○ DIG Zone Transfer

dig axfr site_name @dns_server_name


○ DNSRECON

Perform Google enumeration and reverse lookup

dnsrecon -g -w -d example.com

-> 

[*] The following IP Ranges where found:

[*] 0) 2xx.2xx.64.0-2xx.2xx.127.255 KREONetKREONet-KR

[*] 1) 1xx.60.0.0-1xx.60.63.255 NCISNCIS-KR

[*] What Range do you wish to do a Revers Lookup for?

[*] number, comma separated list, a for all or n for none

0 번 선택


IP range for reverse lookup brute force

dnsrecon -r startIP-endIP


Zone Transfer

dnsrecon -d domain -t axfr


○ Zone Transfer

- NSLOOKUP

The steps to try and force a zone transfer are shown here:


1. nslookup                #Enter nslookup from the command line.

2. server <ipaddress>   #Enter the IP address of the authoritative server for that zone.

3. set type = any         #Tells nslookup to query for any record.

4. ls –d <domain.com> #Domain.com is the name of the targeted domain of
                                 the final step that performs the zone transfer.


nslookup

기본 서버:  google-public-dns-a.google.com

Address:  8.8.8.8


set type=any

ls -d example.com


example.com.        SOA hostmaster.sbc.net (950849 21600 3600 1728000 3600)

example.com.        NS     auth100.ns.sbc.net

example.com.        NS     auth110.ns.sbc.net

example.com.        A      10.14.229.23

example.com.        MX     10   dallassmtpr1.example.com

example.com.        MX     20   dallassmtpr2.example.com

example.com.        MX     30   lasmtpr1.example.com

lasmtpr1            A      192.172.243.240

dallassmtpr1        A      192.172.163.9

dallaslink2         A      192.172.161.4

spamassassin        A      192.172.170.49

dallassmtpr2        A      192.172.163.7

dallasextra         A      192.172.170.17

dallasgate          A      192.172.163.22

lalink              A      172.16.208.249

dallassmtp1         A      192.172.170.49

nygate              A      192.172.3.250

www                 A      10.49.229.203

dallassmtp          MX     10   dallassmtpr1.example.com

dallassmtp          MX     20   dallassmtpr2.example.com

dallassmtp          MX     30   lasmtpr1.example.com


Posted by n3015m

BLOG main image
'네오이즘'의 보안LAB 블로그입니다........... n3oism@gmail.com by n3015m

카테고리

분류 전체보기 (226)
[ HappyDevTool ] (29)
[ HappyToolRelease ] (4)
[Book] (5)
[ Security Studies ] (0)
- CII (2)
- BigData (2)
- Web Hacking (10)
- SQL Injection (25)
- Mobile Security (8)
- Network (6)
- OperatingSystem (4)
- Malware & Reversing (4)
- Phishing (5)
- Compliance (0)
- Programming (13)
- Tools (13)
- IoT (6)
- etc (21)
[Pentration Testing] (3)
[OS X] (4)
[ Security Trends ] (16)
[ Fixing Guideline ] (7)
My Way, My Life (34)
About Me (2)
Total : 231,036
Today : 3 Yesterday : 264