From 3d48acb4976285ba7c541b4feaf626b68530d8d3 Mon Sep 17 00:00:00 2001 From: Peter Baumann Date: Tue, 4 Jun 2013 15:24:27 +0200 Subject: [PATCH] ups, forgot to add dns-scripts, fixed. --- dns-scripts/README.md | 8 ++ dns-scripts/axfr | 183 ++++++++++++++++++++++++++++++++++ dns-scripts/ghba.c | 221 ++++++++++++++++++++++++++++++++++++++++++ dns-scripts/netdns.pl | 165 +++++++++++++++++++++++++++++++ 4 files changed, 577 insertions(+) create mode 100644 dns-scripts/README.md create mode 100755 dns-scripts/axfr create mode 100755 dns-scripts/ghba.c create mode 100755 dns-scripts/netdns.pl diff --git a/dns-scripts/README.md b/dns-scripts/README.md new file mode 100644 index 0000000..c00f929 --- /dev/null +++ b/dns-scripts/README.md @@ -0,0 +1,8 @@ +# axfr +Get the nameserver (if specified) and set up the zone transfer + +# ghba.c +Scan DNS Zones/Networks + +# netdns.pl +Script to do bulk PTR lookups on a network of IP's diff --git a/dns-scripts/axfr b/dns-scripts/axfr new file mode 100755 index 0000000..0b74d6b --- /dev/null +++ b/dns-scripts/axfr @@ -0,0 +1,183 @@ +#!/usr/bin/perl -w +# $Id: axfr 264 2005-04-06 09:16:15Z olaf $ + +use strict; +use vars qw($opt_f $opt_q $opt_s $opt_D); +use File::Basename; +use Getopt::Std; +use Net::DNS; +use Storable; + +#------------------------------------------------------------------------------ +# Read any command-line options and check syntax. +#------------------------------------------------------------------------------ + +getopts("fqsD:"); + +die "Usage: ", basename($0), " [ -fqs ] [ -D directory ] [ \@nameserver ] zone\n" + unless (@ARGV >= 1) && (@ARGV <= 2); + +#------------------------------------------------------------------------------ +# Get the nameserver (if specified) and set up the zone transfer directory +# hierarchy. +#------------------------------------------------------------------------------ + +my $nameserver = ($ARGV[0] =~ /^@/) ? shift @ARGV : ""; +$nameserver =~ s/^@//; + +my $zone = shift @ARGV; +my $basedir = defined $opt_D ? $opt_D : $ENV{"HOME"} . "/.dns-zones"; +my $zonedir = join("/", reverse(split(/\./, $zone))); +my $zonefile = $basedir . "/" . $zonedir . "/axfr"; + +# Don't worry about the 0777 permissions here - the current umask setting +# will be applied. +unless (-d $basedir) { + mkdir($basedir, 0777) or die "can't mkdir $basedir: $!\n"; +} + +my $dir = $basedir; +my $subdir; +foreach $subdir (split(m#/#, $zonedir)) { + $dir .= "/" . $subdir; + unless (-d $dir) { + mkdir($dir, 0777) or die "can't mkdir $dir: $!\n"; + } +} + +#------------------------------------------------------------------------------ +# Get the zone. +#------------------------------------------------------------------------------ + +my $res = Net::DNS::Resolver->new; +$res->nameservers($nameserver) if $nameserver; + +my (@zone, $zoneref); + +if (-e $zonefile && !defined $opt_f) { + $zoneref = retrieve($zonefile) || die "couldn't retrieve zone from $zonefile: $!\n"; + + #---------------------------------------------------------------------- + # Check the SOA serial number if desired. + #---------------------------------------------------------------------- + + if (defined $opt_s) { + my($serial_file, $serial_zone); + + my $rr; + foreach $rr (@$zoneref) { + if ($rr->type eq "SOA") { + $serial_file = $rr->serial; + last; + } + } + die "no SOA in $zonefile\n" unless defined $serial_file; + + my $soa = $res->query($zone, "SOA"); + die "couldn't get SOA for $zone: ", $res->errorstring, "\n" + unless defined $soa; + + foreach $rr ($soa->answer) { + if ($rr->type eq "SOA") { + $serial_zone = $rr->serial; + last; + } + } + + if ($serial_zone != $serial_file) { + $opt_f = 1; + } + } +} else { + $opt_f = 1; +} + +if (defined $opt_f) { + @zone = $res->axfr($zone); + die "couldn't transfer zone: ", $res->errorstring, "\n" unless @zone; + store \@zone, $zonefile or die "couldn't store zone to $zonefile: $!\n"; + $zoneref = \@zone; +} + +#------------------------------------------------------------------------------ +# Print the records in the zone. +#------------------------------------------------------------------------------ + +unless ($opt_q) { + $_->print for @$zoneref +} + +__END__ + +=head1 NAME + +axfr - Perform a DNS zone transfer + +=head1 SYNOPSIS + +B S<[ B<-fqs> ]> S<[ B<-D> I ]> S<[ B<@>I ]> +I + +=head1 DESCRIPTION + +B performs a DNS zone transfer, prints each record to the standard +output, and stores the zone to a file. If the zone has already been +stored in a file, B will read the file instead of performing a +zone transfer. + +Zones will be stored in a directory hierarchy. For example, the +zone transfer for foo.bar.com will be stored in the file +$HOME/.dns-zones/com/bar/foo/axfr. The directory can be changed +with the B<-D> option. + +This programs requires that the Storable module be installed. + +=head1 OPTIONS + +=over 4 + +=item B<-f> + +Force a zone transfer, even if the zone has already been stored +in a file. + +=item B<-q> + +Be quiet -- don't print the records from the zone. + +=item B<-s> + +Perform a zone transfer if the SOA serial number on the nameserver +is different than the serial number in the zone file. + +=item B<-D> I + +Store zone files under I instead of the default directory +(see L<"FILES">). + +=item B<@>I + +Query I instead of the default nameserver. + +=back + +=head1 FILES + +=over 4 + +=item B<$HOME/.dns-zones> + +Default directory for storing zone files. + +=back + +=head1 AUTHOR + +Michael Fuhr + +=head1 SEE ALSO + +L, L, L, L, L, L, +L, L + +=cut diff --git a/dns-scripts/ghba.c b/dns-scripts/ghba.c new file mode 100755 index 0000000..877240b --- /dev/null +++ b/dns-scripts/ghba.c @@ -0,0 +1,221 @@ +/* + * k0pyR1ght (c) 1994 [l0ck] The l3g3ntz 0f c0de k1dZZzz + * aWl rYt3z r3-z3rvd!!@#!@#!@#!@#$!@ + * aWL b3l0w k0mp0zed bY gw33d0 s4nch3z wh0z3 3g0 d1ktAytEz d1z kr3d1t. + * + * 411 k0de 1z d-rYv3d 4n 0bt41nD fr0m d4 m0thah-luV1n 4ur4 0f e1ytneZz + * th4t s00r0undZZz d4 h0ly l0ck cHyld 0f d4 v1rg1n 4k4shA E.I. + * + * r3-d1sTriby00shUn 4n y00ze 4n sh1t 1n s0urce, b1n4ry, 4n pGp'd ph0rmz, + * w1t 0 w1t0ut m0d1f1-k-shUnz n sh1t, r p3r-m1ttd pr0-vYd3d d4t d4 + * ph0ll0w1n k0nd1shUnz 1z m3t n sh1t: + * 1. y00 muZt re-tAyn d1s h3r3 k0pyR1gh gn0t1c3. 1f y00 r3m00v3 1t, + * w3 w1ll hunt d0wn y0 m0mma, ty3 h3r 2 d4 n0rth w4ll (rWa[1]1) 0f + * d4 l0ck-hauz 4n r33ch n 4n r1p 0ut h3r y00terUz 2 sp4r3 fy00tUre + * g3n3rashUnz fr0m th3 un-3lytn3zZZz 0f n-e-m0r3 0f h3r d3m0nSp4wn. + * 0h yah. w3'll kall da sp4 n sh1t t00. + * 2. aWl adv3rt1z1ng m4t3r1alz m3nShun1n ph33ty00rez 0r y00ze 0f d1z + * h3r3 s0phtw4r3 mUzt d1spl4y d4 f0ll0w1ng ak47n0wl3dgem3nt: + * + * gn0t1c3: + * th1s h3r3 pr0dUkt 1z s00p33r10r 2 n-3 p33c3 0f sh1t y00 k0uld 3v4h + * kr4nk 0ut w1t y0 4-b1t l0g0 k0mpYl3r. Ph33r, laYm00rzZz!!@#!@#$ + * + * 3. y00 mUzt nAym3 y0' f1rstb0rn K4rl 0r n-3 4n4gr4m th3r30f. + * 4. th3 1mag3 0f l4rry l0ck, d3 l0ck l0g0, 4n 1nd33d d4 l3tt3rz l, c, + * k m4y gn0t b3 y00zed 2 3nd0rz3 0r pr0m0t3 pr0dux d-rYv3d fr0m d1s + * h3r3 3lyt ph33t 0f pr0gr4mm1ng w1t0ut g1v1n s4rl0 h3d. + * + * d1s s0phTw4r3 1z pr0vYd3d "az 1z" fr0m d4 k0ll3kt1v3 l3g10nz d4t maYk3 + * uP l0ck. y00 0wn d1s s0fwAYre 4 a r33z0n. d0n't th1nk y00 h4qd 0n3 0f + * 0ur akk0untz n sNaYtch3d a pr1m0 0-d4y l0ckw4r3; w3 pl4nt3d d1z 4Wn + * pUrp0z3 b-kuz w3 g0t p1ty f0 y0 layme a$$. 1n gn0 3v3nt sh4ll w3, l0ck, + * b3 h3ld l1abl3 f0r da L4yMen3zz 0f th3 sh1t y00 h4q 0ut 0f th1z fUx1n + * 3lyt k0de. d0n't ch4Yng3 1t kUz 1tz aWlr3dY b3ttah th3n y00 k00d 3vah + * wr1t3, j00. bUt 1f y00 d0, d0n't kUm kry1n 2 Uz 2 g1v3 y00 d4 0r1g1n4l + * kUz y00 w3nt n 4dd3d 4n 0n-skr33n kl0k r sUm laYme sh1t n 1t fuxd Up + * d n-tYr3 pr0gr4m. 1ph d1z h4pp3nz, w3, d4 p4rt33z m3nshUnned ab0ve, + * k0ns1gn y00 t0 l0k4l layMur h3ll; 4n e-tUrn1t33 0f k4ll1ng WW1v Ad00lt + * p0rn0gr4ffy SiTEzZzz n sh1t. w3 gair-N-t33 gn0th1ng bUt 0ur 3lytn3zz + * 4n y0' laYmen3zz. l3t d4 k0dezZz b3g1n, j00d3n!@#!@#$!@$!@#$!@#$ + */ + +#ifndef lint +char copyright[] = +"@(#) Copyright (c) 1994, 1992 L3gi0n 0F c0d3 Kid3zz.\n\ + All rights reserved.\n"; +static char sccsid[] = "@(#)ghba.c 3.0 8/25/94 (l0ck)"; +static char rcsid[] = "$Id: ghba.c, v3.0 1994/08/25 00:03:12 max-q Exp $"; +#endif /* not lint */ + +/* + * no time for sarcasm... the kideez would take it seriously, anyway. + * you don't need to supply a switch for an address type... either the + * full address or a netmask will work just fine. + * + * the only switches left are: + * x - address provided is in hexadecimal + * a - show hostname aliases also + * f - output to a file and background the process + * + * max-q + */ + +#include +#include +#include +#include +#include +#include "netdb.h" + +#define S_HEX "%x.%x.%x.%x" +#define S_DEC "%d.%d.%d.%d" + +void +bad_addr(addr) + int addr; +{ + fprintf(stderr, "Value %d is not valid.\n", addr); + exit(-1); +} + +void +check_addr(addr) + int addr[]; +{ + register int i; + for(i=0;i<4;i++) + if(addr[i]<0||addr[i]>255) + bad_addr(addr[i]); +} + +void +usage(name) + int *name; +{ + fprintf(stderr, + "usage: %s [-x] [-a] [-f ] aaa.bbb.[ccc||0].[ddd||0]\n", + name); + exit(-1); +} + + +void +main(argc, argv) + int argc; + char *argv[]; +{ + char addr[4], **ptr, + *progname = argv[0]; + register int s; + int a[4], arg, c, d, + classB, classC, single, + alias, hex, file; + extern char *optarg; + struct hostent *host, + *gethostbyaddr(); + FILE *outfd = stdout; + + classB = classC = single = alias = hex = file = 0; + c = d = 0; + + while((arg = getopt(argc, argv, "xaf:")) != EOF) { + switch(arg) { + case 'x': + hex++; + break; + case 'a': + alias++; + break; + case 'f': + file++; + if((outfd=fopen(optarg, "a"))==NULL) { + perror("open"); + exit(-1); + } + break; + default: + usage(progname); + } + } + + argv += ((file)?2:0)+((alias)?1:0)+((hex)?1:0); + argc -= ((file)?2:0)+((alias)?1:0)+((hex)?1:0); + + if(argc!=2) + usage(progname); + + sscanf(argv[1], (hex)?S_HEX:S_DEC, &a[0], &a[1], &a[2], &a[3]); + + check_addr(a); + + if(!a[3]) { + if(!a[2]) + classB++; + else + classC++; + } else + single++; + + if(!classB && !classC && !single) + usage(progname); + + if(file) { + if((s=fork()) >0) { + fprintf(stderr, "[%s - pid %d]\n", progname, s); + exit(0); + } else if(s<0) { + perror("fork"); + exit(-1); + } + + if((s=open("/dev/tty", O_RDWR)) >0) { + ioctl(s, TIOCNOTTY, (char *) NULL); + close(s); + } + } + + addr[0] = (unsigned char) a[0]; + addr[1] = (unsigned char) a[1]; + + if(classC) + goto jmpC; + else if(single) + goto jmpS; + + fprintf(((file)?outfd:stderr), "Scanning Class B network %d.%d...\n", + a[0], a[1]); + + while(c<256) { + a[2] = c++; + d = 0; +jmpC: + fprintf(((file)?outfd:stderr), "Scanning Class C network %d.%d.%d...\n", + a[0], a[1], a[2]); + + while(d<256) { + a[3] = d++; +jmpS: + addr[2] = (unsigned char) a[2]; + addr[3] = (unsigned char) a[3]; + + if((host = gethostbyaddr(addr, 4, AF_INET)) != NULL) { + fprintf(outfd, "%d.%d.%d.%d => %s\n", a[0], a[1], a[2], a[3], host->h_name); + + ptr = host->h_aliases; + if(alias) + while(*ptr != NULL) { + fprintf(outfd, "%d.%d.%d.%d => %s (alias)\n", + a[0], a[1], a[2], a[3], *ptr); + ptr++; + } + + fflush(outfd); + if(single) exit(0); + } else if(single) { + fprintf(stderr, "Cannot resolve %d.%d.%d.%d\n", a[0], a[1], a[2], a[3]); exit(0); + } + } + if(classC) exit(0); + } +} diff --git a/dns-scripts/netdns.pl b/dns-scripts/netdns.pl new file mode 100755 index 0000000..5414471 --- /dev/null +++ b/dns-scripts/netdns.pl @@ -0,0 +1,165 @@ +#!/opt/local/bin/perl +# +# Script to do bulk PTR lookups on a network of IP's +# +# Updated 4/10 with more features and to make better use of underlying +# CPAN modules: +# +# - Accepts IPv4/IPv6 addresses as singletons or a network in range or +# CIDR format +# - Allows you to configure which DNS server(s) to query +# - Allows you to configure a fixed delay between PTR lookups +# - Output to STDOUT for use in pipelines, or to a file in CSV or JSON +# format +# - Configurable timeout on PTR lookups +# - Persistent UDP connections to help lessen the load on DNS servers +# +# Requires CPAN modules Net::DNS, Net::IP, JSON and Tie::IxHash +# +# perl -MCPAN -e 'CPAN::Shell->install(qw(Net::DNS Net:IP Tie::IxHash JSON))' +# +# should do the trick on any Unix OS. On Debian/Ubuntu, do: +# +# apt-get install libnet-dns-perl libnet-ip-perl libjson-perl libtie-ixhash-perl +# +# Usage: The only required parameter is an IPv4/IPv6 network specified +# as a range or in CIDR format, or a single IP (see the Net::IP docs +# at http://search.cpan.org/~manu/Net-IP-1.25/IP.pm). Output is a +# simple CSV list of the IP addresses and the hostname they each +# resolved to, or NXDOMAIN if no PTR record exists, or error text if +# there is some other error with the DNS query. +# +# Output is always to STDOUT by default, or to a file if '-w' is +# specified. Errors always go to STDERR via croak. Examples: +# +# ./netdns.pl -i 10.0.0/24 > ptr-list.csv +# ./netdns.pl -i 10.0.0.1 +# ./netdns.pl -i 10.0.0.5-10.0.0.33 -d 10 -j +# ./netdns.pl -i 10.0.0/25 -d 3 -t 2 -n 8.8.8.8,8.8.4.4 -j > ptr-list.json +# ./netdns.pl -i 10.0.0/25 -j -w ptr-list.json +# ./netdns.pl -i dead:beef::/32 +# +# Sample JSON output: +# +# { +# "10.0.0.0" : "foo1.example.com", +# "10.0.0.1" : "foo2.example.com", +# "10.0.0.2" : "foo3.example.com", +# "10.0.0.3" : "foo4.example.com" +# } +# +# Copyright (c) 2006-2010 Doug Maxwell +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 +# USA +# + +use strict; +use warnings; +use Net::DNS; +use Net::IP; +use Getopt::Std; +use JSON; +use Tie::IxHash; +use English; +use Carp; +require 5.006_000; # Needed for $outfile + +our ($opt_h,$opt_j,$opt_i,$opt_d,$opt_n,$opt_t,$opt_w); +getopts('hji:d:n:t:w:'); + +usage() && exit if ( !$opt_i || $opt_h ); + +sub usage { + print STDERR "\n$0 synopsis: \n"; + print STDERR "\n"; + print STDERR "Usage: $0 -i [-d N] [-t N] [-n ] [-w filename] [-j] [-h]\n"; + print STDERR "-i: IP address, range or CIDR (required)\n"; + print STDERR "\t10.0.0.1\n\t10.0.0.3-10.0.0.55\n\t10.0.0/24\n\tdead:beef::/32\n"; + print STDERR "-d: Delay in seconds between lookups\n"; + print STDERR "-t: UDP timeout (defaults to five seconds)\n"; + print STDERR "-n: Comma-separated list of nameserver IPs or hostnames (defaults to system resolver)\n"; + print STDERR "-w: Output to the named file\n"; + print STDERR "-j: Output in JSON (default is CSV)\n"; + print STDERR "-h: This help text\n\n"; +} + +# Make sure delays are non-negative +my $delay = ( $opt_d && $opt_d > 0 ) ? $opt_d : 0; +my $udp_timeout = ( $opt_t && $opt_t > 0 ) ? $opt_t : 5; + +# Initialize the hashref used for JSON output. Tie it so we can print +# it out in insertion order. +my $ptr_records = {}; +tie %$ptr_records,"Tie::IxHash"; + +# $outfile is a filehandle pointing to the output file specified by +# the 'w' option, or to STDOUT. +my $outfile; +if ( $opt_w ) { + + open $outfile, '>', $opt_w or croak "Unable to open '$opt_w': $OS_ERROR\n"; + +} else { + + open $outfile, '>-', or croak "Unable to open STDOUT: $OS_ERROR\n"; +} + +my $ip = new Net::IP($opt_i) or croak "Unable to create Net::IP object\n"; + +my $res = Net::DNS::Resolver->new( + persistent_udp => 1, + udp_timeout => $udp_timeout, +) or croak "Unable to create Net::DNS::Resolver object\n"; + +# Set the nameservers to query as specified by '-n' args +$res->nameservers(split(",",$opt_n)) if ( $opt_n ); + +do { + + my $ip_address = $ip->ip(); + + if ($ip_address) { + + my $query = $res->send("$ip_address",'PTR'); + if (defined $query && $query->answer) { + + foreach my $rr ($query->answer) { + + unless ( $opt_j ) { + print {$outfile} "$ip_address,",$rr->ptrdname, "\n" or croak "Couldn't write: $OS_ERROR\n"; + } + $ptr_records->{$ip_address} = $rr->ptrdname; + + } + + } else { + + unless ( $opt_j ) { + print {$outfile} "$ip_address,",$res->errorstring,"\n" or croak "Couldn't write: $OS_ERROR\n"; + } + $ptr_records->{$ip_address} = $res->errorstring; + + } + +} + + sleep($delay) if ( $delay ); + +} while ( ++$ip ); + +# Pretty-print the results JSON if needed +print {$outfile} JSON->new->pretty(1)->encode($ptr_records) if ( $opt_j ); +close $outfile or croak "Unable to close file: $OS_ERROR\n";