How many A Records are present for witrap.com and its subdomains?:9
root@attackdefense:~# dig -t AXFR witrap.com @192.146.24.3
; <<>> DiG 9.11.5-1-Debian <<>> -t AXFR witrap.com @192.146.24.3
;; global options: +cmd
witrap.com. 86400 IN SOA primary.witrap.com. root.witrap.com. 2011071001 3600 1800 604800 86400
witrap.com. 86400 IN CAA 0 issue "witrapselfcert.com"
witrap.com. 86400 IN LOC 37 46 29.744 N 122 25 9.904 W 32.00m 1m 10000m 10m
witrap.com. 86400 IN A 192.168.60.5
witrap.com. 86400 IN NS primary.witrap.com.
witrap.com. 86400 IN NS secondary.witrap.com.
witrap.com. 86400 IN MX 10 mx.witrap.com.
witrap.com. 86400 IN MX 20 mx2.witrap.com.
witrap.com. 86400 IN AAAA 2001:db8::11:0:0:11
_ldap._tcp.witrap.com. 3600 IN SRV 10 10 389 ldap.witrap.com.
free.witrap.com. 86400 IN A 192.168.60.100
ldap.witrap.com. 86400 IN A 192.168.62.111
mx.witrap.com. 86400 IN A 192.168.65.110
mx2.witrap.com. 86400 IN A 192.168.65.150
open.witrap.com. 86400 IN CNAME free.witrap.com.
primary.witrap.com. 86400 IN A 192.168.60.14
reserved.witrap.com. 86400 IN A 192.168.62.81
secondary.witrap.com. 86400 IN A 192.168.66.15
th3s3cr3tflag.witrap.com. 86400 IN A 192.168.61.35
th3s3cr3tflag.witrap.com. 86400 IN TXT "Here is your secret flag: my_s3cr3t_fl4g"
witrap.com. 86400 IN SOA primary.witrap.com. root.witrap.com. 2011071001 3600 1800 604800 86400
;; Query time: 0 msec
;; SERVER: 192.146.24.3#53(192.146.24.3)
;; WHEN: Fri Dec 21 04:34:07 UTC 2018
;; XFR size: 21 records (messages 1, bytes 584)
What is the IP address of machine which support LDAP over TCP on witrap.com?
A. 192.168.62.111
Can you find the secret flag in TXT record of a subdomain of witrap.com?
A. my_s3cr3t_fl4g
What is the subdomain for which only reverse dns entry exists for witrap.com? witrap owns the ip address range: 192.168.*.*
root@attackdefense:~# nmap -R -sL --dns-server 192.146.24.3 -Pn 192.168.*.* | grep 'scan'
Starting Nmap 7.70 ( https://nmap.org ) at 2018-12-21 04:41 UTC
Nmap scan report for witrap.com.168.192.in-addr.arpa (192.168.60.5)
Nmap scan report for primary.witrap.com (192.168.60.14)
Nmap scan report for free.witrap.com (192.168.60.100)
Nmap scan report for th3s3cr3tflag.witrap.com (192.168.61.35)
Nmap scan report for reserved.witrap.com (192.168.62.81)
Nmap scan report for ldap.witrap.com (192.168.62.111)
Nmap scan report for temp.witrap.com (192.168.62.118)
Nmap scan report for mx.witrap.com (192.168.65.110)
Nmap scan report for mx2.witrap.com (192.168.65.150)
Nmap scan report for secondary.witrap.com (192.168.66.15)
Nmap done: 65536 IP addresses (0 hosts up) scanned in 5.04 seconds
How many records are present in reverse zone for witrap.com (excluding SOA)? witrap owns the ip address range: 192.168.*.*
12
root@attackdefense:~# dig -t AXFR witrap.com @192.146.24.3
; <<>> DiG 9.11.5-1-Debian <<>> -t AXFR witrap.com @192.146.24.3
;; global options: +cmd
witrap.com. 86400 IN SOA primary.witrap.com. root.witrap.com. 2011071001 3600 1800 604800 86400
witrap.com. 86400 IN CAA 0 issue "witrapselfcert.com"
witrap.com. 86400 IN LOC 37 46 29.744 N 122 25 9.904 W 32.00m 1m 10000m 10m
witrap.com. 86400 IN A 192.168.60.5
witrap.com. 86400 IN NS primary.witrap.com.
witrap.com. 86400 IN NS secondary.witrap.com.
witrap.com. 86400 IN MX 10 mx.witrap.com.
witrap.com. 86400 IN MX 20 mx2.witrap.com.
witrap.com. 86400 IN AAAA 2001:db8::11:0:0:11
_ldap._tcp.witrap.com. 3600 IN SRV 10 10 389 ldap.witrap.com.
free.witrap.com. 86400 IN A 192.168.60.100
ldap.witrap.com. 86400 IN A 192.168.62.111
mx.witrap.com. 86400 IN A 192.168.65.110
mx2.witrap.com. 86400 IN A 192.168.65.150
open.witrap.com. 86400 IN CNAME free.witrap.com.
primary.witrap.com. 86400 IN A 192.168.60.14
reserved.witrap.com. 86400 IN A 192.168.62.81
secondary.witrap.com. 86400 IN A 192.168.66.15
th3s3cr3tflag.witrap.com. 86400 IN A 192.168.61.35
th3s3cr3tflag.witrap.com. 86400 IN TXT "Here is your secret flag: my_s3cr3t_fl4g"
witrap.com. 86400 IN SOA primary.witrap.com. root.witrap.com. 2011071001 3600 1800 604800 86400
;; Query time: 0 msec
;; SERVER: 192.146.24.3#53(192.146.24.3)
;; WHEN: Fri Dec 21 04:34:07 UTC 2018
;; XFR size: 21 records (messages 1, bytes 584)
What is the IP address of machine which support LDAP over TCP on witrap.com?
A. 192.168.62.111
Can you find the secret flag in TXT record of a subdomain of witrap.com?
A. my_s3cr3t_fl4g
What is the subdomain for which only reverse dns entry exists for witrap.com? witrap owns the ip address range: 192.168.*.*
root@attackdefense:~# nmap -R -sL --dns-server 192.146.24.3 -Pn 192.168.*.* | grep 'scan'
Starting Nmap 7.70 ( https://nmap.org ) at 2018-12-21 04:41 UTC
Nmap scan report for witrap.com.168.192.in-addr.arpa (192.168.60.5)
Nmap scan report for primary.witrap.com (192.168.60.14)
Nmap scan report for free.witrap.com (192.168.60.100)
Nmap scan report for th3s3cr3tflag.witrap.com (192.168.61.35)
Nmap scan report for reserved.witrap.com (192.168.62.81)
Nmap scan report for ldap.witrap.com (192.168.62.111)
Nmap scan report for temp.witrap.com (192.168.62.118)
Nmap scan report for mx.witrap.com (192.168.65.110)
Nmap scan report for mx2.witrap.com (192.168.65.150)
Nmap scan report for secondary.witrap.com (192.168.66.15)
Nmap done: 65536 IP addresses (0 hosts up) scanned in 5.04 seconds
How many records are present in reverse zone for witrap.com (excluding SOA)? witrap owns the ip address range: 192.168.*.*
12
No comments:
Post a Comment