Information Security

Backtrack 4: Information Gathering: DNS: Fierce – locate non-contiguous IP space and hostnames against specified domains

The final tool in the DNS Section is called fierce. It is a perl script written by rsnake. Fierce tries multiple techniques to find all the IP addresses and hostnames used by a target. These include – trying to dump the SOA records, do a zone transfer, searching for commonly used domain names with a dictionary attack, adjacency scan and a few more. Fierce is meant specifically to locate likely targets both inside and outside a corporate network. Only those targets are listed (unless the -nopattern switch is used). No exploitation is performed (unless you do something intentionally malicious with the -connect switch). Fierce is a reconnaissance tool. Fierce is a PERL script that quickly scans domains using several tactics.

Technology Errors

Zen Cart Module Manage Add On: .keep file error

I was required to install the Module Manager add-on for Zen Cart because it is required by the Simple SEO URL Zen Cart add-on requested by a client of mine. During the install process you visit the Module Manager section in the Zen Cart admin and I received an error complaining that a specific file did not exist. Below is a quick description of the error and what was done to resolve it.

Information Security

Backtrack 4: Information Gathering: DNS: Dnsmap – Subdomain brute-forcing

Today I will be reviewing Dnsmap from the Backtrack 4 Distribution. Dnsmap was originally released back in 2006 and has become a standard tool included is every backtrack release. There are other tools which preform the same tasks but I am a firm believer that a pentester/hacker should have the choice of as many tools as possible. My only small issue with this tool is speed, meaning it is not multi threaded however the author says in the readme.txt that he is addressing that issue. Dnsmap is mainly meant to be used by pentesters during the information gathering/enumeration phase of infrastructure security assessments. During the enumeration stage, the security consultant would typically discover the target
company’s IP netblocks, domain names, phone numbers, etc …