A1: DNS

Assignment Series #A1 DNS

Task description

The command dig is a tool for querying DNS nameservers for information about host addresses, mail exchanges, nameservers, and related information. This tool can be used from any Linux (Unix) or Macintosh OS X operating system. Please use dig to solve the following tasks:

  1. a record of www.microsoft.com
  2. reverse lookup of the ip 80.254.178.110
  3. a record of teams.microsoft.com via Google dns 8.8.8.8
  4. ns records of ost.ch
  5. mx records of ost.ch
  6. zone transfer @nsztm1.digi.ninja zonetransfer.me
  7. show dns trace when looking up hsr.hacking-lab.com domain
  8. dns over http request via cloudflare of the hostname academy.hacking-lab.com
  9. DS of the domain switch.ch
  10. DNSKEY of the domain switch.ch

Solution

  1. a record of microsoft.com:

    ╭─ ~/Desktop/Assignments/A1/DNS ✔
    ╰─ dig -t a microsoft.com +short
    40.76.4.15
    40.112.72.205
    40.113.200.201
    13.77.161.179
    104.215.148.63

  2. reverse lookup of the ip 80.254.178.110

    ╭─ ~/Desktop/Assignments/A1/DNS ✔
    ╰─ dig -x 80.254.178.110 +short
    110-178-254-80.static.dsl-net.ch.

  3. a record of teams.microsoft.com via Google dns 8.8.8.8

    ;; Query time: 12 msec
    ;; SERVER: 8.8.8.8#53(8.8.8.8)
    ;; WHEN: Tue Oct 20 16:11:22 EDT 2020
    ;; MSG SIZE rcvd: 155

    ╭─ ~/Desktop/Assignments/A1/DNS ✔
    ╰─ dig @8.8.8.8 -t a teams.microsoft.com +short
    teams.office.com.
    teams-office-com.s-0005.s-msedge.net.
    s-0005.s-msedge.net.
    52.113.194.132

  4. ns records of ost.ch

    ─ ~/Desktop/Assignments/A1/DNS ✔
    ╰─ dig -t ns ost.ch +short
    dns02.ost.ch.
    dns01.ost.ch.

  5. mx records of ost.ch

    ╭─ ~/Desktop/Assignments/A1/DNS ✔
    ╰─ dig -t mx ost.ch +short
    0 ost-ch.mail.protection.outlook.com.

  6. zone transfer @nsztm1.digi.ninja zonetransfer.me

    ╭─ ~/Desktop/Assignments/A1/DNS ✔
    ╰─ dig axfr @nsztm1.digi.ninja zonetransfer.me

I decided to write only the command down instead of the full output. For a detailed explanation what this command does, please visit https://digi.ninja/projects/zonetransferme.php

  1. show dns trace when looking up hsr.hacking-lab.com domain

    ─ ~/Desktop/Assignments/A1/DNS ✔
    ╰─ dig +trace +short hsr.hacking-lab.com
    NS l.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS i.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS a.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS b.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS f.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS m.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS c.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS d.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS k.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS e.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS j.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS h.root-servers.net. from server 172.16.16.16 in 12 ms.
    NS g.root-servers.net. from server 172.16.16.16 in 12 ms.
    A 152.96.6.131 from server 193.135.215.40 in 16 ms.

  2. dns over http request via cloudflare of the hostname academy.hacking-lab.com

    Cloudflare DNS is 1.1.1.1, but I wasn’t sure how to solve this task. I got stuck and tried this from the cloudfare developers guide out:
    https://developers.cloudflare.com/1.1.1.1/dns-over-https/json-format

    curl -H ‚accept: application/dns-json‘ ‚https://cloudflare-dns.com/dns-query?name=academy.hacking-lab.com&type=AAAA

  3. ds of the domain switch.ch

    ╭─ ~/Desktop/Assignments/A1/DNS 9 ✘ 15s
    ╰─ dig ds switch.ch +short
    41243 13 2 7EB1BDE852B56AF1FB24B7018764BFA34D1E6A2A02F1338A40EF0A77 430F5607

  4. DNS Key of the domain switch.ch

    ╭─ ~/Desktop/Assignments/A1/DNS ✔
    ╰─ dig DNSKEY switch.ch +short
    256 3 13 5TaAxIstxl3gVaGScS5L6Ccs4/GZhqVUld5XHoEhlNJetxXBT5BPwAXA V2teG9sA9XBxNFAeD26ekts7OW6n+Q==
    257 3 13 COIkIJpWDaeEInm8UP+TKzg0H/DEqtTUvjz3Os/TK2biHlXtJL7sPrmw vw5QYP8f9hy9O2uBlotrhNR35SxX1g==
    256 3 13 wZLnkiai6vlaP/gOxnhQdWZ21WPzIpkpCh5Uw1IFg276KJDkvJ/RVZYh omttXiC1pv9hUCLLo0blRcWTILxAcQ==

Notes

I was unsure howto solve task 8. I did spend a lot of google time to find a solution howto do that with dig and decided now to upload this report with the curl command described in the cloudflare developers guide. Please let me know your solution for this task. I’m always eager to learn 😉

PDF Report
dns#1

März 1, 2021 | Cybercop