diff --git a/dnsrecon/cli.py b/dnsrecon/cli.py index 2ed87cc..6728152 100755 --- a/dnsrecon/cli.py +++ b/dnsrecon/cli.py @@ -1,5 +1,4 @@ #!/usr/bin/env python3 - # DNSRecon # # Copyright (C) 2023 Carlos Perez @@ -24,10 +23,6 @@ DNSRecon https://www.darkoperator.com by Carlos Perez, Darkoperator - -requires dnspython https://www.dnspython.org/ -requires netaddr https://github.com/drkjam/netaddr/ - """ import datetime @@ -67,10 +62,6 @@ CONFIG = {'disable_check_recursion': False, 'disable_check_bindversion': False} -# Function Definitions -# ------------------------------------------------------------------------------- - - def process_range(arg): """ This function will take a string representation of a range for IPv4 or IPv6 in @@ -216,12 +207,12 @@ def check_nxdomain_hijack(nameserver): try: answers = res.resolve(testname, record_type, tcp=True) except ( - dns.resolver.NoNameservers, - dns.resolver.NXDOMAIN, - dns.exception.Timeout, - dns.resolver.NoAnswer, - socket.error, - dns.query.BadResponse, + dns.resolver.NoNameservers, + dns.resolver.NXDOMAIN, + dns.exception.Timeout, + dns.resolver.NoAnswer, + socket.error, + dns.query.BadResponse, ): continue @@ -294,7 +285,8 @@ def brute_tlds(res, domain, verbose=False, thread_num=None): future_results = { **{executor.submit(res.get_ip, f'{domain_main}.{tld}'): tld for tld in total_tlds}, **{executor.submit(res.get_ip, f'{domain_main}.{cc}'): cc for cc in cctld}, - **{executor.submit(res.get_ip, f'{domain_main}.{cc}.{tld}'): (cc, tld) for (cc, tld) in zip(cctld, total_tlds)}, + **{executor.submit(res.get_ip, f'{domain_main}.{cc}.{tld}'): (cc, tld) for (cc, tld) in + zip(cctld, total_tlds)}, } # Display logs as soon as a thread is finished @@ -441,7 +433,7 @@ def brute_reverse(res, ip_list, verbose=False, thread_num=None): ip_range = range(len(ip_list[i]) - 1) ip_group_size = 255 - for ip_group in [ip_range[j : j + ip_group_size] for j in range(0, len(ip_range), ip_group_size)]: + for ip_group in [ip_range[j: j + ip_group_size] for j in range(0, len(ip_range), ip_group_size)]: try: if verbose: for x in ip_group: @@ -465,13 +457,13 @@ def brute_reverse(res, ip_list, verbose=False, thread_num=None): def brute_domain( - res, - dictfile, - dom, - filter_=None, - verbose=False, - ignore_wildcard=False, - thread_num=None, + res, + dictfile, + dom, + filter_=None, + verbose=False, + ignore_wildcard=False, + thread_num=None, ): """ Main Function for domain brute forcing @@ -668,7 +660,8 @@ def whois_ips(res, ip_list): if 'a' in answer: for i in range(len(list_whois)): - print_status('Performing Reverse Lookup of range {0}-{1}'.format(list_whois[i]['start'], list_whois[i]['end'])) + print_status( + 'Performing Reverse Lookup of range {0}-{1}'.format(list_whois[i]['start'], list_whois[i]['end'])) found_records.append(brute_reverse(res, expand_range(list_whois[i]['start'], list_whois[i]['end']))) elif 'n' in answer: @@ -677,7 +670,8 @@ def whois_ips(res, ip_list): for a in answer: net_selected = list_whois[int(a)] print_status(net_selected['orgname']) - print_status('Performing Reverse Lookup of range {0}-{1}'.format(net_selected['start'], net_selected['end'])) + print_status( + 'Performing Reverse Lookup of range {0}-{1}'.format(net_selected['start'], net_selected['end'])) found_records.append(brute_reverse(res, expand_range(net_selected['start'], net_selected['end']))) else: print_error('No IP Ranges were found in the Whois query results') @@ -849,26 +843,26 @@ def write_db(db, data): for n in data: if re.match(r'PTR|^[A]$|AAAA', n['type']): query = ( - 'insert into data( domain, type, name, address ) ' - + 'values( "{domain}", "{type}", "{name}","{address}" )'.format(**n) + 'insert into data( domain, type, name, address ) ' + + 'values( "{domain}", "{type}", "{name}","{address}" )'.format(**n) ) elif re.match(r'NS$', n['type']): query = ( - 'insert into data( domain, type, name, address ) ' - + 'values( "{domain}", "{type}", "{target}", "{address}" )'.format(**n) + 'insert into data( domain, type, name, address ) ' + + 'values( "{domain}", "{type}", "{target}", "{address}" )'.format(**n) ) elif re.match(r'SOA', n['type']): query = ( - 'insert into data( domain, type, name, address ) ' - + 'values( "{domain}", "{type}", "{mname}", "{address}" )'.format(**n) + 'insert into data( domain, type, name, address ) ' + + 'values( "{domain}", "{type}", "{mname}", "{address}" )'.format(**n) ) elif re.match(r'MX', n['type']): query = ( - 'insert into data( domain, type, name, address ) ' - + 'values( "{domain}", "{type}", "{exchange}", "{address}" )'.format(**n) + 'insert into data( domain, type, name, address ) ' + + 'values( "{domain}", "{type}", "{exchange}", "{address}" )'.format(**n) ) elif re.match(r'TXT', n['type']): @@ -879,14 +873,14 @@ def write_db(db, data): elif re.match(r'SRV', n['type']): query = ( - 'insert into data( domain, type, name, target, address, port ) ' - + 'values( "{domain}", "{type}", "{name}" , "{target}", "{address}" ,"{port}" )'.format(**n) + 'insert into data( domain, type, name, target, address, port ) ' + + 'values( "{domain}", "{type}", "{name}" , "{target}", "{address}" ,"{port}" )'.format(**n) ) elif re.match(r'CNAME', n['type']): query = ( - 'insert into data( domain, type, name, target ) ' - + 'values( "{domain}", "{type}", "{name}" , "{target}" )'.format(**n) + 'insert into data( domain, type, name, target ) ' + + 'values( "{domain}", "{type}", "{name}" , "{target}" )'.format(**n) ) else: @@ -895,7 +889,8 @@ def write_db(db, data): del n['type'] record_data = ''.join([f'{key}={value},' for key, value in n.items()]) records = [t, record_data] - query = 'insert into data(domain,type,text) values ("%(domain)", \'' + records[0] + "','" + records[1] + "')" + query = 'insert into data(domain,type,text) values ("%(domain)", \'' + records[0] + "','" + records[ + 1] + "')" # Execute Query and commit cur.execute(query) @@ -940,7 +935,8 @@ def dns_sec_check(domain, res): except dns.exception.Timeout: print_error('A timeout error occurred please make sure you can reach the target DNS Servers') - print_error(f'directly and requests are not being filtered. Increase the timeout from {res._res.timeout} second') + print_error( + f'directly and requests are not being filtered. Increase the timeout from {res._res.timeout} second') print_error('to a higher number with --lifetime