Last active
June 29, 2022 19:30
-
-
Save ag-michael/6652ef6e5757f3d440d2f2ba7f9efd7b to your computer and use it in GitHub Desktop.
Dangling CNAME DNS records: Find A records that resolve to CNAME where the CNAME is not resolving (NXDOMAIN)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Find A records that resolve to CNAME where the CNAME is not resolving (NXDOMAIN) | |
export results=() | |
find_dangling(){ | |
if ! [ -z $2 ] | |
then | |
dig $2 | grep -q NXDOMAIN | |
if [ $? -eq 0 ] | |
then | |
echo "A record $1 is ressolving to CNAME $2 which is non-existent" | |
results+=( "$2" ) | |
fi | |
fi | |
} | |
if ! [ $# -eq 1 ] | |
then | |
echo "Usage: find_dangling_cname.sh <domain list> " | |
exit | |
fi | |
for name in $(cat $1) | |
do | |
echo "Checking $name" | |
response=$(dig -t A $name | grep -A1 'ANSWER SECTION' | tail -1| grep CNAME) | |
name=$(echo $response |awk '{print $1}') | |
cname=$(echo $response |awk '{print $5}') | |
find_dangling $name $cname | |
done | |
echo "+---------------------------- Possible Dangling CNAME records -----------------------------------------+" | |
for result in "${results[@]}" | |
do | |
echo "$result" | |
done |
Hi
How can i save the results to a file?
Thanks
@ericnyamubbp you can use input/output redirection when running any bash command:
./find_dangling_cname.sh > output.txt
or
./find_dangling_cname.sh |tee output.txt
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@ratnadip1998 I updated it so it's more obvious. You'll need to run it wash bash (or set it as executable via chmod a+x) and pass it path to a file containing the list of subdomains enumerated by something like Sublist3r . Be happy to help if you still have issues with it.