| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Oliver at greyhat.de (Oliver@...yhat.de) Subject: Question for DNS pros VX Dude wrote: >named exploits are usefull for finding out what's >inside a named.conf even in chroot jails. > >- 2 cents > >--- Paul Schmehl <pauls@...allas.edu> wrote: > > >>Can this be done? >> >>Conditions: >>1) You know an IP address that is running a DNS >>server. (IOW, it responds >>to digs.) >>2) You do not know the hostname or domain of the >>host. >>3) The DNS server does not allow zone transfers. >> >>You want to find out *all* the domains that that DNS >>server is >>authoritative for. (Essentially you're trying to >>find out what's in the >>named.conf file rather than zone file info.) >> >>Has anyone written a tool that can do this? I >>thought about the >>possibility of parsing all the registration sites >>for the Primary and >>Backup NS, but that would take forever. I imagine >>you could write a perl >>script that would access the web interfaces, do the >>queries and return the >>results, but it would run for days... >> >>Paul Schmehl (pauls@...allas.edu) >>Adjunct Information Security Officer >>The University of Texas at Dallas >>AVIEN Founding Member >>http://www.utdallas.edu/ir/security/ >> >>_______________________________________________ >>Full-Disclosure - We believe in it. >>Charter: >>http://lists.netsys.com/full-disclosure-charter.html >> >> >> > > > > >__________________________________ >Do you Yahoo!? >Yahoo! Mail Address AutoComplete - You start. We finish. >http://promotions.yahoo.com/new_mail > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > > > hm... you could also try reverse lookups for all existing ip-adresses in the world :)
Powered by blists - more mailing lists