Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion
search
Home Agent Weblogs Social Network Post Help About


This page contains all of the posts and discussion on MemeStreams referencing the following web page: Subdomain bruting and you!. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Subdomain bruting and you!
by Acidus at 10:41 am EST, Feb 19, 2008

Old timers here will know about the concept of bruteforcing DNS using the clues available..

i.e. zone transfers disabled, but u see that the NS and MX servers are called gandalf.company.com and elrond.company.com. Effectively trying frodo.company.com is going to make good sense..

To this end BidiBlah will do this automagically for u and tries to eek out info.. (a little while back i saw fierce-scanner pop up in a similar vein!)

Young Mr Wilkinson ran up against a company last night with disabled transfers, but the 2 DNS servers showed up as:

* asimov.company.com
* heinlein.company.com

A quick trip to wikipedia shows that both are american sci-fi authors.

Very cool! A DNS Bruter using Wikipedia/Google to attempt to find relationships between subdomains. Bruting is fairly straight forward, and the trick has always been what values you should try. I faced this challenge about a month ago when I wrote a DNS bruter. Over the last 3 years or so I've made something of a hobby of collecting massive sets of URLs. At last count I had just under 90 million. I mined these and created a list of the 1000 most common subdomains.

Not as sexy as Bidiblah, but effective.

Link - Reply

  
 
Powered By Industrial Memetics