searching for records in dns...

yes, you may remember a similar post for enumerating dns ptr records with dnscmd.  this is basically the same thing.  except in this scenario, we're going to use findstr to help locate the records we want.

 

dnscmd myDnsServer /enumrecords myZone.myRoot.com . /continue | findstr crap

crap 3600 A     192.168.1.220
myCrap 3600 A     192.168.1.221

 

 

well, look at that.  that was easy.  we enumerate all records in any given zone, then specify the /continue switch to search all records.  the "." will tell it to pull back everything... and piping through findstr looks for any record with the word "crap" in it.

 

 

you can take it one step further and search all zones.  check out the following example:

 

for /f %a in ('dnscmd myDnsServer /enumzones ^| findstr /i primary') do dnscmd myDnsServer /enumrecords %a . /continue | findstr /i crap

crap 3600 A      192.168.1.220
crap2 [Aging:3569875] 1200 A     192.168.1.143
crap3 [Aging:3569899] 1200 A  192.168.1.142
crap4 [Aging:3569751] 1200 A    192.168.1.136
myCrap 3600 A     192.168.1.221

 

 

the real difference is that this time, we utilized a for loop to run dnscmd first to enumerate all the zones pulling back only the primary zones (easiest way for this example).  since we have them captured in a token, we loop through searching every zone for the name in question.