|
Penetration Testing
mailing list archives
how to check for hostnames of wildcard-domains
From: thomas springer <tuevsec () gmx net>
Date: Sun, 12 Feb 2006 20:32:27 +0100
I'm stumbling more and more over domains that have a A-Record for
*.domain.tld set in their zonefile - with the effect that every
ns-lookup for an A-Record on this domain returns an ip, even if the
hostname is not really existing. You might check for the wildcard with a
simple "dig *.domain.tld A +short".
Is there a way to distinguish the *.dom.tld-matching from a real
existing A-Record using a ns-lookup alone?
tom
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
- how to check for hostnames of wildcard-domains thomas springer (Feb 12)
|
Intro
