DNS
reconnaissance or DNSRecon is part of the information gathering stage on a
penetration test engagement.When a penetration tester is performing a
DNS reconnaissance is trying to obtain as much as information as he can
regarding the DNS servers and their records.The information that can be
gathered it can disclose the network infrastructure of the company
without alerting the IDS/IPS.This is due that most of the organizations
are not monitoring their DNS server traffic and those that do they only
monitor the zone transfers attempts.
On the web there are a variety of tools available that can gather DNS information effectively but in this article we will focus on the DNSRecon which is a tool that was developed by Carlos Perez and it is designed to perform DNS reconnaissance.This tool is included on backtrack and it is written in python.
DNSrecon is a simple tool writen for target enumeration during authorized penetration test engaments. This tool provides diferent methods for enumerating targets thru DNS service.
On the web there are a variety of tools available that can gather DNS information effectively but in this article we will focus on the DNSRecon which is a tool that was developed by Carlos Perez and it is designed to perform DNS reconnaissance.This tool is included on backtrack and it is written in python.
DNSrecon is a simple tool writen for target enumeration during authorized penetration test engaments. This tool provides diferent methods for enumerating targets thru DNS service.
- Standard Record Enumeration for a given domain (A, NS, SOA and MX).
- Top Leven Domain Expansion for a given domain.
- Zone Transfer against all NS records of a given domain.
- Reverse Lookup against a given IP Range given a start and end IP.
Here is an Example of the tool enumerating SRV Record and Standard Record.
root@bt:~# ./dnsrecon.rb -t srv -d avaya.com_sip._udp.avaya.com,198.152.17.90,5060_sip._tcp.avaya.com,198.152.17.90,5060root@bt:~# ./dnsrecon.rb -t std -d google.comgoogle.com,209.85.171.100,Agoogle.com,74.125.67.100,Agoogle.com,74.125.45.100,Ans1.google.com,216.239.32.10,SOAns4.google.com,216.239.38.10,NSns1.google.com,216.239.32.10,NSns2.google.com,216.239.34.10,NSns3.google.com,216.239.36.10,NSsmtp4.google.com,72.14.221.25,MX,10smtp1.google.com,209.85.237.25,MX,10smtp2.google.com,64.233.165.25,MX,10smtp3.google.com,209.85.137.25,MX,10
Download Here :: dnsrecon.py
Source :: https://github.com/darkoperator/dnsrecon
0 comments :
Post a Comment