Nmap Development mailing list archives
Re: NSEC Enumeration script
From: David Fifield <david () bamsoftware com>
Date: Mon, 7 Feb 2011 10:12:23 -0800
On Fri, Feb 04, 2011 at 10:56:51AM +0100, John Bond wrote:
Hi All, I wanted to get to know dnssec and nse a bit more so decided to write an nse script to enumerate NSEC records. unfortunately the dns.lua library that comes as standard (using mac ports) dose not have support for dnssec or edns. so in order to produce my script i have had to hack about with the dns library a little. As this is my first experience with lua i thought it would be best to take a copy of dns.lua and hack that instead of trying to provide a patch. i have tried to make my additions compatible with the original library and would be interested to know how other scripts which use the dns library work with my additions. The things i have added are below and the library name i have used in the dns-nsec-enum script is dnsseclib Library will recognise and decode the following RR types * DS * DNSKEY * RRSIG * NSEC * OPT The library also has the ability to add an EDNS (OPT) packet setting the * Senders payload size * z bit 1 to indicate DNSSEC capabilities Here is the script info description = [[ This script takes an argument for a zone and attempt to enumerate all dns records avalible in this zone. for this script to work DNSEC and NSEC must be avalible. ]] --- -- @args dns-nsec-enum.domains- the dns-nsec-enum.domains name to attemp to enumarate, default is the dns-nsec-enum.domainsname of the target been scanned -- @usage -- nmap --script dnssecenum [--script-args dns-nsec-enum.domains=example.com] <target> -- @output -- | dns-nsec-enum: hosts for www.example.com -- | ftp.example.com:A:NS:SOA:TXT:AAAA:RRSIG:NSEC:DNSKEY -- | http.example.com:CNAME:RRSIG:NSEC -- | www.example.com:A:AAAA:RRSIG:NSEC -- | example.com:CNAME:RRSIG:NSEC
Thanks, John, I'm excited about this script. I and others would like to test it. Did you set up a DNSSEC server to test it, or did you use a public one? Can you give a brief guide on how to reproduce your results? This might be a dumb question, but does it work with NSEC3 servers? I guess the the only way to do that is to guess names from a dictionary? David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NSEC Enumeration script John Bond (Feb 04)
- Re: NSEC Enumeration script David Fifield (Feb 07)
- Re: NSEC Enumeration script David Fifield (Feb 07)
- Re: NSEC Enumeration script John Bond (Feb 07)
- Re: NSEC Enumeration script John Bond (Feb 07)
- Re: NSEC Enumeration script John Bond (Feb 08)
- Re: NSEC Enumeration script John Bond (Feb 09)
- Re: NSEC Enumeration script Patrik Karlsson (Feb 09)
- Re: NSEC Enumeration script John Bond (Feb 09)
- Re: NSEC Enumeration script John Bond (Feb 10)
- Re: NSEC Enumeration script Patrik Karlsson (Feb 10)
- Re: NSEC Enumeration script John Bond (Feb 15)
- Re: NSEC Enumeration script David Fifield (Feb 07)
- Re: NSEC Enumeration script David Fifield (Feb 07)