Pages

0

DNS Enumeration

 




                         DNS enumeration is the process of locating all the DNS servers and their corresponding records for an organization. DNS enumeration will yield usernames, computer names, and IP addresses of potential target systems.               

Types of enumeration that use DNS include the following:-

1.Standard Record enumeration:-

                    In order to perform stander DNS enumeration with the DNSRecon the command that we have to use the ./dnsrecon.py - d <domain>

2.Zone Transfer :-

                The security problem with DNS zone transfer is that it can be used to decipher the topology of a company network . Specifically when a user is trying  to perform a zone transfer it sends a DNS query to list all DNS information like name server , host names ,MX and CNAME records , zone serial number ,Time to Live records etc. Due to the amount of information that can be obtained DNS zone transfer cannot be easily found in nowadays . However DNSRecon provides the ability to perform Zone Transfers with the commands;

./dnsrecon.py -d <domain>-a or ./dnsrecon.py -d <domain> - axfr

3.Reverse Lookup :-

                        reverse DNS lookup is the determination of domain name with the asssociated IP address. DNSRecon can perform a reverse lookup for PTR records against IPv4 and IPv6 address ranges../dnsrecon.py -r <startIP-enIP> must be used. Also reverse lookup can be performed against all ranges in SPF records with the command ./dnsrecon.py -d <domain> -s

4.Domain Brute-Force:-

                        For performing this technique all we have to do is to give a name list and it will try to resolve the A, AAA and CNAME records against the domain by teying each entry one by one . In order to run the Domain Name Brute-Force we need to type:

./dnsrecon.py -d <domain> -D <namelist> -t brt

5.Cache Snooping :-

                                    DNS cache snooping is occurred when the DNS server has a specific DNS record cached . This DNS record will often reveal plenty of information . However DNS cache snooping is not happing very record will often reveal plenty of information .However DNS cache snooping is not happing very often. The command that can be used in order to perform cache snooping is the following:- ./dnsrecon.py -t snoop -n Sever -D<Dict>

6.Zone Walking:-

                            This technique may unveils internal records if zone is not configured properly. The information that can be obtained can help us to map network hosts by enumerating the contents of a zone. In order to perform the zone walking we need to type the command:

./dnsrecon.py -d <host> -t zonewalk

Amey Patil

Phasellus facilisis convallis metus, ut imperdiet augue auctor nec. Duis at velit id augue lobortis porta. Sed varius, enim accumsan aliquam tincidunt, tortor urna vulputate quam, eget finibus urna est in augue.

No comments:

Post a Comment