Added --noise

This commit is contained in:
Dionysus 2024-02-09 11:35:03 -05:00
parent 7bd5e21828
commit 5c799ee239
Signed by: acidvegas
GPG Key ID: EF4B922DB85DC9DE
3 changed files with 27 additions and 10 deletions

View File

@ -26,8 +26,9 @@ This will return `151.202.0.84`, marking it as a DNS server that is actively log
## WORK IN PROGRESS (STAY TUNED) ## WORK IN PROGRESS (STAY TUNED)
- [ ] Bind server running accepting wildcard DNS lookups on custom domain. - [ ] Bind server running accepting wildcard DNS lookups on custom domain.
- [ ] Hunt down specific DNS servers used by ISP's from an ASN lookup - [X] Hunt down specific DNS servers used by ISP's from an ASN lookup
- [ ] Any way to apply this to custom DNS servers used by VPNs? - [ ] Any way to apply this to custom DNS servers used by VPNs?
- [ ] Noise generator to abuse known logging servers.
This is all very theoretical right now, interested to see how this pans out. This is all very theoretical right now, interested to see how this pans out.

View File

@ -59,15 +59,18 @@ async def main(args):
semaphore = asyncio.BoundedSemaphore(args.concurrency) semaphore = asyncio.BoundedSemaphore(args.concurrency)
tasks = [] tasks = []
for domain in args.domains.split(','): while True:
for dns_server in dns_keys: for domain in args.domains.split(','):
if len(tasks) < args.concurrency: for dns_server in dns_keys:
query_record = random.choice(args.rectype) if len(tasks) < args.concurrency:
task = asyncio.create_task(dns_lookup(domain, dns_keys[dns_server], dns_server, query_record, args.timeout, semaphore)) query_record = random.choice(args.rectype)
tasks.append(task) task = asyncio.create_task(dns_lookup(domain, dns_keys[dns_server], dns_server, query_record, args.timeout, semaphore))
else: tasks.append(task)
done, pending = await asyncio.wait(tasks, return_when=asyncio.FIRST_COMPLETED) else:
tasks = list(pending) done, pending = await asyncio.wait(tasks, return_when=asyncio.FIRST_COMPLETED)
tasks = list(pending)
if not args.noise:
break
@ -83,6 +86,7 @@ if __name__ == '__main__':
parser.add_argument('-r', '--resolvers', help='File containing list of DNS resolvers (uses public-dns.info if not specified)') parser.add_argument('-r', '--resolvers', help='File containing list of DNS resolvers (uses public-dns.info if not specified)')
parser.add_argument('-rt', '--rectype', default='A,AAAA', help='Comma-seperated list of DNS record type (default: A)') parser.add_argument('-rt', '--rectype', default='A,AAAA', help='Comma-seperated list of DNS record type (default: A)')
parser.add_argument('-t', '--timeout', type=int, default=3, help='Timeout for DNS lookup (default: 3)') parser.add_argument('-t', '--timeout', type=int, default=3, help='Timeout for DNS lookup (default: 3)')
parser.add_argument('-n', '--noise', action='store_true', help='Enable random subdomain noise')
args = parser.parse_args() args = parser.parse_args()
sh = logging.StreamHandler() sh = logging.StreamHandler()

12
vpn_dns.txt Normal file
View File

@ -0,0 +1,12 @@
103.86.96.100 # NordVPN
103.86.99.100 # NordVPN
104.223.91.194 # TorGuard
104.223.91.210 # TorGuard
35.170.152.112 # TorGuard
34.228.48.172 # TorGuard
https://mullvad.net/en/help/dns-over-https-and-dns-over-tls
54.225.156.17 ns1.airvpn.org
52.48.66.85 ns2.airvpn.org
dig ANY earth.all.vpn.airdns.org @dns1.airvpn.org +short