Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Recon tool kit part 1
From: H D Moore <hdm () SECUREAUSTIN COM>
Date: Thu, 28 Sep 2000 22:09:53 -0500

Hi Matt/All,

I wrote a similar tool that takes an address mask and does the same
thing in a recursive and parallel fashion.  It will first perform a
reverse DNS lookup on every address in the given network mask/address,
then attempt a zone transfer of each domain it finds in the reverse
resolution.  For example, you run this tool on 192.168.10.0/24:

$ ./rrdns.pl 192.168.10.0/24
Getting reverse DNS information for 128 addresses...
Resolver finished in 3 seconds (42/sec)...

Starting Zone Transfer for example.lan (level 127)...
Starting Zone Transfer for exampletwo.lan (level 5)...

192.168.10.1:testbox.example.lan
[..]
192.168.10.145:www.exampletwo.lan
[..]
mail.example.lan     3600    IN      A       192.168.10.5
testbox.example.lan. 3600    IN      A       192.168.10.1
[..]
www.exampletwo.lan    3600    IN      A       192.168.10.145
ftp.exampletwo.lan    3600    IN      A       192.168.10.148
[..]

required modules: Net::DNS and Net::Netmask

# perl -MCPAN -e 'install Net::DNS'
# perl -MCPAN -e 'install Net::Netmask'


Script is attached.

-HD

http://www.digitaloffense.net (play)
http://www.digitaldefense.net (work)

"Matt W." wrote:

Announcing the release of DNSHoe.pl v1.0.0 by Xram_LraK.  DNSHoe allows
anyone to find out all the host names associated with a range of IPs.
It's nice when the dns server doesn't allows zone transfers.  Requires
NET::DNS perl module.

Xram_LraK
Egatobas Advanced Research Labs
kmx () egatobas org

Attachment: rrdns.pl
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault