├── go.mod ├── go.sum ├── main.go └── README.md /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/timwhitez/Doge-DNSptr 2 | 3 | go 1.19 4 | 5 | require github.com/alitto/pond v1.8.3 6 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/alitto/pond v1.8.3 h1:ydIqygCLVPqIX/USe5EaV/aSRXTRXDEI9JwuDdu+/xs= 2 | github.com/alitto/pond v1.8.3/go.mod h1:CmvIIGd5jKLasGI3D87qDkQxjzChdKMmnXMg3fG6M6Q= 3 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "context" 5 | "flag" 6 | "fmt" 7 | "github.com/alitto/pond" 8 | "io/ioutil" 9 | "log" 10 | "net" 11 | "strings" 12 | "time" 13 | ) 14 | 15 | var dnsr = "" 16 | 17 | func main() { 18 | 19 | threads := 10 20 | filename := "" 21 | fastUsage := "lookup PTR threads" 22 | flag.IntVar(&threads, "t", 10, fastUsage) 23 | flag.StringVar(&dnsr, "r", "", "input dns host") 24 | flag.StringVar(&filename, "f", "", "input cidr targets filename") 25 | 26 | flag.Parse() 27 | 28 | args := flag.Args() 29 | if len(args) != 1 && filename == "" { 30 | log.Fatal("Required argument \"NET/MASK\" missing") 31 | } 32 | pool := pond.New(threads, 0, pond.MinWorkers(1)) 33 | if len(args) == 1 { 34 | block := args[0] 35 | //fmt.Printf("Input Cidr: %s\n", block) 36 | ip, ipnet, err := net.ParseCIDR(block) 37 | if err != nil { 38 | log.Fatal(err) 39 | } 40 | for ip0 := ip.Mask(ipnet.Mask); ipnet.Contains(ip0); incIP(ip0) { 41 | myip := ip0.String() 42 | if dnsr == "" { 43 | pool.Submit(func() { 44 | revIP(myip) 45 | }) 46 | } else { 47 | pool.Submit(func() { 48 | CusrevIP(myip) 49 | }) 50 | } 51 | 52 | } 53 | } 54 | 55 | if filename != "" { 56 | cidrs := getContent(filename) 57 | for _, block := range cidrs { 58 | if block == "" { 59 | continue 60 | } 61 | //fmt.Printf("Input Cidr: %s\n", block) 62 | ip, ipnet, err := net.ParseCIDR(block) 63 | if err != nil { 64 | log.Fatal(err) 65 | } 66 | for ip0 := ip.Mask(ipnet.Mask); ipnet.Contains(ip0); incIP(ip0) { 67 | myip := ip0.String() 68 | if dnsr == "" { 69 | pool.Submit(func() { 70 | revIP(myip) 71 | }) 72 | } else { 73 | pool.Submit(func() { 74 | CusrevIP(myip) 75 | }) 76 | } 77 | } 78 | } 79 | 80 | } 81 | pool.StopAndWait() 82 | } 83 | 84 | func getContent(filename string) []string { 85 | content, err := ioutil.ReadFile(filename) 86 | if err == nil { 87 | str := strings.Replace(string(content), "\r\n", "\n", -1) 88 | lines := strings.Split(str, "\n") 89 | return lines 90 | } 91 | return nil 92 | } 93 | 94 | func CusrevIP(ip string) { 95 | r := &net.Resolver{ 96 | PreferGo: true, 97 | Dial: func(ctx context.Context, network, address string) (net.Conn, error) { 98 | d := net.Dialer{ 99 | Timeout: time.Millisecond * time.Duration(5000), 100 | } 101 | return d.DialContext(ctx, network, dnsr+":53") 102 | }, 103 | } 104 | 105 | var ptr []string 106 | var e error 107 | ptr, e = r.LookupAddr(context.Background(), ip) 108 | 109 | if e == nil { 110 | ptrs := "" 111 | for _, v := range ptr { 112 | ptrs += "," + v 113 | } 114 | fmt.Printf("%s%s\n", ip, ptrs) 115 | } 116 | } 117 | 118 | func revIP(ip string) { 119 | var ptr []string 120 | var e error 121 | ptr, e = net.LookupAddr(ip) 122 | 123 | if e == nil { 124 | ptrs := "" 125 | for _, v := range ptr { 126 | ptrs += "," + v 127 | } 128 | fmt.Printf("%s%s\n", ip, ptrs) 129 | } 130 | } 131 | 132 | func incIP(ip net.IP) { 133 | for j := len(ip) - 1; j >= 0; j-- { 134 | ip[j]++ 135 | if ip[j] > 0 { 136 | break 137 | } 138 | } 139 | } 140 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Doge-DNSptr 2 | 3 | 🐶 通过PTR记录使用IP反查内网域名 4 | 5 | 🐶 Reverse lookup of internal domain names using IP through PTR records 6 | 7 | ## 项目简介 (Project Introduction) 8 | 9 | Doge-DNSptr 是一个用Go语言编写的工具,用于通过PTR记录对IP地址进行反向DNS查询,以发现内网域名。这个工具特别适用于网络探测和信息收集。 10 | 11 | Doge-DNSptr is a tool written in Go for performing reverse DNS lookups on IP addresses using PTR records to discover internal domain names. This tool is particularly useful for network reconnaissance and information gathering. 12 | 13 | ## 特性 (Features) 14 | 15 | - 并发查询以提高效率 16 | - 可自定义DNS服务器 17 | - 支持从文件读取IP地址列表 18 | - 结果输出到文件 19 | 20 | - Concurrent queries for improved efficiency 21 | - Custom DNS server option 22 | - Supports reading IP address list from a file 23 | - Results output to a file 24 | 25 | ## 安装 (Installation) 26 | 27 | 确保您的系统上安装了Go。然后,您可以通过以下命令克隆并构建项目: 28 | 29 | Ensure you have Go installed on your system. Then, you can clone and build the project with the following commands: 30 | 31 | ```bash 32 | git clone https://github.com/timwhitez/Doge-DNSptr.git 33 | cd Doge-DNSptr 34 | go build 35 | ``` 36 | 37 | ## 使用方法 (Usage) 38 | 39 | 运行编译后的二进制文件,使用以下命令行参数: 40 | 41 | Run the compiled binary with the following command-line arguments: 42 | 43 | ```bash 44 | ./Doge-DNSptr -f -o -d -t 45 | ``` 46 | 47 | 参数说明 (Arguments): 48 | - `-f`: 包含IP地址列表的文件路径(必需) 49 | - `-o`: 输出结果的文件路径(必需) 50 | - `-d`: 自定义DNS服务器地址(可选,默认使用系统DNS) 51 | - `-t`: 并发线程数(可选,默认为10) 52 | 53 | - `-f`: Path to the file containing the list of IP addresses (required) 54 | - `-o`: Path to the output file for results (required) 55 | - `-d`: Custom DNS server address (optional, uses system DNS by default) 56 | - `-t`: Number of concurrent threads (optional, default is 10) 57 | 58 | 示例 (Example): 59 | ```bash 60 | ./Doge-DNSptr -f ips.txt -o results.txt -d 8.8.8.8 -t 20 61 | ``` 62 | 63 | ## 输入文件格式 (Input File Format) 64 | 65 | 输入文件应包含每行一个IP地址,支持IPv4和IPv6: 66 | 67 | The input file should contain one IP address per line, supporting both IPv4 and IPv6: 68 | 69 | ``` 70 | 192.168.1.1 71 | 10.0.0.1 72 | 2001:db8::1 73 | ``` 74 | 75 | ## 输出格式 (Output Format) 76 | 77 | 输出文件将包含成功的反向查询结果,格式为: 78 | 79 | The output file will contain successful reverse lookup results in the format: 80 | 81 | ``` 82 | IP地址 -> 域名 83 | IP Address -> Domain Name 84 | ``` 85 | 86 | ## 注意事项 (Notes) 87 | 88 | - 该工具主要用于内网环境的域名发现。 89 | - 请确保您有权限对目标IP地址执行DNS查询。 90 | - 大量并发查询可能会对网络和DNS服务器造成压力,请谨慎使用。 91 | 92 | - This tool is primarily intended for domain name discovery in internal network environments. 93 | - Ensure you have permission to perform DNS queries on the target IP addresses. 94 | - Large numbers of concurrent queries may stress the network and DNS servers, use with caution. 95 | 96 | ## 贡献 (Contributing) 97 | 98 | 欢迎提交问题报告、功能请求和Pull请求。对于重大更改,请先开启一个问题进行讨论。 99 | 100 | Feel free to submit issue reports, feature requests, and Pull Requests. For major changes, please open an issue first to discuss what you would like to change. 101 | 102 | ## 免责声明 (Disclaimer) 103 | 104 | 本工具仅用于教育和研究目的。使用者应负责任地使用本工具,并遵守所有适用的法律和法规。作者不对因使用本工具而导致的任何滥用或损坏负责。 105 | 106 | This tool is for educational and research purposes only. Users are responsible for using this tool responsibly and in compliance with all applicable laws and regulations. The author is not responsible for any misuse or damage caused by this tool. 107 | --------------------------------------------------------------------------------