Skip to content

Commit

Permalink
Merge pull request #305 from projectdiscovery/dev
Browse files Browse the repository at this point in the history
dnsx v1.1.2
  • Loading branch information
ehsandeep authored Feb 13, 2023
2 parents 2f48f44 + 3da46d3 commit 56b8e8a
Show file tree
Hide file tree
Showing 26 changed files with 952 additions and 314 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/build-test.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: 🔨 Build Test

on:
push:
pull_request:
workflow_dispatch:

Expand All @@ -15,7 +15,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.18
go-version: 1.19

- name: Check out code
uses: actions/checkout@v3
Expand Down
1 change: 0 additions & 1 deletion .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ name: 🚨 CodeQL Analysis

on:
workflow_dispatch:
push:
pull_request:
branches:
- dev
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/dockerhub-push.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
password: ${{ secrets.DOCKER_TOKEN }}

- name: Build and push
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64,linux/arm64,linux/arm
Expand Down
3 changes: 1 addition & 2 deletions .github/workflows/functional-test.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
name: 🧪 Functional Test
on:
push:
pull_request:
workflow_dispatch:

Expand All @@ -16,7 +15,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v3
with:
go-version: 1.18
go-version: 1.19

- name: Check out code
uses: actions/checkout@v3
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/lint-test.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
name: 🙏🏻 Lint Test

on:
push:
pull_request:
workflow_dispatch:

Expand All @@ -14,9 +14,9 @@ jobs:
- name: "Set up Go"
uses: actions/setup-go@v3
with:
go-version: 1.18
go-version: 1.19
- name: Run golangci-lint
uses: golangci/golangci-lint-action@v3.2.0
uses: golangci/golangci-lint-action@v3.4.0
with:
version: latest
args: --timeout 5m
Expand Down
14 changes: 9 additions & 5 deletions .github/workflows/release-binary.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
name: 🎉 Release Binary

on:
create:
push:
tags:
- v*
workflow_dispatch:
Expand All @@ -17,13 +18,16 @@ jobs:
- name: "Set up Go"
uses: actions/setup-go@v3
with:
go-version: 1.18
go-version: 1.19

- name: "Create release on GitHub"
uses: goreleaser/goreleaser-action@v3
uses: goreleaser/goreleaser-action@v4
with:
args: "release --rm-dist"
version: latest
workdir: .
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
env:
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
SLACK_WEBHOOK: "${{ secrets.RELEASE_SLACK_WEBHOOK }}"
DISCORD_WEBHOOK_ID: "${{ secrets.DISCORD_WEBHOOK_ID }}"
DISCORD_WEBHOOK_TOKEN: "${{ secrets.DISCORD_WEBHOOK_TOKEN }}"
38 changes: 0 additions & 38 deletions .github/workflows/sonarcloud.yml

This file was deleted.

2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
cmd/dnsx/dnsx
.DS_Store
dist/
integration_tests/dnsx
integration_tests/integration-test
cmd/functional-test/dnsx_dev
cmd/functional-test/functional-test
cmd/functional-test/dnsx
Expand Down
13 changes: 12 additions & 1 deletion .goreleaser.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,4 +32,15 @@ archives:
darwin: macOS

checksum:
algorithm: sha256
algorithm: sha256

announce:
slack:
enabled: true
channel: '#release'
username: GoReleaser
message_template: 'New Release: {{ .ProjectName }} {{.Tag}} is published! Check it out at {{ .ReleaseURL }}'

discord:
enabled: true
message_template: '**New Release: {{ .ProjectName }} {{.Tag}}** is published! Check it out at {{ .ReleaseURL }}'
4 changes: 2 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
FROM golang:1.18.2-alpine3.14 AS build-env
FROM golang:1.20-alpine3.17 AS build-env
RUN apk add --no-cache build-base
RUN go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest

FROM alpine:3.16.2
FROM alpine:3.17.2
RUN apk add --no-cache bind-tools ca-certificates
COPY --from=build-env /go/bin/dnsx /usr/local/bin/dnsx
ENTRYPOINT ["dnsx"]
71 changes: 69 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@


- Simple and Handy utility to query DNS records.
- **A, AAAA, CNAME, PTR, NS, MX, TXT, SOA** query support
- **A, AAAA, CNAME, PTR, NS, MX, TXT, SRV, SOA** query support
- DNS **Resolution** / **Brute-force** support
- Custom **resolver** input support
- Multiple resolver format **(TCP/UDP/DOH/DOT)** support
Expand All @@ -49,7 +49,7 @@
# Installation Instructions


`dnsx` requires **go1.17** to install successfully. Run the following command to install the latest version:
`dnsx` requires **go1.19** to install successfully. Run the following command to install the latest version:

```sh
go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest
Expand All @@ -75,6 +75,7 @@ QUERY:
-cname query CNAME record
-ns query NS record
-txt query TXT record
-srv query SRV record
-ptr query PTR record
-mx query MX record
-soa query SOA record
Expand All @@ -88,6 +89,7 @@ FILTER:

PROBE:
-cdn display cdn name
-asn display host asn information

RATE-LIMIT:
-t, -threads int number of concurrent threads to use (default 100)
Expand Down Expand Up @@ -217,6 +219,17 @@ mta-sts.hackerone.com [hacker0x01.github.io]
mta-sts.forwarding.hackerone.com [hacker0x01.github.io]
events.hackerone.com [whitelabel.bigmarker.com]
```
Extract **ASN** records for the given list of subdomains:
```console
subfinder -silent -d hackerone.com | dnsx -silent -asn

b.ns.hackerone.com [AS13335, CLOUDFLARENET, US]
a.ns.hackerone.com [AS13335, CLOUDFLARENET, US]
hackerone.com [AS13335, CLOUDFLARENET, US]
www.hackerone.com [AS13335, CLOUDFLARENET, US]
api.hackerone.com [AS13335, CLOUDFLARENET, US]
support.hackerone.com [AS13335, CLOUDFLARENET, US]
```

Probe using [dns status code](https://github.com/projectdiscovery/dnsx/wiki/RCODE-ID-VALUE-Mapping) on given list of (sub)domains:

Expand Down Expand Up @@ -252,6 +265,21 @@ slc-a-origin-pointofsale.paypal.com
fpdbs.paypal.com
```

Extract subdomains from given ASN using `PTR` query:
```console
echo AS17012 | dnsx -silent -resp-only -ptr

apiagw-a.paypal.com
notify.paypal.com
adnormserv-slc-a.paypal.com
a.sandbox.paypal.com
apps2.paypal-labs.com
pilot-payflowpro.paypal.com
www.paypallabs.com
paypal-portal.com
micropayments.paypal-labs.com
minicart.paypal-labs.com
```
---------

### DNS Bruteforce
Expand Down Expand Up @@ -321,6 +349,44 @@ jira.atlassian.net
jira.atlassian.com
```

#### DNS Bruteforce with Placeholder based wordlist

```bash
$ cat tld.txt

com
by
de
be
al
bi
cg
dj
bs
```

```console
dnsx -d google.FUZZ -w tld.txt -resp

_ __ __
__| | _ __ ___ \ \/ /
/ _' || '_ \ / __| \ /
| (_| || | | |\__ \ / \
\__,_||_| |_||___//_/\_\ v1.1.2

projectdiscovery.io

google.de [142.250.194.99]
google.com [142.250.76.206]
google.be [172.217.27.163]
google.bs [142.251.42.35]
google.bi [216.58.196.67]
google.al [216.58.196.68]
google.by [142.250.195.4]
google.cg [142.250.183.131]
google.dj [142.250.192.3]
```

### Wildcard filtering

A special feature of `dnsx` is its ability to handle **multi-level DNS based wildcards**, and do it so with a very reduced number of DNS requests. Sometimes all the subdomains will resolve, which leads to lots of garbage in the output. The way `dnsx` handles this is by keeping track of how many subdomains point to an IP and if the count of the subdomains increase beyond a certain threshold, it will check for wildcards on all the levels of the hosts for that IP iteratively.
Expand Down Expand Up @@ -389,5 +455,6 @@ func main() {
- Domain name (`wd`) input is mandatory for wildcard elimination.
- DNS record flag can not be used when using wildcard filtering.
- DNS resolution (`l`) and DNS brute-forcing (`w`) can't be used together.
- VPN operators tend to filter high DNS/UDP traffic, therefore the tool might experience packets loss (eg. [Mullvad VPN](https://github.com/projectdiscovery/dnsx/issues/221))

`dnsx` is made with 🖤 by the [projectdiscovery](https://projectdiscovery.io) team.
2 changes: 2 additions & 0 deletions cmd/functional-test/testcases.txt
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,8 @@ example.com {{binary}} -silent -soa
example.com {{binary}} -silent -soa -resp
example.com {{binary}} -silent -txt
example.com {{binary}} -silent -txt -resp
example.com {{binary}} -silent -srv
example.com {{binary}} -silent -srv -resp
example.com {{binary}} -silent -rcode 0,1,2
1.1.1.1 {{binary}} -silent -ptr
1.1.1.1 {{binary}} -silent -ptr -resp
Expand Down
Loading

0 comments on commit 56b8e8a

Please sign in to comment.