Projet

Général

Profil

Mentiodns » Historique » Version 5

sacha, 14/06/2018 22:38

1 1 sacha
h1. Mentiodns
2
3
Validation des DNS à partir d'une liste sur un unbound et un DNS grand FAI et comparaison des résultats ;)
4
5 4 sacha
h2. Noeud actifs
6
7
|_. Nom |_. Bloc |
8
| Mezzanine | domain_names.com_sortedad |
9
| Millicent | domain_names.com_sortedab |
10
| Sacha | domain_names.com_sortedaa |
11
| Taziden | domain_names.com_sortedac |
12
13
h2. Mentio
14
15
<pre>
16
#-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+--+-#
17
#  MENTIODNS : Check for lying DNS (France)  #
18
#--------------------------------------------#
19
#  Version 1.2 - Round robin on DNS_ISP_LIST #
20
#                For each request            #
21
#  Version 1.1 - Allow resume on basename    #
22
#  Version 1.0 - Parallel process with DIG   #
23
#--------------------------------------------#
24
# (c) Sacha at Aquilenet.fr part of FFDN.org #
25
#--------------------------------------------#
26
27
# This shity script intend to bruteforce the ISP lying DNS Servers to identify which one
28
# is going on Ministry of Interior Blocking page and compare the IP result from your favorite DNS server
29
# Use this script with the following paramters 
30
# 1 - domain names file (file with list of domain names whithout the tld  
31
# 2 - position number if it is not given the script will start at the begining
32
# If you relanch the script it will check if it has a counter for the given file to resume
33
# Blacklisted sites in $BLACKLIST_LOG file
34
# Diff ip from a domain name are in $DIFF_LOG 
35
36
37
RED='\e[31m'
38
GREEN='\e[32m'
39
YELLOW='\e[33m'
40
NC='\033[0m' # No Color
41
42
DNS_SOURCE=$1
43
DNS_SOURCE_BASENAME=`basename $DNS_SOURCE`
44
tld="com"
45
HOMEDIR="/root/MENTIODNS"
46
DIFF_LOG="$HOMEDIR/DNS_DIFF"
47
BLACKLIST_LOG="$HOMEDIR/DNS_BLACKLISTED"
48
49
parallel=10
50
51
lines=`wc -l $DNS_SOURCE|awk -F " " '{print $1}'`
52
countfile="$HOMEDIR/DNS_Count-$DNS_SOURCE_BASENAME"
53
54
DNS_ISP_LIST="$HOMEDIR/check-DNS_ISP_LIST"
55
DNS_MY="10.11.12.254"
56
57
DIG_FAST="+timeout=1 +tries=2"
58
DIG_SLOW="+timeout=5 +tries=3 "
59
60
echo $DNS_ISP_LIST
61
cat $DNS_ISP_LIST
62
63
_check(){
64
i=0
65
url=""
66
while [ $i -lt $parallel ]
67
do
68
n=`expr $count + $i`
69
ISP_DNS=`cat $DNS_ISP_LIST | sort -R | head -n 1`
70
url="$url @$ISP_DNS `awk -v n="${n}" 'NR==n {print;exit}' $DNS_SOURCE`.$tld"
71
i=`expr $i + 1`
72
done
73
}
74
75
#--------------------------------------
76
if [ -z $2 ]; then
77
        if [ -f $countfile ]; then
78
        count=`cat $countfile`
79
        else
80
        count=0
81
        echo $count > $countfile
82
        fi
83
else count=$2
84
echo $count > $countfile
85
fi
86
#--------------------------------------
87
88
while [ "$count" != "$lines" ]; do
89
echo $count > $countfile
90
_check
91
site="$url"
92
echo "-------------------------------------------------------------------------------"
93
echo "#$count `date +%Y%m%d-%H%M%S` SITE:$site"
94
nomentio=`dig +short @$DNS_MY $DIG_SLOW $site|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`
95
mentio=`dig +short $DIG_SLOW $site|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`
96
if [ -n "$nomentio" ] && [ -n "$mentio" ]; then
97
    if [ "$nomentio" != "$mentio" ]; then
98
        for i in $site; do
99
                nomentio1=`dig +short $DIG_FAST @$DNS_MY $i|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`
100
                ISP_DNS=`cat $DNS_ISP_LIST | sort -R | head -n 1`
101
                mentio1=`dig +short $DIG_FAST @$ISP_DNS $i|sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4| tr '\r\n' ' '`
102
                        if [ "$nomentio1" != "$mentio1" ]; then
103
                                if [ $mentio1 == "90.85.16.52" ]; then
104
                                        echo -e "$RED! SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO:$mentio1 $NC"
105
                                        echo "! SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO:$mentio1" >> $BLACKLIST_LOG
106
                                else
107
                                echo -e "$YELLOW> SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO: $mentio1 $NC"
108
                                echo "> SITE: $i ISPDNS:$ISP_DNS REAL:$nomentio1 MENTIO: $mentio1" >> $DIFF_LOG
109
                                fi
110
                        fi
111
        done
112
    else
113
    echo -e "$GREEN=#$count  SITE: $site  $NC"
114
    fi
115
fi
116
#echo "0 SITE: $count PUB: $nomentio PRIV: $mentio"
117
118
count=`expr $count + $parallel`
119
120
done
121
122
</pre>
123
124
h2. Test (valide au 14/06/18)
125
126
 dig +short shahamat1.com
127
 90.85.16.52
128
129 5 sacha
khilafah.net
130
131 1 sacha
h2. Liste de serveurs DNS FAI Français
132
133 2 sacha
h3. Free
134 3 sacha
135 1 sacha
212.27.40.240
136
212.27.40.241
137
212.27.40.244
138
212.27.40.245
139
140 2 sacha
h3. Bouygues
141 3 sacha
142 2 sacha
194.158.122.10
143
194.158.122.15
144 1 sacha
145 2 sacha
h3. SFR/Numericable
146 3 sacha
147 1 sacha
89.2.0.1
148
89.2.0.2
149
150 2 sacha
h3. Orange
151 3 sacha
152 1 sacha
80.10.246.1
153
80.10.246.2
154
80.10.246.3
155
80.10.246.5
156
80.10.246.7
157
80.10.246.129
158
80.10.246.130
159
80.10.246.132
160
80.10.246.134
161
80.10.246.136
162
81.253.149.1
163
81.253.149.2
164
81.253.149.6
165
81.253.149.9
166
81.253.149.10
167
168 2 sacha
h3. OBS (ouverts)
169 3 sacha
170 1 sacha
194.2.0.20
171
194.2.0.50