Module 3 - skyleroriordan/my-tech-journal GitHub Wiki

Class Activity 3.1 DNS Enumeration

DNS Enumeration Using Bash DNS can be a treasure trove of information for penetration testers. Hostnames, naming conventions, hierarchical namespaces and of course IP resolution can focus your attack efforts. A misconfigured DNS server can also provide a great deal of information.

1. screenshot of /24 port scan against 10.0.5.0/24

2. shows directory structure and the source code of your /24 port scanner.

Script

3. script that takes a network prefix and a specific dns server in which to perform a lookup. Assume a /24 network.

4. shows your directory structure and the source code of your dns resolver.

Script

5. shows the nmap run and output as well as the parsing of dns-servers2.txt

6. modified nmap run.

7. zt.txt should have some useful information, see what you can do to parse it in a manner that we have a hostname and associated ip address.

Reflection: In this lab, I explored DNS enumeration. I implemented a script that uses a network prefix to person lookups via a specified DNS server. I learned more about how DNS queries and zone transfers work.