├── README.md └── check-poison.sh /README.md: -------------------------------------------------------------------------------- 1 | # DNS Poisoning Check 2 | This script will check for DNS Poisoning for domains behind China firewall. 3 | 4 | ## Thanks 5 | 6 | - https://www.assetnote.io/resources/research/insecurity-through-censorship-vulnerabilities-caused-by-the-great-firewall 7 | -------------------------------------------------------------------------------- /check-poison.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | COMMON_DOMAINS=("dynalias.com" "justpaste.it" "pandashield.com" "geti2p.net" "sslproxy.gateway" "cpuwebdev.selfip.net") 4 | 5 | generate_random_string() { 6 | echo $(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 10 | head -n 1) 7 | } 8 | 9 | generate_poison_subdomain() { 10 | local base_domain=$1 11 | local third_party_domain=$2 12 | local random_string=$(generate_random_string) 13 | echo "$random_string.$third_party_domain.$base_domain" 14 | } 15 | 16 | perform_dns_lookup() { 17 | local subdomain=$1 18 | local result=$(dig +short "$subdomain") 19 | 20 | if [ -n "$result" ]; then 21 | echo "Name: $subdomain., Data: $result" 22 | else 23 | echo "Name: $subdomain., No response" 24 | fi 25 | } 26 | 27 | echo -n "Enter domain: " 28 | read domain 29 | 30 | echo "Lookup" 31 | 32 | poisoning_detected=false 33 | 34 | for third_party_domain in "${COMMON_DOMAINS[@]}"; do 35 | subdomain=$(generate_poison_subdomain "$domain" "$third_party_domain") 36 | 37 | lookup_result=$(perform_dns_lookup "$subdomain") 38 | 39 | if [[ $lookup_result == *"Data:"* ]]; then 40 | poisoning_detected=true 41 | fi 42 | 43 | echo "$lookup_result" 44 | done 45 | 46 | if [ "$poisoning_detected" = true ]; then 47 | echo "Result: Likely vulnerable to poisoning." 48 | else 49 | echo "Result: No poisoning detected." 50 | fi 51 | --------------------------------------------------------------------------------