56
◾
Ethical Hacking and Penetration Testing Guide
You would see the following output:
You can see that it has revealed some interesting information such as the e-mail of the owner
(which I have set to private b/w)
and the name servers, which shows that hostagtor.com is hosting
this website. We will learn some effective methods to determine name servers later in this section,
when we will talk about DNS enumeration.
Finding Other Websites Hosted on the Same Server
In the chapter on web hacking (Chapter 12), you will learn a method called “Symlink bypassing,”
which will show you exactly how an attacker can use a single website in order to compromise every
website on the same server. However, for now, we would just discuss the method of
finding the
domains hosted on the same server. The method is called reverse IP lookup.
Yougetsignal.com
Yougetsignal.com allows you to perform a reverse IP lookup on a webserver to detect all other
websites present on the same server. All you need to do is enter the domain.
There is another tool called
ritx
that is also used to perform this task.
