Mass Deface
Email Grabber
\$append,
'b|bits=i' => \$bits,
'D|directory=s' => \$outdir,
'd|domain=s' => \$domain,
'h|hash-algorithms=s' => \$hashalgs,
'help!' => \$helponly,
'n|note=s' => \$note,
'r|restrict!' => \$restricted,
's|selector=s' => \$selector,
'S!' => \$nosubdomains,
'subdomains!' => \$subdomains,
't|testmode!' => \$testmode,
'v|verbose+' => \$verbose,
'V|version!' => \$showversion,
);
if (!$opt_retval || $helponly)
{
usage();
if ($helponly)
{
exit(0);
}
else
{
exit(1);
}
}
if ($showversion)
{
print STDOUT "$progname v2.11.0\n";
exit 0;
}
## do this securely and in the right place
chdir($outdir) or die "$progname: $outdir: chdir(): $!";;
umask(077);
## generate a private key
if ($verbose >= 1)
{
print STDERR "$progname: generating private key\n";
}
if ($bits < 1024)
{
print STDERR "$progname: WARNING: RFC6376 advises minimum 1024-bit keys\n";
}
$status = system("openssl genrsa -out " . $selector . ".private " . $bits . " > /dev/null 2>&1");
if ($status != 0)
{
if ($? & 127)
{
print STDERR "$progname: openssl died with signal %d\n",
($? & 127);
exit(1);
}
else
{
print STDERR "$progname: openssl exited with status %d\n",
($? >> 8);
exit(1);
}
}
if ($verbose)
{
print STDERR "$progname: private key written to " . $selector . ".private\n";
}
## generate a public key based on the private key
if ($verbose)
{
print STDERR "$progname: extracting public key\n";
}
$status = system("openssl rsa -in " . $selector . ".private -pubout -out " . $selector . ".public -outform PEM > /dev/null 2>&1");
if ($status != 0)
{
if ($? & 127)
{
print STDERR "$progname: openssl died with signal %d\n",
($? & 127);
exit(1);
}
else
{
print STDERR "$progname: openssl exited with status %d\n",
($? >> 8);
exit(1);
}
}
if (!open($keyin, "<", $selector . ".public"))
{
print STDERR "$progname: unable to read from " . $selector . ".public: $!\n";
exit(1);
}
while (<$keyin>)
{
chomp;
if ($_ =~ /^-/)
{
next;
}
$keydata .= $_;
}
close($keyin);
## output the record
if ($testmode)
{
$flags = "t=y;";
}
if ($nosubdomains)
{
$subdomains = 0;
}
if (!$subdomains)
{
if ($flags eq "t=y;")
{
$flags = "t=y:s;";
}
else
{
$flags = "t=s;";
}
}
if ($restricted)
{
if ($flags ne "")
{
$flags .= " ";
}
$flags .= "s=email;";
}
if ($flags ne "")
{
$flags .= " ";
}
$hashout = "";
if (defined($hashalgs))
{
$hashout = " h=$hashalgs;";
}
$noteout = "";
if (defined($note))
{
$noteout = " n=\\\"$note\\\";";
}
$domstr = "";
if ($append)
{
$domstr = "." . $domain . ".";
}
if ($domain ne "")
{
$comment = " ; ----- DKIM key $selector for $domain"
}
else
{
$comment = "";
}
if (!open($txtout, ">", $selector . ".txt"))
{
print STDERR "$progname: unable to write from " . $selector . ".txt: $!\n";
exit(1);
}
print $txtout $selector . "._domainkey" . ${domstr} . "\tIN\tTXT\t( \"v=DKIM1;" . $noteout . $hashout . " k=rsa; " . $flags . "\"\n\t \"p=";
$len = length($keydata);
$cur = 0;
while ($len > 0)
{
if ($len < 250)
{
print $txtout substr($keydata, $cur);
$len = 0;
}
else
{
print $txtout substr($keydata, $cur, 250);
print $txtout "\"\n\t \"";
$cur += 250;
$len -= 250;
}
}
print $txtout "\" ) " . $comment . "\n";
close($txtout);
if ($verbose)
{
print STDERR "$progname: DNS TXT record written to " . $selector . ".txt\n";
}
## all done!
unlink($selector . ".public");
exit(0);