Authorization Bypass

libbind9.so is vulnerable to authorization bypass. A malicious user can trigger a TSIG authentication error to cause an unauthorized DNS zone transfer or other DNS transactions. This vulnerability only applies to DNS servers using bind that have no-address based ACL in place...

Knockpy - Enumerate Subdomain Scanner

Knockpy is a python tool designed to enumerate subdomains on a target domain through a wordlist. It is designed to scan for DNS zone transfer and to try to bypass the wildcard DNS record automatically if it is enabled. Now knockpy supports queries to VirusTotal subdomains, you can setting the...

DNS Analysis Tool: Bluto

The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them gives up their spinach, Bluto will attempt to identify if SubDomain Wild Cards are being used. If they a...

漫游用友集团各大系统

简要描述： 漫游用友集团各大系统 详细说明： 在一个月黑风高的夜晚，用友某员工的集团办公平台账号，悄悄地泄露了。 // Send message Transport transport=session.getTransport; transport.connect"192.168.210.160" , 25, "ch2","1r"; transport.sendMessagemessage,new Addressnew InternetAddress"[email protected]" ; transport.close;...

Batch site DNS zone transfer vulnerability detection-bash shell implemented-vulnerability warning-the black bar safety net

0x00 background The following illustration of eecs. cc author self-built a machine with a private root DNS server, and open the zone transfer permissions, so the results: the cc zone transfer success. The figure is just an experimental verification, the following article started! ! 2 0 1 4 0 5 1 ...

北京亿中邮dns域传送漏洞

简要描述： 一dns域传送漏洞 详细说明： 北京亿中邮dns域传送漏洞 漏洞证明： root@kali: dnsenum eyou.net...

53KF的dns域传送漏洞

简要描述： 又又又一个dns域传送漏洞 详细说明： 53KF企业在线平台dns域传送漏洞 漏洞证明： root@kali: dnsenum 53kf.com...

DNS zone transfer exploit and repair notes-vulnerability warning-the black bar safety net

A, title: DNS zone transfer exploit and fix Second, the DNS transfer of the domain use 2.1 using BT5 tool to get DNS information cd /pentest/enumeration/dns/dnsenum ./ dnsenum.pl --enum domain.com you can omit the--enum,here alert note: the host name and the field name to distinguish） Field Name...

Nmap NSE 6.01: dns-zone-transfer

Requests a zone transfer AXFR from a DNS server. The script sends an AXFR query to a DNS server. The domain to query is determined by examining the name given on the command line, the DNS server's hostname, or it can be specified with the dns-zone-transfer.domain' script argument. If the query is...

DNS zone transfer exploit and fix-vulnerability warning-the black bar safety net

In fact, the use of the method is divided into manual and tool two, we can use BT5 the following tools Dnsenum or other tools, hand while you use the nslookup. 1, Using the tool to get DNS information cd /pentest/enumeration/dns/dnsenum ./ dnsenum.pl --enum domain.com This can be simple to make u...

DNS domain transfer disclosure vulnerability details-vulnerability warning-the black bar safety net

The zone transfer operation refers to a backup server to use from the main server's data to refresh their zone database. This is running the DNS service provides a certain degree of redundancy, its purpose is to prevent the primary domain name server due to an unexpected fault becomes unavailable...

Nmap NSE net: dns-zone-transfer

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE: DNS Zone Transfer

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nmap NSE: DNS Zone Transfer

This script attempts to request a zone transfer AXFR from a DNS server. This is a wrapper on the Nmap Security Scanner's http://nmap.org dns-zone-transfer.nse. OpenVAS Vulnerability Test $Id: gbnmapdnszonetransfer.nasl 7006 2017-08-25 11:51:20Z teissa $ Wrapper for Nmap DNS Zone Transfer NSE...

DNS zone transfer

Added: 09/24/2008 CVE: CVE-1999-0532 OSVDB: 492 Background A DNS zone transfer is the process by which a secondary name server copies all DNS records for a domain from a primary name server. Problem If DNS zone transfers are not restricted, they can allow attackers to enumerate hosts in a domain...

DNS zone transfer

Added: 09/24/2008 CVE: CVE-1999-0532 OSVDB: 492 Background A DNS zone transfer is the process by which a secondary name server copies all DNS records for a domain from a primary name server. Problem If DNS zone transfers are not restricted, they can allow attackers to enumerate hosts in a domain...

CVE-2008-3648

nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote attackers to execute arbitrary code, as demonstrated by an attempted DNS zone transfer, and as exploited in the wild in August 2008...

Code injection

nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote attackers to execute arbitrary code, as demonstrated by an attempted DNS zone transfer, and as exploited in the wild in August 2008...

CVE-2008-3648

CVE-2008-3648 affects nslookup.exe in Microsoft Windows XP SP2. The provided OpenVAS entries describe a remote code execution (RCE) vulnerability in Windows XP SP2, triggered by how nslookup.exe handles DNS operations (e.g., a DNS zone transfer). The NVD entry corroborates an RCE scenario with us...

CVE-2008-3648

nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote attackers to execute arbitrary code, as demonstrated by an attempted DNS zone transfer, and as exploited in the wild in August 2008...