#!/bin/bash # # nothink.org # # Search DNS server that respond at 'any +dnssec +ignore' requests. # Useful to choose a good server and domain to use during a DNS Amplification Attacks. # # (+ignore: ignore truncation in UDP responses instead of retrying with TCP.) # # Notes: isc.org, contours.biz # DIG='/usr/bin/dig' DIG_PAM='any +dnssec +ignore +time=10' # trap ctrl-c and call ctrl_c() trap ctrl_c INT function ctrl_c(){ echo -e "\nExit!" exit 1 } if [ $# -lt 3 ]; then echo "Usage: $0 " exit 1 fi if [ ! -f $1 ]; then echo "Error: '$1' file does not exist!" exit 1 fi target_list=$1 target_domain=$2 interval=$3 while read host do while read domain do domain=`echo $domain | tr '[A-Z]' '[a-z]'` if [ ! -z "$host" ]; then #check if the line is not blank RES=`$DIG $DIG_PAM $domain @$host` if [[ "$RES" == *"status: NOERROR"* ]]; then if [[ "$RES" != "flags: qr tc rd ra;" ]]; then # this sux! msg_size=`echo $RES | egrep -o 'MSG SIZE rcvd: [[:digit:]]{1,}' | egrep -o '[[:digit:]]{1,}'` printf "%-18s [$domain] [$msg_size]\n" "$host" fi fi fi sleep $interval done < $target_domain done < $target_list exit