-
-
Save scumjr/e64ba1de3697a5d9b2a30f5002bab8aa to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python3 | |
import os | |
import requests | |
import sys | |
def get_tlds(): | |
path = "tlds-alpha-by-domain.txt" | |
if not os.path.exists(path): | |
r = requests.get("https://data.iana.org/TLD/tlds-alpha-by-domain.txt") | |
with open(path, "w") as fp: | |
fp.write(r.text) | |
with open(path) as fp: | |
lines = fp.readlines() | |
tlds = [line.rstrip() for line in lines if not line.startswith("#")] | |
return tlds | |
def is_domain_vulnerable(domain, tlds): | |
domain_tlds = domain.split(".")[1:] | |
domain_tlds = [domain_tld.upper() for domain_tld in domain_tlds] | |
vuln_tlds = [] | |
for domain_tld in domain_tlds: | |
for tld in tlds: | |
if domain_tld.startswith(tld) and tld != domain_tld: | |
vuln_tlds.append(tld) | |
return list(set(vuln_tlds)) | |
def list_tlds(domain): | |
tlds = get_tlds() | |
vuln_tlds = is_domain_vulnerable(domain, tlds) | |
if vuln_tlds: | |
print(f"{domain}: {vuln_tlds}") | |
else: | |
print(f"{domain}: no TLD exist") | |
if __name__ == "__main__": | |
list_tlds(sys.argv[1]) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment