| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: vxdude2003 at yahoo.com (VX Dude) Subject: Question for DNS pros named exploits are usefull for finding out what's inside a named.conf even in chroot jails. - 2 cents --- Paul Schmehl <pauls@...allas.edu> wrote: > Can this be done? > > Conditions: > 1) You know an IP address that is running a DNS > server. (IOW, it responds > to digs.) > 2) You do not know the hostname or domain of the > host. > 3) The DNS server does not allow zone transfers. > > You want to find out *all* the domains that that DNS > server is > authoritative for. (Essentially you're trying to > find out what's in the > named.conf file rather than zone file info.) > > Has anyone written a tool that can do this? I > thought about the > possibility of parsing all the registration sites > for the Primary and > Backup NS, but that would take forever. I imagine > you could write a perl > script that would access the web interfaces, do the > queries and return the > results, but it would run for days... > > Paul Schmehl (pauls@...allas.edu) > Adjunct Information Security Officer > The University of Texas at Dallas > AVIEN Founding Member > http://www.utdallas.edu/ir/security/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.netsys.com/full-disclosure-charter.html > __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail
Powered by blists - more mailing lists