WHOIS / RDAP: Script to check domain availability

Is there an already registered domain name or an expired one, to which you would like to schedule a reminder for when it becomes available again?

This can be done using the WHOIS command line. The format of the response  may differ from a TLD provider to another. As for example .com and .org:

whois examplec5z85.com

No match for domain "DHZJDHZJ.COM"

whois examplec5z85.org


Domain not found.


If you consult WHOIS command, it uses whois.networksolutions.com. Based on this, we can easily craft a script that will parse the first line and match it to the TLD response for availability:

Command
whois examplec5z85.com | head -1 | egrep -c '(Domain not found|No match for domain)'

Then we can schedule the verification and create a notification by mail or SMS API or Registrar API to instantly snipe and register the domain name once it becomes available. Following is a basic example for a mailing notification:

Bash
#!/bin/bash# Supported domains: ORG/COM; NET;MAILTO='[email protected]'CRONFILE='/etc/cron.d/domains_checker'touch $CRONFILEif [ "$(whois $1 | head -1 | egrep -c '(Domain not found|No match for domain)')" -eq "1" ]; then	sed -i '/'$1'/d' $CRONFILE	echo "$1 is available to register" | mail -s "[Reminder] Domain Notification" MAILTOelif [ "$(egrep -c $1 $CRONFILE)" -eq "0" ]; then	echo "*/30 * * * * root `realpath $0` $1" >> $CRONFILEfi

You can also make a non-root version, using crontab as it’s stored in the /tmp.

Note that the number of free WHOIS queries may be limited on the requested WHOIS server, therefore if needed, you can either randomize the cron moments for each addition or you can program a more refined script that will track the domains frequently only when they pass to the end of PendingDelete period. As each domain would in a normal case pass through 3 periods after expiration: onHold, RedemptionPerdiod, PendingDelete. The period of each step may differ from a registrar to another. For example my registrar has currently a policy of 30, 30, 5 days. The passage from a period to another can be determined using for example the Status and Update date.

Command
whois example.com | grep -- 'Expiry|Updated|Status'


Using RDAP

To read: Evolution of WHOIS Protocol to RDAP – What You Need to Know

Instead of the WHOIS protocol, there is RDAP, which standardize domains lookup in a json format. Like:

https://client.rdap.org/?type=domain&object=example.com

https://rdap.verisign.com/com/v1/domain/example.com

RDAP Servers:

For instance; lookup.icann.org uses the following RDAP servers to determine the information of a domain name:

https://data.iana.org/rdap/dns.json

Based on this, you can also develop your own scripts.


Using PHP

If you wish to use a web script such as Python, Node.js or PHP for an advanced exploitation, you can either use the system cmd

PHP
shell_exec("whois google.com")

or use sockets through WHOIS port 43

PHP
$domain = 'google.com';$timeout = 3;$out = "";$fp = @fsockopen("whois.verisign-grs.com", 43, $errno, $errstr, $timeout);fputs($fp, $domain . "\r\n");    while(!feof($fp))        $out .= fgets($fp);fclose($fp);echo $out;

or better using RDAP by parsing the standardized json format using file_get_contents or curl

PHP
$json = file_get_contents('https://rdap.verisign.com/com/v1/domain/example.com');  $json_data = json_decode($json,true);  print_r($json_data["events"][1]);

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *