53 - Pentesting DNS

DNS Zone Transfer Online

We can use the following website to do DNS Zone Transfer

Zone Transfer Test Online | HackerTarget.comHackerTarget.com

We can get a lot of interesting information doing Zone Transfer below we can see that i did a zone transfer zonetransfer.me

Zone Transfer using NSLookup

We can use nslookup as well to do zone transfer Manually

nslookup -type=NS zonetransfer.me // Nameservers

nslookup -type=any -query=AXFR zonetransfer.me nsztm1.digi.ninja //any and axfr

Sometimes you might not get anything using zone transfer so you need to check that wether the IP address is actually the DNS for Domain or not, by using Below command

nslookup -type=ns inlanefreight.htb 10.129.121.23

Zone Transfer using DIG

dig <Domain Name>
dig <Domain Name> @<IP Address>

#Example
dig inlanefreight.htb
dig axfr inlanefreight.htb @10.129.121.23

DNScan

We can use dnscan to find out some more valuable information like subdomains, DNScan comes with its own wordlists which we can use

-d -------> Domain
-w ------> wordlist

PreviousNmap Commands Next88 - Pentesting Kerberos

Last updated 1 year ago

hashtagDNS Zone Transfer Online

hashtagZone Transfer using NSLookup

hashtagZone Transfer using DIG

hashtagDNScan

DNS Zone Transfer Online

Zone Transfer using NSLookup

Zone Transfer using DIG

DNScan