The dnsenum.pl Perl script as described in its Perl documentation is a multithreaded script to enumerate information on a domain and to discover non-contiguous IP blocks. So the gist of dnsenum is to gather information about a specific domain using various sources. Information gathered about a domain includes sub domains, associated IP ranges, name servers, mx records, reverse DNS records, hostname IP addresses, and potential vulnerabilities via zone transfers. Below we go into detail regarding the switches available with dnsenum as well as what the command returns by default without and CLI switches.
Awhile back purehate and myself started writing articles related to Backtrack in an attempt to write a single article about each application available within Backtrack 4. Things came up and we never accomplished that goal so here we go again with a second attempt to write a single article for every Backtrack application. If you have requests for any applications we will move them up in priority so the application you need more information on will have an article released sooner.
With that being said dnsdict6 is a CLI utility that was built to enumerate IPv6 sub domains for a specific domain name. Below I describe the command line switches available and provide examples so you can see what type of output dnsdict6 provides. All commands, examples, and command output has been issued via Backtrack 5 R2.
Dmitry or Deepmagic Information Gathering Tool is an all in one host information tool included in Backtrack 4’s Information Gathering section. Personally I prefer doing most info gathering using tools built into Linux however it is nice to run a tool like this in the background and come back later if you are multi-tasking. Before getting into the details of Dmitry please see this article relating to a Segmentation Fault that can occur with Dmitry on Backtrack 4.
I recently developed a web site for a client on a temporary domain which was clientname.mydomain.com. After launching the site and modifying the recipients of the contact forms on the site I happened to get a contact form to my email address. I finally realized that the issue was not with the site I had moved live but someone this person who used the contact form had found the temporary site where I had done the development before pushing the site live. Anyhow the temporary domain’s DNS was hosted on GoDaddy.com so I decided to put in place a forward or redirect so anyone visiting the temporary domain would be redirected to the actual live domain. This redirect needed to be for a sub domain which I initially had to hunt for a bit to locate. Follow the directions below to redirect a sub domain using GoDaddy.com’s DNS services.