Added --noise
This commit is contained in:
parent
7bd5e21828
commit
5c799ee239
@ -26,8 +26,9 @@ This will return `151.202.0.84`, marking it as a DNS server that is actively log
|
|||||||
## WORK IN PROGRESS (STAY TUNED)
|
## WORK IN PROGRESS (STAY TUNED)
|
||||||
|
|
||||||
- [ ] Bind server running accepting wildcard DNS lookups on custom domain.
|
- [ ] Bind server running accepting wildcard DNS lookups on custom domain.
|
||||||
- [ ] Hunt down specific DNS servers used by ISP's from an ASN lookup
|
- [X] Hunt down specific DNS servers used by ISP's from an ASN lookup
|
||||||
- [ ] Any way to apply this to custom DNS servers used by VPNs?
|
- [ ] Any way to apply this to custom DNS servers used by VPNs?
|
||||||
|
- [ ] Noise generator to abuse known logging servers.
|
||||||
|
|
||||||
This is all very theoretical right now, interested to see how this pans out.
|
This is all very theoretical right now, interested to see how this pans out.
|
||||||
|
|
||||||
|
22
pdknockr.py
22
pdknockr.py
@ -59,15 +59,18 @@ async def main(args):
|
|||||||
semaphore = asyncio.BoundedSemaphore(args.concurrency)
|
semaphore = asyncio.BoundedSemaphore(args.concurrency)
|
||||||
tasks = []
|
tasks = []
|
||||||
|
|
||||||
for domain in args.domains.split(','):
|
while True:
|
||||||
for dns_server in dns_keys:
|
for domain in args.domains.split(','):
|
||||||
if len(tasks) < args.concurrency:
|
for dns_server in dns_keys:
|
||||||
query_record = random.choice(args.rectype)
|
if len(tasks) < args.concurrency:
|
||||||
task = asyncio.create_task(dns_lookup(domain, dns_keys[dns_server], dns_server, query_record, args.timeout, semaphore))
|
query_record = random.choice(args.rectype)
|
||||||
tasks.append(task)
|
task = asyncio.create_task(dns_lookup(domain, dns_keys[dns_server], dns_server, query_record, args.timeout, semaphore))
|
||||||
else:
|
tasks.append(task)
|
||||||
done, pending = await asyncio.wait(tasks, return_when=asyncio.FIRST_COMPLETED)
|
else:
|
||||||
tasks = list(pending)
|
done, pending = await asyncio.wait(tasks, return_when=asyncio.FIRST_COMPLETED)
|
||||||
|
tasks = list(pending)
|
||||||
|
if not args.noise:
|
||||||
|
break
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -83,6 +86,7 @@ if __name__ == '__main__':
|
|||||||
parser.add_argument('-r', '--resolvers', help='File containing list of DNS resolvers (uses public-dns.info if not specified)')
|
parser.add_argument('-r', '--resolvers', help='File containing list of DNS resolvers (uses public-dns.info if not specified)')
|
||||||
parser.add_argument('-rt', '--rectype', default='A,AAAA', help='Comma-seperated list of DNS record type (default: A)')
|
parser.add_argument('-rt', '--rectype', default='A,AAAA', help='Comma-seperated list of DNS record type (default: A)')
|
||||||
parser.add_argument('-t', '--timeout', type=int, default=3, help='Timeout for DNS lookup (default: 3)')
|
parser.add_argument('-t', '--timeout', type=int, default=3, help='Timeout for DNS lookup (default: 3)')
|
||||||
|
parser.add_argument('-n', '--noise', action='store_true', help='Enable random subdomain noise')
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
|
||||||
sh = logging.StreamHandler()
|
sh = logging.StreamHandler()
|
||||||
|
12
vpn_dns.txt
Normal file
12
vpn_dns.txt
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
103.86.96.100 # NordVPN
|
||||||
|
103.86.99.100 # NordVPN
|
||||||
|
104.223.91.194 # TorGuard
|
||||||
|
104.223.91.210 # TorGuard
|
||||||
|
35.170.152.112 # TorGuard
|
||||||
|
34.228.48.172 # TorGuard
|
||||||
|
|
||||||
|
https://mullvad.net/en/help/dns-over-https-and-dns-over-tls
|
||||||
|
|
||||||
|
54.225.156.17 ns1.airvpn.org
|
||||||
|
52.48.66.85 ns2.airvpn.org
|
||||||
|
dig ANY earth.all.vpn.airdns.org @dns1.airvpn.org +short
|
Loading…
Reference in New Issue
Block a user