Lab 6: Perform Whois footprinting

 

Lab 6: Perform Whois footprinting


Module 02: Footprinting and Reconnaissance

Lab 6: Perform Whois footprinting


Task 1: Perform Whois Lookup using DomainTools


browser 

http://whois.domaintools.com

enter site hit search




Lab Scenario

During the footprinting process, gathering information on the target IP address and domain obtained during previous information gathering steps is important. As a professional ethical hacker or penetration tester, you should be able to perform Whois footprinting on the target; this method provides target domain information such as the owner, its registrar, registration details, name server, contact information, etc. Using this information, you can create a map of the organization’s network, perform social engineering attacks, and obtain internal details of the network.

Lab Objectives

  • Perform Whois lookup using DomainTools

Overview of Whois Footprinting

This lab focuses on how to perform a Whois lookup and analyze the results. Whois is a query and response protocol used for querying databases that store the registered users or assignees of an Internet resource such as a domain name, an IP address block, or an autonomous system. This protocol listens to requests on port 43 (TCP). Regional Internet Registries (RIRs) maintain Whois databases, and contains the personal information of domain owners. For each resource, the Whois database provides text records with information about the resource itself and relevant information of assignees, registrants, and administrative information (creation and expiration dates).

Task 1: Perform Whois Lookup using DomainTools

Here, we will gather target information by performing Whois lookup using DomainTools.

  1. Open any web browser (here, Mozilla Firefox). In the address bar of the browser place your mouse cursor, click http://whois.domaintools.com and press Enter. The Whois Lookup website appears, as shown in the screenshot.

    Screenshot

  2. Now, in the Enter a domain or IP address… search bar, type www.certifiedhacker.com and click Search.

    Screenshot

  3. This search result reveals the details associated with the URL entered, www.certifiedhacker.com, which includes organizational details such as registration details, name servers, IP address, location, etc., as shown in the screenshots.

    Screenshot

    Screenshot

  4. This concludes the demonstration of gathering information about a target organization by performing the Whois lookup using DomainTools.

  5. You can also use other Whois lookup tools such as SmartWhois (https://www.tamos.com), Batch IP Converter (http://www.sabsoft.com), etc. to extract additional target Whois information.

  6. Close all open windows and document all the acquired information.

Comments

Post a Comment

Popular posts from this blog

Lab 1: Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools

Image
Lab 1: Perform S3 Bucket Enumeration using Various S3 Bucket Enumeration Tools Lab Scenario As an ethical hacker, you must try to obtain as much information as possible about the target cloud environment using various enumeration tools. This lab will demonstrate various S3 bucket enumeration tools that can help you in extracting the list of publicly available S3 buckets. Lab Objectives Enumerate S3 buckets using lazys3 Enumerate S3 buckets using S3Scanner Overview of Enumeration Tools Enumeration tools are used to collect detailed information about target systems to exploit them. Information collected by S3 enumeration tools consists of a list of misconfigured S3 buckets that are available publicly. Attackers can exploit these buckets to gain unauthorized access to them. Moreover, they can modify, delete, and exfiltrate the bucket content. Task 1: Enumerate S3 Buckets using lazys3 lazys3 is a Ruby script tool that is used to brute-force AWS S3 buckets using different permutations. This...
Read more

Lab 5: Perform Cryptanalysis using Various Cryptanalysis Tools

Image
Lab 5: Perform Cryptanalysis using Various Cryptanalysis Tools Module 20: Cryptography Lab 5: Perform Cryptanalysis using Various Cryptanalysis Tools Task 1: Perform Cryptanalysis using CrypTool CrypTool is a freeware program that enables you to apply and analyze cryptographic mechanisms, and has the typical look and  feel of a modern Windows application. CrypTool includes a multitude of state-of-the-art cryptographic functions and allows you  to both learn and use cryptography within the same environment. CrypTool is a free, open-source e-learning application used in  the implementation and analysis of cryptographic algorithms. Here, we will use the CrypTool tool to perform cryptanalysis. refer to blog  little long --------------------------------------------------------------------------------------------------------------------------------------- Module 20: Cryptography Lab 5: Perform Cryptanalysis using Various Cryptanalysis Tools Task 2: Perform Cryptanalysis us...
Read more

Task 2: Perform OS Discovery using Nmap Script Engine (NSE)

Image
  Task 2: Perform OS Discovery using Nmap Script Engine (NSE) Module 03: Scanning Networks Lab 3: Perform OS Discovery Task 2: Perform OS Discovery using Nmap Script Engine (NSE) open zenmap nmap -A [Target IP Address]   = -A: to perform an aggressive scan. nmap -O [Target IP Address]   = -O: performs the OS discovery. nmap --script smb-os-discovery.nse [Target IP Address]   = --script: specifies the customized script and smb-os-discovery.nse: attempts to determine the OS, computer name, domain, workgroup, and current time over the SMB protocol (ports 445 or 139). end Nmap, along with Nmap Script Engine (NSE), can extract considerable valuable information from the target system. In addition to Nmap commands, NSE provides scripts that reveal all sorts of useful information from the target system. Using NSE, you may obtain information such as OS, computer name, domain name, forest name, NetBIOS computer name, NetBIOS domain name, workgroup, system time o...
Read more