dnsenum.pl line 843

[zmajevi]

Whenever i start a scan it always fails at Trying Zone Transfers and getting Bind Versions and gives this message:

Trying Zone Transfers and getting Bind Versions:

---

ERROR: tcp recv failed:
improperly terminated AXFR at /home/d4nte/dnsenum/dnsenum.pl line 843.

[eapolsniper]

same issue. latest pull.

[fwaeytens]

Sorry dude,

works fine for me:

fw@focpen1 ~/Tools $ rm -rf dnsenum/
fw@focpen1 ~/Tools $ git clone https://github.com/fwaeytens/dnsenum.git
Cloning into 'dnsenum'...
remote: Counting objects: 46, done.
remote: Total 46 (delta 0), reused 0 (delta 0), pack-reused 46
Unpacking objects: 100% (46/46), done.
Checking connectivity... done.
fw@focpen1 ~/Tools $ cd dnsenum/
fw@focpen1 ~/Tools/dnsenum $ perl dnsenum.pl -f dns.txt zonetransfer.me
Smartmatch is experimental at dnsenum.pl line 698.
Smartmatch is experimental at dnsenum.pl line 698.
dnsenum.pl VERSION:1.2.4

----- zonetransfer.me -----

Host's addresses:

---

zonetransfer.me. 7002 IN A
217.147.177.157

Name Servers:

---

nsztm1.digi.ninja. 10799 IN A 81.4.108.41
nsztm2.digi.ninja. 10602 IN A
167.88.42.94

Mail (MX) Servers:

---

ALT1.ASPMX.L.GOOGLE.COM. 28 IN A
74.125.68.27
ASPMX2.GOOGLEMAIL.COM. 292 IN A
74.125.68.27
ALT2.ASPMX.L.GOOGLE.COM. 292 IN A
64.233.189.27
ASPMX4.GOOGLEMAIL.COM. 94 IN A
173.194.72.27
ASPMX.L.GOOGLE.COM. 292 IN A
74.125.136.27
ASPMX5.GOOGLEMAIL.COM. 292 IN A
74.125.25.27
ASPMX3.GOOGLEMAIL.COM. 28 IN A
64.233.189.27

Trying Zone Transfers and getting Bind Versions:

---

Trying Zone Transfer for zonetransfer.me on nsztm1.digi.ninja ...
zonetransfer.me. 7200 IN SOA
nsztm1.digi.ninja.
zonetransfer.me. 7200 IN RRSIG #
zonetransfer.me. 7200 IN NS
nsztm1.digi.ninja.
zonetransfer.me. 7200 IN NS
nsztm2.digi.ninja.
zonetransfer.me. 7200 IN RRSIG #
zonetransfer.me. 7200 IN A
217.147.177.157
zonetransfer.me. 7200 IN RRSIG #
zonetransfer.me. 300 IN HINFO "Casio
zonetransfer.me. 300 IN RRSIG #
zonetransfer.me. 7200 IN MX 0
zonetransfer.me. 7200 IN MX 10
zonetransfer.me. 7200 IN MX 10
zonetransfer.me. 7200 IN MX 20
zonetransfer.me. 7200 IN MX 20
zonetransfer.me. 7200 IN MX 20
zonetransfer.me. 7200 IN MX 20
zonetransfer.me. 7200 IN RRSIG #
zonetransfer.me. 301 IN TXT
"google-site-verification=tyP28J7JAUHA9fw2sHXMgcCC0I6XBmmoVi04VlMewxA"
zonetransfer.me. 301 IN RRSIG #
zonetransfer.me. 3600 IN NSEC #
zonetransfer.me. 3600 IN RRSIG #
zonetransfer.me. 300 IN DNSKEY #
zonetransfer.me. 300 IN DNSKEY #
zonetransfer.me. 300 IN DNSKEY #
zonetransfer.me. 300 IN RRSIG #
zonetransfer.me. 300 IN RRSIG #
_sip._tcp.zonetransfer.me. 14000 IN SRV 0
_sip._tcp.zonetransfer.me. 14000 IN RRSIG #
_sip._tcp.zonetransfer.me. 3600 IN NSEC #
_sip._tcp.zonetransfer.me. 3600 IN RRSIG #
157.177.147.217.IN-ADDR.ARPA.zonetransfer.me. 7200 IN PTR
www.zonetransfer.me.
157.177.147.217.IN-ADDR.ARPA.zonetransfer.me. 7200 IN RRSIG

157.177.147.217.IN-ADDR.ARPA.zonetransfer.me. 3600 IN NSEC

157.177.147.217.IN-ADDR.ARPA.zonetransfer.me. 3600 IN RRSIG

asfdbauthdns.zonetransfer.me. 7900 IN AFSDB 1
asfdbauthdns.zonetransfer.me. 7900 IN RRSIG #
asfdbauthdns.zonetransfer.me. 3600 IN NSEC #
asfdbauthdns.zonetransfer.me. 3600 IN RRSIG #
asfdbbox.zonetransfer.me. 7200 IN A 127.0.0.1
asfdbbox.zonetransfer.me. 7200 IN RRSIG #
asfdbbox.zonetransfer.me. 3600 IN NSEC #
asfdbbox.zonetransfer.me. 3600 IN RRSIG #
asfdbvolume.zonetransfer.me. 7800 IN AFSDB 1
asfdbvolume.zonetransfer.me. 7800 IN RRSIG #
asfdbvolume.zonetransfer.me. 3600 IN NSEC #
asfdbvolume.zonetransfer.me. 3600 IN RRSIG #
canberra-office.zonetransfer.me. 7200 IN A
202.14.81.230
canberra-office.zonetransfer.me. 7200 IN RRSIG #
canberra-office.zonetransfer.me. 3600 IN NSEC #
canberra-office.zonetransfer.me. 3600 IN RRSIG #
cmdexec.zonetransfer.me. 300 IN TXT ";
cmdexec.zonetransfer.me. 300 IN RRSIG #
cmdexec.zonetransfer.me. 3600 IN NSEC #
cmdexec.zonetransfer.me. 3600 IN RRSIG #
contact.zonetransfer.me. 2592000 IN TXT "Remember
contact.zonetransfer.me. 2592000 IN RRSIG #
contact.zonetransfer.me. 3600 IN NSEC #
contact.zonetransfer.me. 3600 IN RRSIG #
dc-office.zonetransfer.me. 7200 IN A
143.228.181.132
dc-office.zonetransfer.me. 7200 IN RRSIG #
dc-office.zonetransfer.me. 3600 IN NSEC #
dc-office.zonetransfer.me. 3600 IN RRSIG #
deadbeef.zonetransfer.me. 7201 IN AAAA
dead:beaf:0:0:0:0:0:0
deadbeef.zonetransfer.me. 7201 IN RRSIG #
deadbeef.zonetransfer.me. 3600 IN NSEC #
deadbeef.zonetransfer.me. 3600 IN RRSIG #
dr.zonetransfer.me. 300 IN LOC 53
dr.zonetransfer.me. 300 IN RRSIG #
dr.zonetransfer.me. 3600 IN NSEC #
dr.zonetransfer.me. 3600 IN RRSIG #
DZC.zonetransfer.me. 7200 IN TXT "AbCdEfG"
DZC.zonetransfer.me. 7200 IN RRSIG #
DZC.zonetransfer.me. 3600 IN NSEC #
DZC.zonetransfer.me. 3600 IN RRSIG #
email.zonetransfer.me. 7200 IN A
74.125.206.26
email.zonetransfer.me. 7200 IN RRSIG #
email.zonetransfer.me. 2222 IN NAPTR 1
email.zonetransfer.me. 2222 IN RRSIG #
email.zonetransfer.me. 3600 IN NSEC #
email.zonetransfer.me. 3600 IN RRSIG #
Info.zonetransfer.me. 7200 IN TXT
"ZoneTransfer.me
Info.zonetransfer.me. 7200 IN RRSIG #
Info.zonetransfer.me. 3600 IN NSEC #
Info.zonetransfer.me. 3600 IN RRSIG #
internal.zonetransfer.me. 300 IN NS
intns1.zonetransfer.me.
internal.zonetransfer.me. 300 IN NS
intns2.zonetransfer.me.
internal.zonetransfer.me. 3600 IN NSEC #
internal.zonetransfer.me. 3600 IN RRSIG #
intns1.zonetransfer.me. 300 IN A
167.88.42.94
intns1.zonetransfer.me. 300 IN RRSIG #
intns1.zonetransfer.me. 3600 IN NSEC #
intns1.zonetransfer.me. 3600 IN RRSIG #
intns2.zonetransfer.me. 300 IN A
167.88.42.94
intns2.zonetransfer.me. 300 IN RRSIG #
intns2.zonetransfer.me. 3600 IN NSEC #
intns2.zonetransfer.me. 3600 IN RRSIG #
office.zonetransfer.me. 7200 IN A 4.23.39.254
office.zonetransfer.me. 7200 IN RRSIG #
office.zonetransfer.me. 3600 IN NSEC #
office.zonetransfer.me. 3600 IN RRSIG #
ipv6actnow.org.zonetransfer.me. 7200 IN AAAA
2001:67c:2e8:11:0:0:c100:1332
ipv6actnow.org.zonetransfer.me. 7200 IN RRSIG #
ipv6actnow.org.zonetransfer.me. 3600 IN NSEC #
ipv6actnow.org.zonetransfer.me. 3600 IN RRSIG #
owa.zonetransfer.me. 7200 IN A
207.46.197.32
owa.zonetransfer.me. 7200 IN RRSIG #
owa.zonetransfer.me. 3600 IN NSEC #
owa.zonetransfer.me. 3600 IN RRSIG #
robinwood.zonetransfer.me. 302 IN TXT "Robin
robinwood.zonetransfer.me. 302 IN RRSIG #
robinwood.zonetransfer.me. 3600 IN NSEC #
robinwood.zonetransfer.me. 3600 IN RRSIG #
rp.zonetransfer.me. 321 IN RP
robin.zonetransfer.me.
rp.zonetransfer.me. 321 IN RRSIG #
rp.zonetransfer.me. 3600 IN NSEC #
rp.zonetransfer.me. 3600 IN RRSIG #
sip.zonetransfer.me. 3333 IN NAPTR 2
sip.zonetransfer.me. 3333 IN RRSIG #
sip.zonetransfer.me. 3600 IN NSEC #
sip.zonetransfer.me. 3600 IN RRSIG #
sqli.zonetransfer.me. 300 IN TXT "'
sqli.zonetransfer.me. 300 IN RRSIG #
sqli.zonetransfer.me. 3600 IN NSEC #
sqli.zonetransfer.me. 3600 IN RRSIG #
sshock.zonetransfer.me. 7200 IN TXT "()
sshock.zonetransfer.me. 7200 IN RRSIG #
sshock.zonetransfer.me. 3600 IN NSEC #
sshock.zonetransfer.me. 3600 IN RRSIG #
staging.zonetransfer.me. 7200 IN CNAME
www.sydneyoperahouse.com.
staging.zonetransfer.me. 7200 IN RRSIG #
staging.zonetransfer.me. 3600 IN NSEC #
staging.zonetransfer.me. 3600 IN RRSIG #
alltcpportsopen.firewall.test.zonetransfer.me. 301 IN A
127.0.0.1
alltcpportsopen.firewall.test.zonetransfer.me. 301 IN RRSIG

alltcpportsopen.firewall.test.zonetransfer.me. 3600 IN NSEC
#
alltcpportsopen.firewall.test.zonetransfer.me. 3600 IN RRSIG

testing.zonetransfer.me. 301 IN CNAME
www.zonetransfer.me.
testing.zonetransfer.me. 301 IN RRSIG #
testing.zonetransfer.me. 3600 IN NSEC #
testing.zonetransfer.me. 3600 IN RRSIG #
vpn.zonetransfer.me. 4000 IN A
174.36.59.154
vpn.zonetransfer.me. 4000 IN RRSIG #
vpn.zonetransfer.me. 3600 IN NSEC #
vpn.zonetransfer.me. 3600 IN RRSIG #
www.zonetransfer.me. 7200 IN A
217.147.177.157
www.zonetransfer.me. 7200 IN RRSIG #
www.zonetransfer.me. 3600 IN NSEC #
www.zonetransfer.me. 3600 IN RRSIG #
xss.zonetransfer.me. 300 IN TXT
"'><script>alert('Boo')</script>"
xss.zonetransfer.me. 300 IN RRSIG #
xss.zonetransfer.me. 3600 IN NSEC #
xss.zonetransfer.me. 3600 IN RRSIG #

Trying Zone Transfer for zonetransfer.me on nsztm2.digi.ninja ...
zonetransfer.me. 7200 IN SOA
nsztm1.digi.ninja.
zonetransfer.me. 300 IN HINFO "Casio
zonetransfer.me. 301 IN TXT
"google-site-verification=tyP28J7JAUHA9fw2sHXMgcCC0I6XBmmoVi04VlMewxA"
zonetransfer.me. 7200 IN MX 0
zonetransfer.me. 7200 IN MX 10
zonetransfer.me. 7200 IN MX 10
zonetransfer.me. 7200 IN MX 20
zonetransfer.me. 7200 IN MX 20
zonetransfer.me. 7200 IN MX 20
zonetransfer.me. 7200 IN MX 20
zonetransfer.me. 7200 IN A
217.147.177.157
zonetransfer.me. 7200 IN NS
nsztm1.digi.ninja.
zonetransfer.me. 7200 IN NS
nsztm2.digi.ninja.
_sip._tcp.zonetransfer.me. 14000 IN SRV 0
157.177.147.217.IN-ADDR.ARPA.zonetransfer.me. 7200 IN PTR
www.zonetransfer.me.
asfdbauthdns.zonetransfer.me. 7900 IN AFSDB 1
asfdbbox.zonetransfer.me. 7200 IN A 127.0.0.1
asfdbvolume.zonetransfer.me. 7800 IN AFSDB 1
canberra-office.zonetransfer.me. 7200 IN A
202.14.81.230
cmdexec.zonetransfer.me. 300 IN TXT ";
contact.zonetransfer.me. 2592000 IN TXT "Remember
dc-office.zonetransfer.me. 7200 IN A
143.228.181.132
deadbeef.zonetransfer.me. 7201 IN AAAA
dead:beaf:0:0:0:0:0:0
dr.zonetransfer.me. 300 IN LOC 53
DZC.zonetransfer.me. 7200 IN TXT "AbCdEfG"
email.zonetransfer.me. 2222 IN NAPTR 1
email.zonetransfer.me. 7200 IN A
74.125.206.26
Info.zonetransfer.me. 7200 IN TXT
"ZoneTransfer.me
internal.zonetransfer.me. 300 IN NS
intns1.zonetransfer.me.
internal.zonetransfer.me. 300 IN NS
intns2.zonetransfer.me.
intns1.zonetransfer.me. 300 IN A
167.88.42.94
intns2.zonetransfer.me. 300 IN A
167.88.42.94
office.zonetransfer.me. 7200 IN A 4.23.39.254
ipv6actnow.org.zonetransfer.me. 7200 IN AAAA
2001:67c:2e8:11:0:0:c100:1332
owa.zonetransfer.me. 7200 IN A
207.46.197.32
robinwood.zonetransfer.me. 302 IN TXT "Robin
rp.zonetransfer.me. 321 IN RP
robin.zonetransfer.me.
sip.zonetransfer.me. 3333 IN NAPTR 2
sqli.zonetransfer.me. 300 IN TXT "'
sshock.zonetransfer.me. 7200 IN TXT "()
staging.zonetransfer.me. 7200 IN CNAME
www.sydneyoperahouse.com.
alltcpportsopen.firewall.test.zonetransfer.me. 301 IN A
127.0.0.1
testing.zonetransfer.me. 301 IN CNAME
www.zonetransfer.me.
vpn.zonetransfer.me. 4000 IN A
174.36.59.154
www.zonetransfer.me. 7200 IN A
217.147.177.157
xss.zonetransfer.me. 300 IN TXT
"'><script>alert('Boo')</script>"

Brute forcing with dns.txt:

---

^C

On Fri, Apr 22, 2016 at 1:28 AM, eapolsniper notifications@github.com
wrote:

same issue. latest pull.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub
#6 (comment)

[vddCore]

Try it against 'gorlice.pl' or 'krakow.pl' or 'waw.pl' for example. The error will occur there.

[fwaeytens]

The error doesn't occur for me. Try reinstalling dnsenum from GIT and
reinstall the dependencies

fw@focpen1 ~/Tools/dnsenum $ perl dnsenum.pl -f dns.txt gorlice.pl
Smartmatch is experimental at dnsenum.pl line 698.
Smartmatch is experimental at dnsenum.pl line 698.
dnsenum.pl VERSION:1.2.4

----- gorlice.pl -----

Host's addresses:

---

Name Servers:

---

e-dns.pl. 19755 IN A
46.28.245.82
a-dns.pl. 1572 IN A
194.181.87.156
f-dns.pl. 4176 IN A
77.79.212.238
i-dns.pl. 682 IN A
156.154.100.15

Mail (MX) Servers:

---

Trying Zone Transfers and getting Bind Versions:

---

Trying Zone Transfer for gorlice.pl on e-dns.pl ...
AXFR record query failed: Response code from server: REFUSED

Trying Zone Transfer for gorlice.pl on a-dns.pl ...
AXFR record query failed: Response code from server: REFUSED

Trying Zone Transfer for gorlice.pl on f-dns.pl ...
AXFR record query failed: Response code from server: REFUSED

Trying Zone Transfer for gorlice.pl on i-dns.pl ...
AXFR record query failed: Response code from server: REFUSED

Brute forcing with dns.txt:

---

it.gorlice.pl. 3599 IN A
85.128.229.250
mail.gorlice.pl. 3599 IN A 79.96.56.1
....

On Sat, Apr 23, 2016 at 3:17 PM, Tomasz Cichoń notifications@github.com
wrote:

Try it against 'gorlice.pl' for example. The error will occur there.

—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#6 (comment)

[guikcd]

The problem occurs with "recent" Net::DNS version 1.05 :

$ perl -e 'use Net::DNS; print Net::DNS->version, "\n";'
1.05
$ perl -e 'use Net::DNS; my $res = Net::DNS::Resolver->new(udp_timeout => 2, tcp_timeout => 2); my @zone = $res->axfr("github.com");'
improperly terminated AXFR at -e line 1.
$

But not with "old" version :

$ perl -e 'use Net::DNS; print Net::DNS->version, "\n";'
0.68
$ perl -e 'use Net::DNS; my $res = Net::DNS::Resolver->new(udp_timeout => 2, tcp_timeout => 2); my @zone = $res->axfr("github.com");'
$

This is apparently fixed in 1.06 : https://rt.cpan.org/Public/Bug/Display.html?id=112860.

[fwaeytens]

Ok, thanks for the heads-up

On Tue, May 17, 2016 at 10:59 PM, Guillaume Delacour <
notifications@github.com> wrote:

The problem occurs with "recent" Net::DNS version 1.05 :

$ perl -e 'use Net::DNS; print Net::DNS->version, "\n";'
1.05
$ perl -e 'use Net::DNS; my $res = Net::DNS::Resolver->new(udp_timeout => 2, tcp_timeout => 2); my @zone = $res->axfr("github.com");'
improperly terminated AXFR at -e line 1.
$

But not with "old" version :

$ perl -e 'use Net::DNS; print Net::DNS->version, "\n";'
0.68
$ perl -e 'use Net::DNS; my $res = Net::DNS::Resolver->new(udp_timeout => 2, tcp_timeout => 2); my @zone = $res->axfr("github.com");'
$

This is apparently fixed in 1.06 :
https://rt.cpan.org/Public/Bug/Display.html?id=112860.

—
You are receiving this because you commented.
Reply to this email directly or view it on GitHub
#6 (comment)

[yourtechnetguy]

faced the same issue, not only with dnsenum, but with other tools too. I had to install perl module "Net::DNS" for all the DNS enumerators to work successfully.

Hope that helps, if the problem remains of course.