DNS Scanner

From Kyle's Wiki
Jump to: navigation, search

This tool enumerates a domain and creates a graph

#!/bin/bash
DOMAIN=xkyle.com.
LEVELS=`echo $DOMAIN | grep -o "\." | wc -l `
let LEVELS=$LEVELS

function query {
local LEVEL=$1
local NEXTLEVEL=1
let NEXTLEVEL=$LEVEL-1
local WHOTOASK=$2

if [ $LEVEL -ne 0 ]; then

#local LEVEL=`echo $D | grep -o "\." | wc -l`
local PLACEHOLDER=1
let PLACEHOLDER=$LEVEL

local NS=`echo $DOMAIN | cut -f $LEVEL-$LEVELS -d .`
if [ "$NS" = "" ]; then
	NS=66.118.170.2
fi
if [ $NEXTLEVEL -eq 0 ]; then
local NEXTNS=$DOMAIN
else
local NEXTNS=`echo $DOMAIN | cut -f $NEXTLEVEL-$LEVELS -d .`
fi
for EACH in `dig +noall +authority @$WHOTOASK $NEXTNS | awk '{ print $5; }' | sort | head -n 4`
do
#echo '#' Asking  $EACH about $NEXTNS
echo "$WHOTOASK -> $EACH   (Domain: $NEXTNS) "
query $NEXTLEVEL $EACH
done
fi
}



#SERVERS=`dig +short`
#NEXT=`echo $DOMAIN | cut -f 1 -d .`

for EACH in `dig +short | sort | head -n 4`
do
query $LEVELS $EACH
done
Personal tools
Namespaces

Variants
Actions
Efforts
Toolbox
Meta