|
Penetration Testing
mailing list archives
Re: how to check for hostnames of wildcard-domains
From: "A. Ramos" <aramosf () unsec net>
Date: Tue, 14 Feb 2006 13:15:50 +0100
Is there a way to distinguish the *.dom.tld-matching from a real
existing A-Record using a ns-lookup alone?
http://www.faqs.org/rfcs/rfc1034.html
A * label appearing in a query name has no special effect, but can be
used to test for wildcards in an authoritative zone; such a query is the
only way to get a response containing RRs with an owner name with * in
it. The result of such a query should not be cached.
# host -t a "*.unsec.net"
Host *.unsec.net not found: 3(NXDOMAIN)
f# host -t a "*.isgay.com"
*.isgay.com is an alias for isgay.com.
isgay.com has address 66.249.137.17
*.isgay.com is an alias for isgay.com.
*.isgay.com is an alias for isgay.com.
isgay.com mail is handled by 0 isgay.com.
--
A. Ramos <aka dab>
mailto: <aramosf () unsec net>
http://www.unsec.net
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
 By Date 
By Thread
Current thread:
|
Intro
