samedi 15 mai 2010

Massive reverse address DNS resolver

Just for the record (and newsoft :), here is a basic reverse DNS bruteforce implemented with Node.js: thanks to this awesome event-based library, it is possible to write powerful tools in a few Javascript lines!

The following code will resolve a /24 netblock in less than 5 seconds. 

#! /usr/bin/nodejs

var baseaddr = '88.191.98.';

var sys = require('sys');
var dns = require('dns');
var events = require('events');

function reverse_addr(addr) {
    var e = new events.EventEmitter();
    dns.reverse(addr, function(err, domains) {
        if (err) {
            if (err.errno == dns.NOTFOUND)
                e.emit('response', addr, 'NOTFOUND');
            else
                e.emit('error', addr, err);
        } else
            e.emit('response', addr, domains);
    });
    return e;
}

for (var i = 0 ; i < 255 ; i++) {
    var currentaddr = baseaddr+i;

    reverse_addr(currentaddr).addListener('error', function (addr, err) {
        sys.debug(addr + ' failed: ' + err.message);
    }).addListener('response', function(addr, domains) {
        sys.puts(addr + ' = ' + domains);
    });
}

There is no retry mechanism if the remote server returns a SERVFAIL but this is left as exercise to the reader…

à l'adresse 09:26
Libellés : , , ,

3 commentaires:

  2. Nice one! loog way to go for equals troll>python twisted</troll performances. Approx. 400ms to do dns ptr /24 scan.
    RépondreSupprimer
  3. Nodejs uses c-ares to do async name resolution, which also explains why it can go really *fast*. I'm not sure there are bindings for it in other languages yet (haven't checked)... At any rate, Nodejs is a fast, and fun playground. Good article. :)
    RépondreSupprimer

Inscription à : Publier les commentaires (Atom)