Re: anonymous Zonetransfer (AXFR) exploatation

xx yy wrote:
> During some research I came across some server that have anonymous Zonetransfer 
> (AXFR) allowed.
>
> Is there a working attack for a DNS server that has anonymous Zonetransfer (AXFR) allowed ? 
>
> I will appreciate any detailed description of what can be done to dig deeper 
> into this potential vulnerability.
> Also if anyone knows of some good resources for AXFR exploatation please share.
>
> Thanks
>
>
>
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
>   
The best thing that I can think if to use the information obtained from 
the zone transfer. Perhaps some "private" hosts will come up that you 
can look into? To my mind AXFR transfers should be considered as part of 
the  reconnaissance stage of a pen-test.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------