______
     /\               |___  /
    /  \   _ __  _   _   / / ___  _ __   ___
   / /\ \ | '_ \| | | | / / / _ \| '_ \ / _ \
  / ____ \| | | | |_| |/ /_| (_) | | | |  __/
 /_/    \_\_| |_|\__, /_____\___/|_| |_|\___|
                  __/ |
                 |___/
Want to have a DNS zone handled by your server
without opening your domain's config panel and
messing with uncommon delegation record types?

 10.0.2.3.anyz.one  is delegated to  10.0.2.3 

Similar to xip, where 10.0.2.34.xip.io used to
generate an A record, AnyZone will generate NS
records for the specified IP address.


/================/
       Why        
/================/

Tunneling data into or out of a network using
DNS can be done by pointing the client to use
your-server-ip.anyz.one.

During a security audit, having a domain which
is handled by an arbitrary server can be handy
to find out which nameserver handles any given
request, or to let the query time out and find
out how many concurrent queries the server can
handle before it must reject legitimate users.

Sometimes it is possible to do limited network
reconnaissance from the outside, checking when
a server responds fast (rejecting the targeted
IP range) and when it responds slow (timeout).


/==============/
   How to use
/==============/

IPv4 delegations can be generated using dotted
quad notation or by using a hyphen as the byte
separator:  10.0.2.3.anyz.one
            10-0-2-3.anyz.one

IPv6 delegations can be generated by replacing
colons with the character "i" (chosen since it
is similarly shaped):
            ii1.anyz.one  is delegated to  ::1
 2001iDB8iiAbCd.anyz.one    →  2001::db8::abcd

Like any security tool, use it responsibly and
only test systems on which you got permission.

To avoid amplification, response rate limiting
is employed. The limit should be sufficient to
use it manually as much as you like: it allows
continuously querying at a rate of 1 query per
2 seconds, with a large burst amount. When the
limit is exceeded, small (non-DNS) UDP packets
are currently returned with a chance of 1:5 to
tell you why anyzone is ignoring your queries.


/============/
   Gimmicks
/============/

It has just one small gimmick added currently,
but there could be more to come in the future!

Find the IP address (v4 or v6) of the resolver

  whatismyip.anyz.one  (qtype A, AAAA, or ANY)
        myip.anyz.one  (qtype A, AAAA, or ANY)
          ip.anyz.one  (qtype A, AAAA, or ANY)


/===============/
   Source code       GITHUB.COM/X41SEC/ANYZONE
/===============/

AnyZone's source code can be used under AGPLv3

Issues can be submitted via GitHub and patches
for open tasks (e.g. TCP support) are welcome!

Security contact, PGP key: x41-dsec.de/contact
Code and fabulous page design: by Luc Gommans.
Copyright 2022, X41 D-Sec GmbH, licensed AGPL.