53 - DNS | d4t4s3c hacks & pills

Information

Default Port: 53

PORT   STATE SERVICE
53/tcp open  domain                                                                                                        

Enumeration

Nmap

nmap -sS -p53 192.168.1.2
nmap -sVC -p53 192.168.1.2

Reverse DNS Nslookup

❯ nslookup
> server 10.129.227.211
Default server: 10.129.227.211
Address: 10.129.227.211#53
> 10.129.227.211
211.227.129.10.in-addr.arpa	name = ns1.cronos.htb.

❯ nslookup 10.129.227.211 10.129.227.211
211.227.129.10.in-addr.arpa	name = ns1.cronos.htb.

Zone Transfer (AXFR)

dig @192.168.1.2 domain.tld afxr
host -t axfr domain.tld 192.168.1.2
host -l domain.tld 192.168.1.2

Others

Mail Exchange

dig @192.168.1.2 domain.tld mx
host -t mx domain.tld

Canonical Name

dig @192.168.1.2 domain.tld cname
host -t cname domain.tld

Name Server

dig @192.168.1.2 domain.tld ns
host -t ns domain.tld

IPv4

dig @192.168.1.2 domain.tld a
host -t a domain.tld

IPv6

dig @192.168.1.2 domain.tld aaaa
host -t aaaa domain.tld

Text (SPF & DKIM)

dig @192.168.1.2 domain.tld txt
host -t txt domain.tld

Start of Authority (SOA)

dig @192.168.1.2 domain.tld soa
host -t soa domain.tld

ALL (ANY)

dig @192.168.1.2 domain.tld any
host -a domain.tld