acidvegas/mdaxfr
acidvegas/mdaxfr
1
Fork 0
Code Issues Pull Requests Activity

Code cleanup & README cleanup

Browse Source
This commit is contained in:
Dionysus 2023-11-01 17:02:39 -04:00
parent 605c44c767
commit b441bf9e96
Signed by: acidvegas
GPG Key ID: EF4B922DB85DC9DE
4 changed files with 101 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -3,7 +3,7 @@
###### This script will attempt a [Zone Transfer](https://en.wikipedia.org/wiki/DNS_zone_transfer) on all of the [Root Nameservers](https://en.wikipedia.org/wiki/Root_name_server) and [Top-level Domains](https://en.wikipedia.org/wiki/Top-level_domain) *(TLDs)*. ###### This script will attempt a [Zone Transfer](https://en.wikipedia.org/wiki/DNS_zone_transfer) on all of the [Root Nameservers](https://en.wikipedia.org/wiki/Root_name_server) and [Top-level Domains](https://en.wikipedia.org/wiki/Top-level_domain) *(TLDs)*.
## Expectations & Legalities ## Expectations & Legalities
Please set realistic expectations when using this tool. In contemporary network configurations, AXFR requests are typically restricted, reflecting best practices in DNS security. While many nameservers now disallow AXFR requests, there may still be occasional instances where configurations permit them. Always exercise due diligence and ensure ethical use. It is expected to set *realistic* expectations when using this tool. In contemporary network configurations, AXFR requests are typically restricted, reflecting best practices in DNS security. While many nameservers now disallow AXFR requests, there may still be occasional instances where configurations permit them. Always exercise due diligence and ensure ethical use.
## Requirements ## Requirements
- [dnspython](https://pypi.org/project/dnspython/) *(`pip install dnspython`)* - [dnspython](https://pypi.org/project/dnspython/) *(`pip install dnspython`)*

2
mdaxfr
View File

@ -1,5 +1,5 @@
#!/bin/sh #!/bin/sh
# Mass DNS AXFR - developed by acidvegas in posix shell script (https://git.acid.vegas/mdaxfr) # Mass DNS AXFR (POSIX version) - developed by acidvegas (https://git.acid.vegas/mdaxfr)
OUTPUT_DIR="axfrout" OUTPUT_DIR="axfrout"
mkdir -p "$OUTPUT_DIR" mkdir -p "$OUTPUT_DIR"

194
mdaxfr.py
View File

@ -7,130 +7,130 @@ import random
import urllib.request import urllib.request
try: try:
import dns.rdatatype import dns.rdatatype
import dns.query import dns.query
import dns.zone import dns.zone
import dns.resolver import dns.resolver
except ImportError: except ImportError:
raise SystemExit('missing required \'dnspython\' module (pip install dnspython)') raise SystemExit('missing required \'dnspython\' module (pip install dnspython)')
def attempt_axfr(tld: str, nameserver: str, filename: str): def attempt_axfr(tld: str, nameserver: str, filename: str):
''' '''
Perform a DNS zone transfer on a target domain. Perform a DNS zone transfer on a target domain.
:param target: The target domain to perform the zone transfer on. :param target: The target domain to perform the zone transfer on.
:param nameserver: The nameserver to perform the zone transfer on. :param nameserver: The nameserver to perform the zone transfer on.
:param filename: The filename to store the zone transfer results in. :param filename: The filename to store the zone transfer results in.
''' '''
temp_file = filename + '.temp' temp_file = filename + '.temp'
if not (nameserver := resolve_nameserver(nameserver)): if not (nameserver := resolve_nameserver(nameserver)):
logging.error(f'Failed to resolve nameserver {nameserver}: {ex}') logging.error(f'Failed to resolve nameserver {nameserver}: {ex}')
else: else:
for ns in nameserver: # Let's try all the IP addresses for the nameserver for ns in nameserver: # Let's try all the IP addresses for the nameserver
try: try:
with open(temp_file, 'w') as file: with open(temp_file, 'w') as file:
xfr = dns.query.xfr(nameserver.address, tld+'.', lifetime=300) xfr = dns.query.xfr(nameserver.address, tld+'.', lifetime=300)
for msg in xfr: for msg in xfr:
for rrset in msg.answer: for rrset in msg.answer:
for rdata in rrset: for rdata in rrset:
file.write(f'{rrset.name}.{tld} {rrset.ttl} {rdata}\n') file.write(f'{rrset.name}.{tld} {rrset.ttl} {rdata}\n')
os.rename(temp_file, filename) os.rename(temp_file, filename)
except Exception as ex: except Exception as ex:
if os.path.exists(temp_file): if os.path.exists(temp_file):
os.remove(temp_file) os.remove(temp_file)
logging.error(f'Failed to perform zone transfer from {nameserver.address} for {tld}: {ex}') logging.error(f'Failed to perform zone transfer from {nameserver.address} for {tld}: {ex}')
def get_root_nameservers() -> list: def get_root_nameservers() -> list:
'''Generate a list of the root nameservers.''' '''Generate a list of the root nameservers.'''
root_ns_records = dns.resolver.resolve('.', 'NS', lifetime=15) root_ns_records = dns.resolver.resolve('.', 'NS', lifetime=15)
root_servers = [str(rr.target)[:-1] for rr in root_ns_records] root_servers = [str(rr.target)[:-1] for rr in root_ns_records]
return root_servers return root_servers
def get_root_tlds() -> list: def get_root_tlds() -> list:
'''Get the root TLDs from IANA.''' '''Get the root TLDs from IANA.'''
tlds = urllib.request.urlopen('https://data.iana.org/TLD/tlds-alpha-by-domain.txt').read().decode('utf-8').lower().split('\n')[1:] tlds = urllib.request.urlopen('https://data.iana.org/TLD/tlds-alpha-by-domain.txt').read().decode('utf-8').lower().split('\n')[1:]
random.shuffle(tlds) random.shuffle(tlds)
return tlds return tlds
def get_tld_nameservers(tld: str) -> list: def get_tld_nameservers(tld: str) -> list:
'''Get the nameservers for a TLD.''' '''Get the nameservers for a TLD.'''
try: try:
return [str(nameserver) for nameserver in dns.resolver.resolve(tld+'.', 'NS', lifetime=60)] return [str(nameserver) for nameserver in dns.resolver.resolve(tld+'.', 'NS', lifetime=60)]
except dns.exception.Timeout: except dns.exception.Timeout:
logging.warning(f"Timeout fetching nameservers for TLD: {tld}") logging.warning(f'Timeout fetching nameservers for TLD: {tld}')
except dns.resolver.NoNameservers: except dns.resolver.NoNameservers:
logging.warning(f"No nameservers found for TLD: {tld}") logging.warning(f'No nameservers found for TLD: {tld}')
return [] return []
def get_psl_tlds() -> list: def get_psl_tlds() -> list:
'''Download the Public Suffix List and return its contents.''' '''Download the Public Suffix List and return its contents.'''
data = urllib.request.urlopen('https://publicsuffix.org/list/public_suffix_list.dat').read().decode() data = urllib.request.urlopen('https://publicsuffix.org/list/public_suffix_list.dat').read().decode()
domains = [] domains = []
for line in data.split('\n'): for line in data.split('\n'):
if line.startswith('//') or not line: if line.startswith('//') or not line:
continue continue
if '*' in line or '!' in line: if '*' in line or '!' in line:
continue continue
if '.' not in line: if '.' not in line:
continue continue
domains.append(line) domains.append(line)
return domains return domains
def resolve_nameserver(nameserver: str) -> str: def resolve_nameserver(nameserver: str) -> str:
''' '''
Resolve a nameserver to its IP address. Resolve a nameserver to its IP address.
:param nameserver: The nameserver to resolve. :param nameserver: The nameserver to resolve.
''' '''
data = [] data = []
for version in ('A', 'AAAA'): for version in ('A', 'AAAA'):
try: try:
data += [ip.address for ip in dns.resolver.resolve(nameserver, version, lifetime=60)] data += [ip.address for ip in dns.resolver.resolve(nameserver, version, lifetime=60)]
except: except:
pass pass
return data return data
if __name__ == '__main__': if __name__ == '__main__':
import argparse import argparse
import concurrent.futures import concurrent.futures
parser = argparse.ArgumentParser(description='Mass DNS AXFR') parser = argparse.ArgumentParser(description='Mass DNS AXFR')
parser.add_argument('-c', '--concurrency', type=int, default=30, help='maximum concurrent tasks') parser.add_argument('-c', '--concurrency', type=int, default=30, help='maximum concurrent tasks')
parser.add_argument('-o', '--output', default='axfrout', help='output directory') parser.add_argument('-o', '--output', default='axfrout', help='output directory')
parser.add_argument('-t', '--timeout', type=int, default=30, help='DNS timeout (default: 30)') parser.add_argument('-t', '--timeout', type=int, default=30, help='DNS timeout (default: 30)')
args = parser.parse_args() args = parser.parse_args()
os.makedirs(args.output, exist_ok=True) os.makedirs(args.output, exist_ok=True)
dns.resolver._DEFAULT_TIMEOUT = args.timeout dns.resolver._DEFAULT_TIMEOUT = args.timeout
with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor: with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor:
futures = [executor.submit(attempt_axfr, '', root, os.path.join(args.output, root + '.txt')) for root in get_root_nameservers()] futures = [executor.submit(attempt_axfr, '', root, os.path.join(args.output, root + '.txt')) for root in get_root_nameservers()]
for future in concurrent.futures.as_completed(futures): for future in concurrent.futures.as_completed(futures):
try: try:
future.result() future.result()
except Exception as e: except Exception as e:
logging.error(f'Error in root server task: {e}') logging.error(f'Error in root server task: {e}')
with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor: with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor:
futures = [executor.submit(attempt_axfr, tld, ns, os.path.join(args.output, tld + '.txt')) for tld in get_root_tlds() for ns in get_tld_nameservers(tld) if ns] futures = [executor.submit(attempt_axfr, tld, ns, os.path.join(args.output, tld + '.txt')) for tld in get_root_tlds() for ns in get_tld_nameservers(tld) if ns]
for future in concurrent.futures.as_completed(futures): for future in concurrent.futures.as_completed(futures):
try: try:
future.result() future.result()
except Exception as e: except Exception as e:
logging.error(f'Error in TLD task: {e}') logging.error(f'Error in TLD task: {e}')
with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor: with concurrent.futures.ThreadPoolExecutor(max_workers=args.concurrency) as executor:
futures = [executor.submit(attempt_axfr, tld, ns, os.path.join(args.output, tld + '.txt')) for tld in get_psl_tlds() for ns in get_tld_nameservers(tld) if ns] futures = [executor.submit(attempt_axfr, tld, ns, os.path.join(args.output, tld + '.txt')) for tld in get_psl_tlds() for ns in get_tld_nameservers(tld) if ns]
for future in concurrent.futures.as_completed(futures): for future in concurrent.futures.as_completed(futures):
try: try:
future.result() future.result()
except Exception as e: except Exception as e:
logging.error(f'Error in TLD task: {e}') logging.error(f'Error in TLD task: {e}')

4
opennic
View File

@ -2,15 +2,12 @@
# OpenNIC AXFR - devloped by acidvegas (https://git.acid.vegas/mdaxfr) # OpenNIC AXFR - devloped by acidvegas (https://git.acid.vegas/mdaxfr)
servers=$(curl -s 'https://api.opennicproject.org/geoip/?list&ipv=all&res=100' | grep -oE '([0-9]{1,3}(\.[0-9]{1,3}){3}|[0-9a-fA-F:]+:[0-9a-fA-F:]+)') servers=$(curl -s 'https://api.opennicproject.org/geoip/?list&ipv=all&res=100' | grep -oE '([0-9]{1,3}(\.[0-9]{1,3}){3}|[0-9a-fA-F:]+:[0-9a-fA-F:]+)')
tlds=("bbs" "chan" "cyb" "dyn" "epic" "geek" "gopher" "indy" "libre" "neo" "null" "o" "oss" "oz" "parody" "pirate" "opennic.glue" "dns.opennic.glue") tlds=("bbs" "chan" "cyb" "dyn" "epic" "geek" "gopher" "indy" "libre" "neo" "null" "o" "oss" "oz" "parody" "pirate" "opennic.glue" "dns.opennic.glue")
ptlds=("bazar" "bit" "coin" "emc" "lib" "fur" "ku" "te" "ti" "uu" "ko" "rm") ptlds=("bazar" "bit" "coin" "emc" "lib" "fur" "ku" "te" "ti" "uu" "ko" "rm")
all_tlds=("${tlds[@]}" "${ptlds[@]}") all_tlds=("${tlds[@]}" "${ptlds[@]}")
for tld in "${ptlds[@]}"; do for tld in "${ptlds[@]}"; do
echo "Attempting zone transfer for $tld..." echo "Attempting zone transfer for $tld..."
success=0 success=0
for server in $servers; do for server in $servers; do
if ! output=$(dig AXFR "$tld." @"$server" 2>&1); then if ! output=$(dig AXFR "$tld." @"$server" 2>&1); then
@ -27,7 +24,6 @@ for tld in "${ptlds[@]}"; do
break break
fi fi
done done
if [ $success -eq 0 ]; then if [ $success -eq 0 ]; then
echo "Zone transfer failed for $tld at all servers." echo "Zone transfer failed for $tld at all servers."
fi fi