[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Question for DNS pros
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: Re: [Full-Disclosure] Question for DNS pros
- From: VX Dude <vxdude2003@xxxxxxxxx>
- Date: Fri, 23 Jul 2004 11:58:31 -0700 (PDT)
named exploits are usefull for finding out what's
inside a named.conf even in chroot jails.
- 2 cents
--- Paul Schmehl <pauls@xxxxxxxxxxxx> wrote:
> Can this be done?
>
> Conditions:
> 1) You know an IP address that is running a DNS
> server. (IOW, it responds
> to digs.)
> 2) You do not know the hostname or domain of the
> host.
> 3) The DNS server does not allow zone transfers.
>
> You want to find out *all* the domains that that DNS
> server is
> authoritative for. (Essentially you're trying to
> find out what's in the
> named.conf file rather than zone file info.)
>
> Has anyone written a tool that can do this? I
> thought about the
> possibility of parsing all the registration sites
> for the Primary and
> Backup NS, but that would take forever. I imagine
> you could write a perl
> script that would access the web interfaces, do the
> queries and return the
> results, but it would run for days...
>
> Paul Schmehl (pauls@xxxxxxxxxxxx)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/ir/security/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.netsys.com/full-disclosure-charter.html
>
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html