Nmap Development mailing list archives
Re: [NSE] add new targets to Nmap with dns-zone-transfer
From: David Fifield <david () bamsoftware com>
Date: Mon, 27 Sep 2010 21:17:12 -0700
On Thu, Sep 09, 2010 at 08:55:27PM +0100, Djalal Harouni wrote:
Attached is a modified version of dns-zone-transfer script, which lets you to add new discovered targets form axfr queries to Nmap scan queue. test: ./nmap -sP --datadir . --script scripts/dns-zone-transfer.nse --script-args="dnszonetransfer.server=MENAIK.CS.ualberta.ca,dnszonetransfer.domain=ualberta.ca,newtargets" ... Pre-scan script results: | dns-zone-transfer: | Domains Added Targets | Node Names 152 | | DNS Record Added Targets | A 32 | MX 9 | NS 4 | SOA 1 | CNAME 160 |_Total new targets added to Nmap scan queue: 358. Notes on the script: * CNAMES RDATA results are not ignored any more (but I don't know why they were ignored before). * There is a new script argument 'dnszonetransfer.allips' which lets you to add non-routable IP addresses to the scan queue, they are skipped by default. * Currently all axfr results are added (nodes and rdata results). * The script does not use the dns.lua library for DNS packets.
I tested this with the ualberta example and it worked. You can commit this. I would change the script argument dnszonetransfer.allips to dnszonetransfer.addall to make it more clear that it only affects the adding of targets to scan (not normal output, etc.). David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] add new targets to Nmap with dns-zone-transfer Djalal Harouni (Sep 09)
- Re: [NSE] add new targets to Nmap with dns-zone-transfer David Fifield (Sep 27)