53 - Pentesting DNS

DNS Zone Transfer Online

We can use the following website to do DNS Zone Transfer

LogoZone Transfer Test Online | HackerTarget.comHackerTarget.com

We can get a lot of interesting information doing Zone Transfer below we can see that i did a zone transfer zonetransfer.me

Zone Transfer using NSLookup

We can use nslookup as well to do zone transfer Manually

nslookup -type=NS zonetransfer.me // Nameservers

nslookup -type=any -query=AXFR zonetransfer.me nsztm1.digi.ninja //any and axfr

Sometimes you might not get anything using zone transfer so you need to check that wether the IP address is actually the DNS for Domain or not, by using Below command

nslookup -type=ns inlanefreight.htb 10.129.121.23

Zone Transfer using DIG

dig <Domain Name>
dig <Domain Name> @<IP Address>

#Example
dig inlanefreight.htb
dig axfr inlanefreight.htb @10.129.121.23

DNScan

We can use dnscan to find out some more valuable information like subdomains, DNScan comes with its own wordlists which we can use

  1. -d -------> Domain

  2. -w ------> wordlist

PreviousNmap CommandsNext88 - Pentesting Kerberos

Last updated