上QQ阅读APP看书,第一时间看更新
DNS Record Scanner and Enumerator
The DNS Record Scanner and Enumerator auxiliary module can be used to gather information about a domain from a given DNS server by performing various DNS queries, such as zone transfers, reverse lookups, SRV record brute forcing, and other techniques.
- To run the auxiliary module, we use the use command followed by the module we want to use, in this case, auxiliary/gather/enum_dns. Then we can use the info command to display information about the module, such as the authors, basic options, and description, as shown here:
- To run the module, we need to set the domain name, and to make it run a bit faster, we will set the thread number to 10:
msf > use auxiliary/gather/enum_dns
msf auxiliary(enum_dns) > set DOMAIN packtpub.com
DOMAIN => packtpub.com
msf auxiliary(enum_dns) > set THREADS 10
THREADS => 10
msf auxiliary(enum_dns) > run
...
[+] packtpub.com NS: dns3.easydns.org.
[+] packtpub.com NS: dns2.easydns.net.
[*] Attempting DNS AXFR for packtpub.com from dns1.easydns.com.
W, [2017-10-17T10:04:14.963345 #5091] WARN -- : AXFR query, switching to TCP
...
include:_spf.freshsales.io a:zgateway.zuora.com include:amazonses.com ~all
[*] querying DNS SRV records for packtpub.com
[*] Auxiliary module execution completed
msf auxiliary(enum_dns) >
Looking at the output, we can see that we are able to obtain several DNS records from the target domain.