Added full dnssec data for all tlds and started improving nsec/nsec3 walks

This commit is contained in:
Dionysus 2023-11-13 23:01:08 -05:00
parent d7c0c075c2
commit a10ca94dc7
Signed by: acidvegas
GPG Key ID: EF4B922DB85DC9DE
6 changed files with 1485 additions and 11 deletions

7
nsec
View File

@ -1,5 +1,6 @@
#!/bin/sh #!/bin/sh
# NSEC walk script for DNSSEC - developed by acidvegas (https://git.acid.vegas/nsecx) # NSEC walk script for DNSSEC - developed by acidvegas (https://git.acid.vegas/nsecx)
# nsec
# This script will walk through a DNS zone using NSEC records. # This script will walk through a DNS zone using NSEC records.
@ -9,9 +10,15 @@ tld="$1"
# Initialize the top-level domain (TLD) to start the walk from # Initialize the top-level domain (TLD) to start the walk from
current_domain="$tld" current_domain="$tld"
#dns_servers=$(curl -s https://public-dns.info/nameservers.txt | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}')
# Loop to walk through the zone using NSEC records # Loop to walk through the zone using NSEC records
while true; do while true; do
# Select a random DNS server from the list
#nameserver=$(shuf -n 1 -e $dns_servers)
# Perform the dig command to get the NSEC record for the current domain # Perform the dig command to get the NSEC record for the current domain
#output="$(dig @${nameserver} +trace $current_domain NSEC)"
output="$(dig +trace $current_domain NSEC)" output="$(dig +trace $current_domain NSEC)"
# Use grep to find the line with the current domain and then use awk to extract the next domain # Use grep to find the line with the current domain and then use awk to extract the next domain

14
nsec3 Executable file
View File

@ -0,0 +1,14 @@
#!/bin/bash
# NSEC walk script for DNSSEC - developed by acidvegas (https://git.acid.vegas/nsecx)
# https://github.com/anonion0/nsec3map
#python3 -m pip install n3map[predict]
TARGET=$1 # Can simply be a TLD (no dot)
mkdir -p output
for NS in $(dig @8.8.8.8 +short NS $TARGET | sort -R); do
IPADDR=$(dig +short "$1" A || dig +short "$1" AAAA)
echo "Targeting $TARGET on $NS ($IPADDR)..."
n3map -avpl --output=output/$TARGET_$NS.txt $IPV4 --ignore-overlapping $TARGET
echo "-------------------------"
done

98
output/nodnssec.txt Normal file
View File

@ -0,0 +1,98 @@
ae
al
ao
aq
as
ba
bb
bf
bi
bo
bs
bw
cd
cf
cg
ck
cm
cu
cv
cw
dj
do
eg
fk
ga
gb
ge
gf
gh
gm
gp
gq
gt
gu
hm
im
iq
jm
jo
kh
km
kn
kp
ls
mh
mk
ml
mo
mp
mq
ms
mt
mu
mv
mw
mz
ne
ng
ni
np
nr
pa
pf
pg
pk
pn
ps
qa
sd
sm
sr
st
sv
sy
sz
tc
td
tg
tj
tk
to
va
vi
xn--d1alf
xn--j1amh
xn--lgbbat1ad8j
xn--mgba3a4f16a
xn--mgbaam7a8h
xn--mgbayh7gpa
xn--mgbc0a9azcg
xn--mgbpl2fh
xn--mgbtx2b
xn--mix891f
xn--node
xn--ogbpf8fl
xn--wgbl6a
ye
zw

51
output/nsec.txt Normal file
View File

@ -0,0 +1,51 @@
arpa
audio
auto
ax
bd
br
bt
car
cars
ch
christmas
ci
diet
dz
ee
er
flowers
game
gdn
gn
gov
guitars
hosting
id
ir
kg
kz
lb
li
lk
lol
lr
mc
mom
nu
pics
pr
ruhr
se
sl
tn
tz
ve
xn--54b7fta0cc
xn--80ao21a
xn--fzc2c9e2c
xn--l1acc
xn--mgbai9azgqp6j
xn--pgbs0dh
xn--xkc2al3hye2a
xn--ygbi2ammx

1309
output/nsec3.txt Normal file

File diff suppressed because it is too large Load Diff

17
tldsec
View File

@ -1,5 +1,6 @@
#!/bin/sh #!/bin/sh
# NSEC walk script for DNSSEC - developed by acidvegas (https://git.acid.vegas/nsecx) # NSEC walk script for DNSSEC - developed by acidvegas (https://git.acid.vegas/nsecx)
# tldsec
# This script will check the DNSSEC status of all TLDs and output the results separated by NSEC, NSEC3, and NODNSSEC. # This script will check the DNSSEC status of all TLDs and output the results separated by NSEC, NSEC3, and NODNSSEC.
# NSEC3 records will also include the NSEC3PARAM parameters for the zone as well for cracking in Hashcat. # NSEC3 records will also include the NSEC3PARAM parameters for the zone as well for cracking in Hashcat.
@ -11,18 +12,15 @@ YELLOW='\033[0;33m'
CYAN='\033[0;36m' CYAN='\033[0;36m'
PURPLE='\033[0;35m' PURPLE='\033[0;35m'
GRAY='\033[1;30m' GRAY='\033[1;30m'
NC='\033[0m' # No Color NC='\033[0m'
# Create the output directory if it doesn't exist # Create the output directory if it doesn't exist
mkdir -p output mkdir -p output
# Parse the tld list from a root nameserver (todo: randomize the root nameserver) # Parse the tld list from a root nameserver (todo: randomize the root nameserver)
rndroot=$(dig AXFR . @a.root-servers.net | grep -E 'IN\s+NS' | awk '{print $1}' | sed 's/\.$//' | sort -u) tld_list=$(dig AXFR . @g.root-servers.net | grep -E 'IN\s+NS' | awk '{print $1}' | sed 's/\.$//' | sort -u)
if [ -z $rndroot ]; then if [ -z $tld_list ]; then
echo "Failed to AXFR a root nameserver (using IANA list instead)" tld_list=$(curl -s 'https://data.iana.org/TLD/tlds-alpha-by-domain.txt' | tail -n +2 | tr '[:upper:]' '[:lower:]')
tlds=$(curl -s 'https://data.iana.org/TLD/tlds-alpha-by-domain.txt' | tail -n +2 | tr '[:upper:]' '[:lower:]')
else
tlds=$(echo | )
fi fi
# Check if the list was retrieved successfully # Check if the list was retrieved successfully
@ -81,7 +79,4 @@ echo "$tld_list" | while read -r tld; do
"$nsec_total" "$nsec3_total" "$nodnssec_total" "$tld" "$nsec_total" "$nsec3_total" "$nodnssec_total" "$tld"
done done
# Move to a new line after the loop is done to avoid overwriting the last line echo "\nCheck completed! Data written to the output directory."
echo
echo "Check completed! Data written to the output directory."