Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-1999-0532 PoC — DNS server 安全漏洞

Source
https://github.com/Rodney-O-C-Melby/dns-zone-transfer-test
Associated Vulnerability
Title:DNS server 安全漏洞 (CVE-1999-0532)
Description:DNS server中存在安全漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
Description
Automates Domain Name System (DNS) zone transfer testing. Checks for CVE-1999-0532  by automatically finding a given domains nameservers, and tests for zone transfers, if successful, subdomains are printed to standard output.
Readme
# DNS Zone Transfer Test
Automates Domain Name System (DNS) zone transfer testing. 

Automatically finds a given domains nameservers, and 
tests for zone transfers, if successfully, identified A records are printed to standard output.

# Usage
```
dztt zonetransfer.me
dztt -f domains.txt
dztt -n 1.1.1.1 zonetransfer.me
```

# Requirements
```
git >= 2.36.0
python >= 3.9
pip >= 20.3.4
```

# Installation
Download the repository change to the relevant directory, and install the PIP package.
```
git clone https://github.com/Rodney-O-C-Melby/zone-transfer-tester.git  
cd dns-zone-transfer-test
pip install .
```  
Then add the python scripts directory to your PATH environment variable.
```
python get_scripts_path.py
```
Add the output to PATH or only use dztt within this directory using:
```
python src/dns-zone-transfer-test/dztt
```
# Help
```
usage: dztt [-h] [-f FILE] [-n NAMESERVER] target

DNS Zone Transfer Test: dztt tests IP's or domains for zone transfers. (XFR)

positional arguments:
  target                Target IP or Domain name to test

options:
  -h, --help            show this help message and exit
  -f FILE, --file FILE  file of domain names to test, one per line
  -n NAMESERVER, --nameserver NAMESERVER
                        DNS IP for target DNS query, defaults to local DNS

### EXAMPLES ###
dztt  
dztt zonetransfer.me
dztt -f domains.txt  
dztt -n 1.1.1.1 zonetransfer.me  
dztt -f domains.txt -n 1.1.1.1
```  
# Output
A domain that is vulnerable to zone transfers will print the following message to standard out, and print each 
identified subdomain.
``` 
zonetransfer.me is VULNERABLE to DNS Zone Transfers!!!  
Found 34 subdomains at zonetransfer.me  
``` 
A domain that is not vulnerable to zone transfers will print the following message to standard out.
``` 
nmap.org is SECURE against DNS Zone Transfers :-)  
```
or 
``` 
nmap.org is VERY SECURE against DNS Zone Transfers :-)  
```
# Input
Accepts a file containing domain names to test, one per line.
``` 
dztt -f domains.txt
```
# PIP Requirements
```
dnspython >= 2.2.1
```
File Snapshot

 [4.0K]  /data/pocs/2002363cf2fa66fe5cfeeacbce132a3ce4e601be
├── [  30]  domains.txt
├── [1.3K]  get_scripts_path.py
├── [ 26K]  LICENSE
├── [  86]  pyproject.toml
├── [2.0K]  README.md
├── [1.6K]  setup.py
└── [4.0K]  src
    └── [4.0K]  dns-zone-transfer-test
        ├── [ 12K]  dztt
        └── [ 223]  __init__.py

2 directories, 8 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.