code fixes, -vvv readme

find_dns.py

@@ -1,16 +1,21 @@
 #!/usr/bin/env python2
 #
-# ./find_dns.py -l IPs.txt -t 500 -o ntpservers.txt
+# ./find_dns.py -l IPs.txt -t 500 -o dnsservers.txt
 #
 # simple dns server finder by dash
 #
-# [*] Found 148 entries
+#./find_dns.py -l rIP.txt -t 100 
-# [*] Entries 148 in queue
+#[*] Found 1001 entries
-# [*] Running with 50 threads
+#[*] Entries 1001 in queue
+#[*] Running with 100 threads
 #==================================================
-# IP
+#IP          NAME
 #==================================================
-#
+#91.x.x.x   (x.info)
+#191.x.x.x  (191.x.br)
+#67.x.x.x   (name.info)
+#==================================================
+#[*] Done
 #
 
 import os
@@ -33,7 +38,7 @@ def openWriteFile(outfile):
 	return fw
 
 def checkDNS(host):
-	payload = 'J\x8e\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x03web\x02de\x00\x00\x01\x00\x01'
+	payload = 'J\x8e\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x03hotmail\x02de\x00\x00\x01\x00\x01'
 	# settimeout so recv is not block
 	try:
 		s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
@@ -88,10 +93,10 @@ def run(args):
 	while q.qsize()>0:
 		
 		if len(thrList) < thrCnt:
-			thrNtp = threading.Thread(target = checkDNS, args = (q.get(),))
+			thrDns = threading.Thread(target = checkDNS, args = (q.get(),))
-			thrNtp.daemon = True
+			thrDns.daemon = True
-			thrNtp.start()
+			thrDns.start()
-			thrList.append(thrNtp)
+			thrList.append(thrDns)
 		
 		for entry in thrList:
 			if entry.isAlive()==False:

generateRandomIP.sh

@@ -1,14 +1,15 @@
 #!/bin/sh
 # 
 
-if [ $# -ne 1 ];
+if [ $# -ne 2 ];
 then
 	echo 'generate random ips with nmap'
-	echo '<count>'
+	echo '<count> <outfile>'
 	echo
 	exit
 fi
 
 cnt=$1
-nmap -n -iR $cnt --exclude 127.0.0.1/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,224-255.-.-.- -sL | cut -d ' ' -f 5 |grep -v addresses |grep -v nmap  > rIP.txt
+outfile=$2
+nmap -n -iR $cnt --exclude 127.0.0.1/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,224-255.-.-.- -sL | cut -d ' ' -f 5 |grep -v addresses |grep -v nmap  > $outfile
 

readme.txt

@@ -1,18 +1,70 @@
+Code Snippet Repository
+***********************
+Little place for putting some scripts. Nothing special, but usefull :)
+
+
 PGPemails.py
-============
+------------
 script for harvesting emails of domain targets @pgp.mit.edu
+$ ./PGPemails.py '@openbsd.org' 10|grep 'Theo de Raadt'
+[u"[u'Theo de Raadt <deraadt@openbsd.org>']"]
 
 find_ntp.py
-===========
+-----------
 find ntp servers, it is a threaded script, using ntplib
 as a result it prints out the ntpserver and the version running
 
+$ ./find_ntp.py -l IPs.txt -t 500 -o ntpservers.txt
+
+[*] Found 148 entries
+[*] Entries 148 in queue
+[*] Running with 50 threads
+==================================================
+IP              Version
+==================================================
+103.x.x.x  2
+157.x.x.x  3 
+
+
 find_ntp_nolib.py
-=================
+-----------------
 this one is not using ntplib, instead it is building up its own socket and sending a simple ntp request
 to see if ntp is answering. also threaded.
 
+$ ./find_ntp_nolib.py -l IPs.txt -t 500 -o ntpservers.txt
+
+[*] Found 148 entries
+[*] Entries 148 in queue
+[*] Running with 50 threads
+==================================================
+IP
+==================================================
+103.x.x.x
+157.x.x.x
+
+
 generateRandomIP.sh
-===================
+-------------------
 generate random ips with nmap
 
+find_dns.py
+-----------
+similar to find_ntp, but searching for dns servers. give it an ip list, generated for instance with 'generateRandomIP.sh'.
+
+$ ./find_dns.py -l rIP.txt -t 100 -o dnsservers.txt
+[*] Found 1001 entries
+[*] Entries 1001 in queue
+[*] Running with 100 threads
+==================================================
+IP          NAME
+==================================================
+91.x.x.x   (x.info)
+191.x.x.x  (191.x.br)
+67.x.x.x   (name.info)
+==================================================
+[*] Done
+
+
+Author
+------
+dash