Nmap dns-update NSE Script
This page contains detailed information about how to use the dns-update NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
Select: |
---|
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/dns-update.nse
Script categories: vuln, intrusive
Target service / protocol: dns, udp, tcp
Target network port(s): 53
List of CVEs: -
Script Description
The dns-update.nse script attempts to perform a dynamic DNS update without authentication.
Either the test
or both the hostname
and
ip
script arguments are required. Note that the test
function will probably fail due to using a static zone name that is not the
zone configured on your target.
Dns-update NSE Script Arguments
This is a full list of arguments supported by the dns-update.nse script:
dns-update.hostnameThe name of the host to add to the zone
dns-update.ipThe ip address of the host to add to the zone
dns-update.testAdd and remove 4 records to determine if the target is vulnerable.
- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..]
syntax. For example:
nmap --script=dns-update --script-args dns-update.hostname=value,dns-update.ip=value <target>
Dns-update NSE Script Example Usage
Here's an example of how to use the dns-update.nse script:
nmap -sU -p 53 --script=dns-update --script-args=dns-update.hostname=foo.example.com,dns-update.ip=192.0.2.1 <target>
Dns-update NSE Script Example Output
Here's a sample output from the dns-update.nse script:
PORT STATE SERVICE
53/udp open domain
| dns-update:
| Successfully added the record "nmap-test.cqure.net"
|_ Successfully deleted the record "nmap-test.cqure.net"
Dns-update NSE Script Example XML Output
Here's a sample XML output from the dns-update.nse script produced by providing the -oX <file>
Nmap option:
<elem>Successfully added the record "nmap-test.cqure.net"</elem>
<elem>Failed to delete the record "nmap-test.cqure.net"</elem>
Author
- Patrik Karlsson
References
- https://nmap.org/nsedoc/scripts/dns-update.html
- https://github.com/nmap/nmap/tree/master/scripts/dns-update.nse
See Also
Related NSE scripts to the dns-update.nse script:
- dns-blacklist.nse
- dns-brute.nse
- dns-cache-snoop.nse
- dns-check-zone.nse
- dns-client-subnet-scan.nse
- dns-fuzz.nse
- dns-ip6-arpa-scan.nse
- dns-nsec3-enum.nse
- dns-nsec-enum.nse
- dns-nsid.nse
- dns-random-srcport.nse
- dns-random-txid.nse
- dns-recursion.nse
- dns-service-discovery.nse
- dns-srv-enum.nse
- dns-zeustracker.nse
- dns-zone-transfer.nse
Visit Nmap NSE Library for more scripts.
The dns-update.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.
Missing required script args: dns-update.hostname and dns-update.ip
Here is a relevant code snippet related to the "Missing required script args: dns-update.hostname and dns-update.ip" error message:
91: local t = stdnse.get_script_args('dns-update.test')
92: local name, ip = stdnse.get_script_args('dns-update.hostname', 'dns-update.ip')
93:
94: if ( t ) then return test(host, port) end
95: if ( not(name) or not(ip) ) then
96: return stdnse.format_output(false, "Missing required script args: dns-update.hostname and dns-update.ip")
97: end
98:
99: -- we really need an ip or name to continue
100: -- we could attempt a random name, but we need to know at least the name of the zone
101: local status, err = dns.update( name, { host=host, port=port, dtype="A", data=ip } )
Failed to delete the record "%s"
Here is a relevant code snippet related to the "Failed to delete the record "%s"" error message:
105: table.insert(result, ("Successfully added the record "%s""):format(name))
106: local status = dns.update( name, { host=host, port=port, dtype="A", data="", ttl=0 } )
107: if ( status ) then
108: table.insert(result, ("Successfully deleted the record "%s""):format(name))
109: else
110: table.insert(result, ("Failed to delete the record "%s""):format(name))
111: end
112: nmap.set_port_state(host, port, "open")
113: return result
114: elseif ( err ) then
115: return stdnse.format_output(false, err)
Version
This page has been created based on Nmap version 7.92.
Go back to menu.