-
Notifications
You must be signed in to change notification settings - Fork 218
/
Copy pathdnssecwalk.sh
executable file
·25 lines (22 loc) · 962 Bytes
/
dnssecwalk.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
#!/bin/bash
test -z "$1" -o "$1" = "-h" && { echo "Syntax: $0 [-a] domain" ; echo will try dnssecwalk on all nameservers until one is found, or all if -a is given as option ; exit 1 ; }
which dig > /dev/null 2>&1 || { echo Error: you need the dig command in your path ; exit 1 ; }
DNS=""
dig 1.0.0.1.0.0.0.0.3.0.0.2.ip6.arpa. ns | grep -q '^1\.0.*SOA' || DNS="@8.8.8.8"
ALL=""
test "$1" = "-a" && { ALL=1 ; shift ; }
DOMAIN=$1
echo $1 | grep -q '\.$' || DOMAIN=$1.
FILE=`echo $DOMAIN|sed 's/\.$//'`
OK=""
for j in `dig $DNS $DOMAIN ns | grep -w NS | grep -w IN | grep -v ';' | awk '{print$5}'`; do
SERVER=`echo $j|sed 's/\.$//'`
test -z "$OK" && {
echo Trying $j ...
dnssecwalk -t -6 $j $DOMAIN > $SERVER-$FILE.dnssecwalk
grep -q Found: $SERVER-$FILE.dnssecwalk && OK=1
test -n "$OK" && echo Dnssecwalk succeeded, saved to $SERVER-$FILE.dnssecwalk
test -n "$OK" || rm -f $SERVER-$FILE.dnssecwalk
test -n "$ALL" && OK=""
}
done