DNS Enumeration Failing about finalrecon HOT 21 CLOSED

i ha the same error, when i was connected to my VPN. i changed the ip in the file from Google to Cloudfare, that is from 8.8.8.8 to 1.1.1.1 on two locations.

After that it worked :D

from finalrecon.

@ashishgajjar90 as per the error, it is unable to connect at 8.8.8.8 for some reason

from finalrecon.

Is that DNS IP hard coded within the config files? Or is it picking that DNS server from my network settings? I tried specifying a DNS server manually, but I still get the same error.

How can we troubleshoot more and get a fix for this?

from finalrecon.

@ashishgajjar90 it's hard coded, when I was testing with cloudflare dns I got the same error so I hard coded google dns

from finalrecon.

from finalrecon.

I use both Google and Cloudflare DNS in my network and those are fine. The script for some reason isn't :/

from finalrecon.

@ashishgajjar90 take a look at this https://serverfault.com/questions/964540/port-53-udp-and-tcp-gets-blocked-when-openvpn-is-operating
tool works fine at my end, so there is some issue in your network which is blocking 8.8.8.8 on port 53

from finalrecon.

I am getting the same error and verified on my end that I can reach the required ports:

nc -v -u 8.8.8.8 53
dns.google [8.8.8.8] 53 (domain) open

from finalrecon.

I used an alternate DNS server in the dns.py module and it worked. Seems like Google is blocking such requests maybe?

from finalrecon.

@chr0n1k that does look like google is blocking but then it should block every such request, like if I use dns enum module it should block me too but it doesn't, strange

from finalrecon.

@thewhiteh4t I used the dns enum module specifically to recreate the issue. It is strange that I could port knock with netcat but when running dns enum it threw that error. I tried the same with 1.1.1.1 and got the same error. Then used a regional DNS server and it worked.

from finalrecon.

@chr0n1k the error is actually in dns.py which is a part of dnslib

pkt = q.send('8.8.8.8', 53, tcp='UDP')
File "/usr/lib/python3/dist-packages/dnslib/dns.py", line 365, in send
sock.connect((dest,port))
ConnectionRefusedError: [Errno 111] Connection refused

and connection is refused before it can send anything, if nothing is sent then why will google or cloudflare block the connection

from finalrecon.

@thewhiteh4t I started my investigation there then when I tested an alternate DNS server in the dns.py module it worked. Don't know how else this error would be caused.

from finalrecon.

@chr0n1k I will try to change implementation if it's possible

from finalrecon.

@thewhiteh4t That would be great. or parse a DNS variable option. Though that can be a nightmare too.

from finalrecon.

@chr0n1k yeah, this needs a proper solution

from finalrecon.

@chr0n1k
can you please test this code :

#!/usr/bin/env python3

import dns.resolver           #pip3 install dnspython

addr = 'secure-startup.com'
dmarc_addr = '_dmarc.' + addr

types = ['A', 'AAAA', 'ANY', 'CAA', 'CNAME', 'MX', 'NS', 'TXT']

for qtype in types:
    try:
        ans = dns.resolver.query(addr, qtype)
        for item in ans:
            print(addr + '\t' + qtype + '\t' + str(item))
        print()
    except Exception as e:
        #print(e)
        pass

try:
    ans = dns.resolver.query(dmarc_addr, 'TXT')
    for item in ans:
        print(dmarc_addr + '\t' + 'TXT' + '\t' + str(item))
except Exception as e:
    print(e)

from finalrecon.

Closing due to inactivity.

from finalrecon.

@mmuncan can you test the code I have given above? With and without vpn, if it works for you in both cases then I can update

from finalrecon.

@thewhiteh4t i test your code and i have no issue (VPN on with DNS exclusive ans VPN off).
Error is in app of VPN who exclusive DNS on (ExpressVPN).
Now DNS Enumeration work for me.

from finalrecon.

@JavuMan thanks for testing, should I will implement new code soon!

from finalrecon.