Script dns-fuzz

Script types: portrule
Categories: fuzzer, intrusive

Script Summary

Launches a DNS fuzzing attack against DNS servers.

The script induces errors into randomly generated but valid DNS packets. The packet template that we use includes one uncompressed and one compressed name.

Use the dns-fuzz.timelimit argument to control how long the fuzzing lasts. This script should be run for a long time. It will send a very large quantity of packets and thus it's pretty invasive, so it should only be used against private DNS servers as part of a software development lifecycle.

Script Arguments


How long to run the fuzz attack. This is a number followed by a suffix: s for seconds, m for minutes, and h for hours. Use 0 for an unlimited amount of time. Default: 10m.

Example Usage

nmap -sU --script dns-fuzz --script-args timelimit=2h <target>

Script Output

Host script results:
|_dns-fuzz: Server stopped responding... He's dead, Jim.



  • Michael Pattrick

License: Same as Nmap--See