Special DNS zones for testing purposes

Frederic Cambus May 18, 2013 [DNS]

Domain hosting some seldom used resource record types:

More information about available resource records to query can be found here.

dig statdns.net LOC +short
52 22 23.000 N 4 53 32.000 E -2.00m 0.00m 10000m 10m

dig _443._tcp.www.statdns.net TLSA +short
3 0 1 E1BFAE80B9B0B4220DDB6940925CEA0FA51D5D11C645DB95584086FB 71C542F2

dig statdns.net NAPTR +short
100 100 "u" "E2U+web:http" "!^.*$!http://www.statdns.net!" .

Deliberately broken domains:

Unreachable Name Servers:

dig lame.broken-on-purpose.generic-nic.net SOA

; <<>> DiG 9.8.3-P1 <<>> lame.broken-on-purpose.generic-nic.net SOA
;; global options: +cmd
;; connection timed out; no servers could be reached

A zone always returning a SERVFAIL:

dig lame2.broken-on-purpose.generic-nic.net SOA

; <<>> DiG 9.8.3-P1 <<>> lame2.broken-on-purpose.generic-nic.net SOA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41095
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

Zones with dangerous records:

These zones contains special characters and malicious content:

dig dangerousrecord.broken-on-purpose.generic-nic.net MX +short
0 dangerous<name.broken-on-purpose.generic-nic.net.
10 dangerous{name.broken-on-purpose.generic-nic.net.
20 dangerous\"name.broken-on-purpose.generic-nic.net.
50 dangerous'name.broken-on-purpose.generic-nic.net.
60 dangerous\"name.broken-on-purpose.generic-nic.net.
70 <script/src='http://www\.skullsecurity\.org/test-js\.js'></script>.broken-on-purpose.generic-nic.net.

dig dangerous\name.broken-on-purpose.generic-nic.net TXT +short
"To crash XML output"

dig dangerous{name.broken-on-purpose.generic-nic.net TXT +short
"To crash JSON output"

64 kilobytes TXT record:

dig txty.forfunsec.org TXT +short
"beginyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy"

[TRUNCATED OUTPUT]

"yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyend"

It's interesting to note that some DNS resolvers such as Google Public DNS returns an error when queried for this particular record:

dig @8.8.8.8 txty.forfunsec.org TXT
;; Truncated, retrying in TCP mode.
;; communications error to 8.8.8.8#53: end of file

dig @8.8.4.4 txty.forfunsec.org TXT
;; Truncated, retrying in TCP mode.
;; communications error to 8.8.4.4#53: end of file

Domain name with a maximal sized label:

dig 'this-right-here-is-a-maximum-sized-label-of-sixty-three-octets!.huque.com' TXT +short
"domain name with a maximal sized label" "for testing purposes"