Skip to content

Cdn check with domain and with dns response #377

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
brenocss wants to merge 7 commits into
base: dev
Choose a base branch
from
Open

Cdn check with domain and with dns response #377

brenocss wants to merge 7 commits into from

Conversation

@brenocss
Copy link

@brenocss brenocss commented May 19, 2023

I have modified the cdncheck function to accept domains However, I believe it is better to use the second function that was created, which takes a dnsResponse as input. This reduces the number of DNS requests.

@brenocss
Copy link
Author

brenocss commented May 19, 2023 

echo www.gap.com | ./dnsx -cdn -json | jq

      _             __  __
   __| | _ __   ___ \ \/ /
  / _' || '_ \ / __| \  /
 | (_| || | | |\__ \ /  \
  \__,_||_| |_||___//_/\_\

                projectdiscovery.io

[INF] Current dnsx version 1.1.4 (latest)
{
  "host": "www.gap.com",
  "ttl": 2795,
  "resolver": [
    "1.0.0.1:53"
  ],
  "a": [
    "104.104.158.228"
  ],
  "cname": [
    "www.gap.com.edgekey.net",
    "e12405.x.akamaiedge.net"
  ],
  "all": [
    "www.gap.com.\t2795\tIN\tCNAME\twww.gap.com.edgekey.net.",
    "www.gap.com.edgekey.net.\t20795\tIN\tCNAME\te12405.x.akamaiedge.net.",
    "e12405.x.akamaiedge.net.\t20\tIN\tA\t104.104.158.228",
    "\n;; OPT PSEUDOSECTION:\n; EDNS: version 0; flags:; udp: 1232"
  ],
  "status_code": "NOERROR",
  "timestamp": "2023-05-19T13:24:09.8923071-03:00",
  "cdn": true,
  "cdn-name": "akamai"
}

@ehsandeep ehsandeep changed the base branch from main to dev May 31, 2023 10:51
@Mzack9999 Mzack9999 self-requested a review July 11, 2023 19:04
Mzack9999
Mzack9999 requested changes Jul 12, 2023
View reviewed changes
Copy link
Member

@Mzack9999 Mzack9999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@brenocss This is an excellent idea. The data in the response might not contain A or AAAA records since the user defines the question types. Probably we need a hybrid approach:

  • If A|AAAA records are available, then we check the response
  • Otherwise, we proceed with the previous direct check

What do you think?

@sleach
Copy link

sleach commented Jul 28, 2023
edited
Loading

This fixes a bug as well where a site use multi-cdn's. The first DNS query will pickup one CDN response, while that second call to CdnCheck will generate a possibly different CDN. So the CDN in the main response will say one, while the "cdn-name" parameter will contain a different one. So 👍 👍 If the request doesn't contain the A/AAAA records, you may still need to generate that second query as mentioned in the question above. I don't think you can avoid the issue in that case.

@brenocss
Copy link
Author

brenocss commented Jul 31, 2023

@Mzack9999 did you find this use case?

@dogancanbakir
Copy link
Member

dogancanbakir commented Nov 25, 2025

merge conflict

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Mzack9999 Mzack9999 Awaiting requested review from Mzack9999

@dogancanbakir dogancanbakir Awaiting requested review from dogancanbakir

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@brenocss @sleach @dogancanbakir @Mzack9999 @ehsandeep