A server has a dns service and its ip address is 10.10.10.13, so I use nslookup and change the server to 10.10.10.13, and find out what is its fqdn.
It is revealed that its fqdn is ns1.cronos.htb, so I am guessing the domain name would be cronos.htb too.
To find out its sub domains in the dns server with the axfr (zone transfer) option I do this dig @10.10.10.13 cronos.htb axfr
you will need to provide the name server fqdn or ip address after the @ symbol. The AXFR (zone transfer) is supported by the server hence the dns server reviews these:
As I am not going to change the dns server I am changing it in my hosts file so that admin.cronos.htb is resolvable.
cyruslab 