-
Notifications
You must be signed in to change notification settings - Fork 43
/
Copy pathdnsenum.py
57 lines (50 loc) · 1.64 KB
/
dnsenum.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
#!/usr/bin/python
import dns.resolver
import dns.query
import dns.zone
import sys
import re
if len(sys.argv)!=2:
print "Quick n Dirty DNS Zone Trasnfer tool"
print "[email protected]"
print "Usage: ./dns-enum.py <domain name>"
sys.exit(0)
print '\n##################################################'
print "# MX records found for",sys.argv[1]
print '##################################################\n'
try:
mxanswers = dns.resolver.query(sys.argv[1], 'MX')
except dns.resolver.NoAnswer:
print "Can't get MX records for", sys.argv[1]
mxanswers=""
except:
print "No such domain!"
sys.exit(0)
if mxanswers:
for mxdata in mxanswers:
print 'MX', mxdata.exchange, 'has preference', mxdata.preference
print '\n##################################################'
print "# NS records found for",sys.argv[1]
print '##################################################\n'
try:
nsanswers=dns.resolver.query(sys.argv[1], 'NS')
except dns.resolver.NoAnswer:
print "Can't get NS records for", sys.argv[1]
sys.exit(0)
for nsdata in nsanswers:
print 'NS', nsdata
for nameserver in nsanswers:
print '\n##################################################'
print "# Trying Zone Transfer on",nameserver
print '##################################################\n'
try:
z = dns.zone.from_xfr(dns.query.xfr(str(nameserver), sys.argv[1]))
except:
print "No Zone Transfer on",str(nameserver)
continue
names = z.nodes.keys()
names.sort()
for n in names:
if not re.match('@',str(n)):
print z[n].to_text(n)
print "\nDone!\n"