• Examining DNS with dig
    		•

    Manipulating the Domain Name System




    Download 7,3 Mb.
    Pdf ko'rish
    bet54/125
    Sana14.05.2024
    Hajmi7,3 Mb.
    #232858
    1   ...   50   51   52   53   54   55   56   57   ...   125
    Bog'liq
    linuxbasicsforhackers

    Manipulating the Domain Name System
    Hackers can find a treasure trove of information on a target in its Domain 
    Name System (DNS). DNS is a critical component of the internet, and 
    although it’s designed to translate domain names to IP addresses, a hacker 
    can use it to garner information on the target.
    Examining DNS with dig
    DNS is the service that translates a domain name like hackers-arise.com to 
    the appropriate IP address; that way, your system knows how to get to it. 
    Without DNS, we would all have to remember thousands of IP addresses 
    for our favorite websites—no small task even for a savant.
    One of the most useful commands for the aspiring hacker is 
    dig
    , which 
    offers a way to gather DNS information about a target domain. The stored 
    DNS information can be a key piece of early reconnaissance to obtain before 
    attacking. This information could include the IP address of the target’s 
    name server (the server that translates the target’s name to an IP address), 
    the target’s email server, and potentially any subdomains and IP addresses.
    For instance, enter 
    dig hackers-arise.com
    and add the 
    ns
    option (short 
    for nameserver). The nameserver for hackers-arise.com is displayed in the 
    ANSWER SECTION
    of Listing 3-3.

    34
    Chapter 3
    kali >
    dig hackers-arise.com ns
    --
    snip
    --
    ;; QUESTION SECTION:
    ;hackers-arise.com. IN NS
    ;; ANSWER SECTION:
    hackers-arise.com. 5 IN NS ns7.wixdns.net.
    hackers-arise.com. 5 IN NS ns6.wixdns.net.
    ;; ADDITIONAL SECTION:
    ns6.wixdns.net. 5 IN A 216.239.32.100
    --
    snip
    --
    Listing 3-3: Using 
    dig
     and its 
    ns
     option to get information on a domain nameserver
    Also note in the 
    ADDITIONAL SECTION
    that this 
    dig
    query reveals the IP 
    address (216.239.32.100) of the DNS server serving hackers-arise.com. This 
    section may look slightly different on your system or may not show at all.
    You can also use the 
    dig
    command to get information on email 
    servers connected to a domain by adding the 
    mx 
    option (
    mx
    is short for 
    mail exchange server). This information is critical for attacks on email sys-
    tems. For example, info on the www.hackers-arise.com email servers is shown 
    in the 
    AUTHORITY SECTION
    of Listing 3-4.
    kali >

    Download 7,3 Mb.
    1   ...   50   51   52   53   54   55   56   57   ...   125




    Download 7,3 Mb.
    Pdf ko'rish