danglingcname

command module

v0.0.0-...-55145ec Latest Latest Go to latest Published: Dec 7, 2023 License: BSD-3-Clause Imports: 13 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/truekonrads/danglingcname

Links

Open Source Insights

README ¶

▓█████▄  ▄▄▄       ███▄    █   ▄████  ██▓     ██▓ ███▄    █   ▄████              
▒██▀ ██▌▒████▄     ██ ▀█   █  ██▒ ▀█▒▓██▒    ▓██▒ ██ ▀█   █  ██▒ ▀█▒             
░██   █▌▒██  ▀█▄  ▓██  ▀█ ██▒▒██░▄▄▄░▒██░    ▒██▒▓██  ▀█ ██▒▒██░▄▄▄░             
░▓█▄   ▌░██▄▄▄▄██ ▓██▒  ▐▌██▒░▓█  ██▓▒██░    ░██░▓██▒  ▐▌██▒░▓█  ██▓             
░▒████▓  ▓█   ▓██▒▒██░   ▓██░░▒▓███▀▒░██████▒░██░▒██░   ▓██░░▒▓███▀▒             
 ▒▒▓  ▒  ▒▒   ▓▒█░░ ▒░   ▒ ▒  ░▒   ▒ ░ ▒░▓  ░░▓  ░ ▒░   ▒ ▒  ░▒   ▒              
 ░ ▒  ▒   ▒   ▒▒ ░░ ░░   ░ ▒░  ░   ░ ░ ░ ▒  ░ ▒ ░░ ░░   ░ ▒░  ░   ░              
 ░ ░  ░   ░   ▒      ░   ░ ░ ░ ░   ░   ░ ░    ▒ ░   ░   ░ ░ ░ ░   ░              
   ░          ░  ░         ░       ░     ░  ░ ░           ░       ░              
 ░                                                                               
                                  ▄████▄   ███▄    █  ▄▄▄       ███▄ ▄███▓▓█████ 
                                 ▒██▀ ▀█   ██ ▀█   █ ▒████▄    ▓██▒▀█▀ ██▒▓█   ▀ 
                                 ▒▓█    ▄ ▓██  ▀█ ██▒▒██  ▀█▄  ▓██    ▓██░▒███   
                                 ▒▓▓▄ ▄██▒▓██▒  ▐▌██▒░██▄▄▄▄██ ▒██    ▒██ ▒▓█  ▄ 
                                 ▒ ▓███▀ ░▒██░   ▓██░ ▓█   ▓██▒▒██▒   ░██▒░▒████▒
                                 ░ ░▒ ▒  ░░ ▒░   ▒ ▒  ▒▒   ▓▒█░░ ▒░   ░  ░░░ ▒░ ░
                                   ░  ▒   ░ ░░   ░ ▒░  ▒   ▒▒ ░░  ░      ░ ░ ░  ░
                                 ░           ░   ░ ░   ░   ▒   ░      ░      ░   
                                 ░ ░               ░       ░  ░       ░      ░  ░
                                 ░

What is this?

Dangling CNAME checks a given domain for dangling CNAMEs on a given DNS zone. When a DNS zone points a CNAME to another domain that the attacker can (partially) control, the attacker can have host arbitrary content with the victim's DNS zone. Consider a CNAME that points to an Azure load balancer - ".trafficmanager.net". When you decomission that load balancer configuration, the CNAME remains and an attacker can register their own. An example unfortunate incident is described by The Register

You can use arbitrary list of records to check (e.g. feed in from dnsrecon), use crt.sh certificate transparency store or DNSDB (a paid service).

Usage:

$ ./danglingcname --help
Usage of ./danglingcname:
  -debug
    	Debug mode
  -dnsdb
    	Use DNSDB (set DNSDB_KEY env var) (Optional)
  -domain string
    	Target domain.
  -server string
    	DNS Server. (Optional) (default "8.8.8.8:53")
  -sourcefile string
    	Specify a source file to read DNS records, one per line (Optional)
  -usecrtsh
    	Use crt.sh as source
  -workers int
    	Number of workers (Optional) (default 5)

Example

./danglingcname -usecrtsh -workers 5 -server 172.31.0.1:53 -domain pwc.com
INFO[0000] Sucesfully fetched from crt.sh pwc.com  
...

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
dnsdb

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL