Intro - Fierce is a semi-lightweight scanner that helps locate non-contiguous IP space and hostnames against specified domains. It's really meant as a pre-cursor to nmap, unicornscan, nessus, nikto, etc, since all of those require that you already know what IP space you are looking for. This does not perform exploitation and does not scan the whole internet indiscriminately. It is meant specifically to locate likely targets both inside and outside a corporate network. Because it uses DNS primarily you will often find mis-configured networks that leak internal address space. That's especially useful in targeted malware.
1. How to open Fierce
A. GUI Method
Application → Kali Linux → Information gathering → DNS Analysis → Fierce
(click image for large view)
B. Open terminal type fierce –h this command will open fierce with help option. Please read all commands
Syntax - fierce -h
2. Using this we can find NS, zone transfer etc information about a target domain. In this example we are getting successfully zone transfer.
Syntax – fierce –dns domain
Ex – fierce –dns mcdonlds.com
3. At present many domain do not allow zone transfer . When fierce can not get zone transfer then its automatically doing brute force to target domain but as you can see fierce is not able to start brute force. This is a Kali bug and many person has reported about it. I hope developers will solve this issue soon.
(click image for large view)
No comments:
Post a Comment