] Most nameservers will block AXFR requests \e[90m(It is normal for most of these to fail)\e[0m"
sleep 3

# For root IP space zones
for i in $(seq 0 255); do
    dig +nocmd +noall +answer +multiline $i.in-addr.arpa NS >> $OUTPUT_DIR/root/in-addr.arpa.txt
done

# For root nameservers
for root in $(dig +short . NS | sed 's/\.$//'); do
	attempt_axfr "." "$root" "$OUTPUT_DIR/root/$root.txt"
done

# Parse the tld list from a root nameserver
rndroot=$(find $OUTPUT_DIR/root/*.root-servers.net.txt -type f | shuf -n 1)
if [ -z $rndroot ]; then
	echo "Failed to AXFR a root nameserver (using IANA list instead)"
	tlds=$(curl -s 'https://data.iana.org/TLD/tlds-alpha-by-domain.txt' | tail -n +2 | tr '[:upper:]' '[:lower:]')
else 
	tlds=$(cat $rndroot | grep -E 'IN\s+NS' | awk '{print $1}' | sed 's/\.$//' | sort -u)
fi

# For TLD nameservers
for tld in $tlds; do
	for ns in $(dig +short "$tld" NS | sed 's/\.$//'); do
		attempt_axfr "$tld" "$ns" "$OUTPUT_DIR/$tld.txt"
	done
done

# For Public Suffix List TLD nameservers
for tld in $(curl -s https://publicsuffix.org/list/public_suffix_list.dat | grep -vE '^(//|.*[*!])' | grep '\.' | awk '{print $1}'); do
	for ns in $(dig +short "$tld" NS | sed 's/\.$//'); do
		attempt_axfr "$tld" "$ns" "$OUTPUT_DIR/psl/$tld.txt"
	done
done
Finalized POSIX shell script 2023-10-28 22:10:35 -04:00			`#!/bin/sh`
Code cleanup & README cleanup 2023-11-01 17:02:39 -04:00			`# Mass DNS AXFR (POSIX version) - developed by acidvegas (https://git.acid.vegas/mdaxfr)`
Finalized POSIX shell script 2023-10-28 22:10:35 -04:00
			`OUTPUT_DIR="axfrout"`
			`mkdir -p "$OUTPUT_DIR"`
Parse the root tlds from the root nameservers instead, added more ozones 2023-11-06 21:09:15 -05:00			`mkdir -p "$OUTPUT_DIR/root"`
			`mkdir -p "$OUTPUT_DIR/psl"`
Finalized POSIX shell script 2023-10-28 22:10:35 -04:00
Updated README, posix rewrite 2023-10-29 00:45:10 -04:00			`resolve_nameserver() {`
POSIX version now attempts IPv4 & IPv6, Python & POSIX version now correctly attempts every IP beloging to the nameserver 2023-11-23 14:16:35 -05:00			`dig +short AAAA $1 +short -t A $1 2>/dev/null`
Updated README, posix rewrite 2023-10-29 00:45:10 -04:00			`}`

Finalized POSIX shell script 2023-10-28 22:10:35 -04:00			`attempt_axfr() {`
POSIX script has been debugged and improved. Color support added. Fixed parsing root-zones 2023-11-23 15:31:46 -05:00			`tld=$1`
			`nameserver=$2`
			`filename="$3"`
			`temp_file="${filename}.temp"`

			`nameserver_ips=$(resolve_nameserver "$nameserver")`
			`if [ -z "$nameserver_ips" ]; then`
			`echo -e "\e[31m[FAIL]\e[0m AXFR for \e[36m$tld\e[0m on \e[33m$nameserver\e[0m \e[90m(failed to resolve nameserver)\e[0m"`
			`return`
			`fi`

			`for nameserver_ip in $nameserver_ips; do`
			`dig AXFR "$tld" "@$nameserver_ip" > "$temp_file"`
Improved checking for successful zone axfrs 2023-11-23 15:46:22 -05:00			`if ! grep -q 'IN.*NS' "$temp_file"; then`
POSIX script has been debugged and improved. Color support added. Fixed parsing root-zones 2023-11-23 15:31:46 -05:00			`echo -e "[\e[31mFAIL\e[0m] AXFR for \e[36m$tld\e[0m on \e[33m$nameserver\e[0m \e[90m($nameserver_ip)\e[0m"`
			`rm -f "$temp_file"`
			`else`
			`mv "$temp_file" "$filename"`
			`echo -e "[\e[32mSUCCESS\e[0m] AXFR for \e[36m$tld\e[0m on \e[33m$nameserver\e[0m \e[90m($nameserver_ip)\e[0m"`
			`return`
			`fi`
			`done`
Finalized POSIX shell script 2023-10-28 22:10:35 -04:00			`}`

Added MADNESS experimental script. 2023-11-24 05:03:38 -05:00			`echo "[\e[31mWARNING\e[0m] Most nameservers will block AXFR requests \e[90m(It is normal for most of these to fail)\e[0m"`
POSIX script has been debugged and improved. Color support added. Fixed parsing root-zones 2023-11-23 15:31:46 -05:00			`sleep 3`

Added in-addr.arpa zone retrieval to the POSIX version 2023-11-24 04:11:01 -05:00			`# For root IP space zones`
Fixed formatting on in-addr.arpa code 2023-11-24 04:12:04 -05:00			`for i in $(seq 0 255); do`
			`dig +nocmd +noall +answer +multiline $i.in-addr.arpa NS >> $OUTPUT_DIR/root/in-addr.arpa.txt`
			`done`
Added in-addr.arpa zone retrieval to the POSIX version 2023-11-24 04:11:01 -05:00
Updated README, posix rewrite 2023-10-29 00:45:10 -04:00			`# For root nameservers`
POSIX script has been debugged and improved. Color support added. Fixed parsing root-zones 2023-11-23 15:31:46 -05:00			`for root in $(dig +short . NS \| sed 's/\.$//'); do`
Parse the root tlds from the root nameservers instead, added more ozones 2023-11-06 21:09:15 -05:00			`attempt_axfr "." "$root" "$OUTPUT_DIR/root/$root.txt"`
Updated README, posix rewrite 2023-10-29 00:45:10 -04:00			`done`
Finalized POSIX shell script 2023-10-28 22:10:35 -04:00
Parse the root tlds from the root nameservers instead, added more ozones 2023-11-06 21:09:15 -05:00			`# Parse the tld list from a root nameserver`
POSIX script has been debugged and improved. Color support added. Fixed parsing root-zones 2023-11-23 15:31:46 -05:00			`rndroot=$(find $OUTPUT_DIR/root/*.root-servers.net.txt -type f \| shuf -n 1)`
Parse the root tlds from the root nameservers instead, added more ozones 2023-11-06 21:09:15 -05:00			`if [ -z $rndroot ]; then`
			`echo "Failed to AXFR a root nameserver (using IANA list instead)"`
			`tlds=$(curl -s 'https://data.iana.org/TLD/tlds-alpha-by-domain.txt' \| tail -n +2 \| tr '[:upper:]' '[:lower:]')`
			`else`
			`tlds=$(cat $rndroot \| grep -E 'IN\s+NS' \| awk '{print $1}' \| sed 's/\.$//' \| sort -u)`
			`fi`

Updated README, posix rewrite 2023-10-29 00:45:10 -04:00			`# For TLD nameservers`
Parse the root tlds from the root nameservers instead, added more ozones 2023-11-06 21:09:15 -05:00			`for tld in $tlds; do`
POSIX script has been debugged and improved. Color support added. Fixed parsing root-zones 2023-11-23 15:31:46 -05:00			`for ns in $(dig +short "$tld" NS \| sed 's/\.$//'); do`
Updated README, posix rewrite 2023-10-29 00:45:10 -04:00			`attempt_axfr "$tld" "$ns" "$OUTPUT_DIR/$tld.txt"`
Finalized POSIX shell script 2023-10-28 22:10:35 -04:00			`done`
Updated README, posix rewrite 2023-10-29 00:45:10 -04:00			`done`
Added support for public suffix list tlds 2023-10-30 20:30:44 -04:00
			`# For Public Suffix List TLD nameservers`
			`for tld in $(curl -s https://publicsuffix.org/list/public_suffix_list.dat \| grep -vE '^(//\|.[!])' \| grep '\.' \| awk '{print $1}'); do`
POSIX script has been debugged and improved. Color support added. Fixed parsing root-zones 2023-11-23 15:31:46 -05:00			`for ns in $(dig +short "$tld" NS \| sed 's/\.$//'); do`
Parse the root tlds from the root nameservers instead, added more ozones 2023-11-06 21:09:15 -05:00			`attempt_axfr "$tld" "$ns" "$OUTPUT_DIR/psl/$tld.txt"`
Added support for public suffix list tlds 2023-10-30 20:30:44 -04:00			`done`
			`done`