0x00 dnswalk Introduction
dnswalk is a DNS debugger, it performs the transfer of the specified domain, and in a variety of ways to check the database for internal consistency and accuracy.
Tools Source: http://sourceforge.net/projects/dnswalk/
dnstracer Home | Kali dnstracer Repo warehouse
Author: David Barr
Certificate: Artistic
0x01 dnswalk function
1
2
3
4
5
6
7
8
9
10
11
12
13
Usage: dnswalk [- Options [- More options]] [-] [1 program parameters ...]
Accept the following single-character options:
This option has parameters: -D
Boolean (no arguments): -r -f -i -a -d -m -F -l
Options can be combined together, - stop the option not to merge processing
You do not need to empty between the option and its argument
Example: dnswalk domain.com.
Enter the domain name must end with '.'
1
2
3
4
5
6
7
-r recursive queries down subdomain of the domain specified
A duplicate record open -a warning
-d print debugging and 'status' information to stderr (used only in the redirect stdout)
-m only if a check has been modified in the last run after domain
-F implementation of "fascist" check in check A record, PTR does not match the name of each IP address and forwards the name and reporting
Check the domain name -i ban invalid characters
-l implementation of "lame delegation" check. NS records for each host to check whether the listed domain is indeed return this authority promised.
0x02 dnswalk usage examples
1
2
3
4
5
6
Checking www.harvard.edu.
BAD: SOA record not found for www.harvard.edu.
BAD: www.harvard.edu. has NO authoritative nameservers!
BAD: All zone transfer attempts of www.harvard.edu. failed!
0 failures, 0 warnings, 3 errors.
Most now are no loopholes domain transfer, this tool is now relatively tasteless.