DNS Enum berfungsi untuk mencari informasi Hostname, Name Server, MX Server (Mail server) dan juga untuk mencari kemungkinan zone transfer

Download Dnsenum : http://code.google.com/p/dnsenum/downloads

Untuk pengguna kali linux dapat langsung mengaksesnya :

Application > Kali Linux > DNS Analysis > dnsenum

Cara penggunaan dan opsi pada dnsenum :

[email protected]:~# dnsenum -h
dnsenum.pl VERSION:1.2.2
Usage: dnsenum.pl [Options]
[Options]:
Note: the brute force -f switch is obligatory.
GENERAL OPTIONS:
--dnsserver
Use this DNS server for A, NS and MX queries.
--enum Shortcut option equivalent to --threads 5 -s 20 -w.
-h, --help Print this help message.
--noreverse Skip the reverse lookup operations.
--private Show and save private ips at the end of the file domain_ips.txt.
--subfile Write all valid subdomains to this file.
-t, --timeout The tcp and udp timeout values in seconds (default: 10s).
--threads The number of threads that will perform different queries.
-v, --verbose Be verbose: show all the progress and all the error messages.
GOOGLE SCRAPING OPTIONS:
-p, --pages The number of google search pages to process when scraping names,
the default is 20 pages, the -s switch must be specified.
-s, --scrap The maximum number of subdomains that will be scraped from Google.
BRUTE FORCE OPTIONS:
-f, --file Read subdomains from this file to perform brute force.
-u, --update
Update the file specified with the -f switch with valid subdomains.
a (all) Update using all results.
g Update using only google scraping results.
r Update using only reverse lookup results.
z Update using only zonetransfer results.
-r, --recursion Recursion on subdomains, brute force all discovred subdomains that have an NS record.
WHOIS NETRANGE OPTIONS:
-d, --delay The maximum value of seconds to wait between whois queries, the value is defined randomly, default: 3s.
-w, --whois Perform the whois queries on c class network ranges.
**Warning**: this can generate very large netranges and it will take lot of time to performe reverse lookups.
REVERSE LOOKUP OPTIONS:
-e, --exclude
Exclude PTR records that match the regexp expression from reverse lookup results, useful on invalid hostnames.
OUTPUT OPTIONS:
-o --output Output in XML format. Can be imported in MagicTree (www.gremwell.com)

================================================================

Oke langsung kita coba.
Saya mencoba untuk mencari informasi pada webiste uny.ac.id

1

[email protected]:~# dnsenum uny.ac.id
dnsenum.pl VERSION:1.2.2

----- uny.ac.id -----

Host's addresses:
__________________

uny.ac.id 85472 IN A 101.203.168.83

Name Servers:
______________

ns1.uny.ac.id 86360 IN A 101.203.168.66
sns-pb.isc.org 84647 IN A 192.5.4.1
ns3.he.net 85820 IN A 216.218.132.2
ns2.uny.ac.id 86360 IN A 118.98.65.146
ns1.he.net 86320 IN A 216.218.130.2
ns2.he.net 86320 IN A 216.218.131.2

Mail (MX) Servers:
___________________

mail.uny.ac.id 84182 IN A 101.203.168.70

Trying Zone Transfers and getting Bind Versions:
_________________________________________________

Trying Zone Transfer for uny.ac.id on ns1.uny.ac.id ...
AXFR record query failed: NOERROR

ns1.uny.ac.id Bind Version:9.8.3-P4

Trying Zone Transfer for uny.ac.id on sns-pb.isc.org ...
AXFR record query failed: NOERROR

sns-pb.isc.org Bind Version:
9.9.3-S1-P1

Trying Zone Transfer for uny.ac.id on ns3.he.net ...
AXFR record query failed: NOERROR

ns3.he.net Bind Version: ,Served by PowerDNS - http://www.powerdns.com

Trying Zone Transfer for uny.ac.id on ns2.uny.ac.id ...
uny.ac.id 8640 IN SOA
uny.ac.id 8640 IN SPF
uny.ac.id 8640 IN TXT
uny.ac.id 8640 IN TXT
uny.ac.id 86400 IN MX
uny.ac.id 8640 IN NS
uny.ac.id 8640 IN NS
uny.ac.id 8640 IN NS
uny.ac.id 8640 IN NS
uny.ac.id 8640 IN NS
uny.ac.id 8640 IN NS
uny.ac.id 86400 IN A 101.203.168.83
uny._domainkey.uny.ac.id 8640 IN TXT
akuntansi.uny.ac.id 86400 IN CNAME
alumni.uny.ac.id 86400 IN A 101.203.168.121
apnme.uny.ac.id 86400 IN CNAME
www.apnme.uny.ac.id 86400 IN CNAME
apnme2013.uny.ac.id 86400 IN CNAME
www.apnme2013.uny.ac.id 86400 IN CNAME
asg.uny.ac.id 86400 IN CNAME
bem.uny.ac.id 86400 IN CNAME
bemft.uny.ac.id 86400 IN CNAME
berkas.uny.ac.id 86400 IN A 101.203.168.118
besmart.uny.ac.id 86400 IN A 101.203.168.69
biodata.uny.ac.id 86400 IN A 101.203.168.91
bkk.uny.ac.id 86400 IN CNAME
blog.uny.ac.id 86400 IN A 101.203.168.75
bppu.uny.ac.id 86400 IN CNAME
elektro.uny.ac.id 86400 IN CNAME
elektronika.uny.ac.id 86400 IN CNAME
english.uny.ac.id 86400 IN CNAME
eprints.uny.ac.id 86400 IN A 101.203.168.73
event.uny.ac.id 86400 IN CNAME
fbs.uny.ac.id 86400 IN CNAME
www.fbs.uny.ac.id 86400 IN CNAME
fe.uny.ac.id 86400 IN CNAME
pendidikan-akuntansi.fe.uny.ac.id 86400 IN CNAME
pendidikan-ekonomi.fe.uny.ac.id 86400 IN CNAME
www.fe.uny.ac.id 86400 IN CNAME
fik.uny.ac.id 86400 IN CNAME
pendidikan-olahraga.fik.uny.ac.id 86400 IN CNAME
realmadridfoundation.fik.uny.ac.id 86400 IN CNAME
fip.uny.ac.id 86400 IN CNAME
jadwal.fip.uny.ac.id 86400 IN CNAME
ktp.fip.uny.ac.id 86400 IN CNAME
library.fip.uny.ac.id 86400 IN CNAME
pendidikan-luar-sekolah.fip.uny.ac.id 86400 IN CNAME
pengajaran.fip.uny.ac.id 86400 IN CNAME
pjjpgsd.fip.uny.ac.id 86400 IN A 101.203.168.81
pjjpgsd.fip.uny.ac.id 86400 IN MX
mail.pjjpgsd.fip.uny.ac.id 86400 IN CNAME
pls.fip.uny.ac.id 86400 IN CNAME
www.fip.uny.ac.id 86400 IN CNAME
fip2.uny.ac.id 86400 IN CNAME
www.fip2.uny.ac.id 86400 IN CNAME
fis.uny.ac.id 86400 IN CNAME
library.fis.uny.ac.id 86400 IN CNAME
pendidikan-geografi.fis.uny.ac.id 86400 IN CNAME
pendidikan-sejarah.fis.uny.ac.id 86400 IN CNAME
fise.uny.ac.id 86400 IN CNAME
fisika.uny.ac.id 86400 IN CNAME
fmipa.uny.ac.id 86400 IN CNAME
bio.fmipa.uny.ac.id 86400 IN CNAME
fisika.fmipa.uny.ac.id 86400 IN CNAME
himatika.fmipa.uny.ac.id 86400 IN CNAME
pendidikan-biologi.fmipa.uny.ac.id 86400 IN CNAME
pendidikan-fisika.fmipa.uny.ac.id 86400 IN CNAME
pendidikan-ipa.fmipa.uny.ac.id 86400 IN CNAME
pendidikan-kimia.fmipa.uny.ac.id 86400 IN CNAME
pendidikan-matematika.fmipa.uny.ac.id 86400 IN CNAME
forum.uny.ac.id 86400 IN CNAME
ft.uny.ac.id 86400 IN CNAME
bkk.ft.uny.ac.id 86400 IN CNAME
library.ft.uny.ac.id 86400 IN CNAME
ft1.uny.ac.id 86400 IN CNAME
galeri.uny.ac.id 86400 IN CNAME
git.uny.ac.id 86400 IN A 101.203.168.109
halo.uny.ac.id 86400 IN CNAME
himaki.uny.ac.id 86400 IN CNAME
hosting.uny.ac.id 86400 IN A 101.203.168.71
hostings.uny.ac.id 86400 IN A 101.203.168.100
iccie.uny.ac.id 86400 IN CNAME
www.iccie.uny.ac.id 86400 IN CNAME
iceri.uny.ac.id 86400 IN CNAME
icvet.uny.ac.id 86400 IN CNAME
ikadbudi.uny.ac.id 86400 IN CNAME
indojerman60.uny.ac.id 86400 IN CNAME
io.uny.ac.id 86400 IN CNAME
ipse.uny.ac.id 86400 IN CNAME
ispe.uny.ac.id 86400 IN CNAME
journal.uny.ac.id 86400 IN A 101.203.168.74
jtsp.uny.ac.id 86400 IN CNAME
kemahasiswaan.uny.ac.id 86400 IN CNAME
beasiswa.kemahasiswaan.uny.ac.id 86400 IN CNAME
files.kemahasiswaan.uny.ac.id 86400 IN CNAME
sms.kemahasiswaan.uny.ac.id 86400 IN CNAME
kepegawaian.uny.ac.id 86400 IN CNAME
kimia.uny.ac.id 86400 IN CNAME
kkt.uny.ac.id 86400 IN CNAME
www.kkt.uny.ac.id 86400 IN CNAME
konaspi7.uny.ac.id 86400 IN CNAME
www.konaspi7.uny.ac.id 86400 IN CNAME
konaspivii.uny.ac.id 86400 IN CNAME
www.konaspivii.uny.ac.id 86400 IN CNAME
kontesrobot.uny.ac.id 86400 IN CNAME
kontesrobotreg3.uny.ac.id 86400 IN CNAME
kopma.uny.ac.id 86400 IN CNAME
kumtala.uny.ac.id 86400 IN CNAME
layanan-kesehatan.uny.ac.id 86400 IN CNAME
lemlit.uny.ac.id 86400 IN CNAME
lg.uny.ac.id 86400 IN A 101.203.168.65
lg.uny.ac.id 86400 IN AAAA 2001:df0:f2:1:0:0:0:1
library.uny.ac.id 86400 IN A 101.203.168.79
lkbh.uny.ac.id 86400 IN CNAME
lpm.uny.ac.id 86400 IN CNAME
lppm.uny.ac.id 86400 IN CNAME
inkubi.lppm.uny.ac.id 86400 IN CNAME
mppi.lppm.uny.ac.id 86400 IN CNAME
proposal.lppm.uny.ac.id 86400 IN CNAME
lppm1.uny.ac.id 86400 IN CNAME
lppmp.uny.ac.id 86400 IN CNAME
labschool.lppmp.uny.ac.id 86400 IN CNAME
p2kpk.lppmp.uny.ac.id 86400 IN CNAME
ppk.lppmp.uny.ac.id 86400 IN CNAME
tracerstudy.lppmp.uny.ac.id 86400 IN CNAME
m.uny.ac.id 86400 IN CNAME
madawirna.uny.ac.id 86400 IN CNAME
magentaradio.uny.ac.id 86400 IN CNAME
mail.uny.ac.id 86400 IN A 101.203.168.70
majubersama.uny.ac.id 86400 IN CNAME
blog.math.uny.ac.id 86400 IN CNAME
media.uny.ac.id 86400 IN CNAME
menwapasopati.uny.ac.id 86400 IN CNAME
mesin.uny.ac.id 86400 IN CNAME
milis.uny.ac.id 86400 IN A 101.203.168.107
milis.uny.ac.id 3600 IN MX
mon.uny.ac.id 86400 IN A 101.203.168.103
mpi.uny.ac.id 86400 IN CNAME
musik.uny.ac.id 86400 IN CNAME
myoffice.uny.ac.id 86400 IN CNAME
ns1.uny.ac.id 86400 IN A 101.203.168.66
ns1.uny.ac.id 86400 IN AAAA 2001:df0:f2:1:0:0:0:2
ns2.uny.ac.id 86400 IN A 118.98.65.146
ns2.uny.ac.id 86400 IN AAAA 2001:470:35:68:0:0:0:2
opac.uny.ac.id 86400 IN CNAME
otomotif.uny.ac.id 86400 IN CNAME
p3ai.uny.ac.id 86400 IN CNAME
pedulimerapi.uny.ac.id 86400 IN CNAME
pelatihan.uny.ac.id 86400 IN CNAME
penjaminanmutu.uny.ac.id 86400 IN CNAME
perpus.uny.ac.id 86400 IN CNAME
pimpinan.uny.ac.id 86400 IN CNAME
pmb.uny.ac.id 86400 IN A 101.203.168.80
pmb2011.uny.ac.id 86400 IN A 101.203.168.89
pmb2012.uny.ac.id 86400 IN A 101.203.168.89
pmb2013.uny.ac.id 86400 IN CNAME
ppk.uny.ac.id 86400 IN CNAME
ppkhb.uny.ac.id 86400 IN CNAME
pps.uny.ac.id 86400 IN CNAME
library.pps.uny.ac.id 86400 IN CNAME
teknologi-pembelajaran.pps.uny.ac.id 86400 IN CNAME
tp.pps.uny.ac.id 86400 IN CNAME
prakerin.uny.ac.id 86400 IN CNAME
prancis.uny.ac.id 86400 IN CNAME
ptbb.uny.ac.id 86400 IN CNAME
puskom.uny.ac.id 86400 IN CNAME
radio.uny.ac.id 86400 IN CNAME
recruitment.uny.ac.id 86400 IN CNAME
recruitment-callcenter.uny.ac.id 86400 IN CNAME
registrasi.uny.ac.id 86400 IN CNAME
safel.uny.ac.id 86400 IN CNAME
seminar.uny.ac.id 86400 IN A 101.203.168.119
senitari.uny.ac.id 86400 IN CNAME
sertifikasiguru.uny.ac.id 86400 IN CNAME
sertifikasiguru2.uny.ac.id 86400 IN CNAME
server-gw.uny.ac.id 86400 IN A 101.203.168.65
siakad.uny.ac.id 86400 IN A 101.203.168.72
siakad-dev.uny.ac.id 86400 IN CNAME
siakad2013.uny.ac.id 86400 IN A 101.203.168.110
siakad3.uny.ac.id 86400 IN A 101.203.168.110
siakadcare.uny.ac.id 86400 IN CNAME
sikap.uny.ac.id 86400 IN CNAME
sipen.uny.ac.id 86400 IN CNAME
smspmb.uny.ac.id 86400 IN CNAME
smtp.uny.ac.id 86400 IN CNAME
speedy.uny.ac.id 86400 IN CNAME
staff.uny.ac.id 8640 IN TXT
staff.uny.ac.id 86400 IN A 101.203.168.85
staff.uny.ac.id 3600 IN MX
2066749207.staff.uny.ac.id 86400 IN CNAME
mail.staff.uny.ac.id 86400 IN CNAME
streaming.uny.ac.id 86400 IN CNAME
student.uny.ac.id 86400 IN A 101.203.168.75
student.uny.ac.id 86400 IN MX
*.student.uny.ac.id 86400 IN CNAME
blog.student.uny.ac.id 86400 IN CNAME
journal.student.uny.ac.id 86400 IN CNAME
mail.student.uny.ac.id 86400 IN A 101.203.168.76
tagihan.uny.ac.id 86400 IN CNAME
ukmpenelitian.uny.ac.id 86400 IN CNAME
ulbk.uny.ac.id 86400 IN CNAME
unitech.uny.ac.id 86400 IN CNAME
upt-lbk.uny.ac.id 86400 IN CNAME
video.uny.ac.id 86400 IN CNAME
voip.uny.ac.id 86400 IN A 101.203.168.77
wates.uny.ac.id 86400 IN CNAME
wisuda.uny.ac.id 86400 IN CNAME
www.uny.ac.id 86400 IN A 101.203.168.83
www1.uny.ac.id 86400 IN A 101.203.168.83
www2.uny.ac.id 86400 IN CNAME
z.uny.ac.id 3600 IN MX
ldap.zimbra.uny.ac.id 86400 IN CNAME
mbox.zimbra.uny.ac.id 86400 IN CNAME
mta.zimbra.uny.ac.id 86400 IN CNAME

ns2.uny.ac.id Bind Version: 9.7.3

Trying Zone Transfer for uny.ac.id on ns1.he.net ...
AXFR record query failed: NOERROR

ns1.he.net Bind Version: ,Served by PowerDNS - http://www.powerdns.com

Trying Zone Transfer for uny.ac.id on ns2.he.net ...
AXFR record query failed: NOERROR

ns2.he.net Bind Version: ,Served by PowerDNS - http://www.powerdns.com

brute force file not specified, bay.

Terlihat banyak sekali informasi yang didapakan, mulai dari informasi DNS, subdomain beserta IP Address dan lain-lain