DNSTake: DNS deficit check tool that leads to subdomain retrieval


DNS takeover vulnerabilities occur when a subdomain (subdomain.example.com) or the page itself has designated a provider as a valid nameserver (eg AWS Route 53, Akamai, Microsoft Azure, etc.). ) but the hosted zone has been removed or deleted completely.

Therefore, when requesting DNS records, the server responds with a SERVFAIL error. This allows a hacker to create a missing zone in the service used and thus check all DNS records for this (sub) domain.

131214165 06cb74c3 2754 48a6 a13d bfcf592e646a

 

Installation

1) The simplest method is to unzip the file to download from here and then run it.

2) There is also the manual method that we install from the source:

▶ go install github.com/pwnesia/dnstake/cmd/dnstake@latest

ή

▶ git clone https://github.com/pwnesia/dnstake ▶ cd dnstake / cmd / dnstake ▶ go build. ▶ (sudo) mv dnstake / usr / local / bin

Use

$ dnstake -h · ▐ ▐ ▄ .▄▄ · ▄▄▄▄▄ ▄▄▄ · ▄ • ▄ ▄▄▄. ██ ██ • █▌▐█▐█ ▀. • ██ ▐█ ▀█ ▀.▀ · ▐█ · ▐█▌▐█▐▐▌▄▀▀▀█▄▐█ .▪▄█▀▀█ ▐▀▀▄ · ▐▀▀▪▄ ██. ██ ██▐█▌▐█▄▪▐█▐█▌ · ▪▐▌▐█ ▪▐▌▐█.█▌▐█▄▄▌ ▀▀▀▀▀ • ▀▀ █▪ ▀▀▀ ▀ ▀ ▀ · ▀ ▀▀▀ ▀▀▀ (c) pwnesia.org - v0.0.1 Usage: [stdin] | dnstake [options] dnstake -t HOSTNAME [options] Options: -t, --target Define single target host / list to check -c, --concurrent         Set the concurrency level (default: 25) -s, --silent Suppress errors and / or clean output -h, --help Display its help Examples: dnstake -t (sub.) Domain.tld dnstake -t hosts.txt cat hosts.txt | dnstake subfinder -silent -d domain.tld | dnstake

You can download the program from here.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news