repos/consolidate_dns/index


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

#!/usr/bin/python -u
import os
from subprocess import Popen
import csv
import sys
import tempfile


os.chdir (os.path.dirname (os.path.realpath (sys.argv[0])))
dnsrecon_enabled = False
DNSRECON = "../dnsrecon/dnsrecon.py"
dnsrecon_wordlist="../dnsrecon/namelist.txt"
silent=open("/dev/null","w")
gxfr_enabled = False
GXFR = "../gxfr/gxfr.py"
bxfr_enabled = False
BXFR = "../bxfr/bxfr.py"
domains = {}
try:
  DOMAIN=sys.argv[1]
except:
  print ("Usage: %s [hostname]")
  sys.exit(1)
print("checking for back end")
if os.path.isfile(DNSRECON) :
  dnsrecon_enabled=True
  print ("  dnsrecon enabled")
else:
  print ("  dnsrecon not available or not supported")
if os.path.isfile(GXFR):
  gxfr_enabled=True
  print ("  gxfr.py enabled")
else:
  print ("  gxfr.py not available or not supported")
if os.path.isfile(BXFR):
  bxfr_enabled=True
  print ("  bxfr.py enabled")
else:
  print ("  bxfr.py not available or not supported")


if dnsrecon_enabled:
  dnsrecon_tmp = tempfile.NamedTemporaryFile(delete=False).name
  print ("Starting dnsrecon, this may take some time")
  #print (" ".join([DNSRECON,"-d",DOMAIN,"--csv",dnsrecon_tmp,'-D',dnsrecon_wordlist,"-t","brt,srv,axfr","--skip"]))
  p = Popen([DNSRECON,"-d",DOMAIN,"--csv",dnsrecon_tmp,'-D',dnsrecon_wordlist,"-t","brt,srv,axfr"] ,stdout=silent,stderr=silent)
  p.wait()
  reader = csv.reader(open(dnsrecon_tmp))
  for row in reader:
    if not row[1] in domains: 
      domains[row[1]] = []
    domains[row[1]] += row[2:]
  print ("...finished with [%d] domains" %reader.line_num)
  os.unlink(dnsrecon_tmp)

if gxfr_enabled:
  gxfr_tmp = tempfile.NamedTemporaryFile(delete=False).name
  print ("Starting gxfr, this may take some time")
  p = Popen(["/usr/bin/python",GXFR,DOMAIN,"-q","3","--csv",gxfr_tmp],stdout=silent,stderr=silent)
  p.wait()
  reader = csv.reader(open(gxfr_tmp))
  for row in reader:
    if not row[0] in domains: 
      domains[row[0]] = []
    domains[row[0]] += row[1:]
  print ("...finished with [%d] domains" %reader.line_num)
  os.unlink(gxfr_tmp)
if bxfr_enabled:
  bxfr_tmp = tempfile.NamedTemporaryFile(delete=False).name
  print ("Starting bxfr, this may take some time")
  p = Popen(["/usr/bin/python",BXFR,DOMAIN,"-q","3","--csv",bxfr_tmp],stdout=silent,stderr=silent)
  p.wait()
  reader = csv.reader(open(bxfr_tmp))
  for row in reader:
    if not row[0] in domains: 
      domains[row[0]] = []
    domains[row[0]] += row[1:]
  print ("...finished with [%d] domains" %reader.line_num)
  os.unlink(bxfr_tmp)

print "found %d subdomain(s)" % len(domains)
num = 1
for dom in domains:
  domains[dom] = set(domains[dom])
  print "[%d/%d]" % (num,len(domains)),dom,":",", ".join(domains[dom])
  num = num + 1