Awesome
GODNSLOG
A dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
English Doc | 中文文档
features
- Standard Domain Resolve Service
- DNSLOG
- HTTPLOG
- Rebinding/CustomRebinding
- Push (callback)
- Multi-user
- dockerlized
- python/golang client sdk
- as a standard name resolve service with support
A,CNAME,TXT,MX
- xip
DNSLOG
super admin user: admin
password will be showed in console logs when first run.
you can change it by subcommand resetpw
HTTPLOG
build frontend
requirements:
yarn
cd frontend
yarn install
yarn build
build backend
requirements:
golang >= 1.13.0
go build
docker build
docker build -t "user/godnslog" .
For Chinese user:
docker build -t "user/godnslog" -f DockerfileCN .
RUN
i. Register your domain, eg: example.com
Set your DNS Server point to your host, eg: ns.example.com => 100.100.100.100
Some registrar limit set to NS host, your can set two ns host point to only one address.
Some registrar to ns host must be different ip address, you can set one to a fake addresss and then change to the same addresss
ii. self build
docker run -p80:8080 -p53:53/udp "user/godnslog" serve -domain yourdomain.com -4 100.100.100.100
or use dockerhub
docker pull "sort/godnslog"
docker run -p80:8080 -p53:53/udp -p80:8080 "sort/godnslog" serve -domain yourdomain.com -4 100.100.100.100
iii. access http://100.100.100.100
Doc
guest/guest123
introduce payload api rebiding resolve
TODO && Known Issues
- [ ]
enhance reverse proxy - admin user can read all recordds
- allow Anonymous user access document page
- enable custom rebinding stage two setting
- fix login logical problem