312-50V10 · Question #180
Look at the following output. What did the hacker accomplish?
The correct answer is D. The hacker successfully transferred the zone and enumerated the hosts.. The output shown reflects a successful DNS zone transfer (AXFR), which exposes all DNS records - including hostnames, IPs, and subdomains - for the target domain.
Question
Look at the following output. What did the hacker accomplish?
Exhibit
Options
- AThe hacker used who is to gather publicly available records for the domain.
- BThe hacker used the "fierce" tool to brute force the list of available domains.
- CThe hacker listed DNS records on his own domain.
- DThe hacker successfully transferred the zone and enumerated the hosts.
How the community answered
(24 responses)- C4% (1)
- D96% (23)
Why each option
The output shown reflects a successful DNS zone transfer (AXFR), which exposes all DNS records - including hostnames, IPs, and subdomains - for the target domain.
WHOIS queries return registrar and ownership metadata from public databases, not internal DNS host records or IP mappings as shown in zone transfer output.
The 'fierce' tool performs DNS brute forcing by guessing subdomains, which is different from a zone transfer that retrieves the complete authoritative record set in a single response.
Listing DNS records on one's own domain would be a legitimate administrative action, not a hacking technique, and would not produce an enumerated host list from a target domain.
A DNS zone transfer (AXFR request) causes a misconfigured DNS server to replicate its entire zone database to the requester. This reveals all A, MX, CNAME, and NS records, effectively enumerating every host in the domain - a critical information disclosure vulnerability exploited during reconnaissance.
Concept tested: DNS zone transfer (AXFR) exploitation and host enumeration
Source: https://attack.mitre.org/techniques/T1590/002/
Topics
Community Discussion
No community discussion yet for this question.
