Active Subdomain Enumeration

Hi all I’m stuck again, but Now, on literally the next question which is:
What is the FQDN of the IP address 10.10.34.136?

Someone, please help! No spoilers plz.

1 Like

You need found out the “Pointer”. Its all that will say.

Wait what do you mean? There is no pointer given if there’s one that is hidden how do you find it? is there a command I can execute?

Hi 0xh4rtz, thankyou for the clue, but could you give a bit more
of a hint without spoiling. I’ve been completely overthinking this
entire section and my brain is about to go into meltdown, ta.

Sorted now, caffeine fix :slight_smile:

Hi I was just checking in if someone got any clue that might have worked for them. I have been stuck in this question for days now it will be a great help if someone can share some clues.

The same way you used to solve the question about the TXT records you have to use in order to find the pointer record.

1 Like

Did you get past this question? I am stuck on it as well. i’ve added the IP to my /etc/hots, then I’ve tried running all the commands from the course work and get nothing but errors. I

Could you explain this further? I have ran the same commands and get no response. Also does the ip need to be added to /etc/hosts? As rn i can not get a response from the server when i try to ping the ip

i need suggestion on answer to this question , i tried command dig -x 10.10.34.136 @dnserverip but no success

So, I’ve finally got it!

That’s what you have to do:
First of all I really recomend you to take some time and try to understand how dns zones work, that’s really usefull not only for this task, but also for many CTF’s.
I can recomend you to take Footprinting, and do it’s DNS section.
For this task:

  1. Check axfr of inlanefreight.htb. There you will get some domains.
  2. Now you have to check all of this domain, if they have axfr zone transfers (as you did it with inlanefreight.htb just a minute ago)
  3. By one of this domains you will get list of it’s subdomains, and just look of the ip’s of this subdomains and you will find 10.10.34.136 there!
    That’s not hard, but I really want to encourage you to dive in the topic of Zone Transfers and understand how it works and how you can use it for penetration testing :wink:
1 Like

thanks saved so much time. Another tedious task from htb xD much appreciated

1 Like