DNS Vulnerabilities

I’m just wondering if anyone could recommend a good resource on what you can do after performing a dns search and how to interpret the output from doing the search?
I’ve been looking for ages but have only been able to find different ways to do the search and not actually use the information to exploit something.

I might suggest that you’re not looking for vunerabilities in DNS itself, but the DNS server product that you are using. Assuming you are falling inline with most corporations and running BIND, I’d be checking out security announcements at ISC.ORG, and of course your favorite security sites.

You’re going to be hard pressed to find a vulnerability in the protocol itself, mostly due to its maturity and simplicity. Certain implementations of a DNS server may be vulnerable to buffer overflows / serialization attacks, but they’re not common.
If you’re looking to design a challenge or something ‘exploitable’, the only thing that comes to mind immediately is intentionally misconfiguring the server to allow for AXFR requests, and bury secrets or other information in hard to guess txt records or something.

Not exactly a DNS vulnerability but you could look into DNS amplification DDoS.

There’s either DNS spoofing or DNS poisoning attacks as far as I know of DNS attacks. You can look up those types of attacks. DNS spoofing is like when you want to grab someones facebook password you send them a spoofed address and they enter their credentials that get sent to you as they log onto their facebook account through your link. If done properly the victim the victim won’t know they are using a spoofed login site.

Thanks to all!