Pwnwiki: Created page with "==POC==

 #!/usr/bin/env python ########################################### # Unrestricted DNS Zone Transfer Checker  # #              CVE-1999-0532              # #..."

2021-03-31T06:23:27Z

Created page with "==POC== <pre> #!/usr/bin/env python ########################################### # Unrestricted DNS Zone Transfer Checker # # CVE-1999-0532 # #..."

New page

==POC==
<pre>
#!/usr/bin/env python
###########################################
# Unrestricted DNS Zone Transfer Checker #
# CVE-1999-0532 #
# Researcher: Joel A. Ossi #
###########################################

import urllib2
import time

f = open('domains.txt', 'r') # text file containing the URLS
for line in f:
print("")
print ('Checking: ' + line)
try:
# the API File you can get in one of my other repository's
dns = urllib2.urlopen("https://yourwebsite.com/zonetransfer/index.php?q=" + line).read()
time.sleep(3) # small interval to prevent WAF Blockade.
if 'connection timed out; no servers could be reached' in dns:
print('[-] Transfer Failed. Reason: DNS Server Connection Timed-Out')
elif 'Transfer failed' in dns:
print("[-] Transfer failed. Reason: Denied")
elif 'Error occured while' in dns:
print('[-] Error: Unknown, Reason: Error occured while getting DNS records')
elif 'XFR size' in dns:
print ("[+] VULNERABLE TARGET FOUND: " + line)
with open('vulnerable.txt', 'a') as vulnerables:
vulnerables.write(line + '\n')
else:
print ("[-] Unknown Error, Blank Page Returned ")
except urllib2.HTTPError, e:
print ('[-] Transfer Failed, Reason: Error ' + str(e.code))
except urllib2.URLError, e:
print('[-] Connection failed, Reason: ' + str(e.code))

</pre>

CVE-1999-0532 DNS服務器區域傳輸漏洞 - Revision history

Pwnwiki: Created page with "==POC==
#!/usr/bin/env python ########################################### # Unrestricted DNS Zone Transfer Checker # # CVE-1999-0532 # #..."