#!/bin/sh
# NSEC walk script for DNSSEC - developed by acidvegas (https://git.acid.vegas/nsecx)
# nsec

# This script will walk through a DNS zone using NSEC records.

# You can wall all the zones outputted from tldsec using the following command:
# cat output/nsec.txt | while read line; do ./nsec "$line"; done

dns_servers=$(curl -s https://public-dns.info/nameservers.txt | grep -oE '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b')
nameserver=$(echo "$dns_servers" | shuf -n 1)

# Loop to walk through the zone using NSEC records
while IFS= read -r line; do
    tld="$line"

    current_domain="$tld"
    retry=0
    breaker=0
    while true; do
        # Perform the dig command to get the NSEC record for the current domain
        output="$(dig @${nameserver} +trace +time=10 +tries=3 $current_domain NSEC)"

        # Use grep to find the line with the current domain and then use awk to extract the next domain
        next_domain=$(echo "$output" | grep -F "$current_domain" | awk '$4 == "NSEC" { print $5 }')

        if [ -z "$next_domain" ] || [ -n "$(printf '%s' "$next_domain" | tr -cd '\000')" ] || [ "$next_domain" = "$current_domain" ]; then
            next_domain="$current_domain"
            retry=$((retry + 1))
        elif [ "$next_domain" = "nic.$tld" ]; then
            echo "Found NIC!"
            next_domain=
        else
            echo "Found NSEC record: $next_domain"
            echo "$next_domain" >> output/nsec/$tld.txt
            retry=0
            breaker=0
        fi

        if [ $retry -eq 3 ]; then
            nameserver=$(echo "$dns_servers" | shuf -n 1)
            retry=0
            breaker=$((breaker + 1))
            if [ $breaker -eq 3 ]; then
                echo "Failed to get NSEC record for $current_domain"
                break
            fi
        fi

        # Update the current domain to the next one for the following iteration
        current_domain=$next_domain

    done
done < nsec.txt