1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
#!/usr/bin/python3
from sys import stderr, stdout
from dns.resolver import resolve, LifetimeTimeout
from dns.query import udp
from dns.message import make_query
from dns.exception import Timeout
from dns.rcode import NXDOMAIN
from requests import get
from random import sample
candidates = []
# for d in get("https://data.iana.org/TLD/tlds-alpha-by-domain.txt").content.split(b"\n"):
for d in [b"ac", b"af", b"ag", b"ai", b"am", b"bo", b"by", b"bz", b"cm", b"cn", b"co", b"cr", b"cx", b"cz", b"de", b"dk", b"fm", b"gd", b"gg", b"gl", b"gp", b"gs", b"gt", b"gy", b"hn", b"hr", b"ht", b"ie", b"im", b"io", b"is", b"je", b"kg", b"ki", b"kw", b"la", b"lb", b"lc", b"ly", b"md", b"mg", b"mk", b"mp", b"ms", b"mw", b"mx", b"mu", b"nf", b"np", b"nz", b"pe", b"ph", b"pk", b"pl", b"pn", b"pr", b"pw", b"ro", b"sh", b"st", b"tc", b"tl", b"tt", b"to", b"tv", b"ua", b"vc", b"vg", b"vn", b"vu", b"ws"]:
if d.startswith(b"# ") or d == b"":
continue
if len(d) != 2:
continue
d = d.decode()
# print(d, file=stderr)
ips = []
try:
for ns in resolve(d, "NS"):
for ip in resolve(ns.to_text()):
ips.append(ip.to_text())
except LifetimeTimeout:
print(f"{d} timeout resolving tld ns")
continue
nx = []
has = None
for c in "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ":
try:
tries_left = 5
while True:
try:
ip = sample(ips, 1)[0]
r = udp(make_query(c + "." + d, "NS"), ip, 1, raise_on_truncation=False)
except Timeout:
print(f"{c}.{d} timeout with ip {ip}", file=stderr)
ips.remove(ip)
tries_left -= 1
if tries_left < 0:
raise Timeout
else:
break
except Timeout:
print(f"{c}.{d} timeouted, skipping TLD")
break
except ValueError:
print(f"{d} is unreachable -- all ips timeouted")
continue
if r.rcode() == NXDOMAIN:
nx.append(c)
else:
# TODO check if NS points to an unregistered domain
# print(f"{c}.{d} resolves to {r.sections}")
has = c
else:
if has is not None:
print(f"{d} nxdomains are {nx}")
for n in nx:
candidates.append(n + "." + d)
else:
print(f"{d} doesn't have")
stdout.flush()
print("*************** SCRIPT EXEC FINISHED, candidate list:")
for candidate in candidates:
print(candidate)
|
