Create an Account
username: password:
 
  MemeStreams Logo

Subdomain bruting and you!
search
Home Agent Weblogs Social Network Post Help About

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Subdomain bruting and you!
Topic: Technology 10:41 am EST, Feb 19, 2008

Old timers here will know about the concept of bruteforcing DNS using the clues available..

i.e. zone transfers disabled, but u see that the NS and MX servers are called gandalf.company.com and elrond.company.com. Effectively trying frodo.company.com is going to make good sense..

To this end BidiBlah will do this automagically for u and tries to eek out info.. (a little while back i saw fierce-scanner pop up in a similar vein!)

Young Mr Wilkinson ran up against a company last night with disabled transfers, but the 2 DNS servers showed up as:

* asimov.company.com
* heinlein.company.com

A quick trip to wikipedia shows that both are american sci-fi authors.

Very cool! A DNS Bruter using Wikipedia/Google to attempt to find relationships between subdomains. Bruting is fairly straight forward, and the trick has always been what values you should try. I faced this challenge about a month ago when I wrote a DNS bruter. Over the last 3 years or so I've made something of a hobby of collecting massive sets of URLs. At last count I had just under 90 million. I mined these and created a list of the 1000 most common subdomains.

Not as sexy as Bidiblah, but effective.

Subdomain bruting and you!

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0