Kali Linux信息收集之dnsmap
0x00 dnsmap介绍
dnsmap起源于2006年,是受到一个叫做“The Thief No One Saw”的小故事的启发后开发的,这个小故事能在Paul Craig的书《Stealing the Network - How to Own the Bow》中找到。 dnsmap 主要用来在渗透测试的信息收集阶段来协助测试网络的基础设施的安全性,它能发现目标的网段,域名,甚至是电话号码等等。 子域名穷举在穷举子域名方面也是一项新的技术,尤其是在域传送技术失效的时候。(在最近我很少看到公开允许域传输的例子)
工具来源:http://code.google.com/p/dnsmap/
作者:pagvac
证书:GPLv2
0x01 dnsmap功能
dnsmap - DNS域名蛮力穷举工具
root@kali:~# dnsmap
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)
用法: dnsmap <目标域> [选项]
选项:
-w <指定字典文件>
-r <指定结果以常规格式输出文件>
-c <指定结果以csv格式输出文件>
-d <设置延迟(毫秒)>
-i <忽略的IP> (当你遇到一个虚假的IP地址时很有用)
示例:
dnsmap target-domain.com
dnsmap target-domain.com -w yourwordlist.txt -r /tmp/domainbf_results.txt
dnsmap target-fomain.com -r /tmp/ -d 3000
dnsmap target-fomain.com -r ./domainbf_results.txt
0x02 dnsmap用法示例
root@kali:~# dnsmap cuit.edu.cn -w /usr/share/wordlists/dnsmap.txt -r domain.txt
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)
[+] searching (sub)domains for cuit.edu.cn using /usr/share/wordlists/dnsmap.txt
[+] using maximum random delay of 10 millisecond(s) between requests
acm.cuit.edu.cn
IP address #1: 210.41.225.250
art.cuit.edu.cn
IP address #1: 210.41.224.220
bbs.cuit.edu.cn
IP address #1: 210.41.224.158
bwc.cuit.edu.cn
IP address #1: 210.41.224.220
cas.cuit.edu.cn
IP address #1: 210.41.224.220
cfd.cuit.edu.cn
IP address #1: 210.41.225.21
cjy.cuit.edu.cn
IP address #1: 210.41.224.220
cwc.cuit.edu.cn
IP address #1: 210.41.224.134
dag.cuit.edu.cn
IP address #1: 210.41.224.220
dep.cuit.edu.cn
IP address #1: 210.41.224.130
dgb.cuit.edu.cn
IP address #1: 210.41.225.36
dmt.cuit.edu.cn
IP address #1: 210.41.225.144
dns.cuit.edu.cn
IPv6 address #1: 2001:250:2004::1:33
dns.cuit.edu.cn
IP address #1: 210.41.224.33
dsx.cuit.edu.cn
IP address #1: 210.41.224.154
dzb.cuit.edu.cn
IP address #1: 210.41.224.220
ftp.cuit.edu.cn
IP address #1: 210.41.224.131
gdx.cuit.edu.cn
IP address #1: 210.41.224.234
gis.cuit.edu.cn
IP address #1: 210.41.224.211
gsu.cuit.edu.cn
IP address #1: 210.41.224.154
hbw.cuit.edu.cn
IP address #1: 210.41.224.134
hqc.cuit.edu.cn
IP address #1: 210.41.224.220
iip.cuit.edu.cn
IP address #1: 210.41.225.50
jcc.cuit.edu.cn
IP address #1: 210.41.225.228
jkx.cuit.edu.cn
IP address #1: 210.41.224.212
jmx.cuit.edu.cn
IP address #1: 210.41.224.154
jwb.cuit.edu.cn
IP address #1: 210.41.224.220
jwc.cuit.edu.cn
IP address #1: 210.41.225.108
kjc.cuit.edu.cn
IP address #1: 210.41.225.226
kjx.cuit.edu.cn
IP address #1: 210.41.224.154
kys.cuit.edu.cn
IP address #1: 210.41.224.154
lgp.cuit.edu.cn
IP address #1: 210.41.224.134
lib.cuit.edu.cn
IP address #1: 210.41.233.134
ltc.cuit.edu.cn
IP address #1: 210.41.224.220
mcm.cuit.edu.cn
IP address #1: 210.41.224.212
new.cuit.edu.cn
IP address #1: 210.41.224.154
old.cuit.edu.cn
IP address #1: 210.41.224.130
pan.cuit.edu.cn
IP address #1: 210.41.224.210
pay.cuit.edu.cn
IP address #1: 210.41.225.89
IP address #2: 210.41.225.85
pjb.cuit.edu.cn
IP address #1: 210.41.224.130
qjh.cuit.edu.cn
IP address #1: 210.41.224.130
qrs.cuit.edu.cn
IP address #1: 203.124.15.252
sce.cuit.edu.cn
IP address #1: 210.41.224.220
sec.cuit.edu.cn
IP address #1: 210.41.224.154
sgi.cuit.edu.cn
IP address #1: 10.254.224.2
[+] warning: internal IP address disclosed
skx.cuit.edu.cn
IP address #1: 210.41.224.154
sus.cuit.edu.cn
IP address #1: 210.41.224.162
sxy.cuit.edu.cn
IP address #1: 210.41.224.154
tjx.cuit.edu.cn
IP address #1: 210.41.224.220
tyb.cuit.edu.cn
IP address #1: 210.41.224.220
uia.cuit.edu.cn
IP address #1: 210.41.224.194
vod.cuit.edu.cn
IP address #1: 10.254.241.130
[+] warning: internal IP address disclosed
vpn.cuit.edu.cn
IP address #1: 221.237.162.66
www.cuit.edu.cn
IP address #1: 210.41.224.132
wyx.cuit.edu.cn
IP address #1: 210.41.224.130
xsc.cuit.edu.cn
IP address #1: 210.41.224.206
xsh.cuit.edu.cn
IP address #1: 210.41.224.66
xtw.cuit.edu.cn
IP address #1: 210.41.224.68
xyw.cuit.edu.cn
IP address #1: 210.41.224.220
yws.cuit.edu.cn
IP address #1: 210.41.224.154
zgm.cuit.edu.cn
IP address #1: 210.41.224.220
zjc.cuit.edu.cn
IP address #1: 210.41.225.21
zwl.cuit.edu.cn
IP address #1: 210.41.224.134
zyl.cuit.edu.cn
IP address #1: 210.41.224.134
zyz.cuit.edu.cn
IP address #1: 210.41.224.134
zzb.cuit.edu.cn
IP address #1: 210.41.224.220
[+] 66 (sub)domains and 67 IP address(es) found
[+] 2 internal IP address(es) disclosed
[+] regular-format results can be found on domain.txt
[+] completion time: 252 second(s)
0x02 dnsmap-bulk用法示例
root@kali:~# dnsmap-bulk.sh domain.txt
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)
[+] searching (sub)domains for acm.cuit.edu.cn using built-in wordlist
[+] using maximum random delay of 10 millisecond(s) between requests
[+] 0 (sub)domains and 0 IP address(es) found
[+] completion time: 17 second(s)
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)
[+] error: entered domain is not valid!
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)
[+] error: entered domain is not valid!
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)
[+] error: entered domain is not valid!
dnsmap 0.30 - DNS Network Mapper by pagvac (gnucitizen.org)
[+] searching (sub)domains for 210.41.225.250 using built-in wordlist
[+] using maximum random delay of 10 millisecond(s) between requests
...
...
转载请注明来自4ido10n博客的Kali Linux信息收集之dnsmap,否则保留追究文章版权的权利!