Cdn check with domain and with dns response#377
Cdn check with domain and with dns response#377brenocss wants to merge 7 commits intoprojectdiscovery:devfrom
Conversation
dnsx v1.1.4 (maintenance release)
echo www.gap.com | ./dnsx -cdn -json | jq
_ __ __
__| | _ __ ___ \ \/ /
/ _' || '_ \ / __| \ /
| (_| || | | |\__ \ / \
\__,_||_| |_||___//_/\_\
projectdiscovery.io
[INF] Current dnsx version 1.1.4 (latest)
{
"host": "www.gap.com",
"ttl": 2795,
"resolver": [
"1.0.0.1:53"
],
"a": [
"104.104.158.228"
],
"cname": [
"www.gap.com.edgekey.net",
"e12405.x.akamaiedge.net"
],
"all": [
"www.gap.com.\t2795\tIN\tCNAME\twww.gap.com.edgekey.net.",
"www.gap.com.edgekey.net.\t20795\tIN\tCNAME\te12405.x.akamaiedge.net.",
"e12405.x.akamaiedge.net.\t20\tIN\tA\t104.104.158.228",
"\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232"
],
"status_code": "NOERROR",
"timestamp": "2023-05-19T13:24:09.8923071-03:00",
"cdn": true,
"cdn-name": "akamai"
} |
Mzack9999
left a comment
Mzack9999
left a comment
There was a problem hiding this comment.
@brenocss This is an excellent idea. The data in the response might not contain A or AAAA records since the user defines the question types. Probably we need a hybrid approach:
- If
A|AAAArecords are available, then we check the response - Otherwise, we proceed with the previous direct check
What do you think?
|
This fixes a bug as well where a site use multi-cdn's. The first DNS query will pickup one CDN response, while that second call to |
|
@Mzack9999 did you find this use case? |
|
merge conflict |
5 participants
I have modified the cdncheck function to accept domains However, I believe it is better to use the second function that was created, which takes a dnsResponse as input. This reduces the number of DNS requests.