Sun, 13 Oct 2013

Brute Forcing DNS with python .:.permalink.:.

Often DNS is helpful in telling you what's out there without scanning. No one allows DNS zone transfers anymore so simply brute-force resolving dns is a quick workaround.

Here's a simple python script to resolve a range of IP addresses to their hostname (if available):


#!/usr/bin/python
import sys
import netaddr
import socket

net=netaddr.IPNetwork(sys.argv[1])
for ip in list(net):
    try:
        hostname,hostalias,addresslist=socket.gethostbyaddr(str(ip))
        if hostname:
            print("%s %s"%(ip,hostname))
    except:
        pass

I call it dnsiter.py and use it thusly:

dnsiter.py 192.168.2.0/29
192.168.2.5 somehostname1
192.168.2.6 someotherhostname2

Since it used the netaddr module it can accept cidr masks or individual IPs.

Posted at: Sun, 13 Oct 2013 | category: /itsec