Testing for DNS Zone Transfers

## README.md

      
          Raw
        
        
              README.md
            
          
    Testing for DNS Zone Transfers
A simple script to check if a DNS server will zone transfer.
Setup.

Update domains.txt with the domain names (zones) you want to try and transfer
Update servers.txt with the DNS Servers you want to run the script against
Either install Docker/Docker-Compose or Python with dnspython

Run
If Docker, then docker-compose up.

If Native python, just run it python test_xfer.py
Results
The results will be in a date/timestamp CSV file -> xfer_summary_xx-yy.csv

  
## docker-compose.yaml
version: '2'
services:

  py_dnspython:
    image: linickx/python-alpine-dnspython
    command: test_xfer.py
    volumes:
      - ./:/app/

## domains.txt
linickx.com
linickx.co.uk

## servers.txt
coco.ns.cloudflare.com
nash.ns.cloudflare.com

## test_xfer.py
#!/usr/bin/env python
# coding=utf-8
# Python linter configuration.
# pylint: disable=I0011
# pylint: disable=C0301
# pylint: disable=W0702
"""
    Script to Test if Zone Transfer works on a server

    # Nick Bettison - Linickx.com

"""

import sys
import logging
import datetime

version = "0.2"

# Logging Setup
logging.basicConfig(format='[%(levelname)s] %(asctime)s %(message)s', level=logging.DEBUG)
logger = logging.getLogger("xfr")

try:
    import dns.query
    import dns.zone
except:
    print("dnspython not installed - pip install dnspython - http://www.dnspython.org")
    logger.debug("Exception: %s", sys.exc_info()[0])
    sys.exit()

# File inputs
s_input = open('servers.txt', "r")
servers = list(s_input) # <- read the file
s_input.close()

d_input = open('domains.txt', "r")
domains = list(d_input) # <- read the file
d_input.close()

filetime = datetime.datetime.now().strftime("%y%m%d-%H%M%S") #  Timestamp
script_results = "xfer_summary_" + filetime + ".csv" # Output Filname

output = open(script_results, "w+") # <- Write the file
output.write('server,domain,status\n')

output_files = []
output_files.append(script_results)

for s in servers: # Loop thru Servers
    server = s.strip()
    for d in domains: # Loop thru Domains
        domain = d.strip()
        # http://www.dnspython.org/examples.html
        try:
            z = dns.zone.from_xfr(dns.query.xfr(server, domain))
            output.write(str(server) + "," + str(domain) + ",xfr_enabled\n")
            logger.info("XFR Enabled: %s - %s", server, domain)
            names = z.nodes.keys()
            names.sort()
            domain_results = server + "_" + domain + "_" + filetime + ".txt" # Output Filname
            domain_output = open(domain_results, "w+") # <- Write the file
            for n in names:
                zonefile_line = z[n].to_text(n)
                logger.debug(zonefile_line)
                domain_output.write(str(zonefile_line) + "\n")
            output_files.append(domain_results)
            domain_output.close()
        except:
            logger.critical("Zone Tranfser Failed: %s | %s ", server, domain)
            logger.debug("Exception: %s %s", sys.exc_info()[0], sys.exc_info()[1])
            output.write(str(server) + "," + str(domain) + ",xfr_failed\n")
            logger.info("XFR Failed: %s - %s", server, domain)


output.close() # <- Close the file

logger.info("\n\n !! Finished !! \n")
for x in output_files:
    logger.info(x)
	version: '2'
	services:

	py_dnspython:
	image: linickx/python-alpine-dnspython
	command: test_xfer.py
	volumes:
	- ./:/app/
	#!/usr/bin/env python
	# coding=utf-8
	# Python linter configuration.
	# pylint: disable=I0011
	# pylint: disable=C0301
	# pylint: disable=W0702
	"""
	Script to Test if Zone Transfer works on a server

	# Nick Bettison - Linickx.com

	"""

	import sys
	import logging
	import datetime

	version = "0.2"

	# Logging Setup
	logging.basicConfig(format='[%(levelname)s] %(asctime)s %(message)s', level=logging.DEBUG)
	logger = logging.getLogger("xfr")

	try:
	import dns.query
	import dns.zone
	except:
	print("dnspython not installed - pip install dnspython - http://www.dnspython.org")
	logger.debug("Exception: %s", sys.exc_info()[0])
	sys.exit()

	# File inputs
	s_input = open('servers.txt', "r")
	servers = list(s_input) # <- read the file
	s_input.close()

	d_input = open('domains.txt', "r")
	domains = list(d_input) # <- read the file
	d_input.close()

	filetime = datetime.datetime.now().strftime("%y%m%d-%H%M%S") # Timestamp
	script_results = "xfer_summary_" + filetime + ".csv" # Output Filname

	output = open(script_results, "w+") # <- Write the file
	output.write('server,domain,status\n')

	output_files = []
	output_files.append(script_results)

	for s in servers: # Loop thru Servers
	server = s.strip()
	for d in domains: # Loop thru Domains
	domain = d.strip()
	# http://www.dnspython.org/examples.html
	try:
	z = dns.zone.from_xfr(dns.query.xfr(server, domain))
	output.write(str(server) + "," + str(domain) + ",xfr_enabled\n")
	logger.info("XFR Enabled: %s - %s", server, domain)
	names = z.nodes.keys()
	names.sort()
	domain_results = server + "_" + domain + "_" + filetime + ".txt" # Output Filname
	domain_output = open(domain_results, "w+") # <- Write the file
	for n in names:
	zonefile_line = z[n].to_text(n)
	logger.debug(zonefile_line)
	domain_output.write(str(zonefile_line) + "\n")
	output_files.append(domain_results)
	domain_output.close()
	except:
	logger.critical("Zone Tranfser Failed: %s \| %s ", server, domain)
	logger.debug("Exception: %s %s", sys.exc_info()[0], sys.exc_info()[1])
	output.write(str(server) + "," + str(domain) + ",xfr_failed\n")
	logger.info("XFR Failed: %s - %s", server, domain)



	output.close() # <- Close the file

	logger.info("\n\n !! Finished !! \n")
	for x in output_files:
	logger.info(x)