Last active
June 10, 2016 13:20
-
-
Save smoser/1367800 to your computer and use it in GitHub Desktop.
find speculative ec2 regions by brute force dns
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # https://gist.github.com/1367800 | |
| CR=$'\n' | |
| dns_server="@8.8.8.8" | |
| KNOWN=( | |
| us-east-1 | |
| us-west-1 | |
| ap-southeast-1 | |
| eu-west-1 | |
| ap-northeast-1 | |
| us-west-2 # dns found 2011-09-21, opened 2011-11-11 | |
| sa-east-1 # dns found 2011-11-15, opened 2011-12-15 | |
| ap-southeast-2 # dns found 2012-09-27, opened 2012-11-12 | |
| cn-north-1 # dns found 2013-12-01, opened 2013-12-18 | |
| eu-central-1 # opened 2014-10-23 | |
| ap-northeast-2 # dns found 2015-12-05, opened 2016-01-06 | |
| ap-south-1 # dns found 2016-03-09 | |
| us-east-2 # dns found 2016-06-06 | |
| ) | |
| VERBOSE=1 | |
| full=0 | |
| [ "$1" = "-q" ] && VERBOSE=0 && shift; | |
| [ "$1" = "-v" ] && VERBOSE=$(($VERBOSE+1)) && shift; | |
| [ "$1" = "-vv" ] && VERBOSE=$(($VERBOSE+2)) && shift; | |
| [ "$1" = "-vvv" ] && VERBOSE=$(($VERBOSE+3)) && shift; | |
| [ "$1" = "--full" ] && { full=1; shift; } | |
| error() { echo "$@" 1>&2; } | |
| vout() { [ $VERBOSE -ge 1 ] && out "$@"; } | |
| vvout() { [ $VERBOSE -ge 2 ] && out "$@"; } | |
| vvvout() { [ $VERBOSE -ge 3 ] && out "$@"; } | |
| out() { echo "$@"; } | |
| dirs="north northeast east southeast south southwest west northwest central" | |
| known=" ${KNOWN[*]} " | |
| #for cc in us ap eu la af; do | |
| alphabet="a b c d e f g h i j k l m n o p q r s t u v w x y z" | |
| if [ $full -eq 0 ]; then | |
| # first token of all known | |
| c1list=( $(for r in ${KNOWN[@]%%-*}; do echo $r; done | sort -u) ) | |
| c2list=( "" ) | |
| else | |
| c1list=( $alphabet ) | |
| c2list=( $alphabet ) | |
| fi | |
| dns_tries=0 | |
| reg_tries=0 | |
| found=0 | |
| # c1=( u ); c2=( s ); dirs="east west" ## testing | |
| for c1 in "${c1list[@]}"; do | |
| for c2 in "${c2list[@]}"; do | |
| cc="$c1$c2" | |
| for dir in ${dirs}; do | |
| for n in 1 2 3; do | |
| found_1=0 | |
| r="${cc}-${dir}-${n}" | |
| reg_tries=$(($reg_tries+1)) | |
| # note, 'p' is vestigal. the we used to search for | |
| # ec2.region.amazonaws.com endpoint, but now | |
| # we ask about NS for region.amazonaws.com | |
| for p in ec2; do | |
| dns_tries=$(($dns_tries+1)) | |
| h="$r.amazonaws.com"; | |
| vvvout dig ${dns_server} +time=3 +short NS "$h" | |
| i=$(dig $dns_server +time=3 +short NS "${h}" 2>&1) | |
| ret=$? | |
| vvvout " $ret: ${i//$CR/ }" | |
| if [ $ret -ne 0 ]; then | |
| error "${h}: FAILED [${i//$CR/ }]" | |
| elif [ -z "${i}" ]; then | |
| vvout "${h}: none" | |
| else | |
| [ $found_1 -eq 0 ] && found=$(($found+1)); | |
| found_1=1 | |
| if [ "${known#* ${r} }" != "${known}" ]; then | |
| vout "${h} [known]" | |
| else | |
| out "${h} UNKNOWN!" | |
| fi | |
| fi | |
| done | |
| # no reason to search 2,3,4... if there is no 1 | |
| [ $found_1 -eq 0 ] && break | |
| done | |
| done | |
| done | |
| done | |
| vout "regions searched: $reg_tries dns_queries: $dns_tries, found: $found duration: ${SECONDS}s" | |
| exit 0 | |
| # vi: ts=4 noexpandtab |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment