Added new leakix-ns tool for basic dns recon

LeakIX · Oct 6, 2020 · 3b0c1b9 · 3b0c1b9
1 parent a92ac66
commit 3b0c1b9
Show file tree

Hide file tree

Showing 2 changed files with 130 additions and 14 deletions.
diff --git a/build-archs.sh b/build-archs.sh
@@ -1,19 +1,37 @@
-GOOS=linux GOARCH=386 go build -o leakix-linux-32 ./cmd/leakix
-GOOS=linux GOARCH=amd64 go build -o leakix-linux-64 ./cmd/leakix
-GOOS=freebsd GOARCH=amd64 go build -o leakix-freebsd-64 ./cmd/leakix
-GOOS=freebsd GOARCH=386 go build -o leakix-freebsd-32 ./cmd/leakix
+GOOS=linux GOARCH=386 go build -ldflags="-s -w" -o bin/leakix-ns-linux-32 ./cmd/leakix-ns &
+GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-ns-linux-64 ./cmd/leakix-ns &
+GOOS=freebsd GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-ns-freebsd-64 ./cmd/leakix-ns &
+GOOS=freebsd GOARCH=386 go build -ldflags="-s -w" -o bin/leakix-ns-freebsd-32 ./cmd/leakix-ns &
 
-GOOS=linux GOARCH=arm GOARM=7 go build -o leakix-linux-arm7 ./cmd/leakix
-GOOS=linux GOARCH=arm GOARM=6 go build -o leakix-linux-arm6 ./cmd/leakix
+GOOS=linux GOARCH=arm GOARM=7 go build -ldflags="-s -w" -o bin/leakix-ns-linux-arm7 ./cmd/leakix-ns &
+GOOS=linux GOARCH=arm GOARM=6 go build -ldflags="-s -w" -o bin/leakix-ns-linux-arm6 ./cmd/leakix-ns &
 
-GOOS=darwin GOARCH=amd64 go build -o leakix-osx-64 ./cmd/leakix
-GOOS=darwin GOARCH=386 go build -o leakix-osx-32 ./cmd/leakix
+GOOS=darwin GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-ns-osx ./cmd/leakix-ns &
 
-GOOS=windows GOARCH=amd64 go build -o leakix-win64.exe ./cmd/leakix
-GOOS=windows GOARCH=386 go build -o leakix-win32.exe ./cmd/leakix
+GOOS=windows GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-ns-win64.exe ./cmd/leakix-ns &
+GOOS=windows GOARCH=386 go build -ldflags="-s -w" -o bin/leakix-ns-win32.exe ./cmd/leakix-ns &
 
-GOOS=netbsd GOARCH=amd64 go build -o leakix-netbsd-64 ./cmd/leakix
-GOOS=netbsd GOARCH=386 go build -o leakix-netbsd-32 ./cmd/leakix
+GOOS=netbsd GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-ns-netbsd-64 ./cmd/leakix-ns &
+GOOS=netbsd GOARCH=386 go build -ldflags="-s -w" -o bin/leakix-ns-netbsd-32 ./cmd/leakix-ns &
 
-GOOS=openbsd GOARCH=amd64 go build -o leakix-openbsd-64 ./cmd/leakix
-GOOS=openbsd GOARCH=386 go build -o leakix-openbsd-32 ./cmd/leakix
+GOOS=openbsd GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-ns-openbsd-64 ./cmd/leakix-ns &
+GOOS=openbsd GOARCH=386 go build -ldflags="-s -w" -o bin/leakix-ns-openbsd-32 ./cmd/leakix-ns &
+
+GOOS=linux GOARCH=386 go build -ldflags="-s -w" -o bin/leakix-linux-32 ./cmd/leakix &
+GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-linux-64 ./cmd/leakix &
+GOOS=freebsd GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-freebsd-64 ./cmd/leakix &
+GOOS=freebsd GOARCH=386 go build -ldflags="-s -w" -o bin/leakix-freebsd-32 ./cmd/leakix &
+
+GOOS=linux GOARCH=arm GOARM=7 go build -ldflags="-s -w" -o bin/leakix-linux-arm7 ./cmd/leakix &
+GOOS=linux GOARCH=arm GOARM=6 go build -ldflags="-s -w" -o bin/leakix-linux-arm6 ./cmd/leakix &
+
+GOOS=darwin GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-osx ./cmd/leakix &
+
+GOOS=windows GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-win64.exe ./cmd/leakix &
+GOOS=windows GOARCH=386 go build -ldflags="-s -w" -o bin/leakix-win32.exe ./cmd/leakix &
+
+GOOS=netbsd GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-netbsd-64 ./cmd/leakix &
+GOOS=netbsd GOARCH=386 go build -ldflags="-s -w" -o bin/leakix-netbsd-32 ./cmd/leakix &
+
+GOOS=openbsd GOARCH=amd64 go build -ldflags="-s -w" -o bin/leakix-openbsd-64 ./cmd/leakix &
+GOOS=openbsd GOARCH=386 go build -ldflags="-s -w" -o bin/leakix-openbsd-32 ./cmd/leakix &
diff --git a/cmd/leakix-ns/main.go b/cmd/leakix-ns/main.go
@@ -0,0 +1,98 @@
+package main
+
+import (
+	"encoding/json"
+	"flag"
+	"fmt"
+	"github.com/LeakIX/LeakIXClient"
+	"os"
+	"strings"
+)
+
+func main() {
+	//Config our app
+	app := App{}
+	flag.StringVar(&app.Domain, "d", "", "Specify domain")
+	flag.BoolVar(&app.OutputJson, "j", false, "JSON mode, (excludes -t)")
+	flag.IntVar(&app.Limit, "l", 100, "Limit results output")
+	flag.Usage = func() {
+		fmt.Printf("Usage of leakix-dns: \n")
+		fmt.Printf("  ./leakix -d <domain> -l 200\n\n")
+		flag.PrintDefaults()
+	}
+	flag.Parse()
+	if len(app.Domain) < 2 {
+		flag.Usage()
+		os.Exit(1)
+	}
+	app.Run()
+}
+
+type App struct {
+	Domain string
+	OutputJson bool
+	Limit int
+	Searcher *LeakIXClient.SearchResultsClient
+	Reverse map[string][]LeakIXClient.SearchResult
+	Forward map[string][]LeakIXClient.SearchResult
+}
+
+func (app *App) Run() {
+	app.Searcher = &LeakIXClient.SearchResultsClient{
+		Scope:         "service",
+		Query:         fmt.Sprintf("hostname:\"%s\" OR reverse:\"%s\" OR ip:\"%s\"", app.Domain, app.Domain, app.Domain),
+	}
+	app.Reverse = make(map[string][]LeakIXClient.SearchResult)
+	app.Forward = make(map[string][]LeakIXClient.SearchResult)
+	count := 0
+	for app.Searcher.Next() {
+		if ! strings.Contains(app.Searcher.SearchResult().Reverse, app.Domain) &&
+			! strings.Contains(app.Searcher.SearchResult().Hostname, app.Domain) &&
+			! strings.Contains(app.Searcher.SearchResult().Ip, app.Domain){
+			continue
+		}
+		count++
+		if count > app.Limit {
+			break
+		}
+		if app.OutputJson {
+			jsonLine, _ := json.Marshal(app.Searcher.SearchResult())
+			fmt.Println(string(jsonLine))
+			continue
+		}
+		reverse := strings.TrimRight(app.Searcher.SearchResult().Reverse, ".")
+		ip := app.Searcher.SearchResult().Ip
+		hostname := app.Searcher.SearchResult().Hostname
+
+		if hostname != ip && len(hostname) > 2 && (strings.Contains(hostname, app.Domain) || app.Domain == ip) {
+			app.Forward[hostname] = append(app.Forward[hostname], app.Searcher.SearchResult())
+		}
+		if len(reverse) > 1 && (strings.Contains(reverse, app.Domain) || app.Domain == ip) {
+			app.Reverse[reverse] = append(app.Reverse[reverse], app.Searcher.SearchResult())
+		}
+	}
+	if app.OutputJson {
+		os.Exit(0)
+	}
+	fmt.Println("PTR records :")
+	for reverseName, results := range app.Reverse {
+		for _, result := range results {
+			fmt.Printf("[%s] %s <- %s", result.Time.Format("02-01-2006 15:04"), reverseName, result.Ip)
+			if len(result.Hostname) > 1 && result.Hostname != result.Ip {
+				fmt.Printf(" -> %s", result.Hostname)
+			}
+			fmt.Println()
+		}
+	}
+	fmt.Println("Forward records :")
+
+	for forwardName, results := range app.Forward {
+		for _, result := range results {
+			fmt.Printf("[%s] %s -> %s", result.Time.Format("02-01-2006 15:04"), forwardName, result.Ip)
+			if len(result.Reverse) > 1 {
+				fmt.Printf(" <- %s", result.Reverse)
+			}
+			fmt.Println()
+		}
+	}
+}