This tool is used to made a brute force on name resolution.The idea of that tool is to resolve all words dot domain name. To be more useful the tool uses multi threading; one thread for each name server. Classical brute forcers are sequential. With this method we cut the dictionary in n blocs ( n is the number of dns servers) and distribute these blocs to name servers. The tool is now in the project revhosts, new updates are only available in revhosts.

(Source: http://www.revhosts.org/DNSBruteforce)

Ok this one’s kinda tricky.

You need a list of dns servers and save it as server.lst , than you need a list of hosts you want to bruteforce and save it as hosts-txt . They have to be saved in the same directory as the dns-bruteforce.py script, which is “/pentest/enumeration/dns-bruteforce” directory in backtrack 2. Well they don’t have to be saved in the same directory, but it makes life and the example I will show, easier.

I used this dns server 208.67.222.222 , you can make a list and put in the server.lst file in seperate lines.

Than I need a hosts-txt file with a list of hosts I want to bruteforce. Dns-bruteforce comes with a host-txt file , I made my own and cut it short with these, in seperate lines: www, pop, mail, dns, apache, gateway.

We used this command: ./DNSBruteforce.py yahoo server.lst hosts-txt

Here is the screen shot:

That all!!

pavs