12Dec/110
DNS Brute Force
This python program, bfdomain.py, was written to identify valid hosts of a domain that deny zone transfers.
Where can I use it?
This program must be used against a domain that deny zone transfer. For instance,
neuro:~ neuro$ host -l 0x0lab.org
;; connection timed out; no servers could be reached
neuro:~ neuro$ dig @ns1.0x0lab.org 0x0lab.org axfr
; <<>> DiG 9.6-ESV-R4-P3 <<>> @ns1.0x0lab.org 0x0lab.org axfr
; (1 server found)
;; global options: +cmd
; Transfer failed.
Is there any dependency?
Yes, you have to install PyDNS Library (http://pydns.sourceforge.net)
Program Usage
Usage: bfdomain.py [options]
Options:
-h, --help show this help message and exit
-t TARGET, --target=TARGET
specify a domain name (mandatory)
-f FNAME, --dictionary=FNAME
specify a file to read data (mandatory)
-d DNS, --dns=DNS specify a name server
-T THREADS, --Threads=THREADS
specify a number of threads (default=5)
How do I use it?
Suppose that you want to extract valid hosts from "domain.com", using a dict file, i.e. hostname-list.txt and open x threads (default is 5).
python bfdomain.py -t domain.com -f hostname-list -T 10
Note: In this case, system dns will be used.
Furthermore, you can add a dns server.
python bfdomain.py -t domain.com -f hostname-list -d ns1.domain.com -T 10
Downloads
Brute Force Domain (68)
Download dictionaries: https://code.0x0lab.org/p/asphyx1a/source/tree/master/dictionaries
Other Related
https://blog.0x0lab.org/2011/12/dns-brute-nse/ Special Thanks cirrus, mayhem