Re: anonymous Zonetransfer (AXFR) exploatation

Ok, ok, so i used the verb in the wrong way :).
I was just amazed at "should be considered". I myself still try it from time to time, but in this part of the world (yeah, i know Romania has a bad reputation) it seldom works.
So, let's stick to the matter at hand: i agree, it should be part of a standard pen-test if there are no specific laws against using it even in test conditions.

Cheers,
Radu Oprisan


Jason Thompson wrote:
Were? I still do them and find axfr's allowed... not a lot, but for
the 10 seconds it takes to check there's been a few times where I've
downloaded an AD domains' worth of hosts. Even just getting a list of
hosts with a few interesting CNAME entries can give you a few
potential targets or point to domains you weren't previously aware of.

-J

On Tue, Mar 18, 2008 at 11:09 AM, Radu Oprisan <radu@xxxxxxxxxxxxxxxx> wrote:
LordDoskias wrote:
>>
>>
> The best thing that I can think if to use the information obtained
> from the zone transfer. Perhaps some "private" hosts will come up that
> you can look into? To my mind AXFR transfers should be considered as
> part of the reconnaissance stage of a pen-test.


Actually, they were, a long time ago.



------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Relevant Pages

  • RE: Unwanted Pages and Favourites
    ... Could you open your HOSTS File and see if there is any reference for any ... "nass" wrote: ... Yes you should Scan in safe Mode to be in the safe side. ... About how it get to your Computer you may be allowed a bad site to download ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: Where is my Hosts file?
    ... No don't delete it just open it with notepad and edit it and remove all bad ... I downloaded a Hosts from the NEt and the computer gotvery ... file contaminated and download this and that to clean up?. ...
    (microsoft.public.windowsxp.general)
  • Re: Cant access any webs sites that contain anti virus fixes
    ... you may need to change windows explorer setting to allow seeing ... For more information about the hosts file, ... Second, there are some, free antivirus scanners that can be downloaded on ... run the download, I get a webpage stateing page not found"). ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Cant download files with IE 6
    ... That tells us that HOSTS is not the problem. ... if one machine can get the fle, use that to download what ... I needed to download a file from Symantec to remedy an NAV update ... tried some other download sites from the laptop. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • Re: anonymous Zonetransfer (AXFR) exploatation
    ... downloaded an AD domains' worth of hosts. ... Cenzic finds more, "real" vulnerabilities fast. ... buy it or download a solution FREE today! ...
    (Pen-Test)