Created
February 19, 2020 20:08
-
-
Save gothburz/f9805f0b10637e69dcb887d3292abee3 to your computer and use it in GitHub Desktop.
A simple function that takes a domain, finds NS records, resolves their IP, and attempts a DNS Zone Transfer with dnspython.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/python3 | |
# A Simple function that finds NS records, resolves their IP, and attempts a DNS Zone Transfer | |
import dns.zone | |
import dns.resolver | |
ns_servers = [] | |
def dns_zone_xfer(address): | |
ns_answer = dns.resolver.query(address, 'NS') | |
for server in ns_answer: | |
print("[*] Found NS: {}".format(server)) | |
ip_answer = dns.resolver.query(server.target, 'A') | |
for ip in ip_answer: | |
print("[*] IP for {} is {}".format(server, ip)) | |
try: | |
zone = dns.zone.from_xfr(dns.query.xfr(str(ip), address)) | |
for host in zone: | |
print("[*] Found Host: {}".format(host)) | |
except Exception as e: | |
print("[*] NS {} refused zone transfer!".format(server)) | |
continue | |
dns_zone_xfer('megacorpone.com') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I've removed the deprecated messages and optimized the code a bit to use an arg instead of hardcoded domain. Maybe you want to update your code?
#!/bin/python3
A Simple function that finds NS records, resolves their IP, and attempts a DNS Zone Transfer
import dns.zone
import dns.resolver
import argparse
parser = argparse.ArgumentParser(description='Enter domain to parse and attempt a DNS Zone Transfer')
parser.add_argument("domain")
args = parser.parse_args()
print('Domain entered: ' + args.domain)
my_resolver = dns.resolver.Resolver()
ns_servers = []
def dns_zone_xfer(address):
ns_answer = my_resolver.resolve(address, 'NS')
for server in ns_answer:
print("[] Found NS: {}".format(server))
ip_answer = my_resolver.resolve(server.target, 'A')
for ip in ip_answer:
print("[] IP for {} is {}".format(server, ip))
try:
zone = dns.zone.from_xfr(dns.query.xfr(str(ip), address))
for host in zone:
print("[] Found Host: {}".format(host))
except Exception as e:
print("[] NS {} REFUSED ZONE TRANSFER!".format(server))
continue
dns_zone_xfer(args.domain)