1. Add output file support with the flag -o, in case of no flag is provided, a file with domain.tld.txt will be created.
2. Support stdinand stdout for bruteforce and resolving a list of subdomains.
3. Replace -l with -w flag for providing wordlist to brute force.
4. Add -version flag to show the current version.

thanks for this project.. Massdns commands include, for example, --interval. this command means timeout value. When using shuffledns I want to use the --interval command and increase the value. The more timeout values ​​given, the more accurate the results. For this, additional features should be introduced.

Currently predefined massdns cmd is used at https://github.com/projectdiscovery/shuffledns/blob/master/pkg/massdns/process.go#L93

There are more tweaks to massdns scans that can be achieved using an additional flag to accept massdns optional commands.

-mcmd, -massdns-cmd        additional massdns commands to use with scan

Example:

shuffledns -mcmd '-i 100'

thanks for this project.

example:

drive.example.com
blabla1.drive.example.com
blabla2.drive.example.com
blabla3.drive.example.com

Imagine that the above subdomain addresses are in a list. When shuffledns cleans up the wildcard subdomains above, it also cleans drive.example.com. the real problem here is that the wildcard starts after *.drive.

shuffledns should only show this domain as a result. drive.example.com
The following are the wildcard subdomains that need to be deleted.

blabla1.drive.example.com
blabla2.drive.example.com
blabla3.drive.example.com

The http status codes of the above subdomain addresses were as follows.

drive.example.com 200
blabla1.drive.example.com 403
blabla2.drive.example.com 403
blabla3.drive.example.com 403
adksfdhjklsjkhldfkjhasdjklajklhasjkld.drive.example.com 403

so when clearing wildcards, you need to detect where the wildcard starts.

Here is a sample subdomain address for you to test.

games.mail.ru
blabla.games.mail.ru
api.games.mail.ru


this code not work but in version 1.0.5 worked

I think this would be a cool feature and would be really useful.

The way shuffleDNS handles this is it will keep track of how many subdomains point to an IP and if the count of the Subdomains increase beyond a certain small threshold, it will check for wildcard on all the levels of the hosts for that IP iteratively.

I'm not exactly sure how shuffleDNS checks for wildcard but it has generated me a fair amount of false positives. Here's an example

0-155-130.latest.facebook.com
0-157-82.latest.facebook.com
0-155-170.latest.facebook.com
0-157-96.latest.facebook.com
0-144-238.latest.facebook.com
0-144-156.latest.facebook.com
.....
0-155-164.latest.facebook.com

These subdomains were all validated with shuffledns however the subdomain latest.facebook.com has a wildcard.

❯ host -t CNAME 'anything-random-this-should-not-work.latest.facebook.com'
anything-random-this-should-not-work.latest.facebook.com is an alias for latest.c10r.facebook.com.

In wildcard elimination phase shuffledns drops all the wildcard IP's, in another way, those IP's can be used to detect VHOST against the same target, so it would be great if shuffledns allows an option to collect unique discarded wildcard IPs.

Hi,

I have been facing a bug when running shuffledns against a big list (+50M lines) to resolve.

Command:
cat list.txt | shuffledns -d domain.com -r resolvers.txt -t 5000 -o output.txt

Program version: 1.0.4

Hello team,

as always great tool.

I have a question about if it is possible to brute-force multiple domains at the same time?

let's say we have a list of 100 domains called domains.txt, is it possible to brute-force all of them with a provided wordlist?

like cat domains.txt | shuffledns -w wordlist -r resolvers.txt I know it is possible to do it against 1 domain like day, like echo domain.com| etc.. but is it possible directly doing it against multiple domains at once?

Of course this can be done in a loop but just wondering if it maybe there is a flag for domains or something like that

whenever you click on copy option which shows on the right side, it also copy the arrow thing so remove it so it`ll not occur an error in terminal.
as you can see here.

I`ll do the Pull request .

thanks

Hi @Ice3man543

First of all, Thanks a lot for your hard work... This is indeed an amazing tool. Naabu Tool is also awesome. I wanna ask about these two commands:

First Command:

echo hackerone.com | subfinder | shuffledns -w wordlist.txt -r resolvers.txt -silent | httprobe

Second Command:

shuffledns -d example.com -list example.com-subdomains.txt -r resolvers.txt

How I can Combine both Commands into one Command? Actually, in First Command I can't feed already discovered subdomains list in shuffledns.

Moreover, I wanna feed more than 1 Domains for Subdomain Enumeration. Is there any such support with this tool?

Sincerely,

jdranpariya@DESKTOP-O7SQM7K:/mnt/e/Word_lists$ shuffledns -d target.com -w commonspeak2_subdomains.txt -r resolvers.txt

       __        ________        __
  ___ / /  __ __/ _/ _/ /__  ___/ /__ ___
 (_-</ _ \/ // / _/ _/ / -_)/ _  / _ \(_-<
/___/_//_/\_,_/_//_//_/\__/ \_,_/_//_/___/ v1

                projectdiscovery.io

[WRN] Use with caution. You are responsible for your actions
[WRN] Developers assume no liability and are not responsible for any misuse or damage.
[INF] Started generating bruteforce permutation
[INF] Generating permutations took 237.2702ms
[INF] Creating temporary massdns output file: /tmp/shuffledns731669339/bt7ig5jrdkuc1r7rd9k0
[INF] Executing massdns on target.com
[ERR] Could not run massdns: could not execute massdns: could not execute massdns: fork/exec /usr/local/bin/massdns: permission denied
detailed error:
[INF] Finished resolving. Hack the Planet!

I also used sudo shuffledns -d target.com -w commonspeak2_subdomains.txt -r resolvers.txt
and I referred to this pr but I'm the only user no need to switch.
what are the steps do I need to take?

I have a lot of domain names, so I want to put them in a file and let shuffledns read my file

Describe the bug
I am getting error when try to perform the shuffledns

Shuffledns version
1.0.5

Complete command you used to reproduce this
shuffledns -d redacted.com -list subdomains_i_found_on_redacted.txt -r ~/resolvers.txt | tee shuffle_redacted.com

Screenshots
Add screenshots of the error for a better context.

Maybe I misunderstand the -list argument. I've pass the subdomains I found on the redacted.com

If I use subdomain_keywords list for -list parameter. There is no error and on output as result. Just this logs.

What is the right using. Sorry I can't understand from ducumentation.

Command: cat shorty.txt | shuffledns -w "commonspeak2.txt" -r "dnsvalidator/resolvers.txt" -o shuffledns.txt

cat shorty.txt
001-0009302176-mc2-kreativne.atlassian.net
00333.atlassian.net
007dude.atlassian.net
007sex.atlassian.net
008-vt6kji.atlassian.net
00bc.atlassian.net

Result:

Suspected line number in code:

shuffleDNS hangs and does nothing. Maybe I'm being impatient, I waited for an hour though? I'm unsure how to fix as the code looks sound at 1st glance. Perhaps it's my usage and I should always run with the -d flag?

cat domains.txt | shuffledns -w subs.txt -r resolvers.txt
or
cat domains.txt | while read line; do shuffledns -d $line -w subs.txt -r resolvers.txt -silent | anew shuffledns.txt; done

Expected result

shuffledns loops through each domain in domains.txt, generates permutations, brute force and produce the results for all domains.

Actual result

shuffledns prints all domains in domains.txt and only runs permutation and brute forcing on the first domain.

There are many time when you need IP address as well as hostname so I think it will be useful to have an option like -include-ip to print IP with the hostname
Like this -

github.com 13.234.176.102

shuffledns version:

[INF] Current Version: v1.0.6

environment

go version go1.17.8 linux/amd64
DISTRIB_DESCRIPTION="Ubuntu 20.04.4 LTS"
5.13.0-35-generic
massdns 1.0.0

Current Behavior:

When running shuffledns it hangs and doesn't do anything.

Expected Behavior:

Do something.

Steps To Reproduce:

1. Run shuffledns

$ shuffledns -v -d whatever.com -w ~/opt/wordlists/jhaddix-dns-all.txt -r tested-resolvers.txt 

       __        ________        __       
  ___ / /  __ __/ _/ _/ /__  ___/ /__ ___
 (_-</ _ \/ // / _/ _/ / -_)/ _  / _ \(_-<
/___/_//_/\_,_/_//_//_/\__/ \_,_/_//_/___/ v1.0.6

		projectdiscovery.io

Use with caution. You are responsible for your actions
Developers assume no liability and are not responsible for any misuse or damage.

it just hangs at this point.

Let me know if you need any more information.

When hunting on larger companies, I end up easily with over 10 million possible subs, since shuffledns stores the output of massdns in raw format. There is no way to run it on an 300 gig VPS or over a longer amount of time. Maybe something to be improved or fixed in the future.

Is that possible to pass the known domain during Bruteforce so that it will do brute force on the know subdomains also ??

I got below output when I ran with 1.0.3 and received no false positives.

shuffledns -d blusapphire.net -w /root/tools/seclists/Discovery/DNS/shubs-subdomains.txt -r resolvers.txt
[INF] Started generating bruteforce permutation
email.blusapphire.net
ti2.blusapphire.net
autodiscover.blusapphire.net
www.blusapphire.net
ftp.blusapphire.net
enterpriseregistration.blusapphire.net
prod01.blusapphire.net
products.blusapphire.net
sip.blusapphire.net
sccc.blusapphire.net

But when I ran with 1.0.4 got following output
shuffledns -d blusapphire.net -w /root/tools/seclists/Discovery/DNS/shubs-subdomains.txt -r resolvers.txt

gamak.blusapphire.net
haik.blusapphire.net
hexcel.blusapphire.net
msoid.blusapphire.net
prod06.blusapphire.net
sccc.blusapphire.net
prod01.blusapphire.net
ftp.blusapphire.net
www.blusapphire.net
prod10.blusapphire.net
ti1.blusapphire.net
*.140-finance.blusapphire.net
*.150-finance.blusapphire.net
*.1444.blusapphire.net
*.150aniversario.blusapphire.net
*.164-finance.blusapphire.net
*.1conan.blusapphire.net
*.1800fundraiser.blusapphire.net
*.1mp30xxw.blusapphire.net
*.1.damoh.blusapphire.net
*.163-finance.blusapphire.net
*.0.pp.blusapphire.net
*.184456qipaiguanwang.blusapphire.net
*.204-finance.blusapphire.net
*.136-finance.blusapphire.net
*.134-finance.blusapphire.net
*.124-finance.blusapphire.net
*.100-finance.blusapphire.net
*.1hardware.blusapphire.net
\xc3\xb0\xc3\xbf\xc2\x90\xc5\xbe.blusapphire.net
*.0724ly.blusapphire.net
*.114.blusapphire.net
*.127-finance.blusapphire.net
*.0310fck.blusapphire.net
*.12530g.blusapphire.net
*.1iik.blusapphire.net
*.146-finance.blusapphire.net
*.15950royaloak.blusapphire.net
*.151-finance.blusapphire.net
*.195gachiga.blusapphire.net
autodiscover.blusapphire.net
docker01.blusapphire.net
devk.blusapphire.net
lyncdiscover.blusapphire.net
sip.blusapphire.net
demok.blusapphire.net
ti01.blusapphire.net
ti2.blusapphire.net
prod02.blusapphire.net
prod03.blusapphire.net
prod04.blusapphire.net

my resolvers.txt has
1.1.1.1
1.0.0.1
8.8.8.8
4.2.2.1

Hello team,
The above edge case helps us identify domains which can be taken over. However shuffledns filters out these domains due to the NXDOMAIN status. Note that this could be a massdns issue as discussed personally.
Let me know if you need more information.

Best regards.
streaak

shuffledns -d example.com -r /dnsfinder/resolver.txt -silent -w words.txt -list sub.example.com.txt
If we run the above command, only the subdomains in sub.example.com.txt are resolved, but the example.com is not
bruteforced with words.txt wordlist.
In sort, -w and -list flag can not be used together.

According to RFC4343 domain names should be considered with case insensitivity, actually the code returns the same domain with multiple valid results if the bruteforce list contains eg uppercase letters, for example:

WWW.hackerone.com
www.hackerone.com
Www.hackerone.com

This can be easily fixed by converting to lowercase the prefixes during wordlist generation and it would also reduce the number of bruteforce iterations needed

Hello,

I don't know if it is ok to propose flags, but would be fucking amazing to have a flag like -response where we can specify the type of server status we want to get.

The default value would run the tool the same way it is running now. And if I specify like -response refused that it only shows the subdomains that gave the status refused. It should support the 4 main status, noerror, nxdomain, servfail, refused.

I would love to have that as I was doing it manually with massdns but the scripts were a mess.. shuffledns <3

at file pkg/wildcards/resolver.go,

serverIndex := atomic.LoadInt32(&w.serversIndex)
if w.serversIndex >= int32(len(w.servers)-1) {
	atomic.StoreInt32(&w.serversIndex, 0)
	serverIndex = 0
}
resolver := w.servers[serverIndex]

the condition w.serversIndex >= int32(len(w.servers)-1) maybe wrong?
because it's never use the last index of the list
it should be w.serversIndex >= int32(len(w.servers))

GO111MODULE=on go get -v github.com/projectdiscovery/shuffledns/cmd/shuffledns

shuffledns

bash: shuffledns: command not found

Hello,

It would be helpful to use shuffledns to only generate permutations from previously collected subdomains

> cat sub-list.txt
a.new.target.com
b.old.target.com
> shuffledns -mode premute -p sub-list.txt -o output.txt
> cat output.txt
a.new.target.com
b.old.target.com
a.old.target.com
b.new.target.com
old.a.target.com
new.b.target.com
...

Also accepting stdin

> echo target.com | subfinder -silent | shuffledns -mode premute -silent
a.new.target.com
b.old.target.com
a.old.target.com
b.new.target.com
old.a.target.com
new.b.target.com
...

This would be also helpful to monitor company subdomains

I wrote a Dockerfile for shuffledns and I think that it might benefit others:

FROM golang:1.14-alpine as build
RUN apk --no-cache add git
RUN go get -u -v github.com/projectdiscovery/shuffledns/cmd/shuffledns; exit 0
ENV GO111MODULE on
WORKDIR github.com/projectdiscovery/shuffledns/cmd/shuffledns
RUN go install ./...

FROM alpine:latest
COPY --from=build /go/bin/shuffledns /usr/bin/shuffledns
ENV HOME /
ENTRYPOINT ["/usr/bin/shuffledns"]

Let me know if you want me to make a pull request.

Hello,

It would be nice to support the "json" form in the output format.

Because I often use json form in massdns.

Thanks.

Currently, all the domains that point to a single IP go through a wildcard check removing any and all hostnames that point to the wildcard IP. This leads us to missing some subdomains that point to same IP but host different content via vhosts.

Need to figure it out. Possible ideas are making a http request.

Currently wildcard elimination is done in a single threaded way, it doesnt takes much time however it would be nice to have multi-threaded resolving. Need to benchmark and see.

Hello,

It might not be your concern but I would be really happy to have some help, if you have an idea.
First, shuffledns is really great and works very well.
That was until I try to run it with cron.
I don't know what cron is doing that could create the issue, because I'm doing really simple stuff.

Version: 1.0.4
Issue: shuffledns when running in cron task as bruteforce dns mode, is "missing"/"don't care about" the root dns (passed as -d in command) and creating permutation list without it (with only the wordlist.nothing) as like this

wordlist_word_1.
wordlist_word_2.

instead of

wordlist_word_1.root.dns
wordlist_word_2.root.dns

It does not depend on wordlist, and the exact same command is working fine every time out of cron.
That is the crontab

SHELL=/bin/bash
* 07 * * * /opt/go/bin/shuffledns -d root.dns -r /path/to/resolvers.txt -w /path/to/jhaddix-dns -o /tmp/shuffledns

Looking into logs I cannot see any error.

       __        ________        __       
  ___ / /  __ __/ _/ _/ /__  ___/ /__ ___
 (_-</ _ \/ // / _/ _/ / -_)/ _  / _ \(_-<
/___/_//_/\_,_/_//_//_/\__/ \_,_/_//_/___/ v1

                projectdiscovery.io

[WRN] Use with caution. You are responsible for your actions
[WRN] Developers assume no liability and are not responsible for any misuse or damage.
[INF] Started generating bruteforce permutation
[INF] Generating permutations took 477.328179ms
[INF] Creating temporary massdns output file: /tmp/shuffledns178068042/bsudasm6sel9pe5gl2e0
[INF] Executing massdns

I pretty much tried everything but there must be something I don't know about go/cron which mess things up.

shuffledns does not validate if the file input passed for the -r resolvers list exists on the system or not and it causes massDNS to fail as it can not run without resolver list, and I suspect #7 could be related to this.

Example:-

root@test:~# cat i_do_not_exists.txt
cat: i_do_not_exists.txt: No such file or directory
root@test:~# shuffledns -w w.txt -d test.com -r i_do_not_exists.txt

       __        ________        __       
  ___ / /  __ __/ _/ _/ /__  ___/ /__ ___
 (_-</ _ \/ // / _/ _/ / -_)/ _  / _ \(_-<
/___/_//_/\_,_/_//_//_/\__/ \_,_/_//_/___/ v1								

		projectdiscovery.io

[WRN] Use with caution. You are responsible for your actions
[WRN] Developers assume no liability and are not responsible for any misuse or damage.
[INF] Started generating bruteforce permutation
[INF] Generating permutations took 40.776µs
[INF] Creating temporary massdns output file: /tmp/shuffledns933032530/bphtn8e7dd9sdquen18g
[INF] Executing massdns on test.com
[ERR] Could not run massdns: could not execute massdns: exit status 1
[INF] Finished resolving. Hack the Planet!
root@test:~# 

Hello,

I'm running into an issue when trying to run shuffledns inside an Amazon ECS (Fargate) container.

My issue is that shuffledns thinks that there is an stdin input provided where there isn't which then ignores the provided domain flag.

I don't know exactly what the problem is but I think that the function hasStdin could be improved.

func hasStdin() bool {
	fi, err := os.Stdin.Stat()
	if err != nil {
		return false
	}
	if fi.Mode()&os.ModeNamedPipe == 0 {
		return false
	}
	return true
}

If hasStdin returns true the domain flag will be ignored:

// Set the domain in the config if provided by user from the stdin
if options.Stdin && options.Wordlist != "" {
	buffer := &bytes.Buffer{}
	io.Copy(buffer, os.Stdin)
	options.Domain = strings.TrimRight(buffer.String(), "\r\n")
}

One way would be to validate the content of stdin since in my case it is empty, this is kind of a hack and a better solution would be to return false by default and only return true when there is an stdin value passed.

My issue can be "emulated" by running this command:

echo "" | /usr/bin/shuffledns -nC -v -w top100.txt -r /resolvers.txt -d facebook.com

#command:
GO111MODULE=on go get -u -v github.com/projectdiscovery/shuffledns/cmd/shuffledns

github.com/projectdiscovery/shuffledns/pkg/massdns

../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:52:3: undefined: gologger.Infof
../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:59:2: undefined: gologger.Infof
../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:66:2: undefined: gologger.Infof
../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:70:3: undefined: gologger.Infof
../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:75:3: undefined: gologger.Infof
../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:78:2: undefined: gologger.Infof
../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:86:3: undefined: gologger.Infof
../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:88:3: undefined: gologger.Infof
../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:99:2: undefined: gologger.Infof
../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:222:4: undefined: gologger.Silentf
../go/pkg/mod/github.com/projectdiscovery/[email protected]/pkg/massdns/process.go:222:4: too many errors

Is there a way to print data with tag live/no rather than just giving live hosts
For ex - (like this)
google.com live
pikachu.google.com not live
corp.google.com live

(instead of this)
google.com
corp.google.com

I have seen this multiple times, that on running shuffledns twice I get different results, and the results does not vary by 2-5 domains but in huge numbers. This huge difference come only in first and second run.

$ cat altdns.txt| shuffledns -silent -d domain -r ips/resolvers.txt | tee a.txt
$ cat a.txt | wc -l
619
$ cat a.txt| shuffledns -silent -d domain -ips/resolvers.txt | wc -l
95

Resolvers are taken from dnsvalidator.

Strangely, if I pass the same subdomain to shuffledns it does not output as it should be:

echo 'sub.example.com' | shuffledns -silent -d example.com -r ips/resolvers.txt

but the same subdomain came in the result of : cat altdns.txt| shuffledns -silent -d domain -r ips/resolvers.txt

I have observed this issue for other domains also.

DNS Record:

dig tr.recorder.example.com

; <<>> DiG 9.11.5-P4-5.1ubuntu2.2-Ubuntu <<>> tr.recorder.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 17767
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;tr.recorder.example.com.       IN      A

;; AUTHORITY SECTION:
example.com.            900     IN      SOA     ns-546.awsdns-04.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400

;; Query time: 113 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue Jun 23 07:34:29 UTC 2020
;; MSG SIZE  rcvd: 144

No CNAME, and No A record found for this subdomain but still it came on the output of first shuffledns run.

Hi @Ice3man543 Its not an issue. But if it would have a switch or default with -verbose flag to show Progress Bar so that user can know how much entries are processed.

Regards,

Hello,

I just ran shuffle dns on hackerone.com with massdns default resolvers list, i got 655 results, i m using a custom wordlist with 2178753 entries.

I ran the same config with massdns using my bash script and i am able to get only valid domains, i do the clean up separately like follows
cat mass.txt | awk '{print $3}' | sort -u | while read line; do valid=$(cat mass.txt | grep -m 1 $line);echo "$valid" ;done
if you run this on your machine you should be able to get only valid domains

Currently, shuffledns doesn't set --output/-o option while calling massdns due to which massdns uses default Full Text Output mode. This mode includes Header and Question section to be included in massdns's output for every DNS query. This extra information is not needed for further processing and can be avoided.

Setting --output/-o to Sn can help reduce intermediate file size to a great extent.

shuffleDNS accepts domain name using -d flag for the bruteforce as well as resolving the given list, domain name input is to make sure shuffleDNS handle the wildcard correctly, but in case of -list it's not necessary that user provides a list for the single domain, so domain name input doesn't make any sense, we can keep domain name input optional in case of -list is used.

Also, alert the user that wildcard filtering will be disabled in case of no domain.

An option of taking multiple ip as input can be added to shuffedns so that if any subdomain resolves to the given IPs it will not be shown in output

Why this feature

sometimes there are multiple A records of a non-existent domain that in return spoils the shuffldns wildcard feature.

[WRN] Use with caution. You are responsible for your actions
[WRN] Developers assume no liability and are not responsible for any misuse or damage.
[INF] Started generating bruteforce permutation
[INF] Generating permutations took 28.898107ms
[INF] Creating temporary massdns output file: /tmp/shuffledns365027544/bpdu67p92jhup178risg
[INF] Executing massdns on hackerone.com
[ERR] Could not run massdns: could not execute massdns: exit status 1
[INF] Finished resolving. Hack the Planet!

Massdns in : /usr/local/bin/massdns

Hello everyone,

I just followed the installation process , however the tool didn't installed,

I ran this command on kali linux 2021.2
$ GO111MODULE=on go get -v github.com/projectdiscovery/shuffledns/cmd/shuffledns

it did downloaded as well, but when I do "shuffledns" "shuffledns.go" ...etc it returns "command not found"

I also tried to clone the repository>go get>go build
and yet the script still not installed

Please can anyone improve the README.md about the installation and thanks in advance

When a wildcard domains returns a CNAME then shuffledns seems to pass it on even with -strict-wildcard

root@ip-172-31-36-39:~# echo "hello.catchall.sn1.se" | docker run --rm -i phasip/shuffledns -strict-wildcard -silent
hello.catchall.sn1.se

dig hello.catchall.sn1.se @8.8.8.8

; <<>> DiG 9.16.1-Ubuntu <<>> hello.catchall.sn1.se @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44996
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;hello.catchall.sn1.se.		IN	A

;; ANSWER SECTION:
hello.catchall.sn1.se.	599	IN	CNAME	localhost.sn1.se.
localhost.sn1.se.	599	IN	A	127.0.0.1

;; Query time: 56 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Oct 16 08:14:11 UTC 2020
;; MSG SIZE  rcvd: 90

Is there some way for me to avoid this behaviour?