Projet

Général

Profil

Mentiodns » Historique » Version 4

sacha, 14/06/2018 10:46

1 1 sacha
h1. Mentiodns
2
3
Validation des DNS à partir d'une liste sur un unbound et un DNS grand FAI et comparaison des résultats ;)
4
5 4 sacha
h2. Noeud actifs
6
7
|_. Nom |_. Bloc |
8
| Mezzanine | domain_names.com_sortedad |
9
| Millicent | domain_names.com_sortedab |
10
| Sacha | domain_names.com_sortedaa |
11
| Taziden | domain_names.com_sortedac |
12
13
h2. Mentio
14
15
<pre>
16
#-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-#
17
#  MENTIODNS : Check for lying DNS (France)  #
18
#--------------------------------------------#
19
#  Version 1.2 - Round robin on DNS_ISP_LIST #
20
#                For each request            #
21
#  Version 1.1 - Allow resume on basename    #
22
#  Version 1.0 - Parallel process with DIG   #
23
#--------------------------------------------#
24
# (c) Sacha at Aquilenet.fr part of FFDN.org #
25
#--------------------------------------------#
26
27
# This shity script intend to bruteforce the ISP lying DNS Servers to identify which one
28
# is going on Ministry of Interior Blocking page and compare the IP result from your favorite DNS server
29
# Use this script with the following paramters 
30
# 1 - domain names file (file with list of domain names whithout the tld  
31
# 2 - position number if it is not given the script will start at the begining
32
# If you relanch the script it will check if it has a counter for the given file to resume
33
# Blacklisted sites in $BLACKLIST_LOG file
34
# Diff ip from a domain name are in $DIFF_LOG 
35
36
37
RED='\e[31m'
38
GREEN='\e[32m'
39
YELLOW='\e[33m'
40
NC='\033[0m' # No Color
41
42
DNS_SOURCE=$1
43
DNS_SOURCE_BASENAME=`basename $DNS_SOURCE`
44
tld="com"
45
HOMEDIR="/root/MENTIODNS"
46
DIFF_LOG="$HOMEDIR/DNS_DIFF"
47
BLACKLIST_LOG="$HOMEDIR/DNS_BLACKLISTED"
48
49
parallel=10
50
51
lines=`wc -l $DNS_SOURCE|awk -F " " '{print $1}'`
52
countfile="$HOMEDIR/DNS_Count-$DNS_SOURCE_BASENAME"
53
54
DNS_ISP_LIST="$HOMEDIR/check-DNS_ISP_LIST"
55
DNS_MY="10.11.12.254"
56
57
DIG_FAST="+timeout=1 +tries=2"
58
DIG_SLOW="+timeout=5 +tries=3 "
59
60
echo $DNS_ISP_LIST
61
cat $DNS_ISP_LIST
62
63
_check(){
64
i=0
65
url=""
66
while [ $i -lt $parallel ]
67
do
68
n=`expr $count + $i`
69
ISP_DNS=`cat $DNS_ISP_LIST | sort -R | head -n 1`
70
url="$url @$ISP_DNS `awk -v n="${n}" 'NR==n {print;exit}' $DNS_SOURCE`.$tld"
71
i=`expr $i + 1`
72
done
73
}
74
75
#--------------------------------------
76
if [ -z $2 ]; then
77
        if [ -f $countfile ]; then
78
        count=`cat $countfile`
79
        else
80
        count=0
81
        echo $count > $countfile
82
        fi
83
else count=$2
84
echo $count > $countfile
85
fi
86
#--------------------------------------
87
88
while [ "$count" != "$lines" ]; do
89
echo $count > $countfile
90
_check
91
site="$url"
92
echo "-------------------------------------------------------------------------------"
93
echo "#$count `date +%Y%m%d-%H%M%S` SITE:$site"
94
nomentio=`dig +short @$DNS_MY $DIG_SLOW $site|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`
95
mentio=`dig +short $DIG_SLOW $site|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`
96
if [ -n "$nomentio" ] && [ -n "$mentio" ]; then
97
    if [ "$nomentio" != "$mentio" ]; then
98
        for i in $site; do
99
                nomentio1=`dig +short $DIG_FAST @$DNS_MY $i|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`
100
                ISP_DNS=`cat $DNS_ISP_LIST | sort -R | head -n 1`
101
                mentio1=`dig +short $DIG_FAST @$ISP_DNS $i|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`
102
                        if [ "$nomentio1" != "$mentio1" ]; then
103
                                if [ $mentio1 == "90.85.16.52" ]; then
104
                                        echo -e "$RED! SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO:$mentio1 $NC"
105
                                        echo "! SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO:$mentio1" >> $BLACKLIST_LOG
106
                                else
107
                                echo -e "$YELLOW> SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO: $mentio1 $NC"
108
                                echo "> SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO: $mentio1" >> $DIFF_LOG
109
                                fi
110
                        fi
111
        done
112
    else
113
    echo -e "$GREEN=#$count  SITE: $site  $NC"
114
    fi
115
fi
116
#echo "0 SITE: $count PUB: $nomentio PRIV: $mentio"
117
118
count=`expr $count + $parallel`
119
120
done
121
122
</pre>
123
124
h2. Test (valide au 14/06/18)
125
126
 dig +short shahamat1.com
127
 90.85.16.52
128
129 1 sacha
h2. Liste de serveurs DNS FAI Français
130
131 2 sacha
h3. Free
132 3 sacha
133 1 sacha
212.27.40.240
134
212.27.40.241
135
212.27.40.244
136
212.27.40.245
137
138 2 sacha
h3. Bouygues
139 3 sacha
140 2 sacha
194.158.122.10
141
194.158.122.15
142 1 sacha
143 2 sacha
h3. SFR/Numericable
144 3 sacha
145 1 sacha
89.2.0.1
146
89.2.0.2
147
148 2 sacha
h3. Orange
149 3 sacha
150 1 sacha
80.10.246.1
151
80.10.246.2
152
80.10.246.3
153
80.10.246.5
154
80.10.246.7
155
80.10.246.129
156
80.10.246.130
157
80.10.246.132
158
80.10.246.134
159
80.10.246.136
160
81.253.149.1
161
81.253.149.2
162
81.253.149.6
163
81.253.149.9
164
81.253.149.10
165
166 2 sacha
h3. OBS (ouverts)
167 3 sacha
168 1 sacha
194.2.0.20
169
194.2.0.50