Technology Insights

dnsenum – Backtrack 5 – Information Gathering – Network Analysis – DNS Analysis – dnsenum

The Perl script as described in its Perl documentation is a multithreaded script to enumerate information on a domain and to discover non-contiguous IP blocks. So the gist of dnsenum is to gather information about a specific domain using various sources. Information gathered about a domain includes sub domains, associated IP ranges, name servers, mx records, reverse DNS records, hostname IP addresses, and potential vulnerabilities via zone transfers. Below we go into detail regarding the switches available with dnsenum as well as what the command returns by default without and CLI switches.

Information Security

Backtrack 5: Information Gathering: Network Analysis: DNS Analysis: reverseraider

So many of the DNS enumeration scripts available in backtrack focus on typical DNS but reverseraider does what it sounds like it might do which is enumerate reverse DNS names. Enumerating reverse DNS on an IP or set of IP’s can sometimes reveal information you did not previously have. It is possible to be targeting a web server that has a bunch of virtual hosts and you prefer to track down primary web site on the web server which is where reverseraider may provide the results necessary as it is more likely that the most important site on the virtual web server has reverse DNS configured on the host itself. Below I display the primary three methods of using reverseraider.

Information Security

Backtrack 5: Information Gathering: Network Analysis: DNS Analysis: dnsdict6

Awhile back purehate and myself started writing articles related to Backtrack in an attempt to write a single article about each application available within Backtrack 4. Things came up and we never accomplished that goal so here we go again with a second attempt to write a single article for every Backtrack application. If you have requests for any applications we will move them up in priority so the application you need more information on will have an article released sooner.

With that being said dnsdict6 is a CLI utility that was built to enumerate IPv6 sub domains for a specific domain name. Below I describe the command line switches available and provide examples so you can see what type of output dnsdict6 provides. All commands, examples, and command output has been issued via Backtrack 5 R2.