·
dnswalk is a DNS debugger.
·
It performs zone transfers of specified domains, and checks the database
in numerous ways for internal consistency, as well as for correctness according
to accepted practices with the Domain Name System.
·
The domain name specified on the
command line MUST end with a '.'
·
You can specify a forward domain, such as dnswalk pop.psu.edu. or a reverse domain, such
as dnswalk 155.118.128.in-addr.arpa.
What is Zone Transfer ?
·
A Zone Transfer is the term used
to refer to the process by which the contents of a DNS Zone file are copied
from a primary DNS server to a secondary DNS server.
OPTIONS
-f
Force
a zone transfer from an authoritative nameserver. dnswalk normally will look in
its saved 'axfr' file for each domain and use that. (if it exists, and the
serial number has not increased)
-r
Recursively
descend sub-domains of the specified domain. Use with care.
-a
Turn
on warning of duplicate A records. (see below)
-d
Print
debugging and 'status' information to stderr. (Use only if redirecting stdout)
See DIAGNOSTICS section.
-m
Perform
checks only if the zone has been modified since the previous run.
-F
perform
"fascist" checking. When checking an A record, compare the PTR name
for each IP address with the forward name and report mismatches. (see below)
-i
Suppress
check for invalid characters in a domain name. (see below)
-l
Perform
"lame delegation" checking. For every NS record, check to see that
the listed host is indeed returning authoritative answers for this domain.
-D dir
Use dir as the directory to use for saved zone
transfer files. Default is '.'.
How To Open dnswalk
Open dnswalk through Kali Linux >> Information Gathering >> Dns Analysis >> dnswalk
EXAMPLE 1 :
When Zone Transfer is Enabled
·
Target Website -> google.com| Website Zone Transfer is enabled
.
·
See what happen when ZONE TRANSFER is enabled .
·
See the below image for more details -
EXAMPLE 2: When Zone Transfer is disabled
with -f option
·
-f option force a zone transfer
from an authoritative nameserver. dnswalk normally will look in its saved
'axfr' file for each domain and use that. (if it exists, and the serial number
has not increased)
·
The attempt FAILED and REFUSED by the server because by default these
days zone transfers are set to disabled unless and until the admin enables it.
·
See the below image for more details -
EXAMPLE
3 : dnswalk -i google.com.
·
Suppress check for invalid characters in a domain name.
·
See the below image for more deatils -
root@VH0:~#
dnswalk -i google.com.
·
defined(@array) is deprecated
at /usr/bin/dnswalk line 61.
·
(Maybe you should just omit the defined()?)
·
Checking google.com.
·
Getting zone transfer of
google.com. from ns1.google.com...failed
·
FAIL: Zone transfer of
google.com. from ns1.google.com failed: Response code from server: REFUSED
·
Getting zone transfer of
google.com. from ns3.google.com...failed
·
FAIL: Zone transfer of
google.com. from ns3.google.com failed: Response code from server: REFUSED
·
Getting zone transfer of
google.com. from ns2.google.com...failed
·
FAIL: Zone transfer of
google.com. from ns2.google.com failed: Response code from server: REFUSED
·
Getting zone transfer of
google.com. from ns4.google.com...failed
·
FAIL: Zone transfer of
google.com. from ns4.google.com failed: Response code from server: REFUSED
·
BAD: All zone transfer attempts
of google.com. failed!
·
4 failures, 0 warnings, 1
errors.
EXAMPLE
4 : dnswalk -a < domain >.
·
Turn on warning of duplicate A records. (see the below image )
·
See below image for more details -
EXAMPLE
5 :./dnswalk -d < domain >.
·
Print debugging and 'status' information to stderr. (Use only if
redirecting stdout) See DIAGNOSTICS section.
·
See the below image for more details-
EXAMPLE
6 : ./dnswalk -m < domain >
·
Perform checks only if the zone has been modified since the previous
run.
·
See the below image for more details -
EXAMPLE
7 : ./dnswalk -F < domain >
·
This option perform "fascist" checking. When checking an A
record, compare the PTR name for each IP address with the forward name and
report mismatches. (see below) .
·
See the below image for more details -
EXAMPLE
8 : ./dnswalk -rfiadmFl < domain >
·
You can even use every options at once . As shown in the image below
-
·
See the below image for more details -
EXAMPLE
9 : ./dnswalk -rfiadmFl < domain >
·
Save the result in dnslog.txt file .
·
See the below image for more details -
No comments:
Post a Comment