71 lines
2.3 KiB
Bash
71 lines
2.3 KiB
Bash
#!/bin/bash
|
|
|
|
# Color codes
|
|
GREEN='\033[0;32m'
|
|
RED='\033[0;31m'
|
|
NC='\033[0m' # No Color
|
|
|
|
# Number of parallel jobs (adjust according to your system capabilities)
|
|
NUM_JOBS=10
|
|
|
|
# Function to check if a domain's CNAME points to Zendesk
|
|
check_cname_and_domain() {
|
|
local domain=$1
|
|
|
|
# Check for CNAME record pointing to zendesk.com using dig
|
|
cname_target=$(dig +short CNAME "$domain")
|
|
|
|
if [[ "$cname_target" =~ ^.*\.zendesk\.com$ ]]; then
|
|
# Send request to Zendesk if CNAME points to Zendesk
|
|
response=$(curl -s 'https://www.zendesk.com/wp-content/themes/zendesk-twentyeleven/lib/domain-check.php' \
|
|
-H 'authority: www.zendesk.com' \
|
|
-H 'pragma: no-cache' \
|
|
-H 'cache-control: no-cache' \
|
|
-H 'accept: */*' \
|
|
-H 'x-requested-with: XMLHttpRequest' \
|
|
-H 'user-agent: REDACTED' \
|
|
-H 'content-type: application/x-www-form-urlencoded; charset=UTF-8' \
|
|
-H 'origin: https://www.zendesk.com' \
|
|
-H 'sec-fetch-site: same-origin' \
|
|
-H 'sec-fetch-mode: cors' \
|
|
-H 'sec-fetch-dest: empty' \
|
|
-H 'referer: https://www.zendesk.com/register/' \
|
|
-H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8,fr;q=0.7' \
|
|
--data-raw "domain=$domain" \
|
|
--compressed)
|
|
|
|
# Check if the response contains the 'suggestion' field
|
|
if echo "$response" | grep -q '"suggestion"'; then
|
|
# Domain is not available (vulnerable)
|
|
echo -e "${GREEN}Domain $domain is **VULNERABLE**.${NC}"
|
|
else
|
|
# Domain is available (not vulnerable)
|
|
echo -e "${RED}Domain $domain is **NOT VULNERABLE**.${NC}"
|
|
fi
|
|
fi
|
|
}
|
|
|
|
export -f check_cname_and_domain
|
|
|
|
# Determine if input is piped or from a file
|
|
if [ -p /dev/stdin ]; then
|
|
# Input is piped
|
|
input=$(cat -)
|
|
elif [ $# -eq 1 ]; then
|
|
# Input is from a file provided as an argument
|
|
if [ ! -f "$1" ]; then
|
|
echo "File $1 does not exist."
|
|
exit 1
|
|
fi
|
|
input=$(cat "$1")
|
|
else
|
|
echo "Usage: $0 domains_file or cat domains_file | $0"
|
|
exit 1
|
|
fi
|
|
|
|
# Count total domains
|
|
total_domains=$(echo "$input" | wc -l)
|
|
|
|
# Check domains in parallel for CNAME pointing to Zendesk and domain availability
|
|
echo "$input" | pv -l -s "$total_domains" | parallel -j "$NUM_JOBS" check_cname_and_domain
|