dnsrecon
DNS reconnaissance or DNSRecon is part of the information gathering stage on a penetration test engagement.When a penetration tester is performing a DNS reconnaissance is trying to obtain as much as information as he can regarding the DNS servers and their records.The information that can be gathered it can disclose the network infrastructure of the company without alerting the IDS/IPS.This is due that most of the organizations are not monitoring their DNS server traffic and those that do they only monitor the zone transfers attempts.
On the web there are a variety of tools available that can gather DNS information effectively but in this article we will focus on the DNSRecon which is a tool that was developed by Carlos Perez and it is designed to perform DNS reconnaissance.This tool is included on backtrack and it is written in python.
DNSrecon is a simple tool writen for target enumeration during authorized penetration test engaments. This tool provides diferent methods for enumerating targets thru DNS service. 
  • Standard Record Enumeration for a given domain (A, NS, SOA and MX).
  • Top Leven Domain Expansion for a given domain.
  • Zone Transfer against all NS records of a given domain.
  • Reverse Lookup against a given IP Range given a start and end IP.
 Here is an Example of the tool enumerating SRV Record and Standard Record.
root@bt:~# ./dnsrecon.rb -t srv -d avaya.com
_sip._udp.avaya.com,198.152.17.90,5060
_sip._tcp.avaya.com,198.152.17.90,5060
root@bt:~# ./dnsrecon.rb -t std -d google.com
google.com,209.85.171.100,A
google.com,74.125.67.100,A
google.com,74.125.45.100,A
ns1.google.com,216.239.32.10,SOA
ns4.google.com,216.239.38.10,NS
ns1.google.com,216.239.32.10,NS
ns2.google.com,216.239.34.10,NS
ns3.google.com,216.239.36.10,NS
smtp4.google.com,72.14.221.25,MX,10
smtp1.google.com,209.85.237.25,MX,10
smtp2.google.com,64.233.165.25,MX,10
smtp3.google.com,209.85.137.25,MX,10


Download Here :: dnsrecon.py
Source :: https://github.com/darkoperator/dnsrecon

0 comments :

Post a Comment

 
Top