Jump to content

Looking for help with dig and dns


Recommended Posts

I'm looking for help running tests against DNS servers. I want to list all the subdomains for a specific domain. So I try to use the dig command with axfr and it fails every time.

dig @ns.SOA.com somedomain.com axfr

Am I doing it wrong or are modern dns servers hardened and no longer accept this query? Is there a better way to do this? For example, so I build a dns server and try to replicate records to query? Would the axfr command be accepted if it came from a dns server? If so, what is the 'check' that I would be passing, so I could spoof it.

Next DNS question along the same lines, I want to do reverse dns lookups. It also seems that all the DNS servers I tried don't accept this, which is the proper behavior after hardening. However we all know, not EVERYBODY does the proper settings and there is always somebody out there with some default settings. Are the queries wrong or am I just not finding a server that allows reverse dns? Anyone know of some servers that accept reverse dns?

Anyone know a good resource to find these one in a million dns servers?

Link to comment
Share on other sites

Properly configured DNS servers, do NOT have to list subdomains, and by default, security wise, thats what we call domain transfers, and if they DO return all the subdomain names, than its considered a security issue. NSLOOKUP is pretty much the same thing, but DIG can sometimes get some more info out of the servers. Hak5.org used to allow entire domain name transfers, and show all the subdomains. Not sure if it still does, but I think Digininja purposely has a server setup for people to test against. Search his name + dns in the forums for the link, or go to his site to see if he has links.

The other way to do it, is 1, nmap dns scanning, or 2 bruteforcing names to IP addresses for a main domain.

Edited by digip
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...