← Back to Archives

Searching DNS using wildcards?

hacks

Let's say you wanted to list the IP addresses associated with a second-level domain. For example, let's say you needed all the IP addresses listed in DNS that would match "*.acm.org".

There are tools like Netcraft's searchDNS tool:

http://searchdns.netcraft.com/?host

which can do part of this. For example, Netcraft's searchDNS can return information about third-level domains. This could be scraped and then it's just a matter of periodically running individual DNS queries for these sites (and updating the list) to get a decent list of IP addresses. Granted, their could be services used by, for example, ACM that don't have registered domain names that would match "*.acm.org". But this would be a decent start. Comments?