The dnsenum.pl Perl script as described in its Perl documentation is a multithreaded script to enumerate information on a domain and to discover non-contiguous IP blocks. So the gist of dnsenum is to gather information about a specific domain using various sources. Information gathered about a domain includes sub domains, associated IP ranges, name servers, mx records, reverse DNS records, hostname IP addresses, and potential vulnerabilities via zone transfers. Below we go into detail regarding the switches available with dnsenum as well as what the command returns by default without and CLI switches.
While working on an upcoming article for QD I ran into an issue with the dnsenum.pl Perl script. I followed the process of installing the optional Perl modules and when I went back to test dnsenum it would no longer return any IP addresses. Instead of dnsenum returning actual IP addresses it was returning odd characters. It turns out there is some form of conflict between dnsenum.pl and the Net::DNS Perl module. Below I describe the dnsenum issue in more detail and provide a work around by manually downgrading the Net::DNS Perl module by hand.
Backtrack 4: Information Gathering: DNS: Dnsenum – Enumerate information on a domain and discover non-contiguous ip blocks
Dnsenum is a very robust script which was actually written by one of the Backtrack developers when Backtrack was still a Remote-Exploit Project. The author, Filip (barbsie) Waeytens is a Web Application penetration tester and has extensive experience on the topic of DNS and information gathering. Today we will look at some examples of using Dnsenum to passively gather information on a target.
In going through all the tools with Alex on Backtrack I have discovered a few bugs and missing modules or libs. I will be writting posts on how to fix them but I will also be adding the fix’s to Backtrack svn as well. This morning I was writting the article on Dnsenum by my buddy Barbsie and I ran into a missing perl module.
- root@666:/pentest/enumeration/dnsenum# ./dnsenum.pl --enum -f dns.txt --update a -r cnn.com
- dnsenum.pl VERSION:1.2
- Warning: can't load Net::Whois::IP module, whois queries desabled.
Below I will show to to download and install the needed module: