Advertisement
zerobyte-id

Find subdo + DNS Cache Poisoning

Jul 22nd, 2019
582
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. # Tested on Ubuntu 16.04
  3. # @Author : Zerobyte-id
  4. # @Github : github.com/zerobyte-id
  5.  
  6. uagent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/75.0.3770.90 Chrome/75.0.3770.90 Safari/537.36";
  7. rm -Rf tmp-domain.txt
  8. # Find Subdomains
  9. read -p "Input Domain >> " do;
  10.  
  11. curl -s "https://findsubdomains.com/search/subdomains?domain=${do}&page=1&per_page=100&domain=${do}" | sed 's/\\//g' | grep -Po '(?<=data-target=").*?(?=")' > tmp-domain.txt
  12.  
  13. # Checking domain
  14. if [[ -z $(cat tmp-domain.txt) ]]; then
  15.     echo "Kosong"
  16. else
  17.     for d in $(cat tmp-domain.txt);
  18.     do
  19.         # Checking DNS Cache Poisoning
  20.         dnscp=$(curl -Ls -A "${uagent}" -m 3 -H "X-Forwarded-Host: zerobyte.id" "${d}")
  21.         if [[ $dnscp =~ 'zerobyte.id' ]]; then
  22.             echo "  ${d} => Vuln DNS Cache Poisoning"
  23.             echo "${d}" >> vuln.txt
  24.         else
  25.             echo "  ${d} => Not Vuln"
  26.         fi
  27.     done
  28. fi
  29. rm -Rf tmp-domain.txt
Advertisement
Advertisement
Advertisement
RAW Paste Data Copied
Advertisement