mdaxfr/mdaxfr.py

#!/usr/bin/env python
# Mass DNS AXFR - developed by acidvegas in python (https://git.acid.vegas/mdaxfr)

import logging
import os
import random
import urllib.request

try:
    import dns.rdatatype
    import dns.query
    import dns.zone
    import dns.resolver
except ImportError:
    raise SystemExit('missing required \'dnspython\' module (pip install dnspython)')


def attempt_axfr(tld: str, nameserver: str, filename: str):
    '''
    Perform a DNS zone transfer on a target domain.
    
    :param target: The target domain to perform the zone transfer on.
    :param nameserver: The nameserver to perform the zone transfer on.
    :param filename: The filename to store the zone transfer results in.
    '''
    temp_file = filename + '.temp'
    if not (nameserver := resolve_nameserver(nameserver)):
        logging.error(f'Failed to resolve nameserver {nameserver}: {ex}')
    else:
        for ns in nameserver: # Let's try all the IP addresses for the nameserver
            try:
                with open(temp_file, 'w') as file:
                    xfr = dns.query.xfr(nameserver.address, tld+'.', lifetime=300)
                    for msg in xfr:
                        for rrset in msg.answer:
                            for rdata in rrset:
                                file.write(f'{rrset.name}.{tld} {rrset.ttl} {rdata}\n')
                os.rename(temp_file, filename)
            except Exception as ex:
                if os.path.exists(temp_file):
                    os.remove(temp_file)
                logging.error(f'Failed to perform zone transfer from {nameserver.address} for {tld}: {ex}')


def get_root_nameservers() -> list:
    '''Generate a list of the root nameservers.'''
    root_ns_records = dns.resolver.resolve('.', 'NS', lifetime=15)
    root_servers = [str(rr.target)[:-1] for rr in root_ns_records]
    return root_servers


def get_root_tlds() -> list:
    '''Get the root TLDs from IANA.'''
    tlds = urllib.request.urlopen('https://data.iana.org/TLD/tlds-alpha-by-domain.txt').read().decode('utf-8').lower().split('\n')[1:]
    random.shuffle(tlds)
    return tlds


def get_tld_nameservers(tld: str) -> list:
    '''Get the nameservers for a TLD.'''    
    try:
        return [str(nameserver) for nameserver in dns.resolver.resolve(tld+'.', 'NS', lifetime=60)]
    except dns.exception.Timeout:
        logging.warning(f"Timeout fetching nameservers for TLD: {tld}")
    except dns.resolver.NoNameservers:
        logging.warning(f"No nameservers found for TLD: {tld}")
    return []


def get_psl_tlds() -> list:
    '''Download the Public Suffix List and return its contents.'''
    data = urllib.request.urlopen('https://publicsuffix.org/list/public_suffix_list.dat').read().decode()
    domains = []
    for line in data.split('\n'):
        if line.startswith('//') or not line:
            continue
        if '*' in line or '!' in line:
            continue
        if '.' not in line:
            continue
        domains.append(line)
    return domains


def resolve_nameserver(nameserver: str) -> str:
    '''
    Resolve a nameserver to its IP address.
    
    :param nameserver: The nameserver to resolve.
    '''
    data = []
    for version in ('A', 'AAAA'):
        try:
            data += [ip.address for ip in dns.resolver.resolve(nameserver, version, lifetime=60)]
        except:
            pass
    return data


if __name__ == '__main__':
    import argparse
    import concurrent.futures

    parser = argparse.ArgumentParser(description='Mass DNS AXFR')
    parser.add_argument('-c', '--concurrency', type=int, default=30, help='maximum concurrent tasks')
    parser.add_argument('-o', '--output', default='axfrout', help='output directory')
    parser.add_argument('-t', '--timeout', type=int, default=30, help='DNS timeout (default: 30)')
    args = parser.parse_args()

    os.makedirs(args.output, exist_ok=True)
    dns.resolver._DEFAULT_TIMEOUT = args.timeout

    with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor:
        futures = [executor.submit(attempt_axfr, '', root, os.path.join(args.output, root + '.txt')) for root in get_root_nameservers()]
        for future in concurrent.futures.as_completed(futures):
            try:
                future.result()
            except Exception as e:
                logging.error(f'Error in root server task: {e}')

    with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor:
        futures = [executor.submit(attempt_axfr, tld, ns, os.path.join(args.output, tld + '.txt')) for tld in get_root_tlds() for ns in get_tld_nameservers(tld) if ns]
        for future in concurrent.futures.as_completed(futures):
            try:
                future.result()
            except Exception as e:
                logging.error(f'Error in TLD task: {e}')

    with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor:
        futures = [executor.submit(attempt_axfr, tld, ns, os.path.join(args.output, tld + '.txt')) for tld in get_psl_tlds() for ns in get_tld_nameservers(tld) if ns]
        for future in concurrent.futures.as_completed(futures):
            try:
                future.result()
            except Exception as e:
                logging.error(f'Error in TLD task: {e}')
Initial commit 2023-10-28 14:55:58 -07:00			`#!/usr/bin/env python`
			`# Mass DNS AXFR - developed by acidvegas in python (https://git.acid.vegas/mdaxfr)`

Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`import logging`
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`import os`
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`import random`
Initial commit 2023-10-28 14:55:58 -07:00			`import urllib.request`

			`try:`
			`import dns.rdatatype`
			`import dns.query`
			`import dns.zone`
			`import dns.resolver`
			`except ImportError:`
			`raise SystemExit('missing required \'dnspython\' module (pip install dnspython)')`

Check against every ipv4 and ipv6 address now 2023-10-29 09:02:48 -07:00
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`def attempt_axfr(tld: str, nameserver: str, filename: str):`
Initial commit 2023-10-28 14:55:58 -07:00			`'''`
			`Perform a DNS zone transfer on a target domain.`

			`:param target: The target domain to perform the zone transfer on.`
			`:param nameserver: The nameserver to perform the zone transfer on.`
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`:param filename: The filename to store the zone transfer results in.`
Initial commit 2023-10-28 14:55:58 -07:00			`'''`
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`temp_file = filename + '.temp'`
Check against every ipv4 and ipv6 address now 2023-10-29 09:02:48 -07:00			`if not (nameserver := resolve_nameserver(nameserver)):`
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`logging.error(f'Failed to resolve nameserver {nameserver}: {ex}')`
			`else:`
Check against every ipv4 and ipv6 address now 2023-10-29 09:02:48 -07:00			`for ns in nameserver: # Let's try all the IP addresses for the nameserver`
			`try:`
			`with open(temp_file, 'w') as file:`
			`xfr = dns.query.xfr(nameserver.address, tld+'.', lifetime=300)`
			`for msg in xfr:`
			`for rrset in msg.answer:`
			`for rdata in rrset:`
			`file.write(f'{rrset.name}.{tld} {rrset.ttl} {rdata}\n')`
			`os.rename(temp_file, filename)`
			`except Exception as ex:`
			`if os.path.exists(temp_file):`
			`os.remove(temp_file)`
			`logging.error(f'Failed to perform zone transfer from {nameserver.address} for {tld}: {ex}')`

Initial commit 2023-10-28 14:55:58 -07:00
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`def get_root_nameservers() -> list:`
Initial commit 2023-10-28 14:55:58 -07:00			`'''Generate a list of the root nameservers.'''`
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`root_ns_records = dns.resolver.resolve('.', 'NS', lifetime=15)`
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`root_servers = [str(rr.target)[:-1] for rr in root_ns_records]`
			`return root_servers`
Initial commit 2023-10-28 14:55:58 -07:00
Check against every ipv4 and ipv6 address now 2023-10-29 09:02:48 -07:00
Initial commit 2023-10-28 14:55:58 -07:00			`def get_root_tlds() -> list:`
			`'''Get the root TLDs from IANA.'''`
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`tlds = urllib.request.urlopen('https://data.iana.org/TLD/tlds-alpha-by-domain.txt').read().decode('utf-8').lower().split('\n')[1:]`
			`random.shuffle(tlds)`
			`return tlds`
Initial commit 2023-10-28 14:55:58 -07:00
Check against every ipv4 and ipv6 address now 2023-10-29 09:02:48 -07:00
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`def get_tld_nameservers(tld: str) -> list:`
Initial commit 2023-10-28 14:55:58 -07:00			`'''Get the nameservers for a TLD.'''`
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`try:`
Check against every ipv4 and ipv6 address now 2023-10-29 09:02:48 -07:00			`return [str(nameserver) for nameserver in dns.resolver.resolve(tld+'.', 'NS', lifetime=60)]`
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`except dns.exception.Timeout:`
			`logging.warning(f"Timeout fetching nameservers for TLD: {tld}")`
			`except dns.resolver.NoNameservers:`
			`logging.warning(f"No nameservers found for TLD: {tld}")`
			`return []`
Initial commit 2023-10-28 14:55:58 -07:00
Check against every ipv4 and ipv6 address now 2023-10-29 09:02:48 -07:00
Added support for public suffix list tlds 2023-10-30 17:30:44 -07:00			`def get_psl_tlds() -> list:`
			`'''Download the Public Suffix List and return its contents.'''`
			`data = urllib.request.urlopen('https://publicsuffix.org/list/public_suffix_list.dat').read().decode()`
			`domains = []`
			`for line in data.split('\n'):`
			`if line.startswith('//') or not line:`
			`continue`
			`if '*' in line or '!' in line:`
			`continue`
			`if '.' not in line:`
			`continue`
			`domains.append(line)`
			`return domains`


Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`def resolve_nameserver(nameserver: str) -> str:`
Initial commit 2023-10-28 14:55:58 -07:00			`'''`
			`Resolve a nameserver to its IP address.`

			`:param nameserver: The nameserver to resolve.`
			`'''`
Check against every ipv4 and ipv6 address now 2023-10-29 09:02:48 -07:00			`data = []`
			`for version in ('A', 'AAAA'):`
			`try:`
			`data += [ip.address for ip in dns.resolver.resolve(nameserver, version, lifetime=60)]`
			`except:`
			`pass`
			`return data`

Initial commit 2023-10-28 14:55:58 -07:00

			`if __name__ == '__main__':`
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`import argparse`
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`import concurrent.futures`
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00
			`parser = argparse.ArgumentParser(description='Mass DNS AXFR')`
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`parser.add_argument('-c', '--concurrency', type=int, default=30, help='maximum concurrent tasks')`
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`parser.add_argument('-o', '--output', default='axfrout', help='output directory')`
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`parser.add_argument('-t', '--timeout', type=int, default=30, help='DNS timeout (default: 30)')`
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00			`args = parser.parse_args()`

Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`os.makedirs(args.output, exist_ok=True)`
			`dns.resolver._DEFAULT_TIMEOUT = args.timeout`
Finalized code more, README cleaned up 2023-10-28 18:40:06 -07:00
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor:`
Fixed root nameserver axfr 2023-10-28 23:12:17 -07:00			`futures = [executor.submit(attempt_axfr, '', root, os.path.join(args.output, root + '.txt')) for root in get_root_nameservers()]`
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`for future in concurrent.futures.as_completed(futures):`
			`try:`
			`future.result()`
			`except Exception as e:`
			`logging.error(f'Error in root server task: {e}')`
Initial commit 2023-10-28 14:55:58 -07:00
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor:`
			`futures = [executor.submit(attempt_axfr, tld, ns, os.path.join(args.output, tld + '.txt')) for tld in get_root_tlds() for ns in get_tld_nameservers(tld) if ns]`
Added support for public suffix list tlds 2023-10-30 17:30:44 -07:00			`for future in concurrent.futures.as_completed(futures):`
			`try:`
			`future.result()`
			`except Exception as e:`
			`logging.error(f'Error in TLD task: {e}')`

			`with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor:`
			`futures = [executor.submit(attempt_axfr, tld, ns, os.path.join(args.output, tld + '.txt')) for tld in get_psl_tlds() for ns in get_tld_nameservers(tld) if ns]`
Updated README, posix rewrite 2023-10-28 21:45:10 -07:00			`for future in concurrent.futures.as_completed(futures):`
			`try:`
			`future.result()`
			`except Exception as e:`
			`logging.error(f'Error in TLD task: {e}')`