Perl Script that Does Bulk Reverse-DNS Lookups
Mar 15th, 2006 by Doug
Speaking of security and pen-testing, below is a Perl script I wrote and use to do bulk reverse-DNS (PTR) lookups on a specified network, during the discovery phase of a network assessment. Just cut-n-paste it into a text editor and save; instructions are in the header comments (Update: You can also download the script here)
#!/usr/bin/perl
#
# netdns.pl: Simple script to do bulk PTR lookups on a network of IP’s
#
# Requires Net::DNS, NetAddr::IP
#
# perl -MCPAN -e ‘install Net::DNS; install NetAddr::IP’ should do the
# trick on any Unix OS. On Debian/Ubuntu, do ‘apt-get install
# libnet-dns-perl libnetaddr-ip-perl’
#
# Usage: Takes an IP network or single IP (as per the NetAddr::IP docs
# at http://search.cpan.org/~luismunoz/NetAddr-IP-3.028/IP.pm). Output
# is a comma-delimited list of the IP addresses and the hostname they
# resolved to, or NXDOMAIN if no PTR record exists, or if the IP
# address is not well-formed, or error text if there is some other
# error with the DNS query.
#
# Examples:
#
# ./netdns.pl 10.0.0.1/24 > ptr-list.csv
# ./netdns.pl 10.0.0.1
#
# Copyright (c) 2006, Doug Maxwell <doug@unixlore.net>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
# USA
#
use strict;
use warnings;
use Net::DNS;
use NetAddr::IP;
my $ip = new NetAddr::IP (shift) || die “Unable to create NetAddr::IP object\n”;
my $res = Net::DNS::Resolver->new;
my $num = $ip->num();
for (my $i=0; $i<=$num; ++$i) {
my $ip_address = $ip->addr();
if ($ip_address) {
my $query = $res->search(”$ip_address”);
if ($query) {
foreach my $rr ($query->answer) {
next unless $rr->type eq “PTR”;
print “$ip_address,”,$rr->ptrdname, “\n”;
}
} else {
print “$ip_address,”,$res->errorstring,”\n”;
}
}
++$ip;
}
![[Post to Yahoo Buzz]](http://blog.unixlore.net/wp-content/plugins/tweet-this/icons/tt-buzz.png){kind=icon}
![[Post to Delicious]](http://blog.unixlore.net/wp-content/plugins/tweet-this/icons/tt-delicious.png){kind=icon}
![[Post to Digg]](http://blog.unixlore.net/wp-content/plugins/tweet-this/icons/tt-digg.png){kind=icon}
![[Post to Reddit]](http://blog.unixlore.net/wp-content/plugins/tweet-this/icons/tt-reddit.png){kind=icon}
![[Post to StumbleUpon]](http://blog.unixlore.net/wp-content/plugins/tweet-this/icons/tt-su.png){kind=icon}
![[FSF Associate Member]](http://www.unixlore.net/images/fsf_button.png "[FSF Associate Member]"){kind=small}