dns-brute
脚本使用类型:
prerule, hostrule
脚本所属分类:
intrusive, discovery
脚本下载地址: http://nmap.org/svn/scripts/dns-brute.nse
Attempts to enumerate DNS hostnames by brute force guessing of common subdomains.
Thread to use (default 5).
Domain name to brute force if no host is specified
Add discovered targets to nmap scan queue
The filename of a list of host strings to try.
Perform lookup for SRV records
执行格式
nmap --script dns-brute --script-args dns-brute.domain=foo.com,dns-brute.threads=6,dns-brute.hostlist=./hostfile.txt,newtargets -sS -p 80 nmap --script dns-brute www.foo.com
Pre-scan script results: | dns-brute: | DNS Brute-force hostnames | www.foo.com - 127.0.0.1 | mail.foo.com - 127.0.0.2 | blog.foo.com - 127.0.1.3 | ns1.foo.com - 127.0.0.4 |_ admin.foo.com - 127.0.0.5
Author: Cirrus
License: VER007 整理 http://www.ver007.com