Penetration Testing mailing list archives
Re: anonymous Zonetransfer (AXFR) exploatation
From: "Jamie Riden" <jamie.riden () gmail com>
Date: Tue, 18 Mar 2008 19:48:12 +0000
On 18/03/2008, Radu Oprisan <radu () securesystems ro> wrote:
LordDoskias wrote: >> >> > The best thing that I can think if to use the information obtained > from the zone transfer. Perhaps some "private" hosts will come up that > you can look into? To my mind AXFR transfers should be considered as > part of the reconnaissance stage of a pen-test. Actually, they were, a long time ago.
Hmmm.. of course, everybody should know not to allow AXFR, but in practice you will find a lot of systems which do. (Murphy's law implies that if a misconfiguration is possible, it exists somewhere on the internet. I got a complaint to abuse@ once because we were "attacking" someone's domain controller on port 123. Turns out he had promoted it to a stratum 1 NTP server and was seeing a standard ntpd exchange being dropped by his firewall. Nothing surprises me any more.) cheers, Jamie -- Jamie Riden / jamesr () europe com / jamie () honeynet org uk UK Honeynet Project: http://www.ukhoneynet.org/ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- anonymous Zonetransfer (AXFR) exploatation xx yy (Mar 13)
- Re: anonymous Zonetransfer (AXFR) exploatation Jamie Riden (Mar 13)
- RE: anonymous Zonetransfer (AXFR) exploatation Shenk, Jerry A (Mar 13)
- Re: anonymous Zonetransfer (AXFR) exploatation LordDoskias (Mar 13)
- Re: anonymous Zonetransfer (AXFR) exploatation Radu Oprisan (Mar 18)
- Re: anonymous Zonetransfer (AXFR) exploatation Jason Thompson (Mar 18)
- Re: anonymous Zonetransfer (AXFR) exploatation Radu Oprisan (Mar 19)
- Re: anonymous Zonetransfer (AXFR) exploatation Volker Tanger (Mar 18)
- Re: anonymous Zonetransfer (AXFR) exploatation Dave Howe (Mar 18)
- Re: anonymous Zonetransfer (AXFR) exploatation mouss (Mar 20)
- Re: anonymous Zonetransfer (AXFR) exploatation Radu Oprisan (Mar 18)
- Re: anonymous Zonetransfer (AXFR) exploatation Jamie Riden (Mar 18)
- <Possible follow-ups>
- Re: anonymous Zonetransfer (AXFR) exploatation xx yy (Mar 19)
- Re: anonymous Zonetransfer (AXFR) exploatation krymson (Mar 20)