Skip to content

dns.md

Latest commit

 

History

History
51 lines (39 loc) · 1.24 KB

dns.md

File metadata and controls

51 lines (39 loc) · 1.24 KB

DNS

 nslookup -type=NS zonetransfer.me

nslookup -type=any -query=AXFR zonetransfer.me nsztm1.digi.ninja

{% code title="DIG - AXFR Zone Transfer - Internal" %}

dig axfr internal.inlanefreight.htb @10.129.14.128

{% endcode %}

{% code title="DIG - AXFR Zone Transfer" %}

dig axfr inlanefreight.htb @10.129.14.128

{% endcode %}

dig any inlanefreight.htb @10.129.14.128

dig CH TXT version.bind 10.129.120.85

dig ns inlanefreight.htb @10.129.14.128

dig soa www.inlanefreight.com

SubDomain BruteForcing 

for sub in $(cat /opt/useful/SecLists/Discovery/DNS/subdomains-top1million-110000.txt);do dig $sub.inlanefreight.htb @10.129.14.128 | grep -v ';\|SOA' | sed -r '/^\s*$/d' | grep $sub | tee -a subdomains.txt;done

dnsenum --dnsserver 10.129.14.128 --enum -p 0 -s 0 -o subdomains.txt -f /opt/useful/SecLists/Discovery/DNS/subdomains-top1million-110000.txt inlanefreight.htb

dnsenum --dnsserver 10.129.134.115 --enum -p 0 -s 0 -o subdomains.txt -f /opt/useful/SecLists/Discovery/DNS/fierce-hostlist.txt --threads 90 dev.inlanefreight.htb