Feb 02 2013

dnsenum Returning Odd Characters After Installing Options Perl Modules On Backtrack 5

Posted by alex in Errors at 12:31 AM

While working on an upcoming article for QD I ran into an issue with the dnsenum.pl Perl script. I followed the process of installing the optional Perl modules and when I went back to test dnsenum it would no longer return any IP addresses. Instead of dnsenum returning actual IP addresses it was returning odd characters. It turns out there is some form of conflict between dnsenum.pl and the Net::DNS Perl module. Below I describe the dnsenum issue in more detail and provide a work around by manually downgrading the Net::DNS Perl module by hand.

dnsenum.pl On Backtrack Linux Returning Odd Characters Instead Of IP’s:

root@bt:/pentest/enumeration/dns/dnsenum# perl dnsenum.pl example.com
dnsenum.pl VERSION:1.2.2

-----   example.com   -----

Host's addresses:
__________________

example.com                           869      IN    A              Bty%

Name Servers:
______________

pdns01.domaincontrol.com                 15799    IN    A              �E�2
pdns02.domaincontrol.com                 15799    IN    A              �m�2

Mail (MX) Servers:
___________________

ASPMX.L.GOOGLE.com                       119      IN    A              J}�
ALT1.ASPMX.L.GOOGLE.com                  91       IN    A              ��J
ALT2.ASPMX.L.GOOGLE.com                  235      IN    A              ��K
ASPMX2.GOOGLEMAIL.com                    137      IN    A              ��J
ASPMX3.GOOGLEMAIL.com                    269      IN    A              J}�

Trying Zone Transfers and getting Bind Versions:
_________________________________________________

Trying Zone Transfer for example.com on pdns02.domaincontrol.com ...
AXFR record query failed: NOTIMP
Unable to obtain Server Version for pdns02.domaincontrol.com : NOTIMP

Trying Zone Transfer for example.com on pdns01.domaincontrol.com ...
AXFR record query failed: NOTIMP
Unable to obtain Server Version for pdns01.domaincontrol.com : NOTIMP

brute force file not specified, bay.
root@bt:/pentest/enumeration/dns/dnsenum#

As you can see in the output above the locations where IP addresses should display are some form of encoded output instead of four octets of numbers. After some troubleshooting I was able to isolate the issue to be related to the Net::DNS Perl module. After downgrading 6 times I was able to locate a version of the Net::DNS Perl module that outputs the IP addresses properly. Below I show the process of manually downgrading Net::DNS to resolve the issue with dnsenum.pl.

Download & Install The Net::DNS 0.68 Perl Module On Backtrack Linux:

I would assume the issue is actually with the dnssnum.pl script being outdated since there have been 4 minor releases since the bug was introduced. The same issue occurs in latter versions of Net::DNS after the base 0.68 release on January 31, 2012. The latest version of dnsenum was released in June of 2011 so again it is likely something changed in Net::DNS and/or Perl and dnsenum is truly the culprit here. Regardless it doesn’t matter much since dnsenum is the tool we want to use! Follow the steps below to manually downgarde the Net::DNS Perl module.

Download The Net::DNS Perl Module Version 0.68: click here

root@bt:/usr/local/src# wget http://backpan.perl.org/authors/id/N/NL/NLNETLABS/Net-DNS-0.68.tar.gz
root@bt:/usr/local/src#

Unpack Net::DNS Version 0.68:

root@bt:/usr/local/src/# tar -zxvf Net-DNS-0.68.tar.gz
Net-DNS-0.68/
Net-DNS-0.68/contrib/
Net-DNS-0.68/contrib/loc2earth.fcgi
Net-DNS-0.68/contrib/dnswalk.README
Net-DNS-0.68/contrib/check_zone
Net-DNS-0.68/contrib/loclist.pl
Net-DNS-0.68/contrib/README
....output cut off....
root@bt:/usr/local/src/#

Enter Directory And Generate Net::DNS Makefile Using Perl:

root@bt:/usr/local/src/# cd Net-DNS-0.68
root@bt:/usr/local/src/#
root@bt:/usr/local/src/Net-DNS-0.68# perl Makefile.PL
Testing if you have a C compiler and the needed header files....
You have a working compiler.

Activating Non Fatal Online Tests...

Warning!
========
Online tests depend on conditions beyond the control of Net::DNS. The tests
check for the expected results when both Net::DNS and the outside world are
functioning properly. In case of failure it is often undecidable if the error
lies with Net::DNS or elsewhere.

The libraries needed to support IPv6 transport have not been found.
You will need recent versions of the IO::Socket::INET6 and Socket6
libraries (from CPAN).

Checking if your kit is complete...
Looks good
Writing Makefile for Net::DNS
root@bt:/usr/local/src/Net-DNS-0.68#

The above example output has generated the Makefile in the Net-DNS-0.68 directory. Now lets compile and install the 0.68 version of Net::DNS on our Backtrack Linux server.

Compile And Install Version 0.68 Net::DNS On Backtrack Linux:

root@bt:/usr/local/src/Net-DNS-0.68# make
Skip blib/lib/Net/DNS/RR/A.pm (unchanged)
Skip blib/lib/Net/DNS/Resolver/Win32.pm (unchanged)
Skip blib/lib/Net/DNS/RR/Unknown.pm (unchanged)
Skip blib/lib/Net/DNS/RR/IPSECKEY.pm (unchanged)
Skip blib/lib/Net/DNS/RR/EID.pm (unchanged)
Skip blib/lib/Net/DNS/RR/ISDN.pm (unchanged)
Skip blib/lib/Net/DNS/RR/HIP.pm (unchanged)
Skip blib/lib/Net/DNS/RR/MX.pm (unchanged)
Skip blib/lib/Net/DNS/Header.pm (unchanged)
....output cut off....
root@bt:/usr/local/src/Net-DNS-0.68#
root@bt:/usr/local/src/Net-DNS-0.68# make install
Files found in blib/arch: installing files in blib/lib into architecture dependent library tree
Installing /usr/local/lib/perl/5.10.1/auto/Net/DNS/DNS.so
Installing /usr/local/lib/perl/5.10.1/Net/DNS.pm
Installing /usr/local/lib/perl/5.10.1/Net/DNS/Packet.pm
Installing /usr/local/lib/perl/5.10.1/Net/DNS/DomainName.pm
Installing /usr/local/lib/perl/5.10.1/Net/DNS/Text.pm
Installing /usr/local/lib/perl/5.10.1/Net/DNS/Mailbox.pm
Installing /usr/local/lib/perl/5.10.1/Net/DNS/Domain.pm
Installing /usr/local/lib/perl/5.10.1/Net/DNS/Question.pm
Installing /usr/local/lib/perl/5.10.1/Net/DNS/RR.pm
Installing /usr/local/lib/perl/5.10.1/Net/DNS/Resolver.pm
Installing /usr/local/lib/perl/5.10.1/Net/DNS/Header.pm
Installing /usr/local/lib/perl/5.10.1/Net/DNS/Nameserver.pm
....output cut off....
root@bt:/usr/local/src/Net-DNS-0.68#

Now that we have downgraded Net::DNS we should see IP’s again in the standard output from running dnsenum.pl. Below there is an example of the same command run in the first example above showing the difference in outputs between the two.

dnsenum.pl Perl Script Outputting IP Address Information On Backtrack Linux

root@bt:/pentest/enumeration/dns/dnsenum# perl dnsenum.pl example.com
dnsenum.pl VERSION:1.2.2

Host's addresses:
__________________
example.com                           1800     IN    A        192.168.121.37

Name Servers:
______________

pdns01.domaincontrol.com                 13404    IN    A        216.69.185.50
pdns02.domaincontrol.com                 13636    IN    A        208.109.255.50

Mail (MX) Servers:
___________________

ASPMX.L.GOOGLE.com                       68       IN    A        74.125.133.27
ALT1.ASPMX.L.GOOGLE.com                  256      IN    A        173.194.74.27
ALT2.ASPMX.L.GOOGLE.com                  45       IN    A        74.125.131.27
ASPMX2.GOOGLEMAIL.com                    224      IN    A        173.194.74.26
ASPMX3.GOOGLEMAIL.com                    204      IN    A        74.125.131.26

Trying Zone Transfers and getting Bind Versions:
_________________________________________________

Trying Zone Transfer for example.com on pdns02.domaincontrol.com ...
AXFR record query failed: NOTIMP
Unable to obtain Server Version for pdns02.domaincontrol.com : NOTIMP

Trying Zone Transfer for example.com on pdns01.domaincontrol.com ...
AXFR record query failed: NOTIMP
Unable to obtain Server Version for pdns01.domaincontrol.com : NOTIMP

brute force file not specified, bay.
root@bt:/pentest/enumeration/dns/dnsenum#

After further testing it appears that not all of dnssnum’s functions work properly but I will go into that more in a future article. For now we are confident we can at least read the output returned by the dnsenum.pl Perl script.

Support Question Defense & Purchase From Amazon
See larger image

Penetration Tester's Open Source Toolkit, Third Edition (Paperback)

By (author) Jeremy Faircloth

List Price: $49.95 USD
New From: $22.06 In Stock
Used from: $22.70 In Stock
Support Question Defense & Purchase From Amazon

Support Question Defense & Purchase From Amazon
See larger image

Metasploit: The Penetration Tester's Guide (Paperback)

By (author) David Kennedy, Jim O'Gorman, Devon Kearns, Mati Aharoni

List Price: $49.95 USD
New From: $26.89 In Stock
Used from: $26.88 In Stock
Support Question Defense & Purchase From Amazon

Related posts:

  1. Backtrack 4: Information Gathering: DNS: Dnsenum – Enumerate information on a domain and discover non-contiguous ip blocks Dnsenum is a very robust script which was actually written...
  2. Failed during this command: RGARCIA/perl-5.10.0.tar.gz : make NO isa perl First let me say I am not very familiar with...
  3. Perl CPAN install XML::LibXML::Common, Error: libxml2 not found I am working on getting Monarch installed on a server...
  4. Perl Module Error: Can’t locate URI/Escape.pm in @INC In the process of installing Monarch, which is a Nagios...
  5. vBulletin: You Specified a Tag That Was Too Long. A Tag Can Only be 25 Characters As many people know I am one of the administrators...
Tags: , , , , , , , , , , , , , , ,

This entry was posted on Saturday, February 2nd, 2013 at 12:31 AM and is filed under Errors. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

« 
 »
Leave a Reply

*Type the letter/number combination in the abvoe field before clicking submit.

CAPTCHA Image
*