Home page logo
/

nmap-dev logo Nmap Development mailing list archives

[NSE] dns-brute - DNS brute-forcer
From: cirrus <cirrus () 0x0lab org>
Date: Mon, 31 Jan 2011 19:30:19 +0200

Hello list,

I've started developing a DNS brute-force script.
I'm attaching the script (also git accessible from: git://
code.0x0lab.org/nmap-dns-brute.git), please feel free to comment (It's my
first attempt at nse and lua, so please do point out any
issues/mistakes/etc.).
The script has been developed/tested with the current svn version.

$ head -n 32 dns-brute.nse
description = [[
Attempts to find DNS hostnames by brute force guessing.
]]
-- 2011-01-26

---
-- @usage
-- nmap --script dns-brute --script-args dns-brute.domain=foo.com,
dns-brute.threads=6,
--    dns-brute.cclass, dns-brute.hostlist=./hostfile.txt, newtargets -sS
-p 80
-- nmap --script dns-brute www.foo.com
-- @args dns-brute.hostlist The filename of a list of host strings to try.
-- @args dns-brute.threads Thread to use (default 5).
-- @args dns-brute.cclass If specified, adds the reverse DNS for the
c-class of all discovered IP addresses. cclass can
--    also be set to the value 'printall' to print all reverse DNS names
instead of only the ones matching the base domain
-- @args dns-brute.domain Domain name to brute force if no host is
specified
-- @args newtargets Add discovered targets to nmap scan queue (only applies
when dns-brute.domain has been set)
-- @output
-- Pre-scan script results:
-- | dns-brute:
-- | Result:
-- |   DNS Brute-force hostnames:
-- |   www.foo.com - 127.0.0.1
-- |   mail.foo.com - 127.0.0.2
-- |   blog.foo.com - 127.0.1.3
-- |   ns1.foo.com - 127.0.0.4
-- |   admin.foo.com - 127.0.0.5
-- |   Reverse DNS hostnames:
-- |   srv-32.foo.com - 127.0.0.16
-- |   srv-33.foo.com - 127.0.1.23
-- |   C-Classes:
-- |   127.0.0.0/24
-- |_  127.0.1.0/24

Attachment: dns-brute.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault