• Kali linux 试用:dnsenum


    dnsenum的目的是尽可能收集一个域的信息,它能够通过谷歌或者字典件猜测可能存在的域名,以及对一个网段进行反向查询。它可以查询网站的主机地址信息、域名服务器、mx record(函件交换记录),在域名服务器上执行axfr请求,通过google脚本得到扩展域名信息(google hacking),提取自域名并查询,计算C类地址并执行whois询,执行反向查询,把地址段写入文件。

    从其中还是可以得到不少好玩的信息,例如:wooyun 是建立在sinaapp上的

    root@kali:~/Desktop/crypt# dnsenum --enum www.wooyun.org
    dnsenum.pl VERSION:1.2.2
    Warning: can't load Net::Whois::IP module, whois queries disabled.
    -----   www.wooyun.org   -----
    Host's addresses:
    __________________
    
    wooyun.sinaapp.com                       30       IN    A        220.181.136.35
    wooyun.sinaapp.com                       30       IN    A        220.181.136.36
    
    
    Name Servers:
    ______________
    
     Error: can't continue no NS record for www.wooyun.org

    信息收集方面非常有用

    root@kali:~/Desktop# dnsenum --enum 51cto.com
    dnsenum.pl VERSION:1.2.2
    Warning: can't load Net::Whois::IP module, whois queries disabled.

    -----   51cto.com   -----


    Host's addresses:
    __________________

    51cto.com                                600      IN    A        118.144.78.52
    51cto.com                                600      IN    A        118.144.78.54


    Name Servers:
    ______________

    ns1.dnsv2.com                            87409    IN    A        122.225.217.193
    ns1.dnsv2.com                            87409    IN    A        183.60.59.230
    ns1.dnsv2.com                            87409    IN    A        221.204.186.8
    ns2.dnsv2.com                            87409    IN    A        119.167.195.7
    ns2.dnsv2.com                            87409    IN    A        180.153.162.151
    ns2.dnsv2.com                            87409    IN    A        112.90.143.34


    Mail (MX) Servers:
    ___________________


    root@kali:~/Desktop# dnsenum --enum  cnblogs.com
    dnsenum.pl VERSION:1.2.2
    Warning: can't load Net::Whois::IP module, whois queries disabled.
    
    -----   cnblogs.com   -----
    
    
    Host's addresses:
    __________________
    
    cnblogs.com                              584      IN    A        42.121.252.58
    
    
    Name Servers:
    ______________
    
    ns4.dnsv3.com                            64817    IN    A        115.236.151.139
    ns4.dnsv3.com                            64817    IN    A        180.153.162.152
    ns4.dnsv3.com                            64817    IN    A        221.204.186.9
    ns3.dnsv3.com                            64817    IN    A        183.60.59.231
    ns3.dnsv3.com                            64817    IN    A        112.90.143.35
    ns3.dnsv3.com                            64817    IN    A        119.167.195.10
    
    
    Mail (MX) Servers:
    ___________________
    
    alt2.aspmx.l.google.com                  278      IN    A        74.125.137.26
    aspmx5.googlemail.com                    278      IN    A        173.194.75.26
    aspmx2.googlemail.com                    278      IN    A        74.125.142.26
    aspmx.l.google.com                       278      IN    A        74.125.129.26
    alt1.aspmx.l.google.com                  278      IN    A        74.125.142.26
    aspmx3.googlemail.com                    278      IN    A        74.125.137.26
    aspmx4.googlemail.com                    278      IN    A        173.194.68.26
    
    
    Trying Zone Transfers and getting Bind Versions:
    _________________________________________________
    
    
    
    Trying Zone Transfer for cnblogs.com on ns4.dnsv3.com ... 
    AXFR record query failed: query timed out
    Unable to obtain Server Version for ns4.dnsv3.com : query timed out
    Trying Zone Transfer for cnblogs.com on ns3.dnsv3.com ... 
    AXFR record query failed: query timed out
    Unable to obtain Server Version for ns3.dnsv3.com : query timed out
     Wildcards detected, all subdomains will point to the same IP address, bye.

    fierce -dns 查询

    root@kali:~/Desktop# fierce -dns 51cto.com
    DNS Servers for 51cto.com:
        ns1.dnsv2.com
        ns2.dnsv2.com
    
    Trying zone transfer first...
        Testing ns1.dnsv2.com
            Request timed out or transfer not allowed.
        Testing ns2.dnsv2.com
            Request timed out or transfer not allowed.
  • 相关阅读:
    Python sendemail txt,html,图片及附件
    python 3 requests库2个问题
    py37 unitest+html_sendmail
    python 3 unitest批量执行用例
    phthon 3 unittest模块使用
    python 之发送邮件
    ipad已停用 连接itunes怎么办
    Ubuntu 16.04系统挂载4T硬盘
    华硕RT-AC86U路由器 AP模式实现多路由器组网,扩展主路由器的无线网范围
    ubuntu 常用命令
  • 原文地址:https://www.cnblogs.com/vigarbuaa/p/3484653.html
Copyright © 2020-2023  润新知