-
Notifications
You must be signed in to change notification settings - Fork 0
/
dns2geoip.py
executable file
·192 lines (96 loc) · 4.26 KB
/
dns2geoip.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
#!/usr/bin/env python
#made by Jethro Inwald
#special thanks to andrew king for helping me turn a ugly hack that didn't work into clean code that carries out a useful function
#this tool geolocates subdomains for any given domain i reccomend you use it to scope out a network
#to see which services they run on site and which they run offiste
#Packaged dependencies
#apt-get install python-geoip python-dnspython python-argparse
#Unpackaged dependencies
#simplekml
#hg clone https://code.google.com/p/simplekml/
#mv simplekml simplekml.hg
#mv simplekml.hg/simplekml simplekml
#rm -Rf simplekml.hg
#City resolution GeoLite database
#wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
#gunzip GeoLiteCity.dat.gz
#sudo mv GeoLiteCity.dat /usr/share/GeoIP/GeoIPCity.dat
import GeoIP
import dns.resolver
import argparse
import simplekml
class DnsDictSearch:
def __init__(self, path_to_wordlist,path_to_dat):
self.kml = simplekml.Kml()
self.path_to_wordlist = path_to_wordlist
self.gi = GeoIP.open(path_to_dat,GeoIP.GEOIP_STANDARD)
def to_kml(self, coords, out):
for coord in coords:
self.kml.newpoint(name=coord[0],
coords=[coord[1]]
)
self.kml.save(out)
def brute(self, domain, path_to_dat, path_to_output):
coords = []
with open(self.path_to_wordlist, "r") as lines:
try:
for line in lines.readlines():
fulldomain = line.rstrip() + "." + domain
try:
answers = dns.resolver.query(fulldomain, 'A')
if type(answers) == dns.resolver.Answer:
for rdata in answers:
ip = rdata.address
gi = GeoIP.open(path_to_dat,GeoIP.GEOIP_STANDARD)
go = gi.record_by_addr(ip)
coord = (go['latitude'], go['longitude'])
coords.append([fulldomain, coord])
except:
pass
except (dns.exception.DNSException):
pass
self.to_kml(coords, path_to_output)
if __name__ == '__main__':
parser = argparse.ArgumentParser(description=''+\
'brute forces subdomains and then geolocates the subdomains it finds')
parser.add_argument('-D',
action='store',
dest='domain',
help='the domain you wish to analyze',
default='This is not a domain')
parser.add_argument('-w',
action='store',
dest='path_to_wordlist',
help='the full path to the list of possible subdomains'+\
' for bruteforce',
default='This is not a wordlist')
parser.add_argument('-x',
action='store',
dest='path_to_dat',
help='the path to the max mind geoip dat file'+\
' (/usr/share/GeoIP/GeoIPCity.dat being the default)',
default ='/usr/share/GeoIP/GeoIPCity.dat')
parser.add_argument('-o',
action='store',
dest='path_to_output',
help='saves subdomain locations to a kml file',
default='output.kml')
results = parser.parse_args()
run_warnings = []
if results.domain != 'This is not a domain':
domainarg = results.domain
else:
run_warnings.append("You need to specify a domain with -D")
if results.path_to_wordlist != 'This is not a wordlist':
wordarg = results.path_to_wordlist
else:
run_warnings.append("You need to specify a wordlist with -w")
datarg = results.path_to_dat
kmlarg = results.path_to_output
if run_warnings.__len__() > 0:
print("You failed to supply some required arguments")
for warn in run_warnings:
print(warn)
else:
this = DnsDictSearch(wordarg,datarg)
this.brute(domainarg,datarg,kmlarg)