Home page logo
/
Zenmap screenshot
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
Example Nmap output

File dns-brute

Script types: prerule, hostrule
Categories: intrusive, discovery
Download: http://nmap.org/svn/scripts/dns-brute.nse

User Summary

Attempts to enumerate DNS hostnames by brute force guessing of common subdomains. With the dns-brute.srv argument, dns-brute will also try to enumerate common DNS SRV records.

Script Arguments

dns-brute.threads

Thread to use (default 5).

dns-brute.srvlist

The filename of a list of SRV records to try. Defaults to "nselib/data/dns-srv-names"

dns-brute.hostlist

The filename of a list of host strings to try. Defaults to "nselib/data/vhosts-default.lst"

dns-brute.srv

Perform lookup for SRV records

dns-brute.domain

Domain name to brute force if no host is specified

max-newtargets, newtargets

See the documentation for the target library.

Example Usage

nmap --script dns-brute --script-args dns-brute.domain=foo.com,dns-brute.threads=6,dns-brute.hostlist=./hostfile.txt,newtargets -sS -p 80
nmap --script dns-brute www.foo.com

Script Output

Pre-scan script results:
| dns-brute:
|   DNS Brute-force hostnames
|     www.foo.com - 127.0.0.1
|     mail.foo.com - 127.0.0.2
|     blog.foo.com - 127.0.1.3
|     ns1.foo.com - 127.0.0.4
|_    admin.foo.com - 127.0.0.5

Requires


Author: Cirrus

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]