Re: anonymous Zonetransfer (AXFR) exploatation

---

• From: "Jason Thompson" <securitux@xxxxxxxxx>
• Date: Tue, 18 Mar 2008 15:28:49 -0400

---

Were? I still do them and find axfr's allowed... not a lot, but for
the 10 seconds it takes to check there's been a few times where I've
downloaded an AD domains' worth of hosts. Even just getting a list of
hosts with a few interesting CNAME entries can give you a few
potential targets or point to domains you weren't previously aware of.

-J

On Tue, Mar 18, 2008 at 11:09 AM, Radu Oprisan <radu@xxxxxxxxxxxxxxxx> wrote:

LordDoskias wrote:
>>
>>
> The best thing that I can think if to use the information obtained
> from the zone transfer. Perhaps some "private" hosts will come up that
> you can look into? To my mind AXFR transfers should be considered as
> part of the reconnaissance stage of a pen-test.


Actually, they were, a long time ago.




------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

---

• Follow-Ups:
  • Re: anonymous Zonetransfer (AXFR) exploatation
    • From: Radu Oprisan

• References:
  • anonymous Zonetransfer (AXFR) exploatation
    • From: xx yy
  • Re: anonymous Zonetransfer (AXFR) exploatation
    • From: LordDoskias
  • Re: anonymous Zonetransfer (AXFR) exploatation
    • From: Radu Oprisan

• Prev by Date: RE: Looking for a fuzzer/source code analyzer on customer developed code
• Next by Date: Re: anonymous Zonetransfer (AXFR) exploatation
• Previous by thread: Re: anonymous Zonetransfer (AXFR) exploatation
• Next by thread: Re: anonymous Zonetransfer (AXFR) exploatation
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: Block OS Detection ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ... (Pen-Test) Re: Astalavista? ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ... (Pen-Test) Re: Port Scanner Challenge Revisited: Nmap, Unicornscan, Portbunny ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ... (Pen-Test) Re: Security Grade ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ... (Pen-Test) Re: Gear ... Need to secure your web apps NOW? ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ... (Pen-Test)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > pen-test  > 2008-03