DNS transfer zone

DNS zone transfer is a type of DNS transaction. It is one of the many mechanisms available for administrators to replicate DNS databases across a set of DNS servers.

host

host -l example.com

-l lists all hosts in a domain, using AXFR

host -l -v -t any example.com

-v enables verbose output

-t specifies the query type

 

dig

dig @ns1.example.com example.com axfr

 

dnsrecon

python dnsrecon.py -d example.com -t axfr

dnsrecon home page – https://github.com/darkoperator/dnsrecon

 

When transfer zone fails, DNS reverse lookups and DNS brute-forcing will help you enumerate DNS entries.

 

fierce

./fierce.pl -dns example.com

fierce home page – http://ha.ckers.org/fierce/

 

dnsenum

./dnsenum.pl –enum -f dns.txt –update a -r wns-server.com

–enum Shortcut option equivalent to –threads 5 -s 20 -w

-f Read subdomains from file to perform brute force

–update Update the file specified with the -f switch with valid subdomains

a Update using all results

-r Recursion on subdomains, brute force all discovred subdomains that have an NS record

dnsenum home page – http://code.google.com/p/dnsenum/w/list

 

dnsmap

./dnsmap example.com -w wordlist_TLAs.txt

dnsmap home page – http://code.google.com/p/dnsmap/

 

Categories: Enumeration Tags: , ,
%d bloggers like this: