Guest User

digmeup.sh

a guest
Feb 8th, 2019
124
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. #:::digmeup.sh | an open source, OSINT recon tool by Logan S. Diomedi - 2019:::
  3. #:::https://github.com/logansdiomedi/bash-recon-project/blob/master/digmeup.sh:::
  4. #Usage: ./digmeup.sh google.com
  5. #######################################################################
  6. ###Launch variables
  7. recondomain=$1
  8. #######################################################################
  9. ### Perform the dig and host commands:
  10. echo -e "Performing dig and host on the provided domain name...\n--------------------"
  11. host $recondomain >> /tmp/aresults.txt
  12. dig -t ns $recondomain >> /tmp/aresults.txt
  13.  
  14. ### Builds initial host data needed to perform next functions
  15. echo -e "Dig and Host command results:\n--------------------"
  16. cat /tmp/aresults.txt |grep $recondomain
  17.  
  18. ### Sets IP variable to the IP address for all four octets !!IMPORTANT!!
  19. ###
  20. fullip=$(cat /tmp/aresults.txt |grep "has address" | cut -d " " -f 4|cut -d"." -f 1,2,3,4)
  21. twofourip=$(cat /tmp/aresults.txt |grep "has address" | cut -d " " -f 4|cut -d"." -f 1,2,3)
  22. ### To-Do: Accept hosts with more than one A record registered to them (ex: sprint.com)
  23. ###
  24. echo -e "Host $recondomain has the IP address of $fullip\n--------------------"
  25. echo -e "The host most likely owns the /24 block - we'll do a reverse DNS on $twofourip...\n--------------------"
  26.  
  27. ### For loop to run reverse DNS lookup and then cleanup:::
  28. for ipblock in $(seq 1 254);do
  29.     host $twofourip.$ipblock >> /tmp/reversedns.txt &
  30. done
  31.  
  32. ### Parses data output from reverse DNS Lookup
  33. cat /tmp/reversedns.txt |grep pointer |sort |cut -d" " -f5,6,7,8,9 >> /tmp/reversedns24.txt
  34. echo -e "Here's your reverse DNS lookup on the /24:\n--------------------"
  35. cat /tmp/reversedns24.txt |sort -u
  36. echo -e "-----\n"
  37. echo -e "End of output for the reverse lookup on /24 range.\n--------------------"
  38.  
  39. ### WHOIS DNS + IP Address Lookup
  40. echo -e "WHOIS Records on the domain and IP of the domain:\n--------------------"
  41. whois $fullip >> /tmp/whoisip.txt
  42. whois $recondomain >> /tmp/whoisdns.txt
  43.  
  44. ### Sorting the WHOIS data to grab the NetRange and Org (usually the only information I like to grab at first...
  45. cat /tmp/whoisip.txt |grep Org |sort -u >> /tmp/whoisip1.txt && cat /tmp/whoisip1.txt |grep OrgTechEmail
  46. cat /tmp/whoisip.txt |grep Net
  47.  
  48. ### Formatting
  49. echo -e "\n--------------------"
  50. echo -e "End of IP WHOIS for $fullip: Be sure to take note of what range it covers!\n--------------------"
  51.  
  52. ### Display the DNS info - could be tweaked more....
  53. echo -e "Here's your WHOIS for the domain name $recondomain:\n--------------------"
  54. cat /tmp/whoisdns.txt |grep Server |sort -u
  55. cat /tmp/whoisdns.txt |grep Name |sort -u
  56. echo -e "\n--------------------"
  57.  
  58. ### Clean out /tmp###
  59. echo -e "Cleaning up some files...\n--------------------"
  60. rm /tmp/reversedns.txt
  61. rm /tmp/aresults.txt
  62. rm /tmp/reversedns24.txt
  63. rm /tmp/whoisip.txt
  64. rm /tmp/whoisip1.txt
  65. rm /tmp/whoisdns.txt
  66.  
  67. ### Cleanup output
  68. echo -e "Done! Displaying /tmp directory to ensure cleanup occurred - If you don't see any output, this means it was successful:\n--------------------"
  69. echo "Directory listing for /tmp: "
  70. ls -la /tmp |grep txt
  71.  
  72. ### Done!
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×