Penetration Testing with Kali Linux OffSec
for ip in $(seq 200 254); do host 51.222.169.$ip; done | grep -v "not
|
|
for ip in $(seq 200 254); do host 51.222.169.$ip; done | grep -v "not
found" ... 208.169.222.51.in-addr.arpa domain name pointer admin.megacorpone.com. 209.169.222.51.in-addr.arpa domain name pointer beta.megacorpone.com. 210.169.222.51.in-addr.arpa domain name pointer fs1.megacorpone.com. 211.169.222.51.in-addr.arpa domain name pointer intranet.megacorpone.com. 212.169.222.51.in-addr.arpa domain name pointer mail.megacorpone.com. 213.169.222.51.in-addr.arpa domain name pointer mail2.megacorpone.com. 214.169.222.51.in-addr.arpa domain name pointer router.megacorpone.com. 215.169.222.51.in-addr.arpa domain name pointer siem.megacorpone.com. 216.169.222.51.in-addr.arpa domain name pointer snmp.megacorpone.com. 217.169.222.51.in-addr.arpa domain name pointer syslog.megacorpone.com. 218.169.222.51.in-addr.arpa domain name pointer support.megacorpone.com. 219.169.222.51.in-addr.arpa domain name pointer test.megacorpone.com. 220.169.222.51.in-addr.arpa domain name pointer vpn.megacorpone.com. ... Listing 45 - Using Bash to brute force reverse DNS names We have successfully managed to resolve a number of IP addresses to valid hosts using reverse DNS lookups. If we were performing an assessment, we could further extrapolate these results, and might scan for “mail2”, “router”, etc., and reverse-lookup positive results. These types of scans are often cyclical; we expand our search based on any information we receive at every round. Now that we have developed our foundational DNS enumeration skills, let’s explore how we can automate the process using a few applications. There are several tools in Kali Linux that can automate DNS enumeration. Two notable examples are DNSRecon and DNSenum ; let’s explore their capabilities. DNSRecon 250 is an advanced DNS enumeration script written in Python. Let’s run dnsrecon against megacorpone.com, using the -d option to specify a domain name and -t to specify the type of enumeration to perform (in this case, a standard scan). kali@kali:~$ Yüklə Dostları ilə paylaş:
|