DNS Analysis - Reverse Lookup using input from File

[hexidecimal1f]

I've went through each DNS Analysis tool offered in BT5 but the only one that looks like what I need is reverseraider. But reverseraider will only allow me to specify a range of ip's. Maybe I'm doing something wrong..

Can someone advise me? First post!

Background:
I'm using genlist -s 10.0.*.200 to create a list of devices responding to .200 on subnets 10.0.1-255.0/24

My routers live at .200 and I want to make sure they're all in DNS. I figured it would be easy if I did the following:

./genlist -s 10.0.*.200 > list_10.0

then

./reverseraider -f (for file) list_10.0

Obviously there is no -f option. Is there a tool available that can do this?

[hexidecimal1f]

crossbower (reverseraider dev) was quick to respond to an email I sent asking for this...and he added the -f file option!

It works great. It will be released with the next version. Thanks!

[thilak]

To check your DNS lookup as a right manner,
Just visit this site www.whoisxy.com , It has the best information of IP address, IP address to domain, domain name to IP,domain name, DNS lookup., IP address lookup and ping test !!!

[Archangel-Amael]

All of which can also be done using nslookup and or whois. These are basic networking tools and skills.

[hexidecimal1f]

The reason why I asked for this capability is because you can't simply do the things I was trying to do using nslookup, whois, or host (my fav).

reverseraider -d domain | -r range [options]
Options:
-r range of ipv4 or ipv6 addresses, for reverse scanning
examples: 208.67.1.1-254 or 2001:0DB8::1428:57ab-6344
-f file containing lists of ip addresses, for reverse scanning
-d domain, for wordlist scanning (example google.com)
-w wordlist file (see wordlists directory...)
Extra options:
-t requests timeout in seconds
-P enable numeric permutation on wordlist (default off)
-D nameserver to use (default: resolv.conf)
-T use TCP queries instead of UDP queries
-R don't set the recursion bit on queries

instead of doing -r 172.16.1.235, 172.16.2.235, 172.16.3.235 etc... I could just paste the following into a file:
208.67.1.235
208.67.2.235
208.67.3.235
and so on.

Why would anyone care to do this? I have dns entries for switches/routers/firewalls, etc. in our network. My network is medium size (3500 end points). We have 200ish managed switches, each having their own name.

Name might be
edge-2a-hr.gc.ntwk and ip.add.res.s is 172.16.x.235 (all switches have ip address of x.x.x.235, going down from there if multiple switches exist on same subnet,etc.)

I also have multiple subdomains in .ntwk (gc,dt,ss,sc,za,xa, etc.).

It's simple to copy switch ip's from a spreadsheet into a file, run this reverseraider tool to confirm that all my switches/routers/firewalls had a name associated with them...and that the name was correct. I haven't found an easier way to do this. Turns out, as other NE's installed new switches, they never took the time to update DNS.

I hope this explained my need to ask for help here.

thilak,
Thanks for your input, but as you can see from my scenario, it wouldn't work.

Archangel-Amael
nslookup and whois can't do what I'm asking to do either. I didn't take the time to explain why I was trying to do this, wanted to save the experts from having to dive into my scenario... my bad.