Tuesday, 2 September 2014

Episode 3: DNSDICT6




Back|Track OS Tools Tutorials
                  Episode 3 
              DNSDICT6

yeah yeah we finally got to the part where we discus the actual tools.
In this episode we're discussing the DNSDICT6 tool, DNSDICT6 is one of the most powerful tools on BackTrack and one of the most efficient and time saving.
what DNSDICT6 does is simply it fetches all the DNS entries it can get on the website in question so NS, AA, AAAA, CNAME, MX you name it ! 
another REALLY neat feature of that tool is that it also gets the names of any subdomain the website uses which can be invisible to the regular user which is a pretty good feature to have if you're a web application tester !

 running the tool itself in the terminal will present us with the help page for the tool

 as you can see there are a couple of switches/options that can be used with this tool and here are some of them:
  • -t controls the number of threads used in the process (Going higher than 20 crashed my connection)
  • -4 display all the ipv4 associated with this address
  • -d display all  the ipv6 information on the NS and MX DNS records 
  • -S perform a bruteforce or Guessing attack on the SRV record associated with the host, SRV records has the addresses which are associated any servers running any services.
  • -smlx sets the size of the dictionary used in guessing attacks. -s for small -m for medium -l for large and -x for extreme.
let's try to run the tool without arguments to make it uncover some facebook subdomains.


it actually dumped 193 subdomains and 26 unique ipv6 addresses which couldn't all fit in one picture!

NOTE: On Backtrack R5 DNSDICT6's version is 1.4, while on Kali Linux its version is 2.0 which contains the above options, if you're using Backtrack R5 then you'll only have access to the -D and the -t options unless you get version 2.0. 

DNSDICT6 is a great tool for when you want to automate a DNS querying process since it can get you all DNS records information in one command, Its a really powerful tool and a must have for any network or Webapp tester.
I'll make sure i update this post when i'm done downloading kali linux since i have Backtrack r5 hence i don't have access to most of it's options.


Next Episode: dnsenum
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)