Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: anonymous Zonetransfer (AXFR) exploatation

Re: anonymous Zonetransfer (AXFR) exploatation

From: Jamie Riden <jamie.riden_at_gmail.com>
Date: Thu, 13 Mar 2008 09:45:27 +0000

On 12/03/2008, xx yy <thenucker2004_at_yahoo.com> wrote:
> During some research I came across some server that have anonymous Zonetransfer (AXFR) allowed.
>
> Is there a working attack for a DNS server that has anonymous Zonetransfer (AXFR) allowed ?

It's only an information disclosure vulnerability, so the best you can
do is look at things like the network structure, the hostnames and try
to infer from them. For example, a lot of places give CNAMES for
functionality such as mail, www, smtp, pop3, xxx-db (for database),
etc.

You can also have a look at the distribution of the hosts within the
IP space of the company. Are there gaps? If so, are there computers
there without DNS records? etc. etc.

cheers,
 Jamie 

-- 
Jamie Riden / jamesr_at_europe.com / jamie_at_honeynet.org.uk
UK Honeynet Project: http://www.ukhoneynet.org/
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
Received on Mar 13 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos