• Dig Dug DNS Server Enumeration


    Dig Dug DNS Server Enumeration


    Dig Dug DNS Server Enumeration

    Turns out this machine is a DNS server - it's time to get your shovels out

    Oooh, turns out, this machine is also a DNS server! If we could dig into it, I am sure we could find some interesting records! But... it seems weird, this only responds to a special type of request for a givemetheflag.com domain?

    Use some common DNS enumeration tools installed on the AttackBox to get the DNS server on to respond with the flag.

    Click on the link below -

    DNS in detail

    Dig in Networking 

    WHOIS in Networking 

    CEHv10 DNS

    Passive Reconnaissance
    DNS Manipulation


    First, it is worth checking what ports are open on the machine. but we will jump into directly dns enumeration. If you wanna dns enumeration with dnspython then you can do it but first we will dns tool in linux after that we will make a DNS tool with the help of python programming language.


    Dig is a versatile DNS lookup utility that can query domain name server records. Using Dig, we can get the flag by specifying the name server (target host’s address), the domain name, and A at the end to establish we are looking for the A record.

    When you visit a website in your web browser this all happens automatically, but we can also do it manually with a tool called dig . Like ping and traceroute, dig should be installed automatically on Linux systems.

    Dig allows us to manually query recursive DNS servers of our choice for information about domains:
    dig <domain> @<dns-server-ip>

    It is a very useful tool for network troubleshooting.




    dig @ givemetheflag.com A 






    nslookup is another tool excellent for query domain name servers. Using the target host IP as the DNS server, we can query the A record to get the flag.





    └─$ nslookup -type=A givemetheflag.com                                                                                                                  1 ⨯
    givemetheflag.com       text = "flag{0767ccd06e79853318f25aeb08ff83e2}"



    DNS in python 

    dnspython is a DNS toolkit for Python. It supports almost all record types. It can be used for queries, zone transfers, and dynamic updates. It supports TSIG authenticated messages and EDNS0.

    dnspython provides both high and low level access to DNS. The high level classes perform queries for data of a given name, type, and class, and return an answer set. The low level classes allow direct manipulation of DNS zones, messages, names, and records.




    └─$ cat dns-find.py                                                                                                                                                 1 ⨯
    #import dnspython as dns
    import dns
    #import dns.resolver
    from dns import resolver
    #result = dns.resovler.query('hackingtruth.org', 'A')
    result = dns.resolver.resolve('google.com', 'A')
    for ipval in result:
        print('IP', ipval.to_text())








    All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.


    Post a Comment

    For Any Tech Updates, Hacking News, Internet, Computer, Technology and related to IT Field Articles Follow Our Blog.