-
Notifications
You must be signed in to change notification settings - Fork 14
Expand file tree
/
Copy pathdns_src_port_check.sh
More file actions
executable file
·29 lines (26 loc) · 977 Bytes
/
dns_src_port_check.sh
File metadata and controls
executable file
·29 lines (26 loc) · 977 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
#!/bin/bash
echo "Quick and dirty DNS source port checker"
echo "By brad a."
echo "----------------------------------------"
if [[ $1 == "" ]]; then
echo "You Must provide a DNS Server to test"
else
if [[ $2 == "-n" ]]; then
echo "Nessus Checks:"
echo -e "$1 (or its upstream server) uses the following source ports (if they are the same its bad)\n"
for i in {1..4}
do
RANDOM=`perl -le "print map { (a..z)[rand 26] } 1..8"`
#RANDOM=lodhgwfs0
dig @$1 +short $RANDOM.t.nessus.org TXT
done
echo -e "\nbe sure to compare $1 with the output above, if its the upstream server then you have to check to see if that server is in scope"
echo "----------------------------------------"
fi
echo "DNS-OARC Test:"
dig @$1 +short porttest.dns-oarc.net TXT
echo -e "\n\n"
echo "If the output above says POOR theres a problem"
echo "if it doesnt say anything it may not be responding or vuln!"
echo "see https://www.dns-oarc.net/oarc/services/porttest"
fi