gecloud.ch/security-scripts
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
security-scripts/dns-projects/dnsdigger/readme.txt

41 lines
2.1 KiB
Text
Raw Permalink Blame History

DNSDigger is a programm to gather as much as possible informations from DNS Servers. Two different methods are use:
1. DNS Server Query
Query every DNS Server that is responsible for the domain, primary and each secondary. Sometimes only one DNS Server is misconfigured, but that could be enough to get the whole zone file or a provider DNS is used. Some providers allow zone transfers from their DNS Servers.
2. DNS Digging
The idea is to use the same technique as with password attacks based on dictionaries to find hostnames hidden in the DNS zone.There's a names.txt which contains the dictionary. The option HYBRID will append the nummbers 01 to 99 to each entry in the names.txt to uncover additional hostnames.
3. DNS Server Version
DNSDigger uses a chaos class query to find out which DNS Server is running. Microsoft DNS Server and TinyDNS answer with a very special error message and BIND responds with it's version, if not configured to fake the information.
4. Active Directory
DNSdigger queries the common SRV records for windows 2000 domain controllers to identify them.
The tools might be useful for all pen-testers that have to gather DNS informations during a pen-test.
The program is in beta state, so there might be bugs. If you find some please report them to mthumann@ernw.de
You need the NET::DNS Module from Michael Fuhr to run the program. You can download it from the original website
http://www.net-dns.org
or from activestate for ActivePerl
http://ppm.activestate.com/PPMPackages/zips/6xx-builds-only/Net-DNS-0.34.zip
For resolving dns names enter the ip address of your favorite dns server in the file dns-server.dat
Known bugs:
None so far ;-))
License:
Copyright (c) 2003 Michael Thumann.
You can use and distribute the program for free as long as the code is not modified.
Disclaimer:
The program is provided "AS IS" without warranty
of any kind. In no event shall the author be liable for any damages
whatsoever including direct, indirect, incidental, consequential,
loss of business profits or special damages due to the misuse of this
program.
Reference in a new issue View git blame Copy permalink