Home page logo

pen-test logo Penetration Testing mailing list archives

Re: dnsdigger
From: Mark Wolfgang <moonpie () moonpie org>
Date: Mon, 16 Jun 2003 13:25:04 -0400

In regards to my previous post, it sure would have been nice if I provided
the location for my script :(  It can be found at http://moonpie.org/tools/bf-dns.tgz


On Sun, Jun 15, 2003 at 09:57:21AM +0200 or thereabouts, Michael Thumann wrote:
We like to annouce that DNSDigger is now available 
from our website:

DNSDigger is a program to gather as much as 
possible informations from DNS Servers. Two 
different methods are used:

1. DNS Server Query
Query every DNS Server that is responsible for the 
domain, primary and each secondary. Sometimes 
only one DNS Server is misconfigured, but that could 
be enough to get the whole zone file or a provider DNS
is used. Some providers allow zone transfers from 
their DNS Servers.

2. DNS Digging
The idea is to use the same technique as with password 
attacks based on dictionaries to find hostnames hidden 
in the DNS zone.There's a names.txt which contains the 
dictionary. The option HYBRID will append the nummbers 
01 to 99 to each entry in the names.txt to uncover 
additional hostnames.

The tools might be useful for all pen-testers that have to 
gather DNS informations during a pen-test.

I hope you will find it as useful as I do ,-)

Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the 
world's premier technical IT security event! 10 tracks, 15 training sessions, 
1,800 delegates from 30 nations including all of the top experts, from CSO's to 
"underground" security specialists.  See for yourself what the buzz is about!  
Early-bird registration ends July 3.  This event will sell out. www.blackhat.com

---end quoted text---

Risk accepted by one is imposed on all

Attachment: _bin

  By Date           By Thread  

Current thread:
  • dnsdigger Michael Thumann (Jun 16)
    • Re: dnsdigger Mark Wolfgang (Jun 16)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]