TXDNS (Those eXtra Domain NameS) is a powerful multi-threaded command-line program that you can use to discover DNS information about a Domain namespace/site. It can also be used as a stress testing tool for DNS servers to see how they perform against aggressive intrusive scans and more importantly determine what information they are leaking to the wild.
It uses the following techniques/algorithms to expose a namespace:
- Typing Errors - With the increase of phishing attacks, it is increasingly common for enterprises to register domain names that resemble the original domain name, as a form of protection against loss of traffic and attacks that may result from users mistyping the correct address in the address bar. This algorithm uses a combination of three techniques to simulate typing errors: transposition, double typing, and missing of a character.
- Top Level Domain (TLD) rotation - In this algorithm, the TLD domain suffix of the queried address is changed. For example, while querying the domain effecthacking.com, it will also check all other possible combinations, such as effecthacking.net, effecthacking.org, and so on.
- Dictionary based attack - This algorithm uses a file containing words that will be used as a sub-domain query for a given domain. The quality of the output of this algorithm depends on the quality of the used dictionary. For the effecthacking.com domain, the dictionary may include words that result in queries such as tool.effecthacking.com, news.effecthacking.com, and so on.
- Brute-Force attack - This algorithm checks for all possible combinations of defined length for the sub-domains of the queried domain. The character set used for the combinations is {a..z}, {0..9} or {{a..z}, {0..9}}. For example, for the effecthacking.com it will check the a.effecthacking.com, bb.effecthacking.com, zzz.effecthacking.com subdomains and so on.
Now let me show you how to use this program.
How To Use TXDNS
First, download TXDNs on your computer (download link is at the end of this article). Then extract the txdns.zip to your desktop, and then right-click on your desktop while holding down the Shift key. Now select "Open command window here", you will see a window as shown below.
Enter the commands using the following syntax (see the image below):
Brute-force effecthacking.com domain namespace using 50 threads
Dictionary attack effecthacking.com for SOA records against a specified DNS Server, display results on verbose mode and append found hosts to an output file.
That's all. I hope you liked this article. If you did, please share this article...
Usage examples:
Scan for all TLD and Typo variations of domain effecthacking.com- txdns -rt -t effecthacking.com
Brute-force effecthacking.com domain namespace using 50 threads
- txdns -x 50 -bb effecthacking.com
Dictionary attack effecthacking.com for SOA records against a specified DNS Server, display results on verbose mode and append found hosts to an output file.
- txdns --verbose -fm wordlist.dic --server 10.1.10.1 -rr SOA effecthacking.com -h c:\hostlist.txt
That's all. I hope you liked this article. If you did, please share this article...
TXDNS - An Aggressive Multithreaded DNS Digger/Brute-Forcer
Reviewed by AC10 Tech
on
Wednesday, March 08, 2017
Rating:
Reviewed by AC10 Tech
on
Wednesday, March 08, 2017
Rating:
No comments: