Going the extra mile – editing source code

The enum_dns module in Metasploit is a bit outdated (we can check the TLD wordlist for updates). So, let's customize the module to meet our needs. The idea is to provide enum_dns with the Top Level Domain (TLD) wordlist and the entries will be parsed and checked to query a record. Looking at the source code of the auxiliary, we can see that the TLDs it looks for do not have the new TLDs that were launched recently:

This can be seen in line 302, in the modules/auxiliary/gather/enum.dns.rb file, which can also be accessed online by visiting the following link:

https://github.com/rapid7/metasploit-framework/blob/f41a90a5828c72f34f9510d911ce176c9d776f47/modules/auxiliary/gather/enum_dns.rb#L302 ...

Get Hands-On Web Penetration Testing with Metasploit now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.