SHARE
TWEET

Find subdo + DNS Cache Poisoning

zerobyte-id Jul 22nd, 2019 170 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/bin/bash
  2. # Tested on Ubuntu 16.04
  3. # @Author : Zerobyte-id
  4. # @Github : github.com/zerobyte-id
  5.  
  6. uagent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/75.0.3770.90 Chrome/75.0.3770.90 Safari/537.36";
  7. rm -Rf tmp-domain.txt
  8. # Find Subdomains
  9. read -p "Input Domain >> " do;
  10.  
  11. curl -s "https://findsubdomains.com/search/subdomains?domain=${do}&page=1&per_page=100&domain=${do}" | sed 's/\\//g' | grep -Po '(?<=data-target=").*?(?=")' > tmp-domain.txt
  12.  
  13. # Checking domain
  14. if [[ -z $(cat tmp-domain.txt) ]]; then
  15.     echo "Kosong"
  16. else
  17.     for d in $(cat tmp-domain.txt);
  18.     do
  19.         # Checking DNS Cache Poisoning
  20.         dnscp=$(curl -Ls -A "${uagent}" -m 3 -H "X-Forwarded-Host: zerobyte.id" "${d}")
  21.         if [[ $dnscp =~ 'zerobyte.id' ]]; then
  22.             echo "  ${d} => Vuln DNS Cache Poisoning"
  23.             echo "${d}" >> vuln.txt
  24.         else
  25.             echo "  ${d} => Not Vuln"
  26.         fi
  27.     done
  28. fi
  29. rm -Rf tmp-domain.txt
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top