Information Technology Grimoire

Version .0.0.1

IT Notes from various projects because I forget, and hopefully they help you too.

DNS Fuzzer

Bash Script DNS Test

If you needed to test several subdomains you could use a dictionary or specific list.

#!/bin/bash
set -e; set -u

# crude sub domain fuzzing
COMMON_SUBDOMAINS="www mail mx a.mx smtp pop imap blog en ftp ssh login dev test"
EXTENDED=""

while :; do case "$1" in
  --) shift; break ;;
  -x) EXTENDED=y; shift ;;
  -s) NS="$2"; shift 2 ;;
  *) break ;;
esac; done
DOM="$1"; shift
TYPE="${1:-any}"

test "${NS:-}" || NS=$(dig +short  SOA "$DOM" | awk '{print $1}')
test "$NS" && NS="@$NS"

if test "$EXTENDED"; then
  wild_ips=$(dig +short "$NS" "*.$DOM" "$TYPE" | tr '\n' '|')
  wild_ips="${wild_ips%|}"
  for sub in $COMMON_SUBDOMAINS; do
    dig +nocmd $NS "$sub.$DOM" +noall +answer "$TYPE"
  done | cat  #grep -vE "${wild_ips}"
  dig +nocmd $NS "*.$DOM" +noall +answer "$TYPE"
else
  dig +nocmd $NS "$DOM" +noall +answer "$TYPE"
fi

# sh dg.sh -x jamesfraze.com
www.jamesfraze.com.       300     IN      CNAME   jamesfraze.com.
jamesfraze.com.           300     IN      A       162.243.23.116
jamesfraze.com.           300     IN      MX      10 mx1.emailsrvr.com.
jamesfraze.com.           300     IN      MX      20 mx2.emailsrvr.com.
jamesfraze.com.           86400   IN      NS      ns1039.ui-dns.org.
jamesfraze.com.           86400   IN      NS      ns1069.ui-dns.de.
jamesfraze.com.           86400   IN      NS      ns1114.ui-dns.com.
jamesfraze.com.           86400   IN      NS      ns1069.ui-dns.biz.
jamesfraze.com.           300     IN      TXT     "v=spf1 include:emailsrvr.com ~all"
jamesfraze.com.           300     IN      TXT     "google-site-verification=_yNO75ldL6Vdq6wCYnzrD-C9-ftZHWUpogEnF2AJnIM"
jamesfraze.com.           86400   IN      SOA     ns1114.ui-dns.com. hostmaster.1und1.com. 2017060117 28800 7200 604800 600

specifying a server

# sh dg.sh -s 8.8.8.8 jamesfraze.com
jamesfraze.com.           300     IN      A       162.243.23.116
jamesfraze.com.           300     IN      MX      10 mx1.emailsrvr.com.
jamesfraze.com.           300     IN      MX      20 mx2.emailsrvr.com.
jamesfraze.com.           21600   IN      NS      ns1039.ui-dns.org.
jamesfraze.com.           21600   IN      NS      ns1069.ui-dns.de.
jamesfraze.com.           21600   IN      NS      ns1114.ui-dns.com.
jamesfraze.com.           21600   IN      NS      ns1069.ui-dns.biz.
jamesfraze.com.           300     IN      TXT     "v=spf1 include:emailsrvr.com ~all"
jamesfraze.com.           300     IN      TXT     "google-site-verification=_yNO75ldL6Vdq6wCYnzrD-C9-ftZHWUpogEnF2AJnIM"
jamesfraze.com.           21600   IN      SOA     ns1114.ui-dns.com. hostmaster.1und1.com. 2017060117 28800 7200 604800 600