admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-02-14 06:33:24 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
fc9e4f85014f6c8a1fa9f5fc3bbd4cbdfe14f5c7
nuclei-templates/code/linux/audit/dns-zone-transfer-any.yaml
ghost 8ca11c3553 chore: sign templates 🤖
2025-08-24 07:05:38 +00:00

26 lines
934 B
YAML
Raw Blame History

id: dns-zone-transfer-any
info:
name: DNS Zone Transfer Allowed to Any Host
author: songyaeji
severity: high
description: |
DNS Zone Transfer configured with "allow-transfer { any; };" allowed unrestricted zone transfers.This exposed sensitive details like hostnames, network structure, and system data that attackers could use for reconnaissance and further attacks.
reference:
- https://isms.kisa.or.kr
tags: linux,kisa,audit,compliance
self-contained: true
code:
- engine:
- bash
source: |
grep -E 'allow-transfer' /etc/named.conf 2>/dev/null || echo "no-allow-transfer"
matchers:
- type: regex
part: code_1_response
regex:
- 'allow-transfer\s*\{\s*any;\s*\}'
# digest: 4a0a00473045022100f6fedbe8d24d2614c9d21f3c4e205eae408861844a4dcff07d9df10ee3d8ae1e022062903e44fe53216996f2c26dffc0d7f742876f5127492f540e2b7c406f3eee53:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink