Nmap fcrdns NSE Script
This page contains detailed information about how to use the fcrdns NSE script. For list of all NSE scripts, visit the Nmap NSE Library.
| Select: |
|---|
Script Overview
Script source code: https://github.com/nmap/nmap/tree/master/scripts/fcrdns.nse
Script categories: discovery, safe
Target service / protocol: -
Target network port(s): -
List of CVEs: -
Script Description
The fcrdns.nse script performs a Forward-confirmed Reverse DNS lookup and reports anomalous results.
References:
Fcrdns NSE Script Arguments
The fcrdns.nse script does not have any arguments.
Fcrdns NSE Script Example Usage
Here's an example of how to use the fcrdns.nse script:
nmap -sn -Pn --script fcrdns <target>
Fcrdns NSE Script Example Output
Here's a sample output from the fcrdns.nse script:
Host script results:
|_fcrdns: FAIL (12.19.29.17, 12.19.20.14, 23.10.13.25)
Host script results:
|_fcrdns: PASS (37.58.100.86-static.reverse.softlayer.com)
Host script results:
| fcrdns:
| <none>:
| status: fail
|_ reason: No PTR record
Host script results:
| fcrdns:
| mail.example.com:
| status: fail
| reason: FCRDNS mismatch
| addresses:
| 12.19.29.17
| mail.contoso.net:
| status: fail
| reason: FCRDNS mismatch
| addresses:
| 12.19.20.14
|_ 23.10.13.25
Fcrdns NSE Script Example XML Output
Here's a sample XML output from the fcrdns.nse script produced by providing the -oX <file> Nmap option:
<table key="mail.example.com">
<elem key="status">fail</elem>
<elem key="reason">FCRDNS mismatch</elem>
<table key="addresses">
<elem>12.19.29.17</elem>
</table>
</table>
<table key="mail.contoso.net">
<elem key="status">fail</elem>
<elem key="reason">FCRDNS mismatch</elem>
<table key="addresses">
<elem>12.19.20.14</elem>
<elem>23.10.13.25</elem>
</table>
</table>
Author
- Daniel Miller
References
- https://nmap.org/nsedoc/scripts/fcrdns.html
- https://github.com/nmap/nmap/tree/master/scripts/fcrdns.nse
- https://en.wikipedia.org/wiki/Forward-confirmed_reverse_DNS
See Also
Visit Nmap NSE Library for more scripts.
The fcrdns.nse script may fail with the following error messages. Check for the possible causes by using the code snippets highlighted below found in the script source code. This can often times help in identifying the root cause of the problem.
PTR request for %s failed: %s
Here is a relevant code snippet related to the "PTR request for %s failed: %s" error message:
77: action = function(host)
78: -- Do reverse-DNS lookup of the IP
79: -- Can't just use host.name because some IPs have multiple PTR records
80: local status, rdns = dns.query(dns.reverse(host.ip), {dtype="PTR", retAll=true})
81: if not status then
82: stdnse.debug("PTR request for %s failed: %s", host.ip, rdns)
83: local ret = stdnse.output_table()
84: ret.status = "fail"
85: ret.reason = "No PTR record"
86: return {["<none>"]=ret}, "FAIL (No PTR record)"
87: end
FAIL (No PTR record)
Here is a relevant code snippet related to the "FAIL (No PTR record)" error message:
81: if not status then
82: stdnse.debug("PTR request for %s failed: %s", host.ip, rdns)
83: local ret = stdnse.output_table()
84: ret.status = "fail"
85: ret.reason = "No PTR record"
86: return {["<none>"]=ret}, "FAIL (No PTR record)"
87: end
88:
89: local str_out = nil
90: -- Now do forward lookup of the name(s) we got
91: local names = stdnse.output_table()
%s request for %s failed: %s
Here is a relevant code snippet related to the "%s request for %s failed: %s" error message:
101: name.reason = "FCRDNS mismatch"
102: names[n] = name
103:
104: status, fcrdns = dns.query(n, {dtype=forward_type, retAll=true})
105: if not status then
106: stdnse.debug("%s request for %s failed: %s", forward_type, n, fcrdns)
107: name.reason = no_record_err
108: else
109: for _, ip in ipairs(fcrdns) do
110: if ipOps.compare_ip( ip, "eq", host.ip) then
111: name.status = "pass"
Version
This page has been created based on Nmap version 7.92.
Go back to menu.
