Nmap dns-ip6-arpa-scan NSE Script
This page contains detailed information about how to use the dns-ip6-arpa-scan NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/dns-ip6-arpa-scan.nse
Script categories: intrusive, discovery
Target service / protocol: -
Target network port(s): -
List of CVEs: -
Script Description
The dns-ip6-arpa-scan.nse script performs a quick reverse DNS lookup of an IPv6 network using a technique which analyzes DNS server response codes to dramatically reduce the number of queries needed to enumerate large networks.
The technique essentially works by adding an octet to a given IPv6 prefix and resolving it. If the added octet is correct, the server will return NOERROR, if not a NXDOMAIN result is received.
The technique is described in detail on Peter's blog:
Dns-ip6-arpa-scan NSE Script Arguments
This is a full list of arguments supported by the dns-ip6-arpa-scan.nse script:
maskThe ip6 mask to start scanning from
prefixThe ip6 prefix to scan
- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..] syntax. For example:
nmap --script=dns-ip6-arpa-scan --script-args mask=value,prefix=value <target>Dns-ip6-arpa-scan NSE Script Example Usage
Here's an example of how to use the dns-ip6-arpa-scan.nse script:
nmap --script dns-ip6-arpa-scan --script-args='prefix=2001:0DB8::/48'
Dns-ip6-arpa-scan NSE Script Example Output
Here's a sample output from the dns-ip6-arpa-scan.nse script:
Pre-scan script results:
| dns-ip6-arpa-scan:
| ip ptr
| 2001:0DB8:0:0:0:0:0:2 resolver1.example.com
|_2001:0DB8:0:0:0:0:0:3 resolver2.example.com
Dns-ip6-arpa-scan NSE Script Example XML Output
There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.
Author
- Patrik Karlsson
References
- https://nmap.org/nsedoc/scripts/dns-ip6-arpa-scan.html
- https://github.com/nmap/nmap/tree/master/scripts/dns-ip6-arpa-scan.nse
- http://7bits.nl/blog/2012/03/26/finding-v6-hosts-by-efficiently-mapping-ip6-arpa
See Also
Related NSE scripts to the dns-ip6-arpa-scan.nse script:
- dns-blacklist.nse
- dns-brute.nse
- dns-cache-snoop.nse
- dns-check-zone.nse
- dns-client-subnet-scan.nse
- dns-fuzz.nse
- dns-nsec3-enum.nse
- dns-nsec-enum.nse
- dns-nsid.nse
- dns-random-srcport.nse
- dns-random-txid.nse
- dns-recursion.nse
- dns-service-discovery.nse
- dns-srv-enum.nse
- dns-update.nse
- dns-zeustracker.nse
- dns-zone-transfer.nse
Visit Nmap NSE Library for more scripts.
Version
This page has been created based on Nmap version 7.92.
