-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpy-scan-dns-openresolvers-v.2.py
78 lines (51 loc) · 2.26 KB
/
py-scan-dns-openresolvers-v.2.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/usr/bin/env python3
from sys import argv
from time import time
from ipaddress import ip_network as net
from socket import socket, AF_INET, SOCK_DGRAM, setdefaulttimeout, timeout
"""
--- Python DNS Open Resolver Scanner ---
Originally written in 2013 in Python2. Refactored in 2021/22 for Python3.
It still uses Pure Python and the Low-level Python networking interface.
PEP8 compliant
“Readability counts."
“Beautiful is better than ugly.”
— The Zen of Python
"""
''' build a packet using BSD Socket UDP datagram for "l.root-servers.net" '''
PAYLOADHEX = 'ff0001000001000000000000016c0c726f6f\
742d73657276657273036e65740000010001'
PREFIX = argv[1] if len(argv) == 2 else exit("Provide one HOST IP Address or \
one NETWORK IP/CIDR as argument.")
if ('/31' in PREFIX or '/32' in PREFIX):
exit("Use a unique host address. Ex: 1.1.1.1 instead of 1.1.1.1/31 or /32")
def iplist():
try:
for IPADDRESS in net(PREFIX).hosts():
yield IPADDRESS
except ValueError as error:
print(f'iplist() function Error >>> {error}')
for HOST in iplist():
setdefaulttimeout(0.05)
try:
with socket(AF_INET, SOCK_DGRAM) as packet:
''' send PAYLOADHEX to HOSTs in the list using port 53 '''
packet.connect((str(HOST), 53))
packet.send(bytes.fromhex(PAYLOADHEX))
RESPONSE = packet.recv(64)
''' check if RESPONSE contains a valid DNS RESPONSE with
l.root-servers.net's IP address 199.7.83.42
It also checks if recursion is disabled with x81x85 flag '''
if (b'\x01\x6c\x0c\x72\x6f\x6f\x74\x2d\x73'
and b'\xc0\x0c\x00\x01\x00\x01'
and b'\x00\x04\xc7\x07') in RESPONSE: # 199.7.83.42
print(f'{HOST},open,{int(time())}')
elif (b'\x81\x05') in RESPONSE: # recursion disabled on server
print(f'{HOST},not_an_open_resolver,{int(time())}')
except timeout:
print(f'{HOST},timeout_or_port53_not_open,{int(time())}')
continue
except ValueError as error:
print(f'Error >>> {error}')
except KeyboardInterrupt:
exit('Program execution interrupted.')