dnsx icon indicating copy to clipboard operation
dnsx copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

How to retrieve multiple ANSWER SECTION

Open JaveleyQAQ opened this issue 1 year ago • 7 comments

dnsx version:

Current dnsx version 1.2.1 (latest)

Current Behavior:

❯ echo "www.gogole.com" |dnsx -silent -a -resp -r 1.2.4.8, 8.8.8.8 www.gogole.com [A] [198.18.4.92] ❯ echo "www.gogole.com" |dnsx -silent -a -resp -r 1.2.4.8 www.gogole.com [A] [142.251.43.3] ❯ echo "www.gogole.com" |dnsx -silent -a -resp -r 8.8.8.8 www.gogole.com [A] [172.217.26.227

Expected Behavior:

❯ echo "www.gogole.com" |dnsx -silent -a -resp -r 1.2.4.8, 8.8.8.8 -silent www.gogole.com [A] [172.217.26.227] www.gogole.com [A] [142.251.43.3]

Steps To Reproduce:

Anything else:

JaveleyQAQ avatar Mar 29 '24 08:03 JaveleyQAQ

@JaveleyQAQ this looks like multiple query, do you have dig example that returns both answer in single dig query?

ehsandeep avatar Mar 29 '24 08:03 ehsandeep

@JaveleyQAQ this looks like multiple query, do you have dig example that returns both answer in single dig(挖) query?

I'm unable to retrieve multiple results in the case of Google; it seems that the A records are returned randomly. However, there are indeed multiple A records present. image

JaveleyQAQ avatar Mar 29 '24 08:03 JaveleyQAQ

@JaveleyQAQ in that case it's already working as expected.

echo www.sysgeek.cn | dnsx -resp

      _             __  __
   __| | _ __   ___ \ \/ /
  / _' || '_ \ / __| \  / 
 | (_| || | | |\__ \ /  \ 
  \__,_||_| |_||___//_/\_\

		projectdiscovery.io

[INF] Current dnsx version 1.2.1 (latest)
www.sysgeek.cn [A] [104.21.22.127] 
www.sysgeek.cn [A] [172.67.205.9]

ehsandeep avatar Mar 29 '24 09:03 ehsandeep

Indeed, while I may not be fully versed in the intricacies of DNS operations, it's worth noting that performing an online multi-node ping on a target domain name can yield multiple distinct A records, which might not be the case when using standard DNS lookup tools. For instance, you can observe this phenomenon on the ITDOG website, which offers comprehensive ping services across various regions and networks: https://www.itdog.cn/ping/outlook.live.com. @ehsandeep

JaveleyQAQ avatar Mar 29 '24 11:03 JaveleyQAQ

How can a ping request will result in multiple A records?

pdelteil avatar Apr 19 '24 04:04 pdelteil

How can a ping request will result in multiple A records?

This indicates that the domain name has multiple A records bound to it, but this situation is generally caused by a Content Delivery Network (CDN). When a domain name has multiple A records, it suggests that the domain is using a CDN for proxy services. Depending on the visitor's location, it will prioritize returning the cache that offers faster access speeds.

JaveleyQAQ avatar Apr 19 '24 06:04 JaveleyQAQ

@JaveleyQAQ It seems like dnsx behaves as expected, as it returns all A records depending on the resolver providing the response. I guess what you are looking for is performing the request on all provided dns resolvers and aggregating the responses?

Mzack9999 avatar Sep 02 '24 16:09 Mzack9999