Nmap dns-fuzz NSE Script
This page contains detailed information about how to use the dns-fuzz NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/dns-fuzz.nse
Script categories: fuzzer, intrusive
Target service / protocol: dns, udp, tcp
Target network port(s): 53
List of CVEs: -
Script Description
The dns-fuzz.nse script launches a DNS fuzzing attack against DNS servers.
The script induces errors into randomly generated but valid DNS packets. The packet template that we use includes one uncompressed and one compressed name.
Use the dns-fuzz.timelimit
argument to control how long the
fuzzing lasts. This script should be run for a long time. It will send a
very large quantity of packets and thus it's pretty invasive, so it
should only be used against private DNS servers as part of a software
development lifecycle.
Dns-fuzz NSE Script Arguments
This is a full list of arguments supported by the dns-fuzz.nse script:
dns-fuzz.timelimit
How long to run the fuzz attack. This is a number followed by a suffix: s
for seconds, m
for minutes, and h
for hours. Use 0
for an unlimited amount of time. Default: 10m
.
- - -
To use this script argument, add it to Nmap command line like in this example:
nmap --script=dns-fuzz --script-args dns-fuzz.timelimit=value <target>
Dns-fuzz NSE Script Example Usage
Here's an example of how to use the dns-fuzz.nse script:
nmap -sU --script dns-fuzz --script-args timelimit=2h <target>
Dns-fuzz NSE Script Example Output
Here's a sample output from the dns-fuzz.nse script:
Host script results:
|_dns-fuzz: Server stopped responding... He's dead, Jim.
Dns-fuzz NSE Script Example XML Output
There is no sample XML output for this module. However, by providing the -oX <file>
option, Nmap will produce a XML output and save it in the file.xml
file.
Author
- Michael Pattrick
References
- https://nmap.org/nsedoc/scripts/dns-fuzz.html
- https://github.com/nmap/nmap/tree/master/scripts/dns-fuzz.nse
See Also
Related NSE scripts to the dns-fuzz.nse script:
- dns-blacklist.nse
- dns-brute.nse
- dns-cache-snoop.nse
- dns-check-zone.nse
- dns-client-subnet-scan.nse
- dns-ip6-arpa-scan.nse
- dns-nsec3-enum.nse
- dns-nsec-enum.nse
- dns-nsid.nse
- dns-random-srcport.nse
- dns-random-txid.nse
- dns-recursion.nse
- dns-service-discovery.nse
- dns-srv-enum.nse
- dns-update.nse
- dns-zeustracker.nse
- dns-zone-transfer.nse
Visit Nmap NSE Library for more scripts.
Version
This page has been created based on Nmap version 7.92.