DNS
Nmap discovered a DNS server on the target port 53
The running service is UNIDENTIFIED
Reverse Lookup
┌──(kali㉿kali)-[~/archive/htb/labs/blazorized]
└─$ nslookup
> server 10.10.11.22
Default server: 10.10.11.22
Address: 10.10.11.22#53
> 127.0.0.1
1.0.0.127.in-addr.arpa name = localhost.
> DC1
Server: 10.10.11.22
Address: 10.10.11.22#53
> dc1.blazorized.htb
;; communications error to 10.10.11.22#53: timed out
;; communications error to 10.10.11.22#53: timed out
;; communications error to 10.10.11.22#53: timed out
;; no servers could be reached
> BLAZORIZED.HTB
;; communications error to 10.10.11.22#53: timed out
;; communications error to 10.10.11.22#53: timed out
;; communications error to 10.10.11.22#53: timed out
;; no servers could be reached
** server can't find DC1: SERVFAIL
> HTB
Server: 10.10.11.22
Address: 10.10.11.22#53Reverse lookup failed, and the target DNS server cannot even resolve the FQDN of the target system It appears to be misconfigured
dig
┌──(kali㉿kali)-[~/archive/htb/labs/blazorized]
└─$ dig any dc1.blazorized.htb @$IP
;; communications error to 10.10.11.22#53: timed out
; <<>> DiG 9.19.21-1-Debian <<>> any dc1.blazorized.htb @10.10.11.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 50781
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;dc1.blazorized.htb. IN ANY
;; Query time: 1771 msec
;; SERVER: 10.10.11.22#53(10.10.11.22) (TCP)
;; WHEN: Mon Jul 01 17:01:46 CEST 2024
;; MSG SIZE rcvd: 47
┌──(kali㉿kali)-[~/archive/htb/labs/blazorized]
└─$ dig any blazorized.htb @$IP
;; communications error to 10.10.11.22#53: timed out
; <<>> DiG 9.19.21-1-Debian <<>> any blazorized.htb @10.10.11.22
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 34494
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;blazorized.htb. IN ANY
;; Query time: 2431 msec
;; SERVER: 10.10.11.22#53(10.10.11.22) (TCP)
;; WHEN: Mon Jul 01 17:02:23 CEST 2024
;; MSG SIZE rcvd: 43The target DNS server does not respond
dnsenum
┌──(kali㉿kali)-[~/archive/htb/labs/blazorized]
└─$ dnsenum dc1.blazorized.htb --dnsserver $IP -f /usr/share/wordlists/seclists/Discovery/DNS/subdomains-top1million-110000.txt --threads 16
dnsenum VERSION:1.3.1
----- dc1.blazorized.htb -----
Host's addresses:
__________________
Name Servers:
______________
dc1.blazorized.htb NS record query failed: SERVFAILdnsenum failed
dnsrecon
┌──(kali㉿kali)-[~/archive/htb/labs/blazorized]
└─$ dnsrecon -d BLAZORIZED.HTB -n $IP -D /usr/share/wordlists/seclists/Discovery/DNS/subdomains-top1million-110000.txt --threads 16
[*] std: Performing General Enumeration against: BLAZORIZED.HTB...
[-] A timeout error occurred please make sure you can reach the target DNS Servers
[-] directly and requests are not being filtered. Increase the timeout from 3.0 second
[-] to a higher number with --lifetime <time> option.dnsrecon failed to connect to the DNS server