54 lines
1.9 KiB
Bash
Executable File
54 lines
1.9 KiB
Bash
Executable File
#!/bin/sh
|
|
# NSEC walk script for DNSSEC - developed by acidvegas (https://git.acid.vegas/nsecx)
|
|
# nsec
|
|
|
|
# This script will walk through a DNS zone using NSEC records.
|
|
|
|
# You can wall all the zones outputted from tldsec using the following command:
|
|
# cat output/nsec.txt | while read line; do ./nsec "$line"; done
|
|
|
|
dns_servers=$(curl -s https://public-dns.info/nameservers.txt | grep -oE '\b([0-9]{1,3}\.){3}[0-9]{1,3}\b')
|
|
nameserver=$(echo "$dns_servers" | shuf -n 1)
|
|
|
|
# Loop to walk through the zone using NSEC records
|
|
while IFS= read -r line; do
|
|
tld="$line"
|
|
|
|
current_domain="$tld"
|
|
retry=0
|
|
breaker=0
|
|
while true; do
|
|
# Perform the dig command to get the NSEC record for the current domain
|
|
output="$(dig @${nameserver} +trace +time=10 +tries=3 $current_domain NSEC)"
|
|
|
|
# Use grep to find the line with the current domain and then use awk to extract the next domain
|
|
next_domain=$(echo "$output" | grep -F "$current_domain" | awk '$4 == "NSEC" { print $5 }')
|
|
|
|
if [ -z "$next_domain" ] || [ -n "$(printf '%s' "$next_domain" | tr -cd '\000')" ] || [ "$next_domain" = "$current_domain" ]; then
|
|
next_domain="$current_domain"
|
|
retry=$((retry + 1))
|
|
elif [ "$next_domain" = "nic.$tld" ]; then
|
|
echo "Found NIC!"
|
|
next_domain=
|
|
else
|
|
echo "Found NSEC record: $next_domain"
|
|
echo "$next_domain" >> output/nsec/$tld.txt
|
|
retry=0
|
|
breaker=0
|
|
fi
|
|
|
|
if [ $retry -eq 3 ]; then
|
|
nameserver=$(echo "$dns_servers" | shuf -n 1)
|
|
retry=0
|
|
breaker=$((breaker + 1))
|
|
if [ $breaker -eq 3 ]; then
|
|
echo "Failed to get NSEC record for $current_domain"
|
|
break
|
|
fi
|
|
fi
|
|
|
|
# Update the current domain to the next one for the following iteration
|
|
current_domain=$next_domain
|
|
|
|
done
|
|
done < nsec.txt |