Post Mon Apr 13, 2015 8:42 pm

dnsrecon reverse lookup

Sorry for a lot of encoding... I had to encode the actual domain names and IP addresses. Hopefully it will not change my question.

This was the output of dnsrecon -d pentest_domain.com :
  Code:
DNSSEC is not configured for pentest_domain.com
[*]     SOA ns8297.godaddy.com XXX.XXX.XXX.2
[*]     NS ns8297.godaddy.com XXX.XXX.XXX.2
[*]     Bind Version for XXX.XXX.XXX.2 dnsmasq-2.15-OpenDNS-1
[*]     NS ns8298.godaddy.com XXX.XXX.XXX.20
[-]     Recursion enabled on NS Server XXX.XXX.XXX.20
[*]     Bind Version for XXX.XXX.XXX.20 dnsmasq-2.15-OpenDNS-1
[*]     MX pentest_domain.com XXX.XXX.XXX.200
[*]     A pentest_domain.com XXX.XXX.XXX.200
[*]     TXT pentest_domain.com v=spf1 a mx ptr include:bluehost.com include:relay.pentest_domain 2.com ?all
[*]     TXT _domainkey.pentest_domain.com o=~
[*] Enumerating SRV Records
[-] No SRV Records Found for pentest_domain.com
[*] 0 Records Found


I thought that I got the domain's IP address in the following record:
A pentest_domain.com XXX.XXX.XXX.200

Then I ran dnsrecon -r XXX.XXX.XXX.1-XXX.XXX.XXX.200
But the above command didn't return pentest_domain.com

Am I doing something wrong?