Skip to content

Instantly share code, notes, and snippets.

@joshfinley

joshfinley/recursive-zone-transfer.py

Last active February 22, 2024 20:24
Show Gist options
  • Save joshfinley/3ffb089e6c5296ebd217269ce7e815cf to your computer and use it in GitHub Desktop.
Save joshfinley/3ffb089e6c5296ebd217269ce7e815cf to your computer and use it in GitHub Desktop.
Download ZIP
Check for zone transfers in a domain and all its subdomains
Raw
recursive-zone-transfer.py
import dns.query
import dns.zone
import sys
def axfr_query(domain, nameserver):
try:
zone = dns.zone.from_xfr(dns.query.xfr(nameserver, domain))
return zone
except Exception:
return None
def recursive_axfr(domain, nameserver, level=0):
zone = axfr_query(domain, nameserver)
if zone:
for name, node in zone.nodes.items():
rdatasets = node.rdatasets
for rdataset in rdatasets:
for rdata in rdataset:
full_record = f"{name}.{domain} {rdataset.ttl} IN {rdataset.rdtype} {rdata}"
print(f"zone {level}, name: {domain}, {full_record}")
# Check for subdomains and recursively query
for name in zone.nodes.keys():
if str(name) != "@":
subdomain = f"{name}.{domain}"
recursive_axfr(subdomain, nameserver, level + 1)
if __name__ == "__main__":
if len(sys.argv) != 3:
print("Usage: python script.py <domain> <nameserver>")
sys.exit(1)
domain = sys.argv[1]
nameserver = sys.argv[2]
recursive_axfr(domain, nameserver)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment