Re: [NSE] add new targets to Nmap with dns-zone-transfer

[David Fifield <david () bamsoftware com>]

On Thu, Sep 09, 2010 at 08:55:27PM +0100, Djalal Harouni wrote:
> Attached is a modified version of dns-zone-transfer script, which lets
> you to add new discovered targets form axfr queries to Nmap scan queue.
>
> test:
> ./nmap -sP --datadir . --script scripts/dns-zone-transfer.nse
> --script-args="dnszonetransfer.server=MENAIK.CS.ualberta.ca,dnszonetransfer.domain=ualberta.ca,newtargets"
>
> ...
> Pre-scan script results:
> | dns-zone-transfer:  
> |   Domains     Added Targets  
> |   Node Names  152            
> |               
> |   DNS Record  Added Targets  
> |   A           32             
> |   MX          9              
> |   NS          4              
> |   SOA         1              
> |   CNAME       160            
> |_Total new targets added to Nmap scan queue: 358.
>
>
> Notes on the script:
> * CNAMES RDATA results are not ignored any more (but I don't know why they
> were ignored before).
> * There is a new script argument 'dnszonetransfer.allips' which lets you
> to add non-routable IP addresses to the scan queue, they are skipped by
> default.
> * Currently all axfr results are added (nodes and rdata results).
> * The script does not use the dns.lua library for DNS packets.

I tested this with the ualberta example and it worked. You can commit
this. I would change the script argument dnszonetransfer.allips to
dnszonetransfer.addall to make it more clear that it only affects the
adding of targets to scan (not normal output, etc.).

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/