1717
1818class CheckAXFR (Module ):
1919 """
20- DNS域传送漏洞检查类
20+ DNS zone transfer vulnerability base class
2121 """
22+
2223 def __init__ (self , domain : str ):
2324 Module .__init__ (self )
2425 self .domain = self .register (domain )
@@ -28,18 +29,18 @@ def __init__(self, domain: str):
2829
2930 def axfr (self , server ):
3031 """
31- 执行域传送
32+ Perform domain transfer
3233
33- :param server: 域名服务器
34+ :param server: domain server
3435 """
35- logger .log ('DEBUG' , f'尝试对 { self .domain } 的域名服务器 { server } 进行域传送 ' )
36+ logger .log ('DEBUG' , f'Trying to perform domain transfer in { server } of { self .domain } ' )
3637 try :
3738 xfr = dns .query .xfr (where = server , zone = self .domain ,
3839 timeout = 5.0 , lifetime = 10.0 )
3940 zone = dns .zone .from_xfr (xfr )
4041 except Exception as e :
4142 logger .log ('DEBUG' , e .args )
42- logger .log ('DEBUG' , f'对 { self .domain } 的域名服务器 { server } 进行域传送失败 ' )
43+ logger .log ('DEBUG' , f'Domain transfer to server { server } of { self .domain } failed ' )
4344 return
4445 names = zone .nodes .keys ()
4546 for name in names :
@@ -49,13 +50,13 @@ def axfr(self, server):
4950 record = zone [name ].to_text (name )
5051 self .results .append (record )
5152 if self .results :
52- logger .log ('DEBUG' , f'发现 { self .domain } 在 { server } 上的域传送记录 ' )
53+ logger .log ('DEBUG' , f'Found the domain transfer record of { self .domain } on { server } ' )
5354 logger .log ('DEBUG' , '\n ' .join (self .results ))
5455 self .results = []
5556
5657 def check (self ):
5758 """
58- 正则匹配响应头中的内容安全策略字段以发现子域名
59+ check
5960 """
6061 resolver = utils .dns_resolver ()
6162 try :
@@ -65,7 +66,7 @@ def check(self):
6566 return
6667 nsservers = [str (answer ) for answer in answers ]
6768 if not len (nsservers ):
68- logger .log ('ALERT' , f'没有找到 { self .domain } 的NS域名服务器记录 ' )
69+ logger .log ('ALERT' , f'No name server record found for { self .domain } ' )
6970 return
7071 for nsserver in nsservers :
7172 self .axfr (nsserver )
0 commit comments