Marial's Notes
  • Hello!
  • Pentesterlab Labs
    • Recon Badge
      • recon_00 (/robots.txt)
      • recon_01 (404 pages)
      • recon_02 (/.well-known/security.txt)
      • recon_03 (directory listing)
      • recon_04 (/admin)
      • recon_05 (wfuzz)
      • recon_06 (vhost)
      • recon_07 (vhost over TLS)
      • recon_08 (alt name)
      • recon_09 (header)
      • recon_10 (visual recon)
      • recon_11 (virtual host brute)
      • recon_12 (load balance)
      • recon_13 (TXT)
      • recon_14 (zone transfer)
      • recon_15 (int zone transfer)
      • recon_16 (bind version)
      • recon_17 (dev name)
      • recon_18 (public repos)
      • recon_19 (find email)
      • recon_20 (check branches 1)
      • recon_21 (check branches 2)
      • recon_22 (deleted file)
      • recon_23 (commit message)
      • recon_24 (assets)
      • recon_25 (S3)
      • recon_26 (JS)
  • TryHackMe Rooms
    • Basic Pentesting
    • EasyPeasy
    • Kenobi
    • Vulnversity
Powered by GitBook
On this page
  • OBJECTIVE
  • ZONE TRANSFER
  • SOLUTION

Was this helpful?

  1. Pentesterlab Labs
  2. Recon Badge

recon_15 (int zone transfer)

Previousrecon_14 (zone transfer)Nextrecon_16 (bind version)

Last updated 7 months ago

Was this helpful?

View the exercise here:

OBJECTIVE

For this challenge, your goal is to perform a zone transfer on the internal zone named: "int" using the nameserver of z.hackycorp.com.

ZONE TRANSFER

Zone transfers are usually used to synchronize multiple DNS servers. Only a list of pre-defined hosts should be able to perform this operation. However, it's sometimes possible to retrieve information from internal zones by asking publicly available servers.

SOLUTION

dig AXFR @z.hackycorp.com int

  • dig: The tool for querying DNS.

  • AXFR: The query type, which requests a zone transfer (a copy of all DNS records for a domain).

  • @z.hackycorp.com: Specifies the DNS server (z.hackycorp.com) to contact.

  • int: The domain (zone) you're requesting the transfer for, in this case, int.

PentesterLab: Recon 15