Nmap Development mailing list archives
Re: [NSE] dns-brute - DNS brute-forcer
From: David Fifield <david () bamsoftware com>
Date: Sat, 5 Mar 2011 13:50:39 -0800
On Sat, Mar 05, 2011 at 01:38:47PM -0800, David Fifield wrote:
On Mon, Feb 07, 2011 at 10:30:41AM -0800, David Fifield wrote:On Mon, Jan 31, 2011 at 07:30:19PM +0200, cirrus wrote:Hello list, I've started developing a DNS brute-force script. I'm attaching the script (also git accessible from: git:// code.0x0lab.org/nmap-dns-brute.git), please feel free to comment (It's my first attempt at nse and lua, so please do point out any issues/mistakes/etc.). The script has been developed/tested with the current svn version.-- @output -- Pre-scan script results: -- | dns-brute: -- | Result: -- | DNS Brute-force hostnames: -- | www.foo.com - 127.0.0.1 -- | mail.foo.com - 127.0.0.2 -- | blog.foo.com - 127.0.1.3 -- | ns1.foo.com - 127.0.0.4 -- | admin.foo.com - 127.0.0.5 -- | Reverse DNS hostnames: -- | srv-32.foo.com - 127.0.0.16 -- | srv-33.foo.com - 127.0.1.23 -- | C-Classes: -- | 127.0.0.0/24 -- |_ 127.0.1.0/24Thanks. This scritp looks like a good idea and I've made a note in our TODO to evaluate it.Nice job! I reworked parts of this script and committed it.
I forgot to mention: I think it would be neat if this script could accept multiple domains for its prerule instead of just one. You could use a technique like we're using in the pending dns-nsec-enum script: domains = stdnse.get_script_args('dns-nsec-enum.domains') if not domains then domains = guess_domain(host) end if not domains then return string.format("Can't determine domain for host %s; use %s.domains script arg.", host.ip, SCRIPT_NAME) end if type(domains) == 'string' then domains = { domains } end David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] dns-brute - DNS brute-forcer cirrus (Jan 31)
- Re: [NSE] dns-brute - DNS brute-forcer David Fifield (Feb 07)
- Re: [NSE] dns-brute - DNS brute-forcer Patrick Donnelly (Feb 07)
- Re: [NSE] dns-brute - DNS brute-forcer cirrus (Feb 09)
- Re: [NSE] dns-brute - DNS brute-forcer David Fifield (Mar 05)
- Re: [NSE] dns-brute - DNS brute-forcer David Fifield (Mar 05)
- Re: [NSE] dns-brute - DNS brute-forcer David Fifield (Feb 07)