Re: [Full-Disclosure] Question for DNS pros

[VX Dude <vxdude2003@xxxxxxxxx>]

named exploits are usefull for finding out what's
inside a named.conf even in chroot jails.

- 2 cents

--- Paul Schmehl <pauls@xxxxxxxxxxxx> wrote:
> Can this be done?
> 
> Conditions:
> 1) You know an IP address that is running a DNS
> server.  (IOW, it responds 
> to digs.)
> 2) You do not know the hostname or domain of the
> host.
> 3) The DNS server does not allow zone transfers.
> 
> You want to find out *all* the domains that that DNS
> server is 
> authoritative for.  (Essentially you're trying to
> find out what's in the 
> named.conf file rather than zone file info.)
> 
> Has anyone written a tool that can do this?  I
> thought about the 
> possibility of parsing all the registration sites
> for the Primary and 
> Backup NS, but that would take forever.  I imagine
> you could write a perl 
> script that would access the web interfaces, do the
> queries and return the 
> results, but it would run for days...
> 
> Paul Schmehl (pauls@xxxxxxxxxxxx)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/ir/security/
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter:
> http://lists.netsys.com/full-disclosure-charter.html
> 



                
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html