我的书签
添加书签
移除书签DNS Enumeration
gem install net-dns
In ruby script
require 'net/dns'
Forward DNS lookup
The main usage is
require 'net/dns'resolver = Net::DNS::Resolver.start("google.com")
Returns
;; Answer received from 127.0.1.1:53 (260 bytes);;;; HEADER SECTION;; id = 36568;; qr = 1 opCode: QUERY aa = 0 tc = 0 rd = 1;; ra = 1 ad = 0 cd = 0 rcode = NoError;; qdCount = 1 anCount = 6 nsCount = 4 arCount = 4;; QUESTION SECTION (1 record):;; google.com. IN A;; ANSWER SECTION (6 records):google.com. 31 IN A 64.233.183.102google.com. 31 IN A 64.233.183.113google.com. 31 IN A 64.233.183.100google.com. 31 IN A 64.233.183.139google.com. 31 IN A 64.233.183.101google.com. 31 IN A 64.233.183.138;; AUTHORITY SECTION (4 records):google.com. 152198 IN NS ns1.google.com.google.com. 152198 IN NS ns3.google.com.google.com. 152198 IN NS ns4.google.com.google.com. 152198 IN NS ns2.google.com.;; ADDITIONAL SECTION (4 records):ns3.google.com. 152198 IN A 216.239.36.10ns4.google.com. 152198 IN A 216.239.38.10ns2.google.com. 152198 IN A 216.239.34.10ns1.google.com. 345090 IN A 216.239.32.10
As you can see from response above, there are 5 sections
- Header section: DNS lookup headers
- Question section: DNS question,
- Answer section: Array of the exact lookup answer (base on lookup type. ex. A, NS, MX , etc)
- Authority section: Array of authority nameserver
- Additional section: Array array of nameserver lookup
Since its all are objects, we can call each section like that
resolver.headerresolver.questionresolver.answerresolver.authorityresolver.additional
A record
Because the A record is the default, we can do like above example
resolver = Net::DNS::Resolver.start("google.com")
or in one line to get exact answer.
resolver = Net::DNS::Resolver.start("google.com").answer
will return an array with all IPs assigned to this domain
[google.com. 34 IN A 74.125.239.35,google.com. 34 IN A 74.125.239.39,google.com. 34 IN A 74.125.239.33,google.com. 34 IN A 74.125.239.34,google.com. 34 IN A 74.125.239.36,google.com. 34 IN A 74.125.239.32,google.com. 34 IN A 74.125.239.46,google.com. 34 IN A 74.125.239.40,google.com. 34 IN A 74.125.239.38,google.com. 34 IN A 74.125.239.37,google.com. 34 IN A 74.125.239.41]
MX lookup
mx = Net::DNS::Resolver.start("google.com", Net::DNS::MX).answer
returns an array
[google.com. 212 IN MX 40 alt3.aspmx.l.google.com.,google.com. 212 IN MX 30 alt2.aspmx.l.google.com.,google.com. 212 IN MX 20 alt1.aspmx.l.google.com.,google.com. 212 IN MX 50 alt4.aspmx.l.google.com.,google.com. 212 IN MX 10 aspmx.l.google.com.]
All lookup
any = Net::DNS::Resolver.start("facebook.com", Net::DNS::ANY).answer
returns
[facebook.com. 385 IN A 173.252.120.6,facebook.com. 85364 IN TXT ,facebook.com. 149133 IN NS b.ns.facebook.com.,facebook.com. 149133 IN NS a.ns.facebook.com.]
for list of types, please refer to the gem docs
Reverse DNS lookup
resolver = Net::DNS::Resolver.newquery = resolver.query("69.171.239.12", Net::DNS::PTR)
If you want to specify the nameserver(s) to use, it support an array of nameserver
resolver = Net::DNS::Resolver.new(:nameserver => "8.8.8.8")
or update the object
resolver = Net::DNS::Resolver.newresolver.nameservers = ["8.8.4.4" , "8.8.8.8"]
