Find out the subdomains of a given domain name with dig
First, find out the name server(s) for the domain name in question:
dig wikipedia.comLook under the “AUTHORITY SECTION”:
;; AUTHORITY SECTION:
wikipedia.com. 163475 IN NS ns2.wikimedia.org.
wikipedia.com. 163475 IN NS ns1.wikimedia.org.
wikipedia.com. 163475 IN NS ns0.wikimedia.org.In this case wikipedia.com has 3 name servers: ns0.wikimedia.org, ns1.wikimedia.org and ns2.wikimedia.org. Now we can query one of these three servers for the subdomains of wikipedia.com:
dig @ns1.wikimedia.org wikipedia.com axfrHere is what we get back (the list is rather long, so I have truncated it quite a bit);
; <<>> DiG 9.5.0-P2 <<>> @ns1.wikimedia.org wikipedia.com axfr
; (1 server found)
;; global options: printcmd
wikipedia.com. 3600 IN A 208.80.152.2
wikipedia.com. 86400 IN NS ns0.wikimedia.org.
wikipedia.com. 86400 IN NS ns1.wikimedia.org.
wikipedia.com. 86400 IN NS ns2.wikimedia.org.
wikipedia.com. 3600 IN MX 50 lists.wikimedia.org.
wikipedia.com. 3600 IN MX 10 mchenry.wikimedia.org.
aa.wikipedia.com. 3600 IN CNAME rr.wikimedia.org.
aa.mobile.wikipedia.com. 3600 IN CNAME rr.wikimedia.org.
aa.wap.wikipedia.com. 3600 IN CNAME rr.wikimedia.org.
ab.wikipedia.com. 3600 IN CNAME rr.wikimedia.org.
ab.mobile.wikipedia.com. 3600 IN CNAME rr.wikimedia.org.
ab.wap.wikipedia.com. 3600 IN CNAME rr.wikimedia.org.
...
...
...Note: Not all dns servers will allow axfr protocol queiries. Those will return “Transfer failed”.
4 Comments to Find out the subdomains of a given domain name with dig
Leave a comment
Search
Archive
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Mar | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 | |||
Recent Comments
- Aron on Clone Disk Drives with Ubuntu. Make an Exact Copy of Your Hard Drive.
- letroll on Android – Displaying Dialogs From Background Threads
- When Wireless Goes Rogue « Ham Radio Weblog PD0AC on KARMA on the Fon and Sniffing Wireless Network Traffic with Ubuntu – Step by Step
- jornando junior on Android – Displaying Dialogs From Background Threads
- Geo on Extract Audio (.mp3) from Video Files Like .flv, .mov, .avi and Others with Ubuntu
Categories
Blogroll
Online Tools
Other
BLOG ARCHIVE
- March 2012 (1)
- November 2011 (1)
- August 2011 (1)
- April 2011 (1)
- January 2011 (2)
- September 2010 (1)
- August 2010 (2)
- July 2010 (2)
- June 2010 (2)
- May 2010 (1)
- January 2010 (2)
- December 2009 (2)
- November 2009 (3)
- October 2009 (1)
- September 2009 (3)
- July 2009 (1)
- May 2009 (1)
- March 2009 (1)
- February 2009 (2)
- January 2009 (2)
- December 2008 (1)
- November 2008 (4)
- October 2008 (5)
hello, how are you?
to disable spam 
i see you use captcha too
so here goes the question:
what option should be enabled that my bind would pass this info for all domains…
You can use :
http://www.wholinks.org
to get a list of all subdomains ….
You can also find subdomains using this page:
http://www.magic-net.info/dns-and-ip-tools.php
If zone transfer is not possible, this tool will use search engine results.
can also try it here:
http://ipaddress-whois.com/dig_dns_lookup
search for SOA DNS first,
then search for axfr records.