There is another option for DNS Brute Forcing which uses threads, so may be faster than TXDNS 2.0 which we posted about recently.
What does it do?
This program was written to extract valid hosts of a domain that deny zone transfers.
The program supports:
- IPv4 => IP Address of 32 bits.
- IPv6 => IP Address of 128 bits.
- Multi Thread => Make several resolutions at “the same time”.
- EMA => Extract more than 1 IP in servers with HA, Network Load Balance, etc, (like: www.yahoo.com, www.microsoft.com).
Where do I use it?
This program must be used against DNS Servers that deny zone transfers.
Example of DNS Servers that deny transfer zones:
root@Debian:/tmp/WS-DNS# host -l frontthescene.com.br
;; connection timed out; no servers could be reached
root@Debian:/tmp/WS-DNS# dig @188.8.131.52 frontthescene.com.br axfr
; <<>> DiG 9.2.1 <<>> @184.108.40.206 frontthescene.com.br axfr
;; global options: printcmd
; Transfer failed.
How do I compile it?
To compile it, do:
gcc -o WS-DNS-BFX WS-DNS-BFX.c -lpthread -D_REENTRANT -D_THREAD_SAFE
To best performance do:
gcc -o WS-DNS-BFX WS-DNS-BFX.c -lpthread -D_REENTRANT -D_THREAD_SAFE -O3
If u don’t have a compiler (gcc), libs, etc, i added at the .tgz file this program compiled static, called “WS-DNS-BFX-Static”.
How do I use it?
Is easy use this program. Supose that you want extract valid hosts from “yahoo.com”, using dict-file.txt (Brute Force File) and open 4 threads, to do it the command is:
root@Debian:/tmp/WS-DNS# ./WS-DNS-BFX yahoo.com dict-file.txt 4
When it finish, will be generated a file called “hosts-yahoo.com.txt” with the extracted hosts.
You can download it here:
- Mimikatz – Gather Windows Credentials
- Dharma – Generation-based Context-free Grammar Fuzzing Tool
- Passgen – Random Character Generator For WPA/WPA2 Key Cracking
- NiX Brute Force – Parallel Log-in Brute Forcing/Password Cracking Tool
- Metagoofil 1.2 – Metadata Extractor Tool
- Patator – Multi Purpose Brute Forcing Tool
Most Read in Hacking Tools: