dns :53

TCP is only used in DNS when the response size is greater than 512 bytes.

DNS Version

$ dig version.bind CHAOS TXT @IP
$ nmap --script dns-nsid IP

Domain check

dnsrecon -r IP/CIDR -n TARGET_IP -d ['' | DOMAIN]
dnsrecon -r 127.0.0.1/24 -n IP -d ''

Domain Name Loopup

$ nslookup
> server IP
> IP
# should give you domain information

dig @IP -x IP

Zone Transfer Check

Check for additional sub-domains

$ host -l <domain> <IP>
[OR]
$ dig axfr @<IP> <domain>

# find domains
wfuzz -c -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt -u "http://<DOMAIN>" -H "HOST: FUZZ.<DOMAIN>"
# when run you'll see a lot of page coming with a specified number of characters, to eliminate them add flag
--hh <character-value>

Adding key to DNS using nsupdate

see nsupdate.

Previousxss steal cookieNextepmd :4369

Last updated