root@root:/pentest/enumeration/dns/dnsrecon# ./dnsrecon.py qq.com
Usage: dnsrecon.py <options>
Options:
-h, --help Show this help message and exit
-d, --domain <domain> Domain to Target for enumeration.
-c, --cidr <range> CIDR for reverse look-up brute force (range/bitmask).
-r, --range <range> IP Range for reverse look-up brute force (first-last).
-n, --name_server <name> Domain server to use, if none is given the SOA of the
target will be used
-f, --output_file <file> File to save found records.
-D, --dictionary <file> Dictionary file of sub-domain and hostnames to use for
brute force.
-t, --type <types> Specify the type of enumeration to perform:
mdns To Enumerate local subnet with mDNS.
std To Enumerate general record types, enumerates.
SOA, NS, A, AAAA, MX and SRV if AXRF on the
NS Servers fail.
rvl To Reverse Look Up a given CIDR IP range.
brt To Brute force Domains and Hosts using a given
dictionary.
srv To Enumerate common SRV Records for a given
domain.
axfr Test all NS Servers in a domain for misconfigured
zone transfers.
goo Perform Google search for sub-domains and hosts.
snoop To Perform a Cache Snooping against all NS
servers for a given domain, testing all with
file containing the domains, file given with -D
option.
tld Will remove the TLD of given domain and test against
all TLD's registered in IANA
-x, --axfr Perform AXFR with the standard enumeration.
-s, --do_spf Perform Reverse Look-up of ipv4 ranges in the SPF Record of the
targeted domain with the standard enumeration.
-g, --google Perform Google enumeration with the standard enumeration.
-w, --do_whois Do deep whois record analysis and reverse look-up of IP
ranges found thru whois when doing standard query.
--threads <number> Number of threads to use in Range Reverse Look-up, Forward
Look-up Brute force and SRV Record Enumeration
--lifetime <number> Time to wait for a server to response to a query.
root@root:/pentest/enumeration/dns/dnsrecon# ./dnsrecon.py -d qq.com
[*] Performing General Enumeration of Domain: qq.com
[-] Could not Resolve SOA Recor for qq.com
[*] NS ns2.qq.com 180.153.111.158
[*] NS ns2.qq.com 222.73.76.225
[*] NS ns3.qq.com 218.30.72.181
[*] NS ns3.qq.com 124.115.28.30
[*] NS ns4.qq.com 111.161.48.230
[*] NS ns4.qq.com 114.134.85.61
[*] NS ns4.qq.com 125.39.202.108
[*] NS ns1.qq.com 183.60.12.126
[*] NS ns1.qq.com 183.60.52.202
[*] MX mx2.qq.com 113.108.77.23
[*] MX mx2.qq.com 119.147.192.101
[*] MX mx2.qq.com 119.147.192.199
[*] MX mx2.qq.com 119.147.6.81
[*] MX mx2.qq.com 183.62.125.199
[*] MX mx2.qq.com 183.62.125.223
[*] MX mx2.qq.com 113.108.18.210
[*] MX mx2.qq.com 113.108.64.240
[*] MX mx1.qq.com 113.108.64.240
[*] MX mx1.qq.com 113.108.77.23
[*] MX mx1.qq.com 119.147.192.101
[*] MX mx1.qq.com 119.147.192.199
[*] MX mx1.qq.com 119.147.6.81
[*] MX mx1.qq.com 183.62.125.199
[*] MX mx1.qq.com 183.62.125.223
[*] MX mx1.qq.com 58.250.132.64
[*] MX mx1.qq.com 64.71.138.85
[*] MX mx1.qq.com 64.71.138.86
[*] MX mx1.qq.com 64.71.138.87
[*] MX mx1.qq.com 112.90.137.120
[*] MX mx1.qq.com 112.95.241.138
[*] MX mx1.qq.com 113.108.18.210
[*] MX mx3.qq.com 113.108.18.210
[*] MX mx3.qq.com 113.108.64.240
[*] MX mx3.qq.com 113.108.77.23
[*] MX mx3.qq.com 119.147.192.101
[*] MX mx3.qq.com 119.147.192.199
[*] MX mx3.qq.com 119.147.6.81
[*] MX mx3.qq.com 183.62.125.199
[*] MX mx3.qq.com 183.62.125.223
[*] A qq.com 182.140.167.44
[*] Enumerating SRV Records
[*] The operation could take up to: 00:00:11
[-] No SRV Records Found for qq.com
root@root:/pentest/enumeration/dns/dnsrecon#
dnsrecon用法
最新推荐文章于 2024-08-04 14:35:18 发布