0

While playing with the DNS of test.com, I discovered that if I query anything, I get a valid response.

For example:

dig superuser-is-awesome.test.com -t TXT

; <<>> DiG 9.10.5-P2-RedHat-9.10.5-2.P2.fc25 <<>> superuser-is-awesome.test.com -t TXT
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52365
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;superuser-is-awesome.test.com. IN  TXT

;; ANSWER SECTION:
superuser-is-awesome.test.com. 7200 IN TXT  "v=spf1 ~all"

;; Query time: 133 msec
;; SERVER: 89.2.0.1#53(89.2.0.1)
;; WHEN: ven. sept. 01 14:28:12 CEST 2017
;; MSG SIZE  rcvd: 86

It works the same with type A or even no type at all:

dig superuser-is-awesome.test.com

; <<>> DiG 9.10.5-P2-RedHat-9.10.5-2.P2.fc25 <<>> superuser-is-awesome.test.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9026
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;superuser-is-awesome.test.com. IN  A

;; ANSWER SECTION:
superuser-is-awesome.test.com. 3600 IN  A   69.172.200.109

;; Query time: 130 msec
;; SERVER: 89.2.0.1#53(89.2.0.1)
;; WHEN: ven. sept. 01 14:29:20 CEST 2017
;; MSG SIZE  rcvd: 74

How is that possible? Is there a way to get the real value (should be nothing, except if truly exists)?

Improve this question
7
  • Your url redirects to test.com. Try with curl -I, you can see the redirected url.
    – Biswapriyo
    Commented Sep 1, 2017 at 12:35
  • I'm using dig, not curl.
    – Cyril N.
    Commented Sep 1, 2017 at 12:37
  • I was thinking this is something to do with a wildcard DNS entry, but they don't seem to have one.
    – Darren
    Commented Sep 1, 2017 at 12:41
  • I was not aware that something like this was possible on DNS.
    – Cyril N.
    Commented Sep 1, 2017 at 12:51
  • But yes, it appears to be a wildcard, if you query dig *.test.com, you'll get the same results!
    – Cyril N.
    Commented Sep 1, 2017 at 13:19

2 Answers 2

Reset to default
1

DISCLAIMER: I'm not convinced this is a correct answer, but I am posting it anyway at the request of the OP.

test.com is a real domain, registered by a company called "Perfect Privacy, LLC" in Florida.

A domain can have a wildcard DNS entry created for it.

This wildcard DNS record will cause DNS lookups on domain names ending in example.com that do not exist to have MX records synthesized for them. So, a lookup for the MX record for somerandomname.example.com would return an MX record pointing to host1.example.com.

However, the DNS records for test.com do not indicate they have a wildcard entry that I can see:

DNS Records for test.com
==============

Name        TTL     Class  Type     Priority    Data
test.com.   7200    IN     SOA                  NS65.WORLDNIC.com. namehost.WORLDNIC.com. 117070512 10800 3600 604800 3600
test.com.   7200    IN     NS                   ns65.worldnic.com.
test.com.   7200    IN     NS                   ns66.worldnic.com.
test.com.   3600    IN     A                    69.172.200.235
test.com.   7200    IN     TXT                  "google-site-verification=kW9t2V_S7WjOX57zq0tP8Ae_WJhRwUcZoqpdEkvuXJk"
test.com.   7200    IN     MX       30          lastmx.spamexperts.net.
test.com.   7200    IN     MX       20          fallbackmx.spamexperts.eu.
test.com.   7200    IN     MX       10          mx.spamexperts.com.
Improve this answer
3
  • There is a wildcard record in the zone, you have to query specifically for it: dig \*.test.com A does indeed return *.test.com. 1h IN A 69.172.200.109. The wildcard record is a valid record in the DNS by itself like any other records, its presence just triggers additionnal processing in authoritative nameservers... Same for dig \*.test.com TXT
    – Patrick Mevzek
    Commented Apr 9, 2019 at 14:20
  • @PatrickMevzek. Interesting. Would you like to update my answer accordingly? I wouldn't be offended.
    – Darren
    Commented Apr 9, 2019 at 14:22
  • if you want, just add the dig command and output. You can remove your disclaimer, your answer is correct. As for ViewDNS they show the records on test.com and hence can not show the wildcard (and do not accept * as a valid character in their form anyway). Note that (since I see it in another comment), dig \*.test.com and dig *.test.com are two different things since * is also a shell metacharacter, so it is often better to protect it (to be sure it is not replaced by something else before being used), even if the final DNS packet will indeed be for *.test.com.
    – Patrick Mevzek
    Commented Apr 9, 2019 at 14:56
2

These are wildcard DNS entries. Tested it on my own DNS Server, this it how it looks:

enter image description here

dig hans.xxx.xxx.net TXT

; <<>> DiG 9.9.5-3ubuntu0.15-Ubuntu <<>> hans.xxx.xxx.net TXT
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64899
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;hans.xxx.xxx.net.           IN      TXT

;; ANSWER SECTION:
hans.xxx.xxx.net.    3600    IN      TXT     "Test"

;; Query time: 22 msec
;; SERVER: 10.0.2.166#53(10.0.2.166)
;; WHEN: Fri Sep 01 15:13:36 DST 2017
;; MSG SIZE  rcvd: 65

dig hans.xxx.xxx.net

; <<>> DiG 9.9.5-3ubuntu0.15-Ubuntu <<>> hans.xxx.xxx.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42482
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;hans.xxx.xxx.net.           IN      A

;; ANSWER SECTION:
hans.xxx.xxx.net.    3600    IN      A       10.0.2.81

;; Query time: 13 msec
;; SERVER: 10.0.2.166#53(10.0.2.166)
;; WHEN: Fri Sep 01 15:19:46 DST 2017
;; MSG SIZE  rcvd: 64
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .