Script permettant de tester un nom de domaine depuis plusieurs serveurs DNS connus.





0x01. CONCEPT


L’idée est simple : tester un nom de domaine sur un ensemble de serveur DNS.


files/dnscheck/tests.png




0x02. CODE


 
#!/bin/sh
 
APP="$(basename "$0")"
 
DB="~/.config/dnsdb.lst"
 
## Arguments ######
 
if [ $# -lt 1 ]; then
  echo
  echo "Usage: $APP <hostname1 [hostname2 [...]]> "
  echo
  echo "Script will test resolution of 'hostname' with DNS servers :"
  awk '{ printf("\n%-15s  %-15s",$1,$2) }' "$DB"
  echo
  echo
  exit 0
fi
 
## Check ######
 
c=0
for target in $* ; do
  c=$((c+1))
  echo "DNS resolution attempts on '$target'"
 
  printf "\n%-15s | %-20s | %-15s | Result" "DNS server" "DNS name" "IP found"
  printf "\n%-15s | %-20s | %-15s | ------" "----------" "--------" "--------"
 
  ## Check #-----
 
  cat "$DB"|while read line ; do
    dns_ip="$(echo "$line"|cut -d':' -f2|awk '{ print $1 }')"
    dns_server="$(echo "$line"|cut -d':' -f2|awk '{ print $2 }'|sed 's/_/ /g')"
    sleep .1
    result="$(dig -4 @$dns_ip $target A 2>/dev/null)"
    str_res=$(echo "$result"|grep -A1 ";; ANSWER"|tail -n1|grep -Fw IN|grep -Fwqs A 
                && echo "OK" 
                || echo "NOK")
    ip_found=$(echo "$result"|grep -A1 ";; ANSWER"|tail -n1|grep -Fw IN|grep -Fw A|awk '{ print $5 }')
    printf "\n%-15s | %-20s | %-15s | $str_res" "$dns_ip" "$dns_server" "$ip_found"
  done
 
  ## Output #-----
 
  printf "\n"
  [ $c -eq $# ] || for i in $(seq 3 -1 0) ; do
    printf "\r[CTRL+C] to abort, waiting ${i}s ..."
    sleep .5
  done
  printf "\r" ; for i in $(seq 1 54) ; do printf " " ; done
 
done
echo
 
 




0x03. CODE


1.1.1.1             Cloudflare
8.8.4.4             Google_#1
8.8.8.8             Google_#2
4.2.2.1             OpenNIC_#1
4.2.2.2             OpenNIC_#2
4.2.2.3             OpenNIC_#3
208.67.220.220      OpenDNS_#1
208.67.222.222      OpenDNS_#2
8.26.56.26          Comodo_#1
8.20.247.20         Comodo_#2
89.233.43.71        CensurFRI_#1
89.104.194.142      CensurFRI_#2
85.214.20.141       CCC_#1
194.150.168.168     CCC_#2
213.73.91.35        CCC_#3
9.9.9.9             Quad9
84.200.69.80        DNSWatch
64.6.64.5           Verisign_#1
64.6.64.6           Verisign_#2
195.46.39.39        SafeDNS_#1
195.46.39.40        SafeDNS_#2
195.46.39.40        SafeDNS_#2
208.76.50.50        SmartViper_#1
208.76.51.51        SmartViper_#2
216.146.35.35       Dyn_#1
216.146.36.36       Dyn_#2
37.235.1.174        FreeDNS_#1
37.235.1.177        FreeDNS_#2
198.101.242.72      Alternate_DNS_#1
23.253.163.53       Alternate_DNS_#2
77.88.8.8           Yandex_#1
77.88.8.1           Yandex_#2
91.239.100.100      UncensoredDNS_#1
89.233.43.71        UncensoredDNS_#1
209.244.0.3         Level3_#1
209.244.0.4         Level3_#2
84.200.69.80        DNS.Watch_#1
84.200.70.40        DNS.Watch_#2


   =>   Écrit par : Nicolas, le 17 novembre 2019


 
Mots clés :  
  dns 
  
  network 
  
  security 
    >   Articles connexes :

GitVuln



HTTP Server, tell me who you are ?


Discuter avec un serveur web *apparement* muet ? Voici comment faire...

/tmp et /var/log en noexec sur macOS



Durcissement de Windows



2956919