/
decloud
69 lines (61 loc) · 2.45 KB
/
decloud
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/bin/bash
# CloudUnflare
CompleteDNS_Login='email@mail.com|password'
if [[ -f cuf-domain.tmp ]]; then
rm cuf-domain.tmp
elif [[ -f cuf-ipaddr.tmp ]]; then
rm cuf-ipaddr.tmp
fi
DOMAIN=$1
if [[ -z $(dig +short ${DOMAIN}) ]]; then
if [[ -z $(whois ${DOMAIN} | grep -i 'Domain Name:') ]]; then
echo " ERROR: Domain not found"
exit
fi
fi
function Dig() {
D=$1
echo " INFO: Checking ${D}"
for DMN in $(dig +short ${D} | grep '[.]'$ | sed 's/[.]$//g' | sort -V | uniq)
do
echo " + CNAME: ${DMN}"
done
for IP in $(dig +short ${D} | grep [0-9]$ | sort -V | uniq)
do
VENDOR=$(curl -s "https://rdap.arin.net/registry/ip/${IP}" -H 'User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 KHTML, like Gecko) Chrome/77.0.3865.120 Mobile Safari/537.36' --compressed | sed 's/",/\n/g' | grep '"name"' | sed 's/://g' | sed 's/"//g' | awk '{print $2}')
echo " + ${IP} [${VENDOR}]"
done
}
Dig ${DOMAIN}
i=0
c=0
max=$(cat `dirname $(realpath $0)`/subdomains.txt | wc -l)
for SUBD in $(cat `dirname $(realpath $0)`/subdomains.txt)
do
((i++))
SUBDOMAIN=${SUBD}.${DOMAIN}
if [[ ! -z $(dig +short ${SUBDOMAIN}) ]]; then
Dig ${SUBDOMAIN}
else
((c++))
if [[ $(expr $c % 20) -eq 0 ]]; then
echo " INFO: Subdomain enumeration progress [${i}/${max}]"
fi
fi
done
function ViewDNS() {
DMN="${1}"
if [[ -f viewdns.tmp ]]; then
rm viewdns.tmp
fi
curl -s "https://viewdns.info/iphistory/?domain=${DMN}" -H 'user-agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.120 Mobile Safari/537.36' --compressed &>> viewdns.tmp
COUNT=$(cat viewdns.tmp | sed ':a;N;$!ba;s/\n/ /g' | sed 's/<table border="1">/\nIPHISTORY/g' | sed 's/<\/table>/\n/g' | grep ^IPHISTORY | sed 's/<tr><td>/\n/g' | sed 's/\r//' | grep ^[0-9] | sed 's/<\/td><td>/|/g' | sed 's/<\/td><td align="center">/|/g' | sed 's/<\/td><\/tr>//g' | awk -F '|' '{print " + "$4" | "$1" | "$3"("$2")"}' | sort -V | wc -l);
if [[ ${COUNT} -lt 1 ]]; then
echo " ERROR: No IP History data in ViewDNS.info"
else
echo " INFO: IP History by ViewDNS.info"
cat viewdns.tmp | sed ':a;N;$!ba;s/\n/ /g' | sed 's/<table border="1">/\nIPHISTORY/g' | sed 's/<\/table>/\n/g' | grep ^IPHISTORY | sed 's/<tr><td>/\n/g' | sed 's/\r//' | grep ^[0-9] | sed 's/<\/td><td>/|/g' | sed 's/<\/td><td align="center">/|/g' | sed 's/<\/td><\/tr>//g' | awk -F '|' '{print " + "$4" | "$1" | "$3"("$2")"}' | sort -V
fi
rm viewdns.tmp
}
ViewDNS ${DOMAIN}