malicious-tld.py

#!/usr/bin/env python3

import os
import requests
import sys


def get_tlds():
    path = "tlds-alpha-by-domain.txt"
    if not os.path.exists(path):
        r = requests.get("https://data.iana.org/TLD/tlds-alpha-by-domain.txt")
        with open(path, "w") as fp:
            fp.write(r.text)

    with open(path) as fp:
        lines = fp.readlines()

    tlds = [line.rstrip() for line in lines if not line.startswith("#")]
    return tlds


def is_domain_vulnerable(domain, tlds):
    domain_tlds = domain.split(".")[1:]
    domain_tlds = [domain_tld.upper() for domain_tld in domain_tlds]
    vuln_tlds = []
    for domain_tld in domain_tlds:
        for tld in tlds:
            if domain_tld.startswith(tld) and tld != domain_tld:
                vuln_tlds.append(tld)
    return list(set(vuln_tlds))


def list_tlds(domain):
    tlds = get_tlds()
    vuln_tlds = is_domain_vulnerable(domain, tlds)
    if vuln_tlds:
        print(f"{domain}: {vuln_tlds}")
    else:
        print(f"{domain}: no TLD exist")


if __name__ == "__main__":
    list_tlds(sys.argv[1])