Kali Linux信息收集之dnsmap

0x00 dnsmap介绍

dnsmap起源于2006年,是受到一个叫做“The Thief No One Saw”的小故事的启发后开发的,这个小故事能在Paul Craig的书《Stealing the Network - How to Own the Bow》中找到。 dnsmap 主要用来在渗透测试的信息收集阶段来协助测试网络的基础设施的安全性,它能发现目标的网段,域名,甚至是电话号码等等。 子域名穷举在穷举子域名方面也是一项新的技术,尤其是在域传送技术失效的时候。(在最近我很少看到公开允许域传输的例子)

工具来源:http://code.google.com/p/dnsmap/

dnsmap主页 | Kali dnsmap Repo仓库

作者:pagvac

证书:GPLv2

0x01 dnsmap功能

dnsmap - DNS域名蛮力穷举工具

[email protected]:~# dnsmap
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)

用法: dnsmap <目标域> [选项]
选项:
-w <指定字典文件>
-r <指定结果以常规格式输出文件>
-c <指定结果以csv格式输出文件>
-d <设置延迟(毫秒)>
-i <忽略的IP> (当你遇到一个虚假的IP地址时很有用)

示例:
dnsmap target-domain.com
dnsmap target-domain.com -w yourwordlist.txt -r /tmp/domainbf_results.txt
dnsmap target-fomain.com -r /tmp/ -d 3000
dnsmap target-fomain.com -r ./domainbf_results.txt

0x02 dnsmap用法示例

[email protected]:~# dnsmap cuit.edu.cn -w /usr/share/wordlists/dnsmap.txt -r domain.txt 
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] searching (sub)domains for cuit.edu.cn using /usr/share/wordlists/dnsmap.txt
[+] using maximum random delay of 10 millisecond(s) between requests

acm.cuit.edu.cn
IP address #1: 210.41.225.250

art.cuit.edu.cn
IP address #1: 210.41.224.220

bbs.cuit.edu.cn
IP address #1: 210.41.224.158

bwc.cuit.edu.cn
IP address #1: 210.41.224.220

cas.cuit.edu.cn
IP address #1: 210.41.224.220

cfd.cuit.edu.cn
IP address #1: 210.41.225.21

cjy.cuit.edu.cn
IP address #1: 210.41.224.220

cwc.cuit.edu.cn
IP address #1: 210.41.224.134

dag.cuit.edu.cn
IP address #1: 210.41.224.220

dep.cuit.edu.cn
IP address #1: 210.41.224.130

dgb.cuit.edu.cn
IP address #1: 210.41.225.36

dmt.cuit.edu.cn
IP address #1: 210.41.225.144

dns.cuit.edu.cn
IPv6 address #1: 2001:250:2004::1:33

dns.cuit.edu.cn
IP address #1: 210.41.224.33

dsx.cuit.edu.cn
IP address #1: 210.41.224.154

dzb.cuit.edu.cn
IP address #1: 210.41.224.220

ftp.cuit.edu.cn
IP address #1: 210.41.224.131

gdx.cuit.edu.cn
IP address #1: 210.41.224.234

gis.cuit.edu.cn
IP address #1: 210.41.224.211

gsu.cuit.edu.cn
IP address #1: 210.41.224.154

hbw.cuit.edu.cn
IP address #1: 210.41.224.134

hqc.cuit.edu.cn
IP address #1: 210.41.224.220

iip.cuit.edu.cn
IP address #1: 210.41.225.50

jcc.cuit.edu.cn
IP address #1: 210.41.225.228

jkx.cuit.edu.cn
IP address #1: 210.41.224.212

jmx.cuit.edu.cn
IP address #1: 210.41.224.154

jwb.cuit.edu.cn
IP address #1: 210.41.224.220

jwc.cuit.edu.cn
IP address #1: 210.41.225.108

kjc.cuit.edu.cn
IP address #1: 210.41.225.226

kjx.cuit.edu.cn
IP address #1: 210.41.224.154

kys.cuit.edu.cn
IP address #1: 210.41.224.154

lgp.cuit.edu.cn
IP address #1: 210.41.224.134

lib.cuit.edu.cn
IP address #1: 210.41.233.134

ltc.cuit.edu.cn
IP address #1: 210.41.224.220

mcm.cuit.edu.cn
IP address #1: 210.41.224.212

new.cuit.edu.cn
IP address #1: 210.41.224.154

old.cuit.edu.cn
IP address #1: 210.41.224.130

pan.cuit.edu.cn
IP address #1: 210.41.224.210

pay.cuit.edu.cn
IP address #1: 210.41.225.89
IP address #2: 210.41.225.85

pjb.cuit.edu.cn
IP address #1: 210.41.224.130

qjh.cuit.edu.cn
IP address #1: 210.41.224.130

qrs.cuit.edu.cn
IP address #1: 203.124.15.252

sce.cuit.edu.cn
IP address #1: 210.41.224.220

sec.cuit.edu.cn
IP address #1: 210.41.224.154

sgi.cuit.edu.cn
IP address #1: 10.254.224.2
[+] warning: internal IP address disclosed

skx.cuit.edu.cn
IP address #1: 210.41.224.154

sus.cuit.edu.cn
IP address #1: 210.41.224.162

sxy.cuit.edu.cn
IP address #1: 210.41.224.154

tjx.cuit.edu.cn
IP address #1: 210.41.224.220

tyb.cuit.edu.cn
IP address #1: 210.41.224.220

uia.cuit.edu.cn
IP address #1: 210.41.224.194

vod.cuit.edu.cn
IP address #1: 10.254.241.130
[+] warning: internal IP address disclosed

vpn.cuit.edu.cn
IP address #1: 221.237.162.66

www.cuit.edu.cn
IP address #1: 210.41.224.132

wyx.cuit.edu.cn
IP address #1: 210.41.224.130

xsc.cuit.edu.cn
IP address #1: 210.41.224.206

xsh.cuit.edu.cn
IP address #1: 210.41.224.66

xtw.cuit.edu.cn
IP address #1: 210.41.224.68

xyw.cuit.edu.cn
IP address #1: 210.41.224.220

yws.cuit.edu.cn
IP address #1: 210.41.224.154

zgm.cuit.edu.cn
IP address #1: 210.41.224.220

zjc.cuit.edu.cn
IP address #1: 210.41.225.21

zwl.cuit.edu.cn
IP address #1: 210.41.224.134

zyl.cuit.edu.cn
IP address #1: 210.41.224.134

zyz.cuit.edu.cn
IP address #1: 210.41.224.134

zzb.cuit.edu.cn
IP address #1: 210.41.224.220

[+] 66 (sub)domains and 67 IP address(es) found
[+] 2 internal IP address(es) disclosed
[+] regular-format results can be found on domain.txt
[+] completion time: 252 second(s)

0x02 dnsmap-bulk用法示例

[email protected]:~# dnsmap-bulk.sh domain.txt 
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] searching (sub)domains for acm.cuit.edu.cn using built-in wordlist
[+] using maximum random delay of 10 millisecond(s) between requests

[+] 0 (sub)domains and 0 IP address(es) found
[+] completion time: 17 second(s)
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] error: entered domain is not valid!
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] error: entered domain is not valid!
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] error: entered domain is not valid!
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)

[+] searching (sub)domains for 210.41.225.250 using built-in wordlist
[+] using maximum random delay of 10 millisecond(s) between requests
...
...

转载请注明来自4ido10n博客的Kali Linux信息收集之dnsmap,否则保留追究文章版权的权利!

results matching ""

    No results matching ""