First install pip:
apt-get install python-pip
Now, download dnsrecon:
git clone https://github.com/darkoperator/dnsrecon.git cd dnsrecon
Now install essential python modules:
pip install netaddr pip install dnspython
Now you can run dnsrecon:
[email protected]:~/dnsrecon# ./dnsrecon.py -d eyrie.in -n ns101.dnsever.com [*] Performing General Enumeration of Domain: eyrie.in [!] Wildcard resolution is enabled on this domain [!] It is resolving to eyrie.in [!] All queries will resolve to this address!! [-] DNSSEC is not configured for eyrie.in [*] SOA ns77.dnsever.com 126.96.36.199 [*] NS ns101.dnsever.com 188.8.131.52 [*] Bind Version for 184.108.40.206 DNSEver [*] NS ns108.dnsever.com 220.127.116.11 [*] Bind Version for 18.104.22.168 DNSEver [*] NS ns77.dnsever.com 22.214.171.124 [*] Bind Version for 126.96.36.199 DNSEver [*] A eyrie.in 188.8.131.52 [*] Enumerating SRV Records [-] No SRV Records Found for eyrie.in [*] 0 Records Found
What I do is first do a dig for the NS records and then run dnsrecon on the nameserver with -n
Joel G Mathew, known in tech circles by the pseudonym Droidzone, is an opensource and programming enthusiast.
His favorite pastime is grappling with GNU compilers, discovering newer Linux secrets, writing scripts, hacking roms, and programs (nothing illegal), reading, blogging. and testing out the latest gadgets.
When away from the tech world, Dr Joel G. Mathew is a practising ENT Surgeon, busy with surgeries and clinical practise.