Hackipedia
  • 👋Welcome!
  • Reconnaissance
    • 🚀Passive Reconn
      • DNS Lookup
        • Host
        • Dnsrecon
        • Dnsenum
        • Nslookup
        • dig
      • Identifying Technologies
        • WhatWeb
        • BuiltWith
      • Whois
    • 💖Active Reconn
  • Exploitation
    • Page 1
  • Post-Exploitation
    • Page 2
  • Reporting
    • Page 3
Powered by GitBook
On this page
  • Zone Transfers with the dig Command on Linux
  • Using the dig Command

Was this helpful?

  1. Reconnaissance
  2. Passive Reconn
  3. DNS Lookup

dig

Zone Transfers with the dig Command on Linux

Zone transfers are typically the result of DNS server misconfigurations. There are several tools available to perform zone transfers, and in this guide, we will focus on using the dig and host commands in Linux.

Using the dig Command

The dig command is a powerful tool for DNS querying in Linux. Below, we will look at how to perform various DNS queries and zone transfers using the dig command:

General DNS Queries

  1. Standard Query

    dig target.com

  2. Short Format Query

    dig target.com +short

  3. PTR Record Query

    dig target.com PTR

  4. MX Record Query

    dig target.com MX

  5. NS Record Query

    dig target.com NS

Zone Transfer Queries

Zone transfers, especially on misconfigured DNS servers, can be performed using the following techniques:

  1. Standard Zone Transfer

    dig axfr@target.com target.com

  2. Zone Transfer with Specific Options

    dig domain.com AXFR +noall +answer
# or
dig +nocmd domain.com AXFR +noall +answer @domain.com

  3. Zone Transfer on a Specified DNS Server

    dig @10.50.96.5 foocampus.com -t AXFR+nocookie
PreviousNslookupNextIdentifying Technologies

Last updated 1 year ago

Was this helpful?

🚀