April 14, 2015 at 1:42 am #8807kashtonParticipant
Sorry for a lot of encoding… I had to encode the actual domain names and IP addresses. Hopefully it will not change my question.
This was the output of dnsrecon -d pentest_domain.com :
DNSSEC is not configured for pentest_domain.com
[*] SOA ns8297.godaddy.com XXX.XXX.XXX.2
[*] NS ns8297.godaddy.com XXX.XXX.XXX.2
[*] Bind Version for XXX.XXX.XXX.2 dnsmasq-2.15-OpenDNS-1
[*] NS ns8298.godaddy.com XXX.XXX.XXX.20
[-] Recursion enabled on NS Server XXX.XXX.XXX.20
[*] Bind Version for XXX.XXX.XXX.20 dnsmasq-2.15-OpenDNS-1
[*] MX pentest_domain.com XXX.XXX.XXX.200
[*] A pentest_domain.com XXX.XXX.XXX.200
[*] TXT pentest_domain.com v=spf1 a mx ptr include:bluehost.com include:relay.pentest_domain 2.com ?all
[*] TXT _domainkey.pentest_domain.com o=~
[*] Enumerating SRV Records
[-] No SRV Records Found for pentest_domain.com
[*] 0 Records Found
I thought that I got the domain’s IP address in the following record:
A pentest_domain.com XXX.XXX.XXX.200
Then I ran dnsrecon -r XXX.XXX.XXX.1-XXX.XXX.XXX.200
But the above command didn’t return pentest_domain.com
Am I doing something wrong?
May 5, 2015 at 7:50 pm #54160vulninuxParticipant
Hi kashton I’m also a newbie here. Well i really dont know what do you wanna do, it seems that your in active info gathering phase. We have lots of tools for dns enumeration (even online). If your problem is getting two IPs for a domain, i wanaa say its normal and if the 2nd ip dosent return your domain it is also normal.
For example if you ping google.com each time you’ll get a different ip address and its because of load balancing
Your target might impelement edge servers for security and ..
Multiple domains can point to a single ip address so u need to perform a reverse lookup search to findout if the ip can return your domain or not.
In active info gathering i suggest you to find their public ip range (Cidr) and search the range to find alive hosts. Then you must identify what the task of each host and the relationship between identified hosts
You must be logged in to reply to this topic.