Kali Linux信息收集之dnstracer

0x00 dnstracer介绍

dnstracer用于获取给定主机名从给定域名服务器(DNS)的信息,并跟随DNS服务器链得到权威结果。

工具来源:http://www.mavetju.org/unix/general.php

dnstracer主页 | Kali dnstracer Repo仓库

作者:Edwin Groothuis

证书:BSD

0x01 dnstracer功能

dnstracer - 跟踪到源的DNS查询工具

[email protected]:~# dnstracer 
DNSTRACER version 1.8.1 - (c) Edwin Groothuis - http://www.mavetju.org
用法: dnstracer [选项] [主机名]
    -c:                     禁用本地缓存,默认启用
    -C:                     启用负缓存,默认禁用
    -o:                     启用返回结果的概述,默认禁用
    -q <querytype>:         DNS请求查询类型,默认为A
    -r <retries>:           DNS请求的重试次数,默认值3
    -s <server>:            使用此服务器的初始请求,默认localhost,如果指定将使用A.ROOT-SERVERS.NET
    -t <maximum timeout>:   限制每次尝试等待的时间
    -v:                     显示详细
    -S <ip address>:        使用这个IP作为源地址
    -4:                     不查询IPv6服务器

0x02 dnstracer用法示例

[email protected]:~# dnstracer -q mx -r 1 -t 10 -v www.harvard.edu
Tracing to www.harvard.edu[#mx] via 192.168.219.2, maximum of 1 retries
192.168.219.2 (192.168.219.2) IP HEADER
- Destination address:  192.168.219.2
DNS HEADER (send)
- Identifier:           0x351F
- Flags:                0x00 (Q )
- Opcode:               0 (Standard query)
- Return code:          0 (No error)
- Number questions:     1
- Number answer RR:     0
- Number authority RR:  0
- Number additional RR: 0
QUESTIONS (send)
- Queryname:            (3)www(7)harvard(3)edu
- Type:                 15 (unknown)
- Class:                1 (Internet)
DNS HEADER (recv)
- Identifier:           0x351F
- Flags:                0x8080 (R RA )
- Opcode:               0 (Standard query)
- Return code:          0 (No error)
- Number questions:     1
- Number answer RR:     1
- Number authority RR:  5
- Number additional RR: 4
QUESTIONS (recv)
- Queryname:            (3)www(7)harvard(3)edu
- Type:                 15 (unknown)
- Class:                1 (Internet)
ANSWER RR
- Domainname:           (3)www(7)harvard(3)edu
- Type:                 5 (CNAME)
- Class:                1 (Internet)
- TTL:                  5 (5s)
- Resource length:      36
- Resource data:        (3)www(7)harvard(3)edu(3)cdn(10)cloudflare(3)net
AUTHORITY RR
- Domainname:           (10)cloudflare(3)net
- Type:                 2 (NS)
- Class:                1 (Internet)
- TTL:                  5 (5s)
- Resource length:      6
- Resource data:        (3)ns3(10)cloudflare(3)net
AUTHORITY RR
- Domainname:           (10)cloudflare(3)net
- Type:                 2 (NS)
- Class:                1 (Internet)
- TTL:                  5 (5s)
- Resource length:      6
- Resource data:        (3)ns2(10)cloudflare(3)net
AUTHORITY RR
- Domainname:           (10)cloudflare(3)net
- Type:                 2 (NS)
- Class:                1 (Internet)
- TTL:                  5 (5s)
- Resource length:      6
- Resource data:        (3)ns1(10)cloudflare(3)net
AUTHORITY RR
- Domainname:           (10)cloudflare(3)net
- Type:                 2 (NS)
- Class:                1 (Internet)
- TTL:                  5 (5s)
- Resource length:      6
- Resource data:        (3)ns5(10)cloudflare(3)net
AUTHORITY RR
- Domainname:           (10)cloudflare(3)net
- Type:                 2 (NS)
- Class:                1 (Internet)
- TTL:                  5 (5s)
- Resource length:      6
- Resource data:        (3)ns4(10)cloudflare(3)net
ADDITIONAL RR
- Domainname:           (3)ns3(10)cloudflare(3)net
- Type:                 28 (unknown)
- Class:                1 (Internet)
- TTL:                  5 (5s)
- Resource length:      16
- Resource data:        2400:cb00:2049:0001:0000:0000:c629:de1f
ADDITIONAL RR
- Domainname:           (3)ns3(10)cloudflare(3)net
- Type:                 1 (A)
- Class:                1 (Internet)
- TTL:                  5 (5s)
- Resource length:      4
- Resource data:        198.41.222.31
ADDITIONAL RR
- Domainname:           (3)ns2(10)cloudflare(3)net
- Type:                 28 (unknown)
- Class:                1 (Internet)
- TTL:                  5 (5s)
- Resource length:      16
- Resource data:        2400:cb00:2049:0001:0000:0000:c629:de83
ADDITIONAL RR
- Domainname:           (3)ns2(10)cloudflare(3)net
- Type:                 1 (A)
- Class:                1 (Internet)
- TTL:                  5 (5s)
- Resource length:      4
- Resource data:        198.41.222.131
Got answer [received type is cname] 
 |\___ ns3.cloudflare.net [cloudflare.net] (2400:cb00:2049:0001:0000:0000:c629:de1f) IP HEADER
- Destination address:  XXX
DNS HEADER (send)
- Identifier:           0x303A
- Flags:                0x00 (Q )
- Opcode:               0 (Standard query)
- Return code:          0 (No error)
- Number questions:     1
- Number answer RR:     0
- Number authority RR:  0
- Number additional RR: 0
QUESTIONS (send)
- Queryname:            (3)www(7)harvard(3)edu
- Type:                 15 (unknown)
- Class:                1 (Internet)
send_data/sendto: Network is unreachable

转载请注明来自4ido10n博客的Kali Linux信息收集之dnstracer,否则保留追究文章版权的权利!

results matching ""

    No results matching ""