DNS Zone Transfer Vulnerability, What is it?

A DNS server is a database that stores IP addresses and domain names and related information. The primary duty of a DNS server is to resolve domain names to IP addresses.

DNS Zone File

DNS Zone file is a simple file that holds the data of a domain. This contains the mapping of domain names. IP addresses and other resources. A DNS Zone file can contain data about multiple subdomains and a DNS server can hold information about multiple servers.

Master and Slave DNS Servers

A Master DNS server is the server which holds the master copy of the zone file. When this file is updated, the slave DNS servers request a copy of this file and update their zone file.

What is Zone Transfer

DNS Zone transfer is the process of copying the DNS information form a master DNS server to a slave DNS server. This is used to copy data from the master DNS server to Slave servers. The primary/master DNS server should allow the zone transfer only to its secondary/slave servers. The Zone Transfer vulnerability arises when the primary server allows zone transfer to anyone who requests it.

By exploiting this vulnerability, attackers can get a copy of the zone file. This may not have a direct impact on the organization. But the attackers can collect a lot of information about the IP addresses and domains which will help in developing a plan to exploit and break into an organization.

Published by

Melbin Mathew

I'm Melbin Mathew from Kerala, India. Infosec enthusiast, interested in Bug Hunting, Web App Pentesting and and Blogging. Love learning something new every day. Drop a mail to connect. LinkedIn | Github | Twitter Contact: melbin [-at-] melbin.in

Leave a Reply

Your email address will not be published.