Ukraine Office: +38 (063) 50 74 707

USA Office: +1 (212) 203-8264

contact@testmatick.com

REQUEST A QUOTE

Manual Testing

Ensure the highest quality for your software with our manual testing services.

Mobile Testing

Optimize your mobile apps for flawless performance across all devices and platforms with our comprehensive mobile testing services.

Automated Testing

Enhance your software development with our automated testing services, designed to boost efficiency.

Functional Testing

Refine your application’s core functionality with our functional testing services

VIEW ALL SERVICES 

Home » AXFR

AXFR

AXFR – an information disclosure about zone transfer. Domain Name System described in RFC 1034/1035 includes full zone transfer specification. Typically, this mechanism is used for information replication between servers, but it can also be used to obtain a variety of information for mass mailings distributed DoS attacks and other malicious purposes. The vulnerability is connected with the fact that the majority of DNS servers don’t restrict AXFR requests.

XFR data used for searching mail repeaters, proxy servers, hosts with a particular OS or installed applications. When DNS-server receives AXFR request, it sends all known data for a requested domain. But If the DNS server as a wrong configuration – any user can obtain the access to this data.

Quite often, some websites have a “secret” subdomains (dev.*, test.* and others) for the internal usage. Usually, these domains have an insecure configuration or developed features.

Related Terms