admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-02-03 01:03:34 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
23c94de2edd4515d44a32996c8557c91be4ca63f
nuclei-templates/code/linux/audit/dns-zone-transfer-any.yaml
ghost fc254a067f chore: sign templates 🤖
2025-08-29 10:06:03 +00:00

26 lines
938 B
YAML
Raw Blame History

id: dns-zone-transfer-any
info:
name: DNS Zone Transfer Allowed to Any Host
author: songyaeji
severity: high
description: |
DNS Zone Transfer configured with "allow-transfer { any; };" allowed unrestricted zone transfers.This exposed sensitive details like hostnames, network structure, and system data that attackers could use for reconnaissance and further attacks.
reference:
- https://isms.kisa.or.kr
tags: linux,local,kisa,audit,compliance
self-contained: true
code:
- engine:
- bash
source: |
grep -E 'allow-transfer' /etc/named.conf 2>/dev/null || echo "no-allow-transfer"
matchers:
- type: regex
part: code_1_response
regex:
- 'allow-transfer\s*\{\s*any;\s*\}'
# digest: 490a00463044022037476af6ea98c17d43d75d3cb57874705aeba154fd8e7ef8859748eafab0ebf702200a0d472b83fe677c4c703d4b82307a6c8b65f57418c549a3ad46b6cc13547206:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink