mercoledì 7 dicembre 2011

DNS Information Gatering (Nslookup) , Port scanner (NMap)

------------------------------------------------------------------------------------
Twitter Angelo Luciani
Linkedin Angelo Luciani ------------------------------------------------------------------------------------ Hi Everyone,
Thank you Germany !!
A lot of visitors from there. I love you !!
I tried to execute the first part of Penetration Test.
From the Linux BackTrack5 I used  NSLookUP  and  Nmap.

Nslookup is a network administration command-line tool available for many computer operating systems for querying the Domain Name System (DNS) to obtain domain name or IP address mapping or for any other specific DNS record.
The name nslookup means name server lookup.
Nslookup uses the operating system's local Domain Name System resolver library to perform its queries.

Nmap (Network Mapper) is a security scanner originally written by Gordon Lyon
 (also known by his pseudonym Fyodor Vaskovich) used to discover hosts and services
on a computer network, thus creating a "map" of the network.
Nmap has been able to extend its discovery capabilities beyond simply figuring out whether a host is up or down and which ports are open and closed;
it can determine the operating system of the target, names and versions of the listening services, estimated uptime, type of device, and presence of a firewall.

Do you remember Trinity & Nmap in Matrix film???

Below the steps.

1. Open a shell in Linux BackTrack5, and write:
WHOIS "url target server"


 By "WHOIS" command I get DNS severs.


2. Run "HOST" command with the scope to get ip address regarding DNS.


3.  Use "NSLOOKUP" .
By "NSLOOKUP" it's possible to send query to DNS server and obtain more information regarding the TARGET.
Write on the shell :
nslookup
> server X.X.X.X
set type = any


By "NsLookUp"it  is possible to get a lot of data, one for example the "mail server".
It's possible to connect on the mail server running a telnet on 25 port.
 

 I have completed the action running NMAP on the Target.
  nmap "ip address target server"
Below  the image with the port list.


 In this list,  the port 3389 captured my attention where is present  MS Terminal Server process.
I read that it's possible to hack it, in the next post I'll talk about it.
Thanks to everyone,
Angelo Luciani



 






















------------------------------------------------------------------------------------
Twitter Angelo Luciani
Linkedin Angelo Luciani ------------------------------------------------------------------------------------
Pubblicato da alle

1 commento:

  1. Adrian Aldan12 gennaio 2012 alle ore 22:24

    hai bro i relly like about your blog here i'm enjoying read all of your article come stop by sometime at my place infektech.blogspot.com

    RispondiElimina

Iscriviti a: Commenti sul post (Atom)